jica.talkengglobal.com Open in urlscan Pro
2606:4700:3031::ac43:b084 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/
Submission: On August 08 via automatic, source openphish (August 8th 2023, 11:20:56 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3031::ac43:b084, located in United States and belongs to CLOUDFLARENET, US. The main domain is jica.talkengglobal.com.
TLS certificate: Issued by E1 on July 9th 2023. Valid for: 3 months.

This is the only time jica.talkengglobal.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
11	2606:4700:303... 2606:4700:3031::ac43:b084		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 2606:4700:3031::ac43:b084 (United States)

ASN13335 (CLOUDFLARENET, US)

jica.talkengglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	talkengglobal.com jica.talkengglobal.com	106 KB
11	1

	Domain	Requested by
11	jica.talkengglobal.com	jica.talkengglobal.com
11	1

This site contains links to these domains. Also see Links.

Domain
login.my.gov.au
beta.my.gov.au
my.gov.au
www.digitalidentity.gov.au
www.mygovid.gov.au

Subject Issuer	Validity	Valid
talkengglobal.com E1	`2023-07-09` - `2023-10-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/
Frame ID: E406D7C1293F5DCC75A912147CFAB478
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in with myGov - myGov

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

106 kB
Transfer

354 kB
Size

1
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://login.my.gov.au/las/mygov-login?execution=e2s1#content
Title: Skip to main content

Search URL Search Domain Scan URL

URL: https://beta.my.gov.au/

Search URL Search Domain Scan URL

URL: https://beta.my.gov.au/en/about/help
Title: Help

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/las/mygov-login?execution=e2s1&_eventId=recoverusername
Title: Forgot username

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/las/mygov-login?execution=e2s1&_eventId=resetpassword
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/create-account/
Title: Create a myGov account

Search URL Search Domain Scan URL

URL: https://www.digitalidentity.gov.au/
Title: Digital Identity

Search URL Search Domain Scan URL

URL: https://www.mygovid.gov.au/
Title: myGovID

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/las/mygov-login?execution=e2s1&_eventId=digitalIdentity
Title: Continue with Digital Identity

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/terms
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/privacy-and-security
Title: Privacy and security

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/copyright
Title: Copyright

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/	7 KB 3 KB	3112ms 1101ms	Document text/html	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `8b31b801f43c666db53fd3aec59a5151c873ff52c7efce7a916aa7011f7f1611` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7f3b7de67c2b2c6a-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 08 Aug 2023 23:20:46 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NxsT6TbVMV3CHU390iSiiisTjXIyNzHYocQrV%2FiN7KYueUq3U6MhLhAuRKD5yxsg2nJnvhF7d9uEzrQLVt3AF6I9mj%2FNIctufk5V9mY7IBYuPAb7hkukTmFUNvXYaJ%2BpVvHKe7pnDrg49pwvJTe5dEitkqM"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by ASP.NET x-powered-by-plesk PleskWin
GET H2	404	ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js.download jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	0 0	167ms 165ms	Script text/html	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js.download Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDUf97WHLdU72MN4s9Fd%2BcZhF62zxrFl31UBLrdzr6JTSot1uA56jjdLmRf0HrklPd%2BpkpF%2BeFoba0a34ljbzPRcivU421P2ZhJg%2FA9EL5dzIEP5PbgowF0zL3T6sPtzzU4eOidb5NoYfHf7TaegPWFG5%2F9Z"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control private cf-ray 7f3b7ded59752c6a-FRA alt-svc h3=":443"; ma=86400
GET H2	404	css jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	0 0	4145ms 4144ms	Stylesheet text/html	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/css Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ela%2BfiEZcyzQuIdtv9xrneuilTaKs%2BMN9W8HkSf7Pf3076EPq96V8e1yVQG4%2FhGctOhduqwgvheBBFUGxFUr0wx6%2Fl4kWh3Ygxyv5tWpNgI3wB%2FldlQfGRcLT%2FHu1DQi3ncZoAoPevQ7QT88X4kNadIaPPMP"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control private cf-ray 7f3b7ded59782c6a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	mgv2-application.css jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	122 KB 21 KB	4152ms 4152ms	Stylesheet text/css	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/mgv2-application.css Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `e4b278f03b15d98341b6b1960e1b1d8c34dbd53cdec867348be0d728317ae756` Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:48 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Oct 2022 18:34:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0cd5ccd56d7d81:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbvsfnTFT%2F69VKXGfHElUMvuxOHavpdYiat0IuT%2FKCh930ydXxUD3R%2B65DEGjRRvqEqOUnKKu9GROVgZRP1Hx%2FUokuR7VycwaX1E6gjpSVaG2gJidTJZReUr5JRgQcZTDUIJVEpqFkmnFQEq7CQrXvmdffQG"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f3b7ded59792c6a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	blugov.css jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	69 KB 11 KB	4151ms 4151ms	Stylesheet text/css	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/blugov.css Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `5ad45c3c8b9efc9e5427d60339eb9b65ffa97a501fe111fe373b100393acc405` Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:48 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Oct 2022 18:34:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0cd5ccd56d7d81:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFgeArMaiSG5T1MeftotQ8ZNb5VL8dcH8FdtxqTHavRcg3qUvKfKOhagkmQk453jq8DN%2B31TlvcEUG70GJPLBDMQWpF4Ads7vRLjZzJpp3PkanxqF9Bbu7vCtsGX6SF6jSrCzidtv23acq4Zw1BvTU6jOI1e"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f3b7ded597a2c6a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	myGov-cobranded-logo-black.svg jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	63 KB 21 KB	3949ms 3948ms	Image image/svg+xml	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/myGov-cobranded-logo-black.svg Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d` Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:48 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 03 Oct 2022 18:34:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0cd5ccd56d7d81:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzhK1flQQY46SJa%2BASt7%2BDBVkaxg53rKt5iJM4HomXs3UYepQyztGmmRTXrLgIpHK5Dzz62aj8dwIy7OTP5d0m3mXwPjE4Y8zeTLaWjaFU8VF7zHKWT%2FN1OYhA9HhEMV1S1s2QkvK1OlS60W7yaoKb%2BrAEUN"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7f3b7deea8bb1d94-FRA alt-svc h3=":443"; ma=86400
GET H3	200	myGov-cobranded-logo-white.svg jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	63 KB 21 KB	3942ms 3942ms	Image image/svg+xml	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/myGov-cobranded-logo-white.svg Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388` Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:47 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 03 Oct 2022 18:34:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0cd5ccd56d7d81:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5s5xHJc5I6v189G1tbrODEuyzSZaBy720Z3Pu2GlKywh9cY7ON6Cwwy7L0uAjmF5kkAI8UdB0M7qgWu2t5bPoQqa8uU%2BlFml3YIYH3apcd%2BYRhwmo5GpZhbhHoOf1f02MLqzGQ4r%2Fz8EV%2FSPpGZe8%2BwakHD"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7f3b7deea8bc1d94-FRA alt-svc h3=":443"; ma=86400
GET H3	404	mgv2-vendor.js.download jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	0 0	3942ms 3942ms	Script text/html	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/mgv2-vendor.js.download Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LXTzNzqXvH0LeugGooQiiQedaKd8zArJBRDaHIAgKbeFCq4cidVlCEVvyQivTTc0PJvqgHWk%2BhptSXQLjreS%2FBJ6WvcYi%2FE6MKfGcmcekJiaRYd%2FdVMddkXdH8sxxnbsMTtCgtbZnOAGXftVLhsaTCgCMCw"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control private cf-ray 7f3b7deea8b71d94-FRA alt-svc h3=":443"; ma=86400
GET H3	404	mgv2-application.js.download jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	0 0	3943ms 3942ms	Script text/html	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/mgv2-application.js.download Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GA09EhweXtGoaIlXMiMKTjgcbyPfxD2rZGBreQqMY1lQWwFSvDLqs8kPwgLr47k65ilnHzMglz2pVRyQLKsa6Yvs7jziYVmkpfrI4ph5Tdu16xkJR1hirtCsC%2Fvu4GJDFWwqWyBIj7Z2ha7Tk8ZrZEpQ%2Bg%2Fj"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control private cf-ray 7f3b7deea8b91d94-FRA alt-svc h3=":443"; ma=86400
GET H3	404	login.js.download jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/	0 0	3941ms 3941ms	Script text/html	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/login.js.download Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhQDiE0FANWZnWpAo37VXAafREUsemYxMTh7wqNHLcKi%2ByLS4pGrQF7p71THJYPd50kcChbQn84YpuaaVBuI2MAgxtZvTPX1gSjsCQPtfPcvqhjdd1zr1TW7TbUDXO9Kbc4kIeIMUSfHDH7m5tfKNDvF2lZH"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control private cf-ray 7f3b7deea8ba1d94-FRA alt-svc h3=":443"; ma=86400
GET H3	404	icon-blugov-info.svg jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/icons/	30 KB 30 KB	2855ms 2855ms	Image text/html	2606:4700:3031::ac43:b084 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/icons/icon-blugov-info.svg Requested by Host: jica.talkengglobal.com URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/blugov.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:b084 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `b2f13930113f0581ba7ea396389cbd3dc3a6b15b4d56a4d5120e13c17d7d591a` Request headers accept-language de-DE,de;q=0.9 Referer https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/blugov.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 08 Aug 2023 23:20:53 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X4jaM%2FJ745a6Xxmw13X6uv%2FL7n3GlzxCByMDbeIJHt3aUnlhKFGkz3MZ1hi65fpYZgTW7KD6W3dxr3q%2BpJZfnie7tRBZikJXseXkB4hJe5kQZg8%2F1Lqvj9yQCnl8mOETXzvLQz7a8xb%2B1obxPyMy5i2nEOR"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400, must-revalidate cf-ray 7f3b7e076d1f1d94-FRA link <https://jica.talkengglobal.com/index.php/wp-json/>; rel="https://api.w.org/" alt-svc h3=":443"; ma=86400 expires Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			jica.talkengglobal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: it3sa8kccjlgh74ovap3bc9ngm

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/ruxitagentjs_ICA2Vfghjqrux_10243220606153550.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/login.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/mgv2-vendor.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/login_files/mgv2-application.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://jica.talkengglobal.com/wp-content/plugins/coolei/auMygovaustralia/Mygovaustralia/app/icons/icon-blugov-info.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jica.talkengglobal.com
2606:4700:3031::ac43:b084
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
5ad45c3c8b9efc9e5427d60339eb9b65ffa97a501fe111fe373b100393acc405
8b31b801f43c666db53fd3aec59a5151c873ff52c7efce7a916aa7011f7f1611
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
b2f13930113f0581ba7ea396389cbd3dc3a6b15b4d56a4d5120e13c17d7d591a
e4b278f03b15d98341b6b1960e1b1d8c34dbd53cdec867348be0d728317ae756

jica.talkengglobal.com Open in urlscan Pro 2606:4700:3031::ac43:b084 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

106 kBTransfer

354 kBSize

1 Cookies

13 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

jica.talkengglobal.com Open in urlscan Pro
2606:4700:3031::ac43:b084 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

106 kB
Transfer

354 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!