improvedconsole.github.io Open in urlscan Pro
2606:50c0:8001::153  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://paxbok-calemphong-banako.000webhostapp.com/euros/pelar.php Page URL
2. https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	pelar.php paxbok-calemphong-banako.000webhostapp.com/euros/	204 B 393 B	483ms 142ms	Document text/html	2a02:4780:dead:5a6c::1 AWEX
General Check archive.org Show headers Download Go to Full URL https://paxbok-calemphong-banako.000webhostapp.com/euros/pelar.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:4780:dead:5a6c::1 , United States, ASN204915 (AWEX, CY), Reverse DNS Software awex / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 04 Apr 2024 16:36:16 GMT server awex x-content-type-options nosniff x-request-id 59a2cdb083eb7b05eff559011bb4374c x-xss-protection 1; mode=block
GET H2	200	Primary Request / Show response improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/	4 KB 2 KB	254ms 151ms	Document text/html	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF Requested by Host: paxbok-calemphong-banako.000webhostapp.com URL: https://paxbok-calemphong-banako.000webhostapp.com/euros/pelar.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash fcc2b1e8f64e83add21512124b6ecc30c481472d46dd6a8f400b86e5d47af2a3 Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers Referer https://paxbok-calemphong-banako.000webhostapp.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 0 cache-control max-age=600 content-encoding gzip content-length 1608 content-type text/html; charset=utf-8 date Thu, 04 Apr 2024 16:36:16 GMT etag W/"660d864a-fcb" expires Thu, 04 Apr 2024 16:33:32 GMT last-modified Wed, 03 Apr 2024 16:39:38 GMT permissions-policy interest-cohort=() server GitHub.com strict-transport-security max-age=31556952 vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 1 x-fastly-request-id 20490e03763b3ad6ca9dd8f20f7553e034148065 x-github-request-id 0DB4:34791B:63CD95:653395:660ED403 x-proxy-cache MISS x-served-by cache-mxp6936-MXP x-timer S1712248577.723971,VS0,VE104
GET H2	200	bootstrap.min.css improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/styles/	189 KB 28 KB	185ms 184ms	Stylesheet text/css	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/styles/bootstrap.min.css Requested by Host: improvedconsole.github.io URL: https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id b9f40d6789f5589b7a1b479c34b69cead971b8ff strict-transport-security max-age=31556952 content-encoding gzip via 1.1 varnish date Thu, 04 Apr 2024 16:36:17 GMT age 0 x-cache HIT x-cache-hits 1 x-proxy-cache MISS content-length 27984 x-served-by cache-mxp6936-MXP last-modified Wed, 03 Apr 2024 16:39:38 GMT server GitHub.com x-github-request-id 846A:361060:786A48E:7A6CB59:660ED403 x-timer S1712248577.880454,VS0,VE136 etag W/"660d864a-2f3f9" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=600 permissions-policy interest-cohort=() accept-ranges bytes expires Thu, 04 Apr 2024 16:33:32 GMT
GET H2	200	intro.png improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/img/	3 KB 3 KB	174ms 174ms	Image image/png	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/img/intro.png Requested by Host: improvedconsole.github.io URL: https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash 9fc2fe17fa35dc50cbac42366d82e564d0a6e29a6b18f966ba78641b92850514 Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 04cbbafe6c07e03546cce5b46ebd76af0beaac86 strict-transport-security max-age=31556952 date Thu, 04 Apr 2024 16:36:17 GMT via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 2987 x-served-by cache-mxp6936-MXP last-modified Wed, 03 Apr 2024 16:39:38 GMT server GitHub.com x-github-request-id DF28:39B013:1EBD38:1F24E1:660EC980 x-timer S1712248577.880421,VS0,VE126 etag "660d864a-bab" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 permissions-policy interest-cohort=() accept-ranges bytes x-origin-cache HIT expires Thu, 04 Apr 2024 15:48:40 GMT
GET H2	200	h9b1AHfIb8K.png improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/img/	5 KB 5 KB	169ms 169ms	Image image/png	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/img/h9b1AHfIb8K.png Requested by Host: improvedconsole.github.io URL: https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash 9644a6ea223b2a55da3b8e6856ab8513adcb735ddeba8cec202a2c5e16fa1415 Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id bac082133631aeb216117fecdde6e523f4122bbc strict-transport-security max-age=31556952 date Thu, 04 Apr 2024 16:36:17 GMT via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 5184 x-served-by cache-mxp6936-MXP last-modified Wed, 03 Apr 2024 16:39:38 GMT server GitHub.com x-github-request-id E836:2A150F:E2A3D9:E62423:660ED403 x-timer S1712248577.880411,VS0,VE120 etag "660d864a-1440" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 permissions-policy interest-cohort=() accept-ranges bytes expires Thu, 04 Apr 2024 16:33:32 GMT
GET H2	200	icon.png improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/img/	54 KB 54 KB	142ms 142ms	Other image/png	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/img/icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash 53357225f5e7edb5d4cc2009057a543258fb8bf11a8b17a6056b6f8e5a7370e5 Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id e0d2dc50a1401325d153a3cffb1deaa67ad22481 strict-transport-security max-age=31556952 date Thu, 04 Apr 2024 16:36:17 GMT via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 54897 x-served-by cache-mxp6936-MXP last-modified Wed, 03 Apr 2024 16:39:38 GMT server GitHub.com x-github-request-id FDE4:35B1AE:571E6F0:5876316:660ED402 x-timer S1712248577.123166,VS0,VE95 etag "660d864a-d671" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 permissions-policy interest-cohort=() accept-ranges bytes x-origin-cache HIT expires Thu, 04 Apr 2024 16:33:32 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| mousedwn string| tanggallengkap object| namahari object| namabulan object| tgl number| hari number| tanggal number| bulan number| tahun

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
recommendation	verbose	URL: https://improvedconsole.github.io/ealtconsumers/windows-because-sistem/code-python1/?R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpF Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

improvedconsole.github.io
paxbok-calemphong-banako.000webhostapp.com
2606:50c0:8001::153
2a02:4780:dead:5a6c::1
53357225f5e7edb5d4cc2009057a543258fb8bf11a8b17a6056b6f8e5a7370e5
9644a6ea223b2a55da3b8e6856ab8513adcb735ddeba8cec202a2c5e16fa1415
9fc2fe17fa35dc50cbac42366d82e564d0a6e29a6b18f966ba78641b92850514
fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf
fcc2b1e8f64e83add21512124b6ecc30c481472d46dd6a8f400b86e5d47af2a3