Report - t.ly/allergies.rar

Report Overview

Submitted URL
t.ly/allergies.rar
IP
104.26.12.201
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-07 05:57:29
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
uc911174c6099807474b141a1524.dl.dropboxusercontent.com	unknown	unknown	No data	No data	1.5 kB	14 MB	162.125.71.15
t.ly	243789	2010-03-01	2013-07-25	2023-06-06	12 kB	170 kB	104.26.12.201
www.dropbox.com	1994	1995-06-28	2012-05-21	2023-06-06	1.2 kB	14 MB	162.125.71.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-07 05:57:10	low	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (t .ly)
2023-06-07 05:57:10	low	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (t .ly)
2023-06-07 05:57:10	low	Client IP	104.26.12.201	ET INFO Observed URL Shortening Service Domain (t .ly in TLS SNI)
2023-06-07 05:57:12	high	162.125.71.18	Client IP	ET POLICY Dropbox.com Offsite File Backup in Use
2023-06-07 05:57:12	low	162.125.71.15	Client IP	ET INFO DropBox User Content Download Access over SSL M2

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1
IP
162.125.71.15
ASN
#19679 DROPBOX

File type
7-zip archive data, version 0.4\012- data
Size
7.0 MB (7037203 bytes)
Hash
05efcc6fda2983c45fecf65721ead37e
9a11376d2f2a76c58d4b79b2f2b1d4ccf1e7334e
2323fb968230a44dcc1eb6168f46103019a4fdfbf67496fbf32bb35402794afe

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0	VirusTotal -

JavaScript (7)

	URL	Size	First Seen	Last Seen
	t.ly/allergies.rar	1.2 kB	2023-06-07	2023-06-07
Pretty URL t.ly/allergies.rar IP 104.26.12.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 07:57:36 Last Seen2023-06-07 07:57:36 Times Seen1 Hash 1489f295eefaf09a02b7e06691a179df 99104a77d28d9b1bcc298d4bc4e1dc937245a6bd b1b8193d9d358f2ec862ff043752720f2a115850c7eb06d37b4b29a2edb782f1 Loading...

	t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-25
Pretty URL t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.12.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 01:41:32 Times Seen43077 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	184 B	2023-06-07	2023-06-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:57:36 Last Seen2023-06-07 07:57:36 Times Seen1 Hash 73954785e6086e421af17abeff3f768a e334c099d4ea7d89b0dcdf1f2b09467e4c8144d2 21b6683f1168e3d8a6508c90010009a6cacc666f7a301a6953150a1964338d63 Loading...

	unknown	361 B	2023-06-07	2023-06-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:57:36 Last Seen2023-06-07 07:57:36 Times Seen1 Hash 5250099f47ccfcfe5c7ce16a055c52cf 1c04063bc71d776c70866c33a9791aba0576a160 20d4efc124e2644e11f51233378da128dfb1898e7003550f00809041720b772a Loading...

	t.ly/cdn-cgi/challenge-platform/scripts/invisible.js	29 kB	2023-06-07	2023-06-07
Pretty URL t.ly/cdn-cgi/challenge-platform/scripts/invisible.js IP 104.26.12.201 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:57:36 Last Seen2023-06-07 07:57:37 Times Seen3 Hash 1ffd955ef9790c09ab102d0710cc6fc2 f09e425cab1dc6a4906000e42239e1e05fd1cd14 1ca53e72d35ef009e328775f7a4882e55642645e2973d104b12767f33a8cdcbd Loading...

	unknown	494 B	2023-03-11	2024-04-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:08:22 Last Seen2024-04-10 12:41:31 Times Seen5 Hash 286ab963284bbe2e1a5916bc69f6fdce d450174352858e1234f7437697ad5565a050ad2e da95098eefa641b35bca2caa69881196d8f418403e140f4ae7a6a36d48b5b3c9 Loading...

	unknown	173 B	2023-06-07	2023-06-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 07:57:36 Last Seen2023-06-07 07:57:36 Times Seen1 Hash a18b1096286ea8269ad7dcaf133eb5b3 2a3fb73147e1fb05a312eff7058dd7ba03674bdd 24310cfd62074e6015cfd04f68df4c96a69bdb4eddf7bb131daed04a9ef6d664 Loading...

HTTP Transactions (15)

URL IP Response Size

uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1

162.125.71.15

7.0 MB

URL
uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1
IP
162.125.71.15:0
ASN
#19679 DROPBOX

File type
7-zip archive data, version 0.4\012- data
Size
7.0 MB (7037203 bytes)
Hash
05efcc6fda2983c45fecf65721ead37e
9a11376d2f2a76c58d4b79b2f2b1d4ccf1e7334e
2323fb968230a44dcc1eb6168f46103019a4fdfbf67496fbf32bb35402794afe

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0	VirusTotal -

HTTP Headers

GET /cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1 HTTP/1.1
Host: uc911174c6099807474b141a1524.dl.dropboxusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.ly/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=60
content-disposition: attachment; filename="my allergies.rar.7z"; filename*=UTF-8''my%20allergies.rar.7z
content-security-policy: sandbox
etag: 1686091548095049d
pragma: public
referrer-policy: no-referrer
vary: Origin
x-content-security-policy: sandbox
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noimageindex
x-server-response-time: 160
x-webkit-csp: sandbox
content-type: application/binary
date: Wed, 07 Jun 2023 05:57:13 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7037203
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 57cf4381fe5f473f98678ff6d4b45362
X-Firefox-Spdy: h2

t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js

104.26.12.201

200 OK

5.6 kB

URL GET HTTP/3
t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5613), with no line terminators
Size
5.6 kB (5610 bytes)
Hash
0daa2f0f3c5cdf64b9b9b31d12671657
ef816393aa95e6cbcd2e4b6480792688ac88d147
8670c1e30937ad1fc61796d35651fe615a49416dc5407e060912157cb5bcd8d9

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS4k0JkMHgeKwI9V%2Fn%2FcvaR5XdAwe5VO7Xop0Ijl5RfZZSkPcVkHwOEy6qvXjvkggyznk3ZoWU%2BkytQj0viXt0Rua2BoU9xCuToPDmpuIk2V%2BR9uFQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8e967069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

162.125.71.15

200 OK

7.0 MB

URL User Request GET HTTP/2
uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1
IP
162.125.71.15:443
ASN
#19679 DROPBOX

Certificate
IssuerDigiCert Inc
Subjectdl.dropbox.com
FingerprintF7:BA:5F:D1:73:A5:04:E6:AC:52:C4:92:6F:20:23:8D:FD:B3:3F:D0
ValidityTue, 14 Feb 2023 00:00:00 GMT - Sat, 16 Mar 2024 23:59:59 GMT

File type

Size
7.0 MB (7037203 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1 HTTP/1.1
Host: uc911174c6099807474b141a1524.dl.dropboxusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.ly/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=60
content-disposition: attachment; filename="my allergies.rar.7z"; filename*=UTF-8''my%20allergies.rar.7z
content-security-policy: sandbox
etag: 1686091548095049d
pragma: public
referrer-policy: no-referrer
vary: Origin
x-content-security-policy: sandbox
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, noimageindex
x-server-response-time: 160
x-webkit-csp: sandbox
content-type: application/binary
date: Wed, 07 Jun 2023 05:57:13 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7037203
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 57cf4381fe5f473f98678ff6d4b45362
X-Firefox-Spdy: h2

t.ly/cdn-cgi/challenge-platform/scripts/invisible.js

104.26.12.201

302 Found

29 kB

URL GET HTTP/3
t.ly/cdn-cgi/challenge-platform/scripts/invisible.js
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type

Size
29 kB (28625 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 07 Jun 2023 05:57:11 GMT
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
vary: accept-encoding
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVDguqiStFz9%2BqmWebKAWmNjfY1ISCetyfAHKO1W7UV2eg0fgJN7jVBBRZONb7nVPzoaKle7nSeHkCXLo%2BYKqfgLDBS6G%2BfSZAFulZajDAsfGKu0ygE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7f868fc069b-OSL
alt-svc: h3=":443"; ma=86400

t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

104.26.12.201

200 OK

29 kB

URL GET HTTP/3
t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (28625), with no line terminators
Size
29 kB (28625 bytes)
Hash
1ffd955ef9790c09ab102d0710cc6fc2
f09e425cab1dc6a4906000e42239e1e05fd1cd14
1ca53e72d35ef009e328775f7a4882e55642645e2973d104b12767f33a8cdcbd

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zapgpo%2B4fEysil%2FmhOLSYv5buBrIiLKXes14cs9VmwrhQl3FVB5vck1VkBPUmVR%2Bazinrcv4iJwZ7eMojDB8oElW325mv3jKxMUQ77UyFu4hk03A6OU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8a92e069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t.ly/favicon.ico

104.26.12.201

200 OK

15 kB

URL GET HTTP/3
t.ly/favicon.ico
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15406 bytes)
Hash
48ec9ec332307562bbfce5317c44002b
c7cb315071bcfe58f26fd3ad12da9c7bffe43780
2fe691d93cfc19b6be69fff6af57bdab6917f40521b0499c88c6e3470d6ab3ac

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: image/x-icon
last-modified: Wed, 07 Jun 2023 02:35:17 GMT
vary: Accept-Encoding
etag: W/"647fece5-3c2e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-whom: tly-2
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WL%2BHZak2MH1Nyodv4HiLNYKmCBsRrpshT%2BZaPeN2kwErHxCp67hhC5UvFMkDOTD8B6zEoSaydUx%2BfxAu%2Bz1JnKf748lis99wrtYg047t%2B36cEQHb%2FOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f868f7069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

104.26.12.201

200 OK

29 kB

URL GET HTTP/3
t.ly/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (28625), with no line terminators
Size
29 kB (28625 bytes)
Hash
1ffd955ef9790c09ab102d0710cc6fc2
f09e425cab1dc6a4906000e42239e1e05fd1cd14
1ca53e72d35ef009e328775f7a4882e55642645e2973d104b12767f33a8cdcbd

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFu2EeW4IOZZMMDj66IEWAAoLse4JJa1AvMYEFle%2FNhDuEXioWFLAQi%2F%2FcUL13H1BEYUgYekEbnwjryyVD6Hy2zWwdEV1WjSEZqQJUSyGoHaCaQ9U2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8a929069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t.ly/allergies.rar

104.26.12.201

200 OK

7.6 kB

URL User Request GET HTTP/2
t.ly/allergies.rar
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7855), with no line terminators
Size
7.6 kB (7623 bytes)
Hash
5525e0033c8987adc007c3ba08c95926
50ba1ce816aa87a86065a0d20ee11cf7e2c6f09c
f5c5d63703d9d6a72d4907f3fb182d452866ec0d8a6605fe938179d7837d7d25

HTTP Headers

GET /allergies.rar HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:57:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-whom: tly-2
cf-cache-status: BYPASS
set-cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; expires=Wed, 21-Jun-2023 05:57:10 GMT; Max-Age=1209600; path=/; secure; samesite=lax
tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D; expires=Wed, 21-Jun-2023 05:57:10 GMT; Max-Age=1209600; path=/; secure; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE1nHn94HnIq6Lrs9dfpUIgwECYy%2B9q%2BUojsAOGvpkc1RsyVw34MIUWwR7DFwd9uUNHo9sClNTLM1F1oo6XMNP3WOlL2h7NIf%2B2pJqWO7v16WYcxcnQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f54eccb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.12.201

200 OK

12 kB

URL GET HTTP/3
t.ly/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 15:21:01 GMT
etag: W/"6476145d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P9hfeqBldQ4fHuWUtHMg2wqEctT%2Bbo0ToNEnU1ZKtDxM0TzadgJAIN6pLXI86GSH%2F%2F%2BhECF%2FCbqt9yRoU4F4X%2BS1vfVPjcIy020asEwg9a71h%2F4IZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7f838de069b-OSL
x-frame-options: DENY
expires: Fri, 09 Jun 2023 05:57:11 GMT
cache-control: max-age=172800, public
content-encoding: gzip

www.dropbox.com/s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z

162.125.71.18

302 Found

7.0 MB

URL User Request GET HTTP/2
www.dropbox.com/s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z
IP
162.125.71.18:443
ASN
#19679 DROPBOX

Certificate
IssuerDigiCert Inc
Subject*.dropbox.com
Fingerprint0C:D1:D4:EA:57:6E:E4:BA:1D:2C:86:8B:7F:C2:F8:E6:59:84:EA:D7
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 14 Nov 2023 23:59:59 GMT

File type

Size
7.0 MB (7037203 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.ly/
DNT: 1
Connection: keep-alive
Cookie: gvc=MjkzNTQxMjA2MjYzMDcwNzgxNzM1MTM4MjE0MzY4MDIyNzY4NjQ5; t=65-8xIppRkxwuCD55FO2LFWS; __Host-js_csrf=65-8xIppRkxwuCD55FO2LFWS; locale=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-security-policy: sandbox
location: https://uc911174c6099807474b141a1524.dl.dropboxusercontent.com/cd/0/get/B9jXfXivW6kqSDiEfkupn5nHOWuEJ8CaXUtMsEyDCGQf60zyJxm5oOzdwPVevTi0M5y5zL3pA7njrUWR6hQq8aiyurFt0sfXHyuQBi4yjPTGn3G3ilNyE2bR2qovW_BIEAACMwA6Nz6A2rEUhcHgvXUL3yHI9cxsPHFlLenTI2ZU0mEQNT4j8amPyrIokE3AOik/file?dl=1#
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=65-8xIppRkxwuCD55FO2LFWS; Domain=dropbox.com; expires=Sat, 06 Jun 2026 05:57:13 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=65-8xIppRkxwuCD55FO2LFWS; expires=Sat, 06 Jun 2026 05:57:13 GMT; Path=/; SameSite=None; Secure
__Host-ss=jcizgN1VJM; expires=Sat, 06 Jun 2026 05:57:13 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
__Host-logged-out-session=ChDrxRM0GJ5TpAYjiHJ9CrBIELi4gKQGGi5BR3hSZ0tmTUZxQ3ZzeHBlR1c4NWo3d2pMc0o1VTlESndkVklZcTl5d3hzV0dn; HttpOnly; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 05:57:12 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: d0ca70efd2244a9787dac41a97c7bbcd
X-Firefox-Spdy: h2

t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js

104.26.12.201

200 OK

5.7 kB

URL GET HTTP/3
t.ly/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5713), with no line terminators
Size
5.7 kB (5710 bytes)
Hash
ab1cdfe0949070ab64c45283a7b53841
ead31cb78c89eaa296c57ef45cd12a90d72c91c5
e4a113d5735f9081cd38ced97d99b1db9e408f54b3d7d0d40448335ede66409b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncebe3fi66qmTIDkRU%2FY8owOCfggJMJYNUNGN1sqCguhzw3xsIoClmw2Te7FMA%2BCwBJe1H2osR8ehp0P0mW0bW%2FU1EKRykSDzcYd4Qvqywh2zLYHJUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d36a7f8f974069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.dropbox.com/s/d3q9ci0kh8a8tqk/my%20allergies.rar.7z?dl=1

162.125.71.18

302 Found

7.0 MB

URL User Request GET HTTP/2
www.dropbox.com/s/d3q9ci0kh8a8tqk/my%20allergies.rar.7z?dl=1
IP
162.125.71.18:443
ASN
#19679 DROPBOX

Certificate
IssuerDigiCert Inc
Subject*.dropbox.com
Fingerprint0C:D1:D4:EA:57:6E:E4:BA:1D:2C:86:8B:7F:C2:F8:E6:59:84:EA:D7
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 14 Nov 2023 23:59:59 GMT

File type

Size
7.0 MB (7037203 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/d3q9ci0kh8a8tqk/my%20allergies.rar.7z?dl=1 HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.ly/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-security-policy: connect-src https://* ws://127.0.0.1:*/ws ; worker-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; font-src https://* data: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; media-src https://* blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' ; base-uri 'self' ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-gAG8xq0+GlVf9o0tpAn7VgOBHnE=' ; img-src https://* data: blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-gAG8xq0+GlVf9o0tpAn7VgOBHnE=' 'nonce-xiYNfYZS6yv1rhzdnElsn+j8334='
content-type: text/html; charset=utf-8
location: /s/dl/d3q9ci0kh8a8tqk/my%20allergies.rar.7z
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
set-cookie: gvc=MjkzNTQxMjA2MjYzMDcwNzgxNzM1MTM4MjE0MzY4MDIyNzY4NjQ5; Path=/; Expires=Mon, 05 Jun 2028 05:57:12 GMT; HttpOnly; Secure; SameSite=None
t=65-8xIppRkxwuCD55FO2LFWS; Path=/; Domain=dropbox.com; Expires=Sat, 06 Jun 2026 05:57:12 GMT; HttpOnly; Secure; SameSite=None
__Host-js_csrf=65-8xIppRkxwuCD55FO2LFWS; Path=/; Expires=Sat, 06 Jun 2026 05:57:12 GMT; Secure; SameSite=None
__Host-ss=jcizgN1VJM; Path=/; Expires=Sat, 06 Jun 2026 05:57:12 GMT; HttpOnly; Secure; SameSite=Strict
locale=en; Path=/; Domain=dropbox.com; Expires=Mon, 05 Jun 2028 05:57:12 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow, noimageindex
x-xss-protection: 1; mode=block
date: Wed, 07 Jun 2023 05:57:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: envoy
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 36700a9753934c4a947d8c3a1c4e54dd
X-Firefox-Spdy: h2

t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7

104.26.12.201

200 OK

2 B

URL POST HTTP/3
t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7 HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12354
Origin: https://t.ly
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D; __cf_bm=geOCdtUEaQv_SHrSpjDOfRNTKUb3zf73MP5Nvc.XJyo-1686117431-0-AdpJrMKI+qcaZSSX6dIuUtPka7/B6oUGwYfEm0loESGkQ2g/8Kqtd3LohHU9ICwOSIHh8VR/ZRP6MwCDwBY9NN7Kl31ebGnxUFrNJuX3Ok3I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=h0M0vK8wszqaoSYXRYifJTTE8odWlUv52laHLbxFuLU-1686117431-0-AfhL3OTAIT07hVCaXKVjsiZKWo5t4pGRKrctWRLbabtrVrR5wi0eAOLVJqc1zfZwR7Hs7sVDJ0b2Wu4gPhPOPj4Bv89N03s3daIjW8qD889f; path=/; expires=Wed, 07-Jun-23 06:27:11 GMT; domain=.t.ly; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULfNeOOirmjV442m7mBElgar0Y4Wc4VXhswJuMyX6uav33ajwQ8jHGJonxiI7eWzNWjwZ9OfhnnBwBfmrPDVP3rPNtZvnMA7gaJcoZuoLCn3tJQKs40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7faaa9c069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t.ly/cdn-cgi/challenge-platform/scripts/invisible.js

104.26.12.201

302 Found

29 kB

URL GET HTTP/3
t.ly/cdn-cgi/challenge-platform/scripts/invisible.js
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type

Size
29 kB (28625 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Wed, 07 Jun 2023 05:57:11 GMT
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma7gteTWu8I8calrhhD19R19H%2FF5h2jaEiL4uEp3LN6kdiTk0yrL5yn3VrPV9mVdu%2FqV9vsTixcVAengn69x9KvBNwZzqUmJuM%2Bd6W0sHB9HJ%2F2boow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7f87910069b-OSL
alt-svc: h3=":443"; ma=86400

t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7

104.26.12.201

200 OK

2 B

URL POST HTTP/3
t.ly/cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7
IP
104.26.12.201:443
ASN
#13335 CLOUDFLARENET

Requested by
https://t.ly/allergies.rar
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:36:C6:FA:48:DA:D1:25:BD:B1:9A:C2:CC:D7:84:A6:73:D9:62:BA
ValidityMon, 24 Apr 2023 00:00:00 GMT - Tue, 23 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/cv/result/7d36a7f54eccb4f7 HTTP/1.1
Host: t.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12354
Origin: https://t.ly
DNT: 1
Connection: keep-alive
Referer: https://t.ly/allergies.rar
Cookie: XSRF-TOKEN=eyJpdiI6InkvejR0T3lkV1dhYldBMFNjSUw3RVE9PSIsInZhbHVlIjoiN0hRdWdndlFUQ1FLVGtNQVM0bDVpaExhWXd3VFBkWXdrZGtCTm0vYzJ2bkt1SXpyTDBsY2RlZnFiRkM5c2Y5V2xCL3AzMWEyZ1VZRWRUR3VMNGdwSC84Z0lFZUpWcVVRQUIvL2dacDFZcXh4VElZTjhpRDB6cG1WemhvdjJmaDgiLCJtYWMiOiI1OTNmOGI5OWVlZjY3NjQwNDg5NzUyNjdkNzlkNDA0MTZjYTY0YWU4ZTg0NGY1ZDU1YzAwMDMxZDZiMTNiNTZjIiwidGFnIjoiIn0%3D; tly_session=eyJpdiI6Ikc2RFhZcEs3VXYzTEM4TUVHSWVrRXc9PSIsInZhbHVlIjoid25POXZvK3llaWZRT0UzcUV3R2R3ci9kbmlodzZSQnlqSFoySW8vN1JUSXkzYkNxU2UwWktKdHhhaVpjTDJ2WndvKzlRQlFvcHlTWVA4aTR0a2FzUTNyYWpRVWdEUktJNEJ1NGlzbXNQbVNOVEJzWUI5VlJoYnFhazhrTGVMZSsiLCJtYWMiOiI2Zjg2NTJmZjg5NzE0ZTdlMzIzMTE3ZjU4YWEzNDY2ZWFjZmVkMWIzOTYzMzY5YmQ1MjUzODNjNDhiNmI0NzFhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 07 Jun 2023 05:57:11 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=geOCdtUEaQv_SHrSpjDOfRNTKUb3zf73MP5Nvc.XJyo-1686117431-0-AdpJrMKI+qcaZSSX6dIuUtPka7/B6oUGwYfEm0loESGkQ2g/8Kqtd3LohHU9ICwOSIHh8VR/ZRP6MwCDwBY9NN7Kl31ebGnxUFrNJuX3Ok3I; path=/; expires=Wed, 07-Jun-23 06:27:11 GMT; domain=.t.ly; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLd2Y82es8ezWrtkOGuTapPcNZG%2FyGut6mcH63gVVC5skH%2BzQFubU9Y0byzbrwJ4SGwJWpcY2ak5ANzzP1M4PhMEoM0t9OBO33c136eJtm%2Bl72Y6IWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d36a7fa0a3f069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers