chakstore.co.ke
Open in
urlscan Pro
67.225.192.146
Malicious Activity!
Public Scan
Effective URL: https://chakstore.co.ke/wp-includes/ID3/IL/c.php
Submission: On December 30 via manual from IL — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 20th 2021. Valid for: 3 months.
This is the only time chakstore.co.ke was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Transportation (Transportation) DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 45.223.25.164 45.223.25.164 | 19551 (INCAPSULA) (INCAPSULA) | |
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
15 | 67.225.192.146 67.225.192.146 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 3 |
ASN32244 (LIQUIDWEB, US)
PTR: fourteen.deepafrica.com
chakstore.co.ke |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
chakstore.co.ke
chakstore.co.ke |
520 KB |
4 |
gstatic.com
fonts.gstatic.com |
122 KB |
2 |
googleapis.com
fonts.googleapis.com |
3 KB |
1 |
bit.ly
1 redirects
bit.ly |
268 B |
1 |
d9.ai
1 redirects
d9.ai |
683 B |
21 | 5 |
Domain | Requested by | |
---|---|---|
15 | chakstore.co.ke |
chakstore.co.ke
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
chakstore.co.ke
|
1 | bit.ly | 1 redirects |
1 | d9.ai | 1 redirects |
21 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
chakstore.co.ke R3 |
2021-12-20 - 2022-03-20 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://chakstore.co.ke/wp-includes/ID3/IL/c.php
Frame ID: 96215B3A086DCD5AC4A616175CD11C15
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
TrackingPage URL History Show full URLs
-
http://d9.ai/s/38mrr1/8e9x
HTTP 302
https://bit.ly/IL-Express HTTP 301
https://chakstore.co.ke/wp-includes/ID3/IL/c.php Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
PHP (Programming Languages) Expand
Detected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://d9.ai/s/38mrr1/8e9x
HTTP 302
https://bit.ly/IL-Express HTTP 301
https://chakstore.co.ke/wp-includes/ID3/IL/c.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
c.php
chakstore.co.ke/wp-includes/ID3/IL/ Redirect Chain
|
23 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gameplay.js
chakstore.co.ke/wp-includes/ID3/IL/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nicepage.css
chakstore.co.ke/wp-includes/ID3/IL/stuff/ |
1 MB 97 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Home.css
chakstore.co.ke/wp-includes/ID3/IL/stuff/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
49 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 920 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
B-BAD.css
chakstore.co.ke/wp-includes/ID3/IL/stuff/ |
256 B 233 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
chakstore.co.ke/wp-includes/ID3/IL/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.CardValidator.js
chakstore.co.ke/wp-includes/ID3/IL/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pay.js
chakstore.co.ke/wp-includes/ID3/IL/js/ |
18 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logocopy.png
chakstore.co.ke/wp-includes/ID3/IL/stuff/images/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Capture.png
chakstore.co.ke/wp-includes/ID3/IL/stuff/images/ |
47 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Untitled-6.png
chakstore.co.ke/wp-includes/ID3/IL/stuff/images/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico.png
chakstore.co.ke/wp-includes/ID3/IL/stuff/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprites_cc_logos.png
chakstore.co.ke/wp-includes/ID3/IL/stuff/images/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verdana.ttf
chakstore.co.ke/wp-includes/ID3/IL/stuff/fonts/ |
235 KB 138 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VERDANA0.TTF
chakstore.co.ke/wp-includes/ID3/IL/stuff/fonts/ |
51 KB 35 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Transportation (Transportation) DHL (Transportation)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Aes object| Base64 object| Utf8 string| gameplaynow string| gameplaynowas string| output string| ctrTxt function| $ function| jQuery3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.d9.ai/ | Name: visid_incap_2698435 Value: f5h9/YgpTtWCqrsNimhR3PDDzWEAAAAAQUIPAAAAAABKLQNAE1vZDu3Zk+sSJ5Pt |
|
.d9.ai/ | Name: incap_ses_1288_2698435 Value: Ocejck60dBaK0YDVh+XfEfDDzWEAAAAAqmrQCXFzX2YD9zXSH3eJHw== |
|
.bit.ly/ | Name: _bit Value: lbueAw-9334f4bc4be877eded-00m |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
chakstore.co.ke
d9.ai
fonts.googleapis.com
fonts.gstatic.com
2a00:1450:4001:80e::2003
2a00:1450:4001:830::200a
45.223.25.164
67.199.248.11
67.225.192.146
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
0b4d24e68869916934be9ec36674cc88bfe087f399a34560296dfbdb2de29336
18f40ec7eebad0f047ee2cfb0c07766d1914a69b3293c69f1ace52528fe68674
227e88a53561cdcf65a1e015fcdf15e47b3b9e5a709ff8bf6abeda58a2ba6a45
236943f05d23201f5276da0b24fa644488d120d6968585a4d60d6382661b2dc1
2e31f31633d04598c60731878851d821eaa4403af63b930d58bb10bc9c0428a2
3201c81bb403a05e03d103182c03b4251ced0ba9d9e95076c00680a486aaae6f
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
50cda6fe93198cab050302c517eeeae3665411019a0716802378fd3a09d8da82
516c1f904e7b73ce7458b59581fcfde502f79fc7c778dd20c15193419f11b9a0
54ab009ec0bafdcc0238eff973bf175ac163d8c17fe2fcf2c1acd3cb5aeea856
5c75b947e3bd3d4bf74091495ff945b5d2f959d7e0c4f42c003418b1bdd86fa0
836697de9e101a21557563d35f6c3cd4529810d909ab8c0979e790b14d3bd02a
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8d9db25e943c472bfc2881038a66b912b5112f018b77fb1cfbcc8f20bb766a7b
95eb63c48b4fc6ae682b78191de2e8f4bb1a99dc6f1e3eae006341bcfe0d1609
a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a
bbd6f974d877a53b320410529ff1e9295148b3bac5a14029910adac1607a77eb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
f6895e228d020497dc9f5a14c431b48c2285e3889c7cabf0d2bb82f68132b6e7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d