uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1
162.125.71.15 7.0 MB URL uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1
IP 162.125.71.15:0
File type 7-zip archive data, version 0.4\012- data
Size 7.0 MB (7037203 bytes)
Hash 05efcc6fda2983c45fecf65721ead37e
9a11376d2f2a76c58d4b79b2f2b1d4ccf1e7334e
2323fb968230a44dcc1eb6168f46103019a4fdfbf67496fbf32bb35402794afe
Analyzer Verdict Alert VirusTotal 0/0
GET /cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1 HTTP/1.1
Host: uc911174c6099807474b141a1524.dl.dropboxusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.ly/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=60
content-disposition: attachment; filename="my allergies.rar.7z"; filename*=UTF-8''my%20allergies.rar.7z
content-security-policy: sandbox
etag: 1686091548095049d
pragma: public
referrer-policy: no-referrer
vary: Origin
x-content-security-policy: sandbox
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noimageindex
x-server-response-time: 160
x-webkit-csp: sandbox
content-type: application/binary
date: Wed, 07 Jun 2023 05:57:13 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7037203
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 57cf4381fe5f473f98678ff6d4b45362
X-Firefox-Spdy: h2
t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js
104.26.12.201200 OK 5.6 kB URL GET HTTP/3 t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (5613), with no line terminators
Hash 0daa2f0f3c5cdf64b9b9b31d12671657
ef816393aa95e6cbcd2e4b6480792688ac88d147
8670c1e30937ad1fc61796d35651fe615a49416dc5407e060912157cb5bcd8d9
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS4k0JkMHgeKwI9V%2Fn%2FcvaR5XdAwe5VO7Xop0Ijl5RfZZSkPcVkHwOEy6qvXjvkggyznk3ZoWU%2BkytQj0viXt0Rua2BoU9xCuToPDmpuIk2V%2BR9uFQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8e967069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1
162.125.71.15200 OK 7.0 MB URL User Request GET HTTP/2 uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1
IP 162.125.71.15:443
Certificate IssuerDigiCert Inc
Subjectdl.dropbox.com
FingerprintF7:BA:5F:D1:73:A5:04:E6:AC:52:C4:92:6F:20:23:8D:FD:B3:3F:D0
ValidityTue, 14 Feb 2023 00:00:00 GMT - Sat, 16 Mar 2024 23:59:59 GMT
Size 7.0 MB (7037203 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1 HTTP/1.1
Host: uc911174c6099807474b141a1524.dl.dropboxusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.ly/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=60
content-disposition: attachment; filename="my allergies.rar.7z"; filename*=UTF-8''my%20allergies.rar.7z
content-security-policy: sandbox
etag: 1686091548095049d
pragma: public
referrer-policy: no-referrer
vary: Origin
x-content-security-policy: sandbox
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noimageindex
x-server-response-time: 160
x-webkit-csp: sandbox
content-type: application/binary
date: Wed, 07 Jun 2023 05:57:13 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7037203
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 57cf4381fe5f473f98678ff6d4b45362
X-Firefox-Spdy: h2
t.ly/cdn-cgi/challenge-platform/scripts/invisible.js
104.26.12.201302 Found 29 kB URL GET HTTP/3 t.ly/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 07 Jun 2023 05:57:11 GMT
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
vary: accept-encoding
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVDguqiStFz9%2BqmWebKAWmNjfY1ISCetyfAHKO1W7UV2eg0fgJN7jVBBRZONb7nVPzoaKle7nSeHkCXLo%2BYKqfgLDBS6G%2BfSZAFulZajDAsfGKu0ygE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7f868fc069b-OSL
alt-svc: h3=":443"; ma=86400
t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
104.26.12.201200 OK 29 kB URL GET HTTP/3 t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (28625), with no line terminators
Hash 1ffd955ef9790c09ab102d0710cc6fc2
f09e425cab1dc6a4906000e42239e1e05fd1cd14
1ca53e72d35ef009e328775f7a4882e55642645e2973d104b12767f33a8cdcbd
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zapgpo%2B4fEysil%2FmhOLSYv5buBrIiLKXes14cs9VmwrhQl3FVB5vck1VkBPUmVR%2Bazinrcv4iJwZ7eMojDB8oElW325mv3jKxMUQ77UyFu4hk03A6OU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8a92e069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
t.ly/favicon.ico
104.26.12.201200 OK 15 kB IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 48ec9ec332307562bbfce5317c44002b
c7cb315071bcfe58f26fd3ad12da9c7bffe43780
2fe691d93cfc19b6be69fff6af57bdab6917f40521b0499c88c6e3470d6ab3ac
GET /favicon.ico HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: image/x-icon
last-modified: Wed, 07 Jun 2023 02:35:17 GMT
vary: Accept-Encoding
etag: W/"647fece5-3c2e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-whom: tly-2
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WL%2BHZak2MH1Nyodv4HiLNYKmCBsRrpshT%2BZaPeN2kwErHxCp67hhC5UvFMkDOTD8B6zEoSaydUx%2BfxAu%2Bz1JnKf748lis99wrtYg047t%2B36cEQHb%2FOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f868f7069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
104.26.12.201200 OK 29 kB URL GET HTTP/3 t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (28625), with no line terminators
Hash 1ffd955ef9790c09ab102d0710cc6fc2
f09e425cab1dc6a4906000e42239e1e05fd1cd14
1ca53e72d35ef009e328775f7a4882e55642645e2973d104b12767f33a8cdcbd
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFu2EeW4IOZZMMDj66IEWAAoLse4JJa1AvMYEFle%2FNhDuEXioWFLAQi%2F%2FcUL13H1BEYUgYekEbnwjryyVD6Hy2zWwdEV1WjSEZqQJUSyGoHaCaQ9U2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8a929069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
104.26.12.201200 OK 7.6 kB URL User Request GET HTTP/2 IP 104.26.12.201:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7855), with no line terminators
Hash 5525e0033c8987adc007c3ba08c95926
50ba1ce816aa87a86065a0d20ee11cf7e2c6f09c
f5c5d63703d9d6a72d4907f3fb182d452866ec0d8a6605fe938179d7837d7d25
GET /allergies.rar HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:57:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-whom: tly-2
cf-cache-status: BYPASS
set-cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; expires=Wed, 21-Jun-2023 05:57:10 GMT; Max-Age=1209600; path=/; secure; samesite=lax
tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D; expires=Wed, 21-Jun-2023 05:57:10 GMT; Max-Age=1209600; path=/; secure; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE1nHn94HnIq6Lrs9dfpUIgwECYy%2B9q%2BUojsAOGvpkc1RsyVw34MIUWwR7DFwd9uUNHo9sClNTLM1F1oo6XMNP3WOlL2h7NIf%2B2pJqWO7v16WYcxcnQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f54eccb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.12.201200 OK 12 kB URL GET HTTP/3 t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 15:21:01 GMT
etag: W/"6476145d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P9hfeqBldQ4fHuWUtHMg2wqEctT%2Bbo0ToNEnU1ZKtDxM0TzadgJAIN6pLXI86GSH%2F%2F%2BhECF%2FCbqt9yRoU4F4X%2BS1vfVPjcIy020asEwg9a71h%2F4IZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7f838de069b-OSL
x-frame-options: DENY
expires: Fri, 09 Jun 2023 05:57:11 GMT
cache-control: max-age=172800, public
content-encoding: gzip
www.dropbox.com/s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z
162.125.71.18302 Found 7.0 MB URL User Request GET HTTP/2 www.dropbox.com/s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z
IP 162.125.71.18:443
Certificate IssuerDigiCert Inc
Subject*.dropbox.com
Fingerprint0C:D1:D4:EA:57:6E:E4:BA:1D:2C:86:8B:7F:C2:F8:E6:59:84:EA:D7
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 14 Nov 2023 23:59:59 GMT
Size 7.0 MB (7037203 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.ly/
DNT: 1
Connection: keep-alive
Cookie: gvc=MjkzNTQxMjA2MjYzMDcwNzgxNzM1MTM4MjE0MzY4MDIyNzY4NjQ5; t=65-8xIppRkxwuCD55FO2LFWS; __Host-js_csrf=65-8xIppRkxwuCD55FO2LFWS; locale=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-security-policy: sandbox
location: https://uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1#
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=65-8xIppRkxwuCD55FO2LFWS; Domain=dropbox.com; expires=Sat, 06 Jun 2026 05:57:13 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=65-8xIppRkxwuCD55FO2LFWS; expires=Sat, 06 Jun 2026 05:57:13 GMT; Path=/; SameSite=None; Secure
__Host-ss=jcizgN1VJM; expires=Sat, 06 Jun 2026 05:57:13 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
__Host-logged-out-session=ChDrxRM0GJ5TpAYjiHJ9CrBIELi4gKQGGi5BR3hSZ0tmTUZxQ3ZzeHBlR1c4NWo3d2pMc0o1VTlESndkVklZcTl5d3hzV0dn; HttpOnly; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 05:57:12 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: d0ca70efd2244a9787dac41a97c7bbcd
X-Firefox-Spdy: h2
t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js
104.26.12.201200 OK 5.7 kB URL GET HTTP/3 t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (5713), with no line terminators
Hash ab1cdfe0949070ab64c45283a7b53841
ead31cb78c89eaa296c57ef45cd12a90d72c91c5
e4a113d5735f9081cd38ced97d99b1db9e408f54b3d7d0d40448335ede66409b
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncebe3fi66qmTIDkRU%2FY8owOCfggJMJYNUNGN1sqCguhzw3xsIoClmw2Te7FMA%2BCwBJe1H2osR8ehp0P0mW0bW%2FU1EKRykSDzcYd4Qvqywh2zLYHJUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8f974069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.dropbox.com/s/d3q9ci0kh8a8tqk/my%20allergies.rar.7z?dl=1
162.125.71.18302 Found 7.0 MB URL User Request GET HTTP/2 www.dropbox.com/s/d3q9ci0kh8a8tqk/my%20allergies.rar.7z?dl=1
IP 162.125.71.18:443
Certificate IssuerDigiCert Inc
Subject*.dropbox.com
Fingerprint0C:D1:D4:EA:57:6E:E4:BA:1D:2C:86:8B:7F:C2:F8:E6:59:84:EA:D7
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 14 Nov 2023 23:59:59 GMT
Size 7.0 MB (7037203 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/d3q9ci0kh8a8tqk/my%20allergies.rar.7z?dl=1 HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-security-policy: connect-src https://* ws://127.0.0.1:*/ws ; worker-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; font-src https://* data: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; media-src https://* blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' ; base-uri 'self' ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-gAG8xq0+GlVf9o0tpAn7VgOBHnE=' ; img-src https://* data: blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-gAG8xq0+GlVf9o0tpAn7VgOBHnE=' 'nonce-xiYNfYZS6yv1rhzdnElsn+j8334='
content-type: text/html; charset=utf-8
location: /s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
set-cookie: gvc=MjkzNTQxMjA2MjYzMDcwNzgxNzM1MTM4MjE0MzY4MDIyNzY4NjQ5; Path=/; Expires=Mon, 05 Jun 2028 05:57:12 GMT; HttpOnly; Secure; SameSite=None
t=65-8xIppRkxwuCD55FO2LFWS; Path=/; Domain=dropbox.com; Expires=Sat, 06 Jun 2026 05:57:12 GMT; HttpOnly; Secure; SameSite=None
__Host-js_csrf=65-8xIppRkxwuCD55FO2LFWS; Path=/; Expires=Sat, 06 Jun 2026 05:57:12 GMT; Secure; SameSite=None
__Host-ss=jcizgN1VJM; Path=/; Expires=Sat, 06 Jun 2026 05:57:12 GMT; HttpOnly; Secure; SameSite=Strict
locale=en; Path=/; Domain=dropbox.com; Expires=Mon, 05 Jun 2028 05:57:12 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow, noimageindex
x-xss-protection: 1; mode=block
date: Wed, 07 Jun 2023 05:57:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: envoy
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 36700a9753934c4a947d8c3a1c4e54dd
X-Firefox-Spdy: h2
t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7
104.26.12.201200 OK 2 B URL POST HTTP/3 t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7 HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12354
Origin: https://t.ly
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D; __cf_bm=geOCdtUEaQv_SHrSpjDOfRNTKUb3zf73MP5Nvc.XJyo-1686117431-0-AdpJrMKI+qcaZSSX6dIuUtPka7/B6oUGwYfEm0loESGkQ2g/8Kqtd3LohHU9ICwOSIHh8VR/ZRP6MwCDwBY9NN7Kl31ebGnxUFrNJuX3Ok3I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=h0M0vK8wszqaoSYXRYifJTTE8odWlUv52laHLbxFuLU-1686117431-0-AfhL3OTAIT07hVCaXKVjsiZKWo5t4pGRKrctWRLbabtrVrR5wi0eAOLVJqc1zfZwR7Hs7sVDJ0b2Wu4gPhPOPj4Bv89N03s3daIjW8qD889f; path=/; expires=Wed, 07-Jun-23 06:27:11 GMT; domain=.t.ly; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULfNeOOirmjV442m7mBElgar0Y4Wc4VXhswJuMyX6uav33ajwQ8jHGJonxiI7eWzNWjwZ9OfhnnBwBfmrPDVP3rPNtZvnMA7gaJcoZuoLCn3tJQKs40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7faaa9c069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
t.ly/cdn-cgi/challenge-platform/scripts/invisible.js
104.26.12.201302 Found 29 kB URL GET HTTP/3 t.ly/cdn-cgi/challenge-platform/scripts/invisible.js
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 07 Jun 2023 05:57:11 GMT
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma7gteTWu8I8calrhhD19R19H%2FF5h2jaEiL4uEp3LN6kdiTk0yrL5yn3VrPV9mVdu%2FqV9vsTixcVAengn69x9KvBNwZzqUmJuM%2Bd6W0sHB9HJ%2F2boow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7f87910069b-OSL
alt-svc: h3=":443"; ma=86400
t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7
104.26.12.201200 OK 2 B URL POST HTTP/3 t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7
IP 104.26.12.201:443
Requested by https://t.ly/allergies.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7 HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12354
Origin: https://t.ly
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=geOCdtUEaQv_SHrSpjDOfRNTKUb3zf73MP5Nvc.XJyo-1686117431-0-AdpJrMKI+qcaZSSX6dIuUtPka7/B6oUGwYfEm0loESGkQ2g/8Kqtd3LohHU9ICwOSIHh8VR/ZRP6MwCDwBY9NN7Kl31ebGnxUFrNJuX3Ok3I; path=/; expires=Wed, 07-Jun-23 06:27:11 GMT; domain=.t.ly; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLd2Y82es8ezWrtkOGuTapPcNZG%2FyGut6mcH63gVVC5skH%2BzQFubU9Y0byzbrwJ4SGwJWpcY2ak5ANzzP1M4PhMEoM0t9OBO33c136eJtm%2Bl72Y6IWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7fa0a3f069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400