ileli1.ga Open in urlscan Pro
2606:4700:3035::681b:ac93  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/	104 KB 44 KB	340ms 273ms	Document text/html	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d2cacfe876a64f0001e4a2ef7ee5be85287679b7369c94f7ccbf64a97a10185 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority ileli1.ga :scheme https :path /7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 29 Jul 2020 19:26:09 GMT content-type text/html set-cookie __cfduid=d027055f12f4ca76cbdf949dba1d1fffc1596050769; expires=Fri, 28-Aug-20 19:26:09 GMT; path=/; domain=.ileli1.ga; HttpOnly; SameSite=Lax; Secure last-modified Wed, 29 Jul 2020 16:45:42 GMT vary Accept-Encoding expires Thu, 30 Jul 2020 19:26:09 GMT cache-control max-age=86400 public x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status DYNAMIC cf-request-id 043da31f160000c26dda062200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5ba93ade897dc26d-FRA content-encoding br
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	24ms 8ms	Stylesheet text/css	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Origin https://ileli1.ga Response headers date Wed, 29 Jul 2020 19:26:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:34:07 GMT status 200 etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 19740
GET H2	200	bootstrap-theme.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	23 KB 3 KB	29ms 13ms	Stylesheet text/css	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Origin https://ileli1.ga Response headers date Wed, 29 Jul 2020 19:26:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:34:07 GMT status 200 etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 2776
GET H2	200	style.css ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/css/	4 KB 1 KB	13ms 11ms	Stylesheet text/css	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/css/style.css Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58aeb9f772eaa9b56371ca46af24d5cab80bbefce865447628bc7d5126bb180f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 29 Jul 2020 19:26:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 406 status 200 cf-request-id 043da3202d0000c26dda078200000001 last-modified Wed, 29 Jul 2020 16:46:11 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5f21a7d3-f3c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css x-xss-protection 1; mode=block cache-control public, max-age=2592000 cf-ray 5ba93ae04e29c26d-FRA expires Fri, 28 Aug 2020 19:19:23 GMT
GET H2	404	jquery-3.js ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/	0 0	263ms 262ms	Script text/html	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/jquery-3.js Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 29 Jul 2020 19:26:10 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 404 cache-control max-age=14400 cf-ray 5ba93ae04e2bc26d-FRA cf-request-id 043da3202d0000c26dda079200000001
GET H2	200	jquery-3.2.1.min.js Show response code.jquery.com/	85 KB 30 KB	275ms 9ms	Script application/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.min.js Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 29 Jul 2020 19:26:10 GMT content-encoding gzip last-modified Mon, 20 Mar 2017 19:01:15 GMT server nginx status 200 etag W/"58d026fb-15283" vary Accept-Encoding x-hw 1596050770.dop238.fr8.t,1596050770.cds225.fr8.hc,1596050770.cds133.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30125
GET H2	200	css fonts.googleapis.com/	33 KB 2 KB	16ms 16ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Comfortaa:300|Cormorant+Garamond|Cormorant+Infant|Cormorant+SC|Cormorant+Unicase|EB+Garamond|El+Messiri|Forum|Jura|Lobster|Neucha|Open+Sans+Condensed:300|PT+Sans|PT+Sans+Narrow|Philosopher|Playfair+Display+SC|Poiret+One|Ruslan+Display|Russo+One|Ubuntu&subset=cyrillic Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d5f2fd0f17edeec84e8abbecae5c0d86908d7875b7902448c2a3af826b62b2f1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 29 Jul 2020 19:26:09 GMT server ESF date Wed, 29 Jul 2020 19:26:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Jul 2020 19:26:09 GMT
GET H2	200	rsod.png ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/images/	18 KB 19 KB	22ms 22ms	Image image/png	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/images/rsod.png Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd58a3ee5aaf16eb180c50e2e7f8cfb72bcc395a556ff3f8ceee8e9c03fff625 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 29 Jul 2020 19:26:10 GMT x-content-type-options nosniff cf-cache-status HIT age 407 status 200 content-length 18843 cf-request-id 043da321340000c26dda089200000001 last-modified Wed, 29 Jul 2020 16:46:14 GMT server cloudflare x-frame-options SAMEORIGIN etag "5f21a7d6-499b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control public, max-age=2592000 accept-ranges bytes cf-ray 5ba93ae1e9e3c26d-FRA expires Fri, 28 Aug 2020 19:19:23 GMT
GET H2	200	335158-windows-8-window.png ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/images/	28 KB 28 KB	11ms 11ms	Image image/png	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/images/335158-windows-8-window.png Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 312c6606235f1ba63b2141b812fef5398536390a76c85f5ab8bcc35a7aa8737e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 29 Jul 2020 19:26:10 GMT x-content-type-options nosniff cf-cache-status HIT age 407 status 200 content-length 28697 cf-request-id 043da321480000c26dda08b200000001 last-modified Wed, 29 Jul 2020 16:46:13 GMT server cloudflare x-frame-options SAMEORIGIN etag "5f21a7d5-7019" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control public, max-age=2592000 accept-ranges bytes cf-ray 5ba93ae20a2fc26d-FRA expires Fri, 28 Aug 2020 19:19:23 GMT
GET H2	200	background.png ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/images/	186 KB 186 KB	16ms 15ms	Image image/png	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/images/background.png Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f92c2703bfee4212ba4b1b1616d4dfbb3a9e58e0110ce3351e28a989ed5cb69 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 29 Jul 2020 19:26:10 GMT x-content-type-options nosniff cf-cache-status HIT age 407 status 200 content-length 190576 cf-request-id 043da321590000c26dda08d200000001 last-modified Wed, 29 Jul 2020 16:46:13 GMT server cloudflare x-frame-options SAMEORIGIN etag "5f21a7d5-2e870" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control public, max-age=2592000 accept-ranges bytes cf-ray 5ba93ae22a60c26d-FRA expires Fri, 28 Aug 2020 19:19:23 GMT
GET H2	200	beep.mp3 ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/ Frame 1924	0 0	261ms 260ms	Document audio/mpeg	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/beep.mp3 Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority ileli1.ga :scheme https :path /7165-new-freshlp/CHWInhelp10010101x/beep.mp3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d027055f12f4ca76cbdf949dba1d1fffc1596050769 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Response headers status 200 date Wed, 29 Jul 2020 19:26:10 GMT content-type audio/mpeg content-length 8405 last-modified Wed, 29 Jul 2020 16:45:42 GMT etag "5f21a7b6-20d5" x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff accept-ranges bytes cf-cache-status DYNAMIC cf-request-id 043da321870000c26dda08f200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5ba93ae27b0ac26d-FRA
GET H2	206	err.mp3 ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/	196 KB 197 KB	255ms 255ms	Media audio/mpeg	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/err.mp3 Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Wed, 29 Jul 2020 19:26:10 GMT x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 29 Jul 2020 16:45:42 GMT server cloudflare status 206 etag "5f21a7b6-31080" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type audio/mpeg Content-Range bytes 0-200831/200832 x-xss-protection 1; mode=block cf-ray 5ba93ae29b71c26d-FRA Content-Length 200832 cf-request-id 043da3219f0000c26dda092200000001
GET H2	206	beep.mp3 ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/	8 KB 8 KB	264ms 264ms	Media audio/mpeg	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/beep.mp3 Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Wed, 29 Jul 2020 19:26:10 GMT x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 29 Jul 2020 16:45:42 GMT server cloudflare status 206 etag "5f21a7b6-20d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type audio/mpeg Content-Range bytes 0-8404/8405 x-xss-protection 1; mode=block cf-ray 5ba93ae29b77c26d-FRA Content-Length 8405 cf-request-id 043da321a00000c26dda093200000001
GET H2	206	beep.mp3 ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/ Frame 1924	8 KB 8 KB	264ms 264ms	Media audio/mpeg	2606:4700:3035::681b:ac93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/beep.mp3 Requested by Host: ileli1.ga URL: https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/?gclid=EAIaIQobChMI9LaH1IXz6gIVBEvVCh3tbwWTEAEYASAAEgIYyvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ac93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ileli1.ga/7165-new-freshlp/CHWInhelp10010101x/beep.mp3 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Wed, 29 Jul 2020 19:26:10 GMT x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 29 Jul 2020 16:45:42 GMT server cloudflare status 206 etag "5f21a7b6-20d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type audio/mpeg Content-Range bytes 0-8404/8405 x-xss-protection 1; mode=block cf-ray 5ba93ae41f7ac26d-FRA Content-Length 8405 cf-request-id 043da3228f0000c26dda0ba200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer) Microsoft (Consumer)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getURLParameter string| gourl function| move function| pop function| PopIt function| UnPopIt function| $ function| jQuery string| stroka function| toggleFullScreen number| idleTime function| timerIncrement boolean| is_chrome undefined| isChromium string| vendorName boolean| isOpera function| alertCall function| alertTimed function| alertLoop function| addEvent function| ajay function| openMultipleTabs function| poponload string| link_redirect undefined| ignoreHashChange function| nocontextmenu function| norightclick function| reloadIFrame object| modal object| btn object| span

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ileli1.ga/	1970-01-19 12:04:02	Name: __cfduid Value: d027055f12f4ca76cbdf949dba1d1fffc1596050769

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
ileli1.ga
maxcdn.bootstrapcdn.com
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
2606:4700:3035::681b:ac93
2a00:1450:4001:800::200a
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
2d2cacfe876a64f0001e4a2ef7ee5be85287679b7369c94f7ccbf64a97a10185
312c6606235f1ba63b2141b812fef5398536390a76c85f5ab8bcc35a7aa8737e
4f92c2703bfee4212ba4b1b1616d4dfbb3a9e58e0110ce3351e28a989ed5cb69
58aeb9f772eaa9b56371ca46af24d5cab80bbefce865447628bc7d5126bb180f
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
d5f2fd0f17edeec84e8abbecae5c0d86908d7875b7902448c2a3af826b62b2f1
dd58a3ee5aaf16eb180c50e2e7f8cfb72bcc395a556ff3f8ceee8e9c03fff625
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65