| relink.asia/cdn-cgi/challenge-platform/h/g/flow/ov1/1988004779:1745306039:ayG8QBeqwoTsZf45mAbQ0-5ws1O-dZRC2rKATIY55Ko/93438b255de5b50b/LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O |  104.21.5.188 | 200 OK | 16 kB |
URL POST relink.asia/cdn-cgi/challenge-platform/h/g/flow/ov1/1988004779:1745306039:ayG8QBeqwoTsZf45mAbQ0-5ws1O-dZRC2rKATIY55Ko/93438b255de5b50b/LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O IP104.21.5.188:80
File typeASCII text, with very long lines (16488), with no line terminators Hash0dca9ab25d945a879ad02afab7c3b3ec 38a292d9aa0b71d1409fc89a8428c5d789b8638a e245a3960d1a0ed7af01edbbabd92af1ae73682a50a972c168eff5ca1ce69bca
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1988004779:1745306039:ayG8QBeqwoTsZf45mAbQ0-5ws1O-dZRC2rKATIY55Ko/93438b255de5b50b/LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O HTTP/1.1
Host: relink.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://relink.asia/
cf-chl: LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2101
Origin: http://relink.asia
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Apr 2025 07:52:47 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: QbyI42XHe0u8nZuthijfWfgRbNiv20/pzSw9KOfSIMA=$5SswCctQ3qDJg9K3KLYdNg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njsbIPhS%2BZPv4V97mx%2FeWhq3S7%2BWRBVHhMZUEQrz0AUvBpaG6mrf0tQi1%2BxF8O7FIQY%2F7HeFrwp5mqVU08nC%2BQNcO6CUXQLClDwUnM04v%2FEERfL%2BA%2FCbj2gLO%2Fehyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 93438b30dd15b4f7-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1380&min_rtt=502&rtt_var=1513&sent=34&recv=26&lost=0&retrans=1&sent_bytes=37875&recv_bytes=3765&delivery_rate=18805194&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| | 172.67.154.169 | 403 Forbidden | 5.5 kB |
IP172.67.154.169:80
File typeHTML document, ASCII text, with very long lines (5540), with no line terminators Hash5ede78e7624b771922adc4bc1bf558cd 7dc76c3343c4aa924b67ef95712b39909fae8710 e8bde37458ea8edac768b50ff0de35f524567123036dcc10ed428c991b69eae9
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to a *.asia domain |
GET / HTTP/1.1
Host: relink.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 22 Apr 2025 07:52:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSjtORhQsucvFI5x%2FUipMMsJWSkFeeZoCCBJmiipNx8RlCCNRUcKMGW5UWZDXxLxdYX%2FUlXJ4VY4HkyTpVZdGpQTuArmmFlEFRvUHZmpoQxuPEGrM%2FP18i0Uf5blNw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93438b255de5b50b-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="93438b255de5b50b", cfL4;desc="?proto=TCP&rtt=482&min_rtt=482&rtt_var=241&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=396&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| relink.asia/favicon.ico | 104.21.5.188 | 200 OK | 1.2 kB |
IP104.21.5.188:80
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash2147e02d0c45be188bf4f1a654880012 d68314f2ce79fd98ac7b0ae4337ffffec8cc5051 1e0c11c369193c23c3f5a4a8fa01dbaa2c13a5ac9a3227518113b2a3e9171526
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to a *.asia domain | | suricata | medium | ET INFO HTTP Request to a *.asia domain |
GET /favicon.ico HTTP/1.1
Host: relink.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://relink.asia/?__cf_chl_rt_tk=efllUG4RSLleDr.IaSHWbWtivHexSggdFDFTTSqjcZ8-1745308365-1.0.1.1-HKIh2NQJcG..s.iohhj7cQkG.jZMhJVjobARN473sLI
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Apr 2025 07:52:46 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 25 Dec 2022 07:58:49 GMT
ETag: W/"63a802b9-47e"
Expires: Fri, 16 May 2025 09:31:15 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 512491
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGSYWDJxoaUsg4yPb%2Bqdv3mDLgE2j45gUbNxeFhEcPoqyutwemcxMH134tY6wa%2FcodVVhaWcZUXCEAcDfmGmiNE0KaIkv2tFzgAsVHymDOBXiG02aAuyOfr%2B92L6KA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93438b2bbef256a3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=477&min_rtt=477&rtt_var=238&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=469&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| relink.asia/cdn-cgi/challenge-platform/h/g/flow/ov1/1988004779:1745306039:ayG8QBeqwoTsZf45mAbQ0-5ws1O-dZRC2rKATIY55Ko/93438b255de5b50b/LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O | 104.21.5.188 | 200 OK | 4.2 kB |
URL POST relink.asia/cdn-cgi/challenge-platform/h/g/flow/ov1/1988004779:1745306039:ayG8QBeqwoTsZf45mAbQ0-5ws1O-dZRC2rKATIY55Ko/93438b255de5b50b/LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O IP104.21.5.188:80
File typeASCII text, with very long lines (4200), with no line terminators Hashd19fdaa3cde6ec9afd1ae2ce1791ae5e df07587fc4ff62c3efc966c563c95c6fb04bee82 08f95201181a553ef12b295c42ae34e8a8e129e5d3338b7636de743e4194743f
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1988004779:1745306039:ayG8QBeqwoTsZf45mAbQ0-5ws1O-dZRC2rKATIY55Ko/93438b255de5b50b/LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O HTTP/1.1
Host: relink.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://relink.asia/
cf-chl: LzbliKae0Ssey_oGtCdMiTZfv7NIXg5wJHl0GzxrEH4-1745308365-1.2.1.1-.x8yIwAOrS6aP7He0aQCdjQuSznscEsiu0RVWK9SiI4StTZ6ziZtOQAqHFxzQJ9O
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 4346
Origin: http://relink.asia
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Apr 2025 07:53:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out-s: O99oF8pSrzrDQzdJCC19ltkhuI9S3VrBAJEVnL2h8hAcj4/ACNM8N4qUKYoPjt79UkL5TmBeTawBhwAU7r1sBLrf7wN7SSCsg9UsseSpsNXobmmrZKI2ZwypzrXTp4G9xQNM1xOSEYj0aW3FgHwg7hFIuWXQgjskO44bqW1haTiRxL86F4oGFrEBvCjJmLCr6ns4OXD2+2pkHy+gtTTR0f2X9rNYmnhT2YcBcTfIzvljKi15nMrEoXDQ7xCozz8BznJzozCubuie7gBBZLXKOaueXNkTtjywPfe1e42ZYsbGvXhxWCGbyGNhq9pcu8aXbSXyO5F27X38YHv3gQNC1uUFRVXC6OGWNlLLpOzem3eLmaj31eOSj2+Wl3rR/4B5UqpfTkR/eNTvG/MRVmhov2zazuAwOInJBdBA64bIHbEZCpBcecMDhhx0Yn1H2UXJ/rUl6KieHqydTM7207zGZvIA7CthQajlrjn5eEURHE8hGm/pPjltYykCRnPZkJb+JA/eBJ34s/r/aDUjwNkhASQdzWoguG5b80pWUQQVo0p/lOlgxvhvZ5FU4zNyNBi9JXS9GJo3YJE/J8BY9WSktJpBvq07BMDQNrDPbQDKtOI=$YzFBmhzjKEZ7IjQ9myCvow==
cf-chl-out: FatuYzy4sWDjzR7ugU7xg2PLyk603/1GNgl63SdDwwbOCwv2ULffw1Sc8MXX71+P3yc8YsGVAhoFlX85pZT7JQ==$YsQX/GMQguGsrIRTwNzj7Q==
set-cookie: cf_clearance=.L79ow0xQoKZK42d1eo6K_ZXITphX0EdmdiAjrY9Kus-1745308383-1.2.1.1-XeWpEKS7_6EW40Y_pEBX6hqNoUFnpbGJdfANtvO0T..Dr6O67o3Gf1zQ.UFkXRsqm4mcIJestSxwKwdZ_XdxaZdanmAHc4LqOxr4l.hYp6GMa9_swBcL95ViTjAd0oyKT5iny2HB_ymVrU7K.hdi3KnBhm_u6Zj.GpeznepfCltepwCTkBRnQqdlldltpc1oDJKK8nUM1xZ2jyc7IwL2Gnksh4lb4D7Rgs9qRyTEL_hJL5lVgZ0BfvafGqNWcuFdPAXBA7Moh6HCaddHRmD8SunUprtB6lFPAOMvjzj7vnLZPERtZ7YXNQ1Y_D.pmVXinDgH17JAGF8UoBEwsjN5LSj1C4PV8NQz2jfREemcf_Y5cQZ8Sxw9A2cCOJUuRVnt; HttpOnly; SameSite=Strict; Path=/; Domain=relink.asia; Expires=Wed, 22 Apr 2026 07:53:03 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCOZl1%2BWrNecbs6T%2BhiNPatZH50pd%2BR1MS6UGF%2FOpm1QkIg1R5PXO%2BTBwc1m35ZyGISEFVg2a%2FyrjCudOoqPUugeYu39%2Bx8D%2BltpKbN%2F72NAPghMEaSECC4WNaBUoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 93438b92fbbcb4f7-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=928&min_rtt=502&rtt_var=251&sent=48&recv=42&lost=0&retrans=1&sent_bytes=51235&recv_bytes=8917&delivery_rate=18805194&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit | 104.18.95.41 | 200 OK | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit IP104.18.95.41:443
CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (48122) Hash3ed4ab6463fdabe2783a7a7828e94177 c80f67f86421dd2c071d5abc70337877db648266 91ce8bcef253fa49b7bbec10fa3c456261336414caa9da52e94988b6a44d1780
GET /turnstile/v0/g/44e6f86df4dc/api.js?onload=boSsq5&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://relink.asia
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Apr 2025 07:52:47 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 15 Apr 2025 10:23:44 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 93438b2e1b2bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ | 104.18.95.41 | 200 OK | 28 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ IP104.18.95.41:443
CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeHTML document, ASCII text, with very long lines (22054) Hashbf4bd1aaa2e56d3dd020317375382e22 9910b692c24c06fb58f7f5a665841eba5ee3a4e0 faf107593a37a68b151137adec0844bfe023d75d4bc55f238ddcb9bc4bc48f64
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Apr 2025 07:52:48 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-4lmCeLCc3QuegRUw' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 93438b34cab80b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/150979467:1745306060:64roQD_6ok_rh8VqK8KruhuNPNWL7hZ_pFPIlAiHv_s/93438b34cab80b59/xmSg0qQnAicczg8jzHFVB2tLRkAj42hG55KM9_NdSDA-1745308368-1.1.1.1-ALwqR4Cc4JxU77Zu0uh.RJrAXvy7YBxijAK9D4pGqQhry97GjN9CJJsotFD26_bY | 104.18.95.41 | 200 OK | 228 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/150979467:1745306060:64roQD_6ok_rh8VqK8KruhuNPNWL7hZ_pFPIlAiHv_s/93438b34cab80b59/xmSg0qQnAicczg8jzHFVB2tLRkAj42hG55KM9_NdSDA-1745308368-1.1.1.1-ALwqR4Cc4JxU77Zu0uh.RJrAXvy7YBxijAK9D4pGqQhry97GjN9CJJsotFD26_bY IP104.18.95.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size228 kB (227944 bytes) Hashd8f5564cbdd9596d0c8378f4dc6f741a a31a4cd23a29cfcb79dee5915157f8d30fe6dfbb d88e2db4495b7ef8c8df5b57e6e67bdf875dede7396311373ec7c9bd93990226
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/150979467:1745306060:64roQD_6ok_rh8VqK8KruhuNPNWL7hZ_pFPIlAiHv_s/93438b34cab80b59/xmSg0qQnAicczg8jzHFVB2tLRkAj42hG55KM9_NdSDA-1745308368-1.1.1.1-ALwqR4Cc4JxU77Zu0uh.RJrAXvy7YBxijAK9D4pGqQhry97GjN9CJJsotFD26_bY HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
cf-chl: xmSg0qQnAicczg8jzHFVB2tLRkAj42hG55KM9_NdSDA-1745308368-1.1.1.1-ALwqR4Cc4JxU77Zu0uh.RJrAXvy7YBxijAK9D4pGqQhry97GjN9CJJsotFD26_bY
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3727
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Apr 2025 07:52:50 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: ImKkBG6h/GkUPWK5QOWg3EYnGMMx0gOfqW/ou5ruuQ5iftSHnqVTh98eeE6w2z/8XlU8+wQZsW+dDH1sC6bs7czHbOJRtiKsWzbWkzbqjEWgXBfVd0ZA8lJMV3un1qwHWF6I5hv+GuxM+MTCZiiqP4cVJ2fZOuLrqz5Zt8SpRxTenbafAFGqS0jHMCCOF9/qZ2zuxQ2uZzOpnaSSiCAuJSOwoKaKsMXVgo0gQpnpCJ4GdpG5Fvw9HsLRDqSXomnxWy/Tc7gIsgZOEeWsvbcuAdd00Usjtqr7IruWpqVIV1raaSZay0vnbHHxkcfJXxAg3rKJD63obySM+Sxdz9osRBPHTBL+m6UX/8j7d+IbcUey8uI6poLWs4U4MQJYgP4w/ZfFIeLxBoAvez/n6UzbXXzHaTGChDi8TXNR0mo9VZKyTyYwPbsK+olYNvtn5aMiIEaWe/6JbQ8IVlYLVGg5ifKnK+Ltj39jBm2boup4c2SVM91R7g9AAAxWhLkKPopsME+Tm9C0yEdszMDpQ00eAQJPOJRX4iJH5aQIA9AZAVuDdZaxtXv0ES4Ej5VEm0FNAa/bKuU6YedKrBre9nP55W+oe6O26Ll4Q+Rq0gJ0u37Qi29xpTSHo9Ht6SNxuQBc4uNb8U0ageA4IXhOXSV57IkM2kGg24uFQK1BbktmSiRWLOyga+o2TcxIloQCzCo5HtweQivSeAaJOIBhDBHrXrArpQlwsCF4ry0GR8YNsM5ULF88qhqBMWsnoLjBp1yFIlrbJDdOch1vqWKbVUoMxA==$nxkg5UH8qFv2OeUFn0ZK4Q==
priority: u=3,i=?0
server: cloudflare
cf-ray: 93438b445e050b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/93438b34cab80b59/1745308370634/J8Ti6jUG9YH-Rih | 104.18.95.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/93438b34cab80b59/1745308370634/J8Ti6jUG9YH-Rih IP104.18.95.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 55 x 54, 8-bit/color RGB, non-interlaced Hash26bbc5c3dc46121400036ae6e0514b8f e2a07b5b02490d0802a5d01e0a73dac8e7848f46 64bb022d90fcba987dc08c8e672497d0a8976d158b86bef5f99d8beb55ac871b
GET /cdn-cgi/challenge-platform/h/g/d/93438b34cab80b59/1745308370634/J8Ti6jUG9YH-Rih HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Apr 2025 07:52:54 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 93438b5e4b180b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| | 104.21.5.188 | 403 Forbidden | 7.8 kB |
IP104.21.5.188:443
CertificateIssuerGoogle Trust Services Subjectrelink.asia FingerprintBB:07:20:2D:88:E4:59:E5:3F:FE:C1:A9:F7:1E:39:4B:7C:F4:AB:6A ValidityThu, 10 Apr 2025 23:01:00 GMT - Wed, 09 Jul 2025 23:58:28 GMT
File typeHTML document, ASCII text, with very long lines (7759), with no line terminators Hash722d652c89da1da40266fd932a1db36c 5a6d8a162ef90bd3bf314bdee23f821ca6377f1b 697acb9cc050e669e75177c163acbbd3c9c16deb71c7fbdc463180a98f9dc3eb
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to a *.asia domain |
GET / HTTP/1.1
Host: relink.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 22 Apr 2025 07:52:45 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 93438b232b63b517-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efz5PFfvRKNeLfZ9QCmya0K9rb7lD1ttcSjyGnIX7KHhf3%2B%2B0FgrYN93JssxSf4n54T5z6EsCcq3v1v2mQmOeY6iXqCtEPTmaWwhBoIFQGrfTlErN9xOQkfpI0Rc4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="93438b232b63b517", cfL4;desc="?proto=TCP&rtt=457&min_rtt=418&rtt_var=144&sent=5&recv=10&lost=0&retrans=0&sent_bytes=2985&recv_bytes=1246&delivery_rate=4950427&cwnd=252&unsent_bytes=0&cid=8dcfa5aeb161521f&ts=162&x=0"
X-Firefox-Spdy: h2
|
|
| relink.asia/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=93438b255de5b50b | 104.21.5.188 | 200 OK | 95 kB |
URL GET relink.asia/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=93438b255de5b50b IP104.21.5.188:80
File typeASCII text, with very long lines (65536), with no line terminators Hash7e421c68a2d884a01a6c669194c797a8 a4af103b44753e49020025755253c519f9ad01e2 76b714d68e47186f4802dccc8098b93d99150ba717d3af37ecfa93cadb8c1c0f
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to a *.asia domain |
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=93438b255de5b50b HTTP/1.1
Host: relink.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://relink.asia/?__cf_chl_rt_tk=efllUG4RSLleDr.IaSHWbWtivHexSggdFDFTTSqjcZ8-1745308365-1.0.1.1-HKIh2NQJcG..s.iohhj7cQkG.jZMhJVjobARN473sLI
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Apr 2025 07:52:46 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WZXFbsw7%2B54oz%2FNjzkGWkSsOMcbhafTiXjSn3EGeCgfUfKEXaSh2K7bGM7GGNmyuutpVkf9pUgr3r%2FVhEj8cFhq7GuUsm82EiG5lXeffmzU%2BEW03NAMFf4IAqDqQw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 93438b2bbc6ab4f7-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=534&min_rtt=534&rtt_var=267&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=511&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| relink.asia/favicon.ico | 104.21.5.188 | 200 OK | 1.2 kB |
IP104.21.5.188:80
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash2147e02d0c45be188bf4f1a654880012 d68314f2ce79fd98ac7b0ae4337ffffec8cc5051 1e0c11c369193c23c3f5a4a8fa01dbaa2c13a5ac9a3227518113b2a3e9171526
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET INFO HTTP Request to a *.asia domain | | suricata | medium | ET INFO HTTP Request to a *.asia domain |
GET /favicon.ico HTTP/1.1
Host: relink.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://relink.asia/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Apr 2025 07:52:46 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 25 Dec 2022 07:58:49 GMT
ETag: W/"63a802b9-47e"
Expires: Fri, 16 May 2025 09:31:15 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 512491
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ReY7PBKJhcX7yFBygM2Ss8ErQWhRboeKlGxUyq%2BWLLElCfOowKEcqOseyF%2BQmQpjxkGQnAvwSly5fVxeonRl4bworAtc%2F9NkL7M6yXRfHd2DO9AjZ7Eez%2B5enGiq6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93438b2d3edcb4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1642&min_rtt=534&rtt_var=1881&sent=31&recv=21&lost=0&retrans=1&sent_bytes=36577&recv_bytes=858&delivery_rate=18805194&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 | 104.18.95.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1 IP104.18.95.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Apr 2025 07:52:49 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 93438b3ccc990b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93438b34cab80b59&lang=auto | 104.18.95.41 | 200 OK | 115 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93438b34cab80b59&lang=auto IP104.18.95.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size115 kB (115061 bytes) Hashf5d1def28fa6051fd6bea5d73443ed39 1ec50414a72cd06253fcae135e8b0919cd8b6cb6 7f1031486d3de0b6bbc4cd2ea38dd371af0e89e287a0048c35dc7812fcac7970
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=93438b34cab80b59&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/87mbv/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Apr 2025 07:52:49 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 93438b3d0ce20b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
0.0.0.0