Report - mail.implants.dentlap.com/

Report Overview

Visited public
2025-06-10 12:29:33
Tags
URL
mail.implants.dentlap.com/
Finishing URL
mail.implants.dentlap.com/
IP / ASN
95.129.234.32
#57724 Ddos-guard Ltd
Title
Cintatogel - Login Link Alternatif Situs Thailand Gacor, Daftar Server Thailand Terbaru

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mail.implants.dentlap.com	unknown	unknown	No data	No data	4.7 kB	921 kB	95.129.234.32
laz-g-cdn.alicdn.com	16513	2008-06-25	2017-09-28	2025-06-06	1.6 kB	74 kB	90.84.160.25
lzd-img-global.slatic.net	25020	2013-09-24	2021-12-16	2025-06-05	10 kB	225 kB	98.98.201.152
fourier.taobao.com	12218	2003-04-21	2019-10-09	2025-06-07	1.1 kB	2.0 kB	124.239.14.250
laz-img-cdn.alicdn.com	17299	2008-06-25	2017-09-20	2025-06-06	475 B	20 kB	38.54.123.60
g.alicdn.com	6787	2008-06-25	2014-10-06	2025-06-07	2.2 kB	348 kB	163.181.253.194
fourier.alibaba.com	245815	1999-04-15	2017-12-29	2025-06-04	816 B	262 B	47.246.165.51
arms-retcode-sg.aliyuncs.com	27962	2012-04-01	2017-12-29	2025-06-05	1.7 kB	532 B	8.222.203.130
gj.mmstat.com	23875	2007-12-25	2014-12-16	2025-06-05	1.3 kB	1.0 kB	47.246.136.160
g.lazcdn.com	unknown	2021-11-05	2022-09-16	2025-06-05	12 kB	3.9 MB	90.84.161.26
aeis.alicdn.com	23225	2008-06-25	2016-08-25	2025-06-07	763 B	444 kB	23.49.27.47
i.gyazo.com	72426	2007-08-31	2014-03-14	2025-06-10	454 B	1.0 kB	104.18.25.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-06-10 12:29:11	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:11	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:11	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:11	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:12	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:12	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:13	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:15	low	Client IP	8.222.203.130	ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)
2025-06-10 12:29:21	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content
2025-06-10 12:29:22	medium	95.129.234.32	Client IP	ET HUNTING DDoS-Guard Hosted Content

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	From	Size	First Seen	Last Seen
	mail.implants.dentlap.com/	ScriptElement	2.6 kB	2025-03-20	2025-06-14
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-20 01:44 Last Seen2025-06-14 11:21 Times Seen5 Hash 5886428cabfe69ed2957daaf978b08c4 8985d67746a8eea8af30f31c59f0cd0890f4a06f 51c68afb087a61de36215273550f04cefc3507699eef0a1a7f79a6b6e4a294ca Loading...

	mail.implants.dentlap.com/	ScriptElement	1.3 kB	2025-06-10	2025-06-10
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-10 12:29 Last Seen2025-06-10 12:29 Times Seen1 Hash 2e5764bede8fee4d1f1405c114dfa195 53eb9dc3d4ff4650ab9d142c9ee36011297b2a93 872f9220e8689291be2581211a03b06dce2db86f3284adeed9c2149cb7652e4a Loading...

	aeis.alicdn.com/sd/ncpc/nc.js?t=18507	ScriptElement	1.0 kB	2025-04-07	2025-06-16
Pretty URL aeis.alicdn.com/sd/ncpc/nc.js?t=18507 IP 23.49.27.47 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 03:45 Last Seen2025-06-16 04:54 Times Seen940 Hash 5ee36d223fa73738da1f19f3c142120d 1c2bfd963a3b2bef240dbe9cae5ca274fc234f84 c734f8109dbac3307045fb509a6e6ec7f487e972c83c23673c57a82ade0d1e12 Loading...

	mail.implants.dentlap.com/	ScriptElement	52 B	2024-12-01	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-01 05:19 Last Seen2025-06-16 04:19 Times Seen4732 Hash 24cde74cc7fc2c325560676364ca86c5 b1f3717d256bd5cb2a79a010c4b9926634a07553 c5424c786987ce794a9f85365566f7734cda9acdcd98ea307d52d15336826256 Loading...

	gj.mmstat.com/eg.js?t=1749558553819	ScriptElement	91 B	2025-06-10	2025-06-10
Pretty URL gj.mmstat.com/eg.js?t=1749558553819 IP 47.246.136.160 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-10 12:29 Last Seen2025-06-10 12:29 Times Seen1 Hash 6950940670b28fc294f00213d8daf0ed 85ac549e6b7a785cff6d5b9c6dec78d50b3037d5 468083688789bf30b3f1491e9fd69d32eb53f2ee849dcda32d3aab1f18e4727b Loading...

	mail.implants.dentlap.com/	ScriptElement	679 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen4650 Hash ce73f2d5b298e28b9aa2b1477cd8f8bb f9604856acc070d15f19268b0223f09aa2cb5e3d 88abc67efc26636ba601bfcd2319edd6bb6f74fd491ac8ffb15fe1aeadc52dde Loading...

	mail.implants.dentlap.com/	ScriptElement	622 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen4411 Hash d82140c0aacd543897982da496488fae 84ad33941b580f5441930dc3046f23bba8b51311 254914c98f7d87e0cb1c49e94b2e0728a695853fe4d14a0e7a01ad753f5e992b Loading...

	g.lazcdn.com/g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js	ScriptElement	1.0 kB	2025-03-07	2025-06-16
Pretty URL g.lazcdn.com/g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-07 05:46 Last Seen2025-06-16 02:35 Times Seen780 Hash 3477bd149b1f475d8d5abc1a1dc645f9 517129473a45ac8b4c4f2df4c9cdfa3bf38592a7 70b8579772aafbbf19ad2c6c195776335b15afd1fbc096ea96c308224847fb30 Loading...

	mail.implants.dentlap.com/	ScriptElement	136 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen4626 Hash 606ddcc644ce95802cad32817f1783fb be1f53ac097289d5648d9df84211d66ca3630b77 b3b337698c327db8ea4e462b95c2a02d2fd3cf33fa2263251ed359da463f2a73 Loading...

	fourier.taobao.com/rp?ext=51&data=jm_GhPPIEEejhcCAVtaKppj707D&random=7809691714103878&href=http%3A%2F%2Fmail.implants.dentlap.com%2F&protocol=http:&callback=jsonpCallback	ScriptElement	1.4 kB	2023-07-13	2025-06-16
Pretty URL fourier.taobao.com/rp?ext=51&data=jm_GhPPIEEejhcCAVtaKppj707D&random=7809691714103878&href=http%3A%2F%2Fmail.implants.dentlap.com%2F&protocol=http:&callback=jsonpCallback IP 124.239.14.250 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 07:25 Last Seen2025-06-16 06:28 Times Seen18996 Hash 8af8a0f23331af9be132b12dd8d9626d 874603d29b0664147d9d19262587f5cf0bfa7bc2 29b7217acb615f118fba97483fb6909f81af614d76294e7e1a4bc1d3d2506c9a Loading...

	mail.implants.dentlap.com/	ScriptElement	334 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen4423 Hash 6f5e9af8a5ea7f903c6ecf90454b8776 929f219f82cd5ed121cd2253baec02d72ace6389 e0d4cf7dd54b3ad82cc79ebec0e2d6b067209408917e2d6c47104228250148de Loading...

	mail.implants.dentlap.com/	ScriptElement	2.9 kB	2025-02-19	2025-06-15
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-19 07:34 Last Seen2025-06-15 13:23 Times Seen47 Hash adb17ad103c034f7b21d3e3547622271 9767b933f57cf78ee6af4bc3dcd0ce733876afff 6f4a271ee0daa392996a56180a44f318720d0ce94c0281f12e1fb84a432c7128 Loading...

	mail.implants.dentlap.com/	ScriptElement	269 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen4327 Hash d357c8d2597788e9125b0a97dac9e2da ea8e466c2ccf45b7e97f48d11d176214def90c00 00209c23faa59a8475701c7b774d3e3ef1fcb355dd4a576ebf10b830d4488ef5 Loading...

	mail.implants.dentlap.com/	ScriptElement	5.1 kB	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen3825 Hash 828b08c928315521f29aeb38998c687f f6f767f67a83add1f1027e5e6533bd4afb9ee824 6cf5acfbab261501ce9407173403d6505f842b0ca1cfe718cad878d6dc4c2d18 Loading...

	mail.implants.dentlap.com/	ScriptElement	148 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen4217 Hash 0207a2fda4a4702005699d1538b05b2c f643963ec03ebd06186ce7dba2c7af458c8cfef3 1f8b58266f23822e824cfa17e981ec3ac1469b724cdb2023ad1b884e933ec0e4 Loading...

	mail.implants.dentlap.com/	ScriptElement	66 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen4185 Hash 242aea967bf415211ec812e3e7113c93 af1fcfedceab9981a95795981e63ab6371e8eb34 cb9e2bcc7160a655eb0b06edda0b6733c27521447ddf302ac9a6b608d508e21a Loading...

	g.alicdn.com/sd/baxia/2.5.31/baxiaCommon.js	ScriptElement	1.0 kB	2024-12-26	2025-06-16
Pretty URL g.alicdn.com/sd/baxia/2.5.31/baxiaCommon.js IP 163.181.253.194 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-26 03:23 Last Seen2025-06-16 04:54 Times Seen4405 Hash 7d45517ef25b42a5ee6fb1ce9647a3e2 aea40ef5144cdc4ca4a4bee470db914b0f9c50d5 045696b4eebff1dee9a2bfad94ebb25406ca0bf53d1e616cfc12200659ee6cea Loading...

	g.lazcdn.com/g/lzd/assets/0.0.5/next/0.19.21/next.min.js	ScriptElement	932 kB	2023-03-08	2025-06-16
Pretty URL g.lazcdn.com/g/lzd/assets/0.0.5/next/0.19.21/next.min.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:45 Last Seen2025-06-16 06:28 Times Seen16683 Hash e89190474b7dc4b988edbb405ff0cd32 e9f418799d20cd8bcdb5eab3ef9c562b2e39da2c 07aef6cb37f4d696f2dc269aea4e6646c8514c999105855a16d5199834d172b0 Loading...

	g.lazcdn.com/g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js	ScriptElement	570 kB	2023-06-03	2025-06-16
Pretty URL g.lazcdn.com/g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-03 14:51 Last Seen2025-06-16 06:28 Times Seen13385 Hash 57b2e10e609191c186511592a94d6bb6 93b3c6cc26945388a44a1442207011c80f02387c e0bf62f312659a4a2c542885f41c26df7a9d5458e5b4c06ad6186569d3cfc919 Loading...

	g.lazcdn.com/g/alilog/mlog/aplus_int.js	ScriptElement	1.0 kB	2025-05-23	2025-06-16
Pretty URL g.lazcdn.com/g/alilog/mlog/aplus_int.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-23 23:53 Last Seen2025-06-16 02:35 Times Seen875 Hash c5d3fd0c7bb98903318d6a98625439b0 0e5122317429975bdb39effe0c7b2a565cce339b 27ef82e69cf91e8db4ce5fa3b3037f24e7fbccaec7395d0fc7d2f9564ad74cb3 Loading...

	g.lazcdn.com/g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js	ScriptElement	62 kB	2025-04-02	2025-06-16
Pretty URL g.lazcdn.com/g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-02 22:29 Last Seen2025-06-16 06:32 Times Seen14983 Hash 313fce95ea9fc889a2f8853921915657 06a74499752f47966db61127958a9700f8db5818 ec8b30600526cd5a830095f016c5eb1016272c154c83a406be845aec0745f2d3 Loading...

	g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.js	ScriptElement	82 kB	2023-10-16	2025-06-16
Pretty URL g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-16 06:16 Last Seen2025-06-16 06:28 Times Seen14997 Hash 1663855fe3963805db3cdd7fb08ea591 b4b99318bdb2bcf37de40386cb4f2eb38d865638 49760473597b8b5964e4956f746fa8e098419b34f81f1236abb104e2e8ea9d1d Loading...

	g.lazcdn.com/g/retcode/cloud-sdk/bl.js	ScriptElement	1.0 kB	2025-03-06	2025-06-16
Pretty URL g.lazcdn.com/g/retcode/cloud-sdk/bl.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-06 22:26 Last Seen2025-06-16 03:27 Times Seen2046 Hash c7b84c33696e7266ff235d10c5659d5b 28b09cf8fb5878398bf87e6bf06b14fe962f2193 2aa84223fe5dbe2f70dc57bc0e09d4ec2ad1581c07e0879c3422cbbe95021d48 Loading...

	mail.implants.dentlap.com/	ScriptElement	3.3 kB	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen3879 Hash d34045df9136a8c369d5d020cb18a6f0 e1c83d379fbcc626cd16195337b01003e174fb4a 8d6bd7ebaa3f23b34997f30d2855db79027204f4b635ce9f38df59591c8cb121 Loading...

	g.lazcdn.com/g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js	ScriptElement	189 kB	2024-08-12	2025-06-16
Pretty URL g.lazcdn.com/g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js IP 90.84.161.26 ASN #2285 Orange Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-12 05:44 Last Seen2025-06-16 06:28 Times Seen15744 Hash 2ccd0968cdba249db3247c66f9f87c18 f2fd43093bea8756c20c99ade52e4e7089d0446e cd1411bbb194fde0a1a0b729f03c3a5bb38ca17b43983b0eb706c519a34280ca Loading...

	mail.implants.dentlap.com/	ScriptElement	398 B	2024-12-06	2025-06-16
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-06 01:41 Last Seen2025-06-16 04:19 Times Seen3699 Hash 69ec8f0fff8be2d9a23d54fe0e605862 8671ee12b8c55351919665eeeeb409f94532f53f 54bfc59ea8f8d19c54dcd330cb3f493f8e9168bc9dd77306dfc9696635ffa866 Loading...

	mail.implants.dentlap.com/	ScriptElement	7.5 kB	2025-06-10	2025-06-10
Pretty URL mail.implants.dentlap.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-10 12:29 Last Seen2025-06-10 12:29 Times Seen1 Hash 0cc15c084931428e18dd4c0a892df7a0 50318fbb713ac184103652f448350601d179e849 52221c34c334e5044864b3773e844b39a0c27ebe70eaf2ceb35b8cc914be941b Loading...

	g.alicdn.com/sd/baxia-entry/index.js	ScriptElement	18 kB	2025-06-04	2025-06-16
Pretty URL g.alicdn.com/sd/baxia-entry/index.js IP 163.181.253.194 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-04 03:23 Last Seen2025-06-16 06:28 Times Seen5147 Hash 1da27f788daed8db3f9538b528fade0b 753e594a437d0cad965cfb91433a674b6d18ea29 65b746cd7ea3e4f9adee9f1ff5abc88a700127e5de5d694cc5a604ff0df567dd Loading...

HTTP Transactions (73)

URL IP Response Size

g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.js

90.84.161.26

200 OK

74 kB

URL GET
g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (74177 bytes)
Hash
9bdefd73dc25b84bfe8d9917b6120020
006f41d33d4a21eadbfe250e569b140a63fd5469
73a8360e318e76b752e953261326592e2ed9be1c1da0b6dbc9dd527e8f76830d

HTTP Headers

GET /g/lzdfe/pdp-platform/0.1.22/pc.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 25993
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6842BC8A0FEF153230A950A1
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 541127663539026094
x-oss-storage-class: Standard
content-md5: m979c9wluEv+jZkXthIAIA==
x-oss-server-time: 29
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fdb217492041058542700e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE4[2],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE27[3],EU-FRA-paris-GLOBAL1-CACHE17[0,TCP_HIT,2],cache31.l2fr1[0,17,200-0,H], cache12.l2fr1[20,0], ens-cache14.fr6[0,0,200-0,H], ens-cache38.fr6[1,0]
ali-swift-global-savetime: 1749204107
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 08 Jun 2025 10:06:12 GMT
x-swift-cachetime: 431735
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdba17494635758081069e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 3350cb4a3b65e8197acce744176aebc6
nginx-hit: 1
age: 83337
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

g.lazcdn.com/g/alilog/mlog/aplus_int.js

90.84.161.26

200 OK

16 kB

URL GET
g.lazcdn.com/g/alilog/mlog/aplus_int.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15420)
Size
16 kB (15590 bytes)
Hash
2fb0e843748bf497607842678fee0f7b
41a8b37a3ebda67884a222f654d499f105d4dcc7
8d4eba05a93b2dabe06c400ba0256fb8680f3e763392398cab0d26278563b784

HTTP Headers

GET /g/alilog/mlog/aplus_int.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 7162
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6841BE2BF241963133BDDCF2
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5894079369142625180
x-oss-storage-class: Standard
content-md5: L7DoQ3SL9JdgeEJnj+4Pew==
x-oss-server-time: 20
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: 2ff6319917491389866435218e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[2],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE27[4],EU-FRA-paris-GLOBAL1-CACHE4[0,TCP_HIT,2],cache30.l2fr1[0,0,200-0,H], cache28.l2fr1[0,0], ens-cache36.fr6[0,0,200-0,H], ens-cache34.fr6[1,0]
ali-swift-global-savetime: 1749138987
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 16:56:28 GMT
x-swift-cachetime: 601199
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb617495567184857367e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 73328132562ac32b4c52332b6eb5aa4e
nginx-hit: 1
age: 1196
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzd/assets/0.0.5/next/0.19.21/next.min.js

90.84.161.26

200 OK

932 kB

URL GET
g.lazcdn.com/g/lzd/assets/0.0.5/next/0.19.21/next.min.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32077)
Size
932 kB (931662 bytes)
Hash
e89190474b7dc4b988edbb405ff0cd32
e9f418799d20cd8bcdb5eab3ef9c562b2e39da2c
07aef6cb37f4d696f2dc269aea4e6646c8514c999105855a16d5199834d172b0

HTTP Headers

GET /g/lzd/assets/0.0.5/next/0.19.21/next.min.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 267631
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6842509F91C30D37367A1B56
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13953652536235100702
x-oss-storage-class: Standard
content-md5: 6JGQR0t9xLmI7btAX/DNMg==
x-oss-server-time: 8
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: 2ff6319c17491764785322108e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[5],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE22[3],EU-FRA-paris-GLOBAL1-CACHE21[0,TCP_HIT,1],cache21.l2fr1[0,0,200-0,H], cache5.l2fr1[1,0], ens-cache9.fr6[0,0,200-0,H], ens-cache34.fr6[1,0]
ali-swift-global-savetime: 1749176479
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 06 Jun 2025 04:21:34 GMT
x-swift-cachetime: 597585
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb617495550930006600e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 018086005ef91f810e656b762c303e13
nginx-hit: 1
age: 1273
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i2/O1CN01ENOAXK1UR05CB9iwA_!!6000000002513-2-tps-96-70.png

98.98.201.152

200 OK

7.1 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i2/O1CN01ENOAXK1UR05CB9iwA_!!6000000002513-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7098 bytes)
Hash
7e44fb65f568f4664de0b40c407d7956
f253a79f0042f85bb301d8e8ebdb40121fcaa9a7
34b8804296d8073ac8158e2454e97b39977344498ff18fdc591878d4a0acf4ec

HTTP Headers

GET /g/tps/imgextra/i2/O1CN01ENOAXK1UR05CB9iwA_!!6000000002513-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 7098
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 566828
ali-swift-global-savetime: 1723314137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: fkT7ZfVo9GZN4LQMQH15Vg==
eagleid: a3b58c9a17237148726963565e
etag: "7E44FB65F568F4664DE0B40C407D7956"
expires: Thu, 19 Jun 2025 06:08:27 GMT
last-modified: Wed, 19 Jun 2024 03:15:55 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-03
x-ccdn-cachettl: 8640000
x-ccdn-expires: 2847919
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 73ca48bda899d05cb4e6c33908e28c14
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3867071
x-swift-savetime: Sun, 11 Aug 2024 00:11:06 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN011Ya3Kg1OSw3sg81tm_!!6000000001705-2-tps-96-70.png

98.98.201.152

200 OK

6.0 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN011Ya3Kg1OSw3sg81tm_!!6000000001705-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5990 bytes)
Hash
05a0832064e6d46eafea10e5ac9f96cf
d28077383314ee082499d493cf889e1809b4a72e
1c7dc518bff241df97f82393487d5bca438a2983073ea7607c75f3d10a7c9095

HTTP Headers

GET /g/tps/imgextra/i3/O1CN011Ya3Kg1OSw3sg81tm_!!6000000001705-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 5990
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 463793
ali-swift-global-savetime: 1737521223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: BaCDIGTm1G6v6hDlrJ+Wzw==
eagleid: a3b58c9717404216376205616e
etag: "05A0832064E6D46EAFEA10E5AC9F96CF"
expires: Thu, 12 Jun 2025 07:07:31 GMT
last-modified: Sun, 18 Aug 2024 04:27:04 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09
x-ccdn-cachettl: 8640000
x-ccdn-expires: 8292797
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 5dbbb21495facaefeed12bef83f6c884
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3810123
x-swift-savetime: Thu, 23 Jan 2025 02:25:00 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01bSHOIg1O2N9lO20XK_!!6000000001647-2-tps-34-34.png

98.98.201.152

200 OK

533 B

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01bSHOIg1O2N9lO20XK_!!6000000001647-2-tps-34-34.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 34 x 34, 8-bit colormap, non-interlaced
Size
533 B (533 bytes)
Hash
8fd8c875435d9f1b2160aa2a9994cf42
932831ffec70a345d5c0b4daad315d0915edaa37
7e1588c6fa7175777e2fdf34c17895bb0b2ce24583ab591eadc1c024a5a056d7

HTTP Headers

GET /g/tps/imgextra/i3/O1CN01bSHOIg1O2N9lO20XK_!!6000000001647-2-tps-34-34.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 533
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 571009
ali-swift-global-savetime: 1732431789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: j9jIdUNdnxshYKoqmZTPQg==
eagleid: a3b523a217352919098226630e
etag: "8FD8C875435D9F1B2160AA2A9994CF42"
expires: Wed, 11 Jun 2025 01:23:09 GMT
last-modified: Tue, 24 Sep 2024 20:36:17 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-21-10
x-ccdn-cachettl: 8640000
x-ccdn-expires: 6211623
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: fb232e9bd0edbdbc250e584569f79b0e
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3602899
x-swift-savetime: Wed, 27 Nov 2024 14:14:50 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

g.lazcdn.com/g/alilog/??s/8.15.24/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.24/plugin/aplus_ae.js,s/8.15.24/aplus_int.js,s/8.15.24/plugin/aplus_spmact.js?v=20250522191903

90.84.161.26

200 OK

151 kB

URL GET
g.lazcdn.com/g/alilog/??s/8.15.24/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.24/plugin/aplus_ae.js,s/8.15.24/aplus_int.js,s/8.15.24/plugin/aplus_spmact.js?v=20250522191903
IP
90.84.161.26:80
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32049)
Size
151 kB (151288 bytes)
Hash
57cb9a84a208e79f0d4b08ea01662a46
c4053a86522ff0a088e031a4a470007849b4b3c1
9b5e14b74851e89c066712339d63051a72d8994999c09e5e1e4417a6a16b5c16

HTTP Headers

GET /g/alilog/??s/8.15.24/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.24/plugin/aplus_ae.js,s/8.15.24/aplus_int.js,s/8.15.24/plugin/aplus_spmact.js?v=20250522191903 HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://mail.implants.dentlap.com/
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 10 Jun 2025 12:29:13 GMT
Content-Type: application/javascript
Content-Length: 47197
Connection: keep-alive
Server: openresty
Vary: Accept-Encoding
x-oss-request-id: 682F215FE8B30D3832C4A476
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3470171396434443909
x-oss-storage-class: Standard
Content-MD5: cKQnVZzrbdoWy47gjJNnrA==
x-oss-server-time: 18
Access-Control-Allow-Origin: *
X-Source-Scheme: https
Content-Encoding: gzip
EagleEye-TraceId: 2ff6319917479191988663147e
Strict-Transport-Security: max-age=0
Timing-Allow-Origin: *
Via: EU-GER-frankfurt-EDGE5-CACHE5[3],EU-GER-frankfurt-EDGE5-CACHE1[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE25[5],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2],cache26.l2fr1[1256,1255,200-0,M], cache31.l2fr1[1257,0], ens-cache5.fr5[1276,1275,200-0,M], ens-cache5.fr5[1278,0]
Ali-Swift-Global-Savetime: 1747919200
X-Cache: MISS TCP_MISS dirn:11:721329182
X-Swift-SaveTime: Thu, 22 May 2025 13:06:40 GMT
X-Swift-CacheTime: 604800
Access-Control-Allow-Methods: GET,HEAD
Alt-Svc: h3=":443"; ma=2592000
EagleId: 2ff6319917479191988663147e
x-hcs-proxy-type: 1
X-CCDN-CacheTTL: 2592000
X-CCDN-REQ-ID-46B1: 27c3cc317df0b12e09d29f6504fdadab
nginx-hit: 1
Age: 1624841
Cache-Control: max-age=31104000,s-maxage=31104000
Accept-Ranges: bytes
cdn-type: hwc
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk

fourier.taobao.com/ts?url=&token=BAAA_iG1fIsTRgCPD5rLq3Mz0ofSieRTgnidjnqRzJuu9aAfIpm049bTC8U13pwr&cna=GhPPIEEejhcCAVtaKppj707D&ext=1

124.239.14.250

200 OK

0 B

URL GET
fourier.taobao.com/ts?url=&token=BAAA_iG1fIsTRgCPD5rLq3Mz0ofSieRTgnidjnqRzJuu9aAfIpm049bTC8U13pwr&cna=GhPPIEEejhcCAVtaKppj707D&ext=1
IP
124.239.14.250:443
ASN
#4134 Chinanet

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subjecttfe.alibaba.com
Fingerprint2A:E7:3A:AD:21:93:AF:7D:07:7B:ED:C0:D4:25:1B:59:27:BF:EA:34
ValidityWed, 19 Mar 2025 08:54:01 GMT - Mon, 05 Jan 2026 02:01:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ts?url=&token=BAAA_iG1fIsTRgCPD5rLq3Mz0ofSieRTgnidjnqRzJuu9aAfIpm049bTC8U13pwr&cna=GhPPIEEejhcCAVtaKppj707D&ext=1 HTTP/1.1
Host: fourier.taobao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:16 GMT
content-type: image/gif
content-length: 0
server: Tengine
X-Firefox-Spdy: h2

g.lazcdn.com/g/??lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-1.css,lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-2.css,lazada/lazada-product-detail/1.7.4/index/index.css

90.84.161.26

200 OK

412 kB

URL GET
g.lazcdn.com/g/??lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-1.css,lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-2.css,lazada/lazada-product-detail/1.7.4/index/index.css
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
ASCII text, with very long lines (65532), with CRLF line terminators
Size
412 kB (412214 bytes)
Hash
0b0e18dda16ec5e61529240b3a3191c6
d91faebc6c036977981192a546db68148b268d57
428999fa916da237442560ccd11f22dc53a5f73c036d476813c85d540670e620

HTTP Headers

GET /g/??lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-1.css,lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/next-noreset-2.css,lazada/lazada-product-detail/1.7.4/index/index.css HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: text/css
content-length: 66420
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 68423EA4145D00393943D821
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15844781135382133320
x-oss-storage-class: Standard
content-md5: rQDWIYFqRsvPnTYuX7UILA==
x-oss-server-time: 5
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: 2ff6319b17491718759115164e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[2],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE12[2],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,1],cache36.l2fr1[0,7,200-0,H], cache22.l2fr1[9,0], ens-cache14.fr6[0,0,200-0,H], ens-cache14.fr6[1,0]
ali-swift-global-savetime: 1749171877
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 06 Jun 2025 04:04:42 GMT
x-swift-cachetime: 593995
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fda217495536184048487e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 1e9c221a22b602c128b198217d9af539
nginx-hit: 1
age: 1894
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

laz-img-cdn.alicdn.com/images/ims-web/TB1b43RtrvpK1RjSZFqXXcXUVXa.png

38.54.123.60

200 OK

19 kB

URL GET
laz-img-cdn.alicdn.com/images/ims-web/TB1b43RtrvpK1RjSZFqXXcXUVXa.png
IP
38.54.123.60:443
ASN
#138915 Kaopu Cloud HK Limited

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subjectlaz-g-cdn.alicdn.com
FingerprintA5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91
ValidityTue, 22 Apr 2025 02:21:08 GMT - Sun, 24 May 2026 02:21:07 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
19 kB (19149 bytes)
Hash
ea19428365bcd34d1bd8f3141a85a873
03439c89d831bcabc262d385445d4260304ccd63
44b879ed47dcd5b43719b2b529fcd3ba868fe20ee38b0f0b277cdbce801227b2

HTTP Headers

GET /images/ims-web/TB1b43RtrvpK1RjSZFqXXcXUVXa.png HTTP/1.1
Host: laz-img-cdn.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: image/png
content-length: 19149
server: openresty
last-modified: Fri, 11 Nov 2022 07:48:04 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.017
traceid: 2ff6329b17128233905701327e
x-powered-by: Picasso
picasso-image-type: normal
picasso-fmt: png2
ali-swift-global-savetime: 1712823390
via: EU-FRA-marseille-EDGE3-CACHE1[4],EU-FRA-marseille-EDGE3-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE12[36],EU-FRA-paris-GLOBAL1-CACHE1[0,TCP_HIT,30],cache1.l2de2[321,321,200-0,M], cache20.l2de2[322,0], ens-cache1.fr4[709,708,200-0,M], ens-cache7.fr4[710,0]
access-control-allow-origin: *
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Thu, 11 Apr 2024 08:16:31 GMT
x-swift-cachetime: 31535999
timing-allow-origin: *
eagleid: 2ff6329b17128233905701327e
x-ccdn-expires: 1886071
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 6a51655a431bbc1b349de9d52b7c2e04
alt-svc: h3=":443"; ma=2592000
nginx-hit: 1
age: 706090
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01mFypLB1jt8eRUFBC0_!!6000000004605-2-tps-96-70.png

98.98.201.152

200 OK

8.4 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01mFypLB1jt8eRUFBC0_!!6000000004605-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
8.4 kB (8434 bytes)
Hash
83aeec0f1dba3faf7ef3025a29ec7dc5
a513b681989acda9d22cfcf585acbdb930c2e5ca
dd01e976e33293fc04ce0ebe4aeaf7cbb5da3cc0d71ef82f551f4d38b38c63a4

HTTP Headers

GET /g/tps/imgextra/i4/O1CN01mFypLB1jt8eRUFBC0_!!6000000004605-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 8434
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 566828
ali-swift-global-savetime: 1733147211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: g67sDx26P69+8wJaKex9xQ==
eagleid: a3b58c9517369066966432686e
etag: "83AEEC0F1DBA3FAF7EF3025A29EC7DC5"
expires: Mon, 30 Jun 2025 02:46:11 GMT
last-modified: Sun, 18 Aug 2024 04:27:04 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09
x-ccdn-cachettl: 8640000
x-ccdn-expires: 3785091
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: f3ca398cb16b0cf010077cca00562d89
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 1314984
x-swift-savetime: Wed, 01 Jan 2025 08:30:27 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

mail.implants.dentlap.com/img/whatsapp.webp

95.129.234.32

200 OK

8.2 kB

URL GET
mail.implants.dentlap.com/img/whatsapp.webp
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
RIFF (little-endian) data, Web/P image
Size
8.2 kB (8168 bytes)
Hash
97bd75174b125f1987dbd0b9b0e645eb
247f16738cde8945a1478530930c92be2b65dd85
e80398863158e426c2ab567229479f4aa3e0f11d722c5200f34c40a39edc5550

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/whatsapp.webp HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=1XHbUCWYsJOXQGNa; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=x9wEgJRmGvRhPiFP; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
Date: Tue, 10 Jun 2025 03:53:05 GMT
Last-Modified: Mon, 28 Apr 2025 15:05:14 GMT
Accept-Ranges: bytes
Content-Length: 8168
Content-Type: image/webp
Age: 30966
DDG-Cache-Status: MISS,HIT

lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01EShTwh1uKIMLn9AjA_!!6000000006018-0-tps-34-34.jpg

98.98.201.152

200 OK

1.2 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01EShTwh1uKIMLn9AjA_!!6000000006018-0-tps-34-34.jpg
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 34x34, components 3
Size
1.2 kB (1189 bytes)
Hash
25af287e867164172f028fedeefd74de
5b7194ecbeb20809949e2a1a4e59c755fb4ac9f8
5c29a4d5eadca9d201ad4c2d3dbf4d5d3bcffea3b794baa7880531230a136722

HTTP Headers

GET /g/tps/imgextra/i1/O1CN01EShTwh1uKIMLn9AjA_!!6000000006018-0-tps-34-34.jpg HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/jpeg
content-length: 1189
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 1850508
ali-swift-global-savetime: 1739355244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: YyDsEMx5s47bdjx4uxTX9A==
eagleid: a3b523a717428695853093150e
etag: "6320EC10CC79B38EDB763C78BB14D7F4"
expires: Thu, 17 Jul 2025 06:43:33 GMT
last-modified: Wed, 25 Sep 2024 03:52:21 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-04
x-ccdn-cachettl: 8640000
x-ccdn-expires: 6470068
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: ef5bdd59fe46d924b49b983dd6b40a84
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3357337
x-swift-savetime: Tue, 18 Feb 2025 13:38:27 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2

90.84.161.26

200 OK

11 kB

URL GET
g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10788, version 1.0
Size
11 kB (10788 bytes)
Hash
709f6f90c7d493cd16b8cd087df492ab
8fb2a4d035a6f1a5290dc14b4cba324d558f1205
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

HTTP Headers

GET /g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2 HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 12:29:15 GMT
content-type: font/woff2
content-length: 10788
server: openresty
x-oss-request-id: 684194F5461F30383491EF2A
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9556587264596756474
x-oss-storage-class: Standard
access-control-allow-origin: *
content-md5: cJ9vkMfUk80WuM0IffSSqw==
x-oss-server-time: 22
x-source-scheme: https
eagleeye-traceid: a3b5fdb317491284364934836e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE6[3],EU-GER-frankfurt-EDGE5-CACHE1[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE6[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,1],cache24.l2fr1[1042,1041,200-0,M], cache10.l2fr1[1043,0], ens-cache32.fr6[0,0,200-0,H], ens-cache35.fr6[5,0]
ali-swift-global-savetime: 1749128437
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 13:00:37 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb717495523878393169e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 60389fe52d4a13656ffdff895ddeb40d
nginx-hit: 1
age: 3362
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk

mail.implants.dentlap.com/img/iconss.webp

95.129.234.32

200 OK

28 kB

URL GET
mail.implants.dentlap.com/img/iconss.webp
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1200, Scaling: [none]x[none], YUV color, decoders should clamp
Size
28 kB (28154 bytes)
Hash
6c16644373d52cb9f415e583c3d43ece
df33d0cef4686d6dec62b079832a34d66c62c9f4
2e1bbe2305785dd80fae27bc2b7e1b01282a2c45d94335ed9df54938b7fadb3f

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/iconss.webp HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=1XHbUCWYsJOXQGNa; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=6m2K5wns8aB1xZb2; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
Date: Tue, 10 Jun 2025 12:29:11 GMT
Last-Modified: Tue, 06 May 2025 09:09:44 GMT
Accept-Ranges: bytes
Content-Length: 28154
Content-Type: image/webp
Age: 0
DDG-Cache-Status: MISS,MISS

aeis.alicdn.com/sd/ncpc/nc.js?t=18507

23.49.27.47

200 OK

221 kB

URL GET
aeis.alicdn.com/sd/ncpc/nc.js?t=18507
IP
23.49.27.47:443
ASN
#16625 AKAMAI-AS

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerDigiCert Inc
Subjectru.aliexpress.com
FingerprintDA:5C:41:82:2B:53:17:58:AB:EB:B9:35:7E:77:FE:D0:25:60:59:04
ValidityThu, 20 Mar 2025 00:00:00 GMT - Fri, 20 Mar 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32041)
Size
221 kB (221174 bytes)
Hash
11998461d3d77dde9e7ef72a65e08429
3863ac62c17ae5e0de527e1a8eeaea40e07c2531
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a

HTTP Headers

GET /sd/ncpc/nc.js?t=18507 HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
x-oss-request-id: 68481AC127A1473939D74FF4
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1561788439659902122
x-oss-storage-class: Standard
content-md5: EZmEYdPXfd6efvcqZeCEKQ==
x-oss-server-time: 10
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1749555905
x-swift-savetime: Tue, 10 Jun 2025 11:45:05 GMT
x-swift-cachetime: 3600
eagleid: 2ff62c9b17495559054076651e
content-length: 70098
cache-control: max-age=954, s-maxage=3600
expires: Tue, 10 Jun 2025 12:45:05 GMT
date: Tue, 10 Jun 2025 12:29:11 GMT
vary: Accept-Encoding
served-from: 23.36.79.12
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 23.49.27.47
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js

90.84.161.26

200 OK

224 kB

URL GET
g.lazcdn.com/g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31999), with LF, NEL line terminators
Size
224 kB (223515 bytes)
Hash
ea0f33ae2ec68514fd2183b8fb1c8d25
7b15588636f37d0733179ce083dc57668979fa25
e8f29a92260f28617f602e0236a96a120558028ad188fe201cd13f56effcc76b

HTTP Headers

GET /g/lzd/assets/1.2.13/??babel-polyfill/6.26.0/polyfill.min.js,react/16.8.0/react.production.min.js,react-dom/16.8.0/react-dom.production.min.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 90345
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6842B98A0796FF38356D0EA8
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1740928884983200401
x-oss-storage-class: Standard
content-md5: iYPg55sIv8S2Ar4z+67mCA==
x-oss-server-time: 9
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fd9917492033381284628e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE27[3],EU-FRA-paris-GLOBAL1-CACHE25[0,TCP_HIT,1],cache6.l2fr1[1016,1016,200-0,M], cache40.l2fr1[1018,0], ens-cache11.fr6[0,0,200-0,H], ens-cache33.fr6[1,0]
ali-swift-global-savetime: 1749203339
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 06 Jun 2025 09:48:59 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb517494625490128975e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 1838cf7343ade536714d92a87d8b13b4
nginx-hit: 1
age: 84440
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

i.gyazo.com/7b17449b7b047a1f1a859a29ec996e97.png

104.18.25.163

200 OK

445 B

URL GET
i.gyazo.com/7b17449b7b047a1f1a859a29ec996e97.png
IP
104.18.25.163:443
ASN
#13335 CLOUDFLARENET

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGoogle Trust Services
Subjectgyazo.com
Fingerprint43:6D:8C:8D:9D:35:10:11:4F:29:B6:F4:E8:4B:E3:BC:96:F1:B4:AB
ValidityWed, 21 May 2025 14:19:24 GMT - Tue, 19 Aug 2025 15:19:09 GMT

File type
PNG image data, 30 x 30, 8-bit colormap, non-interlaced
Size
445 B (445 bytes)
Hash
7b17449b7b047a1f1a859a29ec996e97
a28237a603e659bef0d1cee483afcfd7407bd26b
446511f4b5d743bbca5bf59a103dea39a9106bcafa82d804846b121426113f7e

HTTP Headers

GET /7b17449b7b047a1f1a859a29ec996e97.png HTTP/1.1
Host: i.gyazo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: image/png
content-length: 445
cf-ray: 94d8df754e16b517-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: https://gyazo.com
age: 1916870
cache-control: public, max-age=31536000
etag: "7b17"
expires: Wed, 10 Jun 2026 12:29:11 GMT
set-cookie: Gyazo_cfwoker=i; Secure; HttpOnly; SameSite=None; Expires=Tue, 01 Jan 2030 00:00:00 GMT
vary: Accept-Encoding
via: 1.1 google
access-control-allow-credentials: true
x-cache-level: ZS
server: cloudflare
X-Firefox-Spdy: h2

fourier.taobao.com/rp?ext=51&data=jm_GhPPIEEejhcCAVtaKppj707D&random=7809691714103878&href=http%3A%2F%2Fmail.implants.dentlap.com%2F&protocol=http:&callback=jsonpCallback

124.239.14.250

200 OK

1.4 kB

URL GET
fourier.taobao.com/rp?ext=51&data=jm_GhPPIEEejhcCAVtaKppj707D&random=7809691714103878&href=http%3A%2F%2Fmail.implants.dentlap.com%2F&protocol=http:&callback=jsonpCallback
IP
124.239.14.250:443
ASN
#4134 Chinanet

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subjecttfe.alibaba.com
Fingerprint2A:E7:3A:AD:21:93:AF:7D:07:7B:ED:C0:D4:25:1B:59:27:BF:EA:34
ValidityWed, 19 Mar 2025 08:54:01 GMT - Mon, 05 Jan 2026 02:01:01 GMT

File type
JavaScript source, ASCII text, with very long lines (1441), with no line terminators
Size
1.4 kB (1441 bytes)
Hash
8af8a0f23331af9be132b12dd8d9626d
874603d29b0664147d9d19262587f5cf0bfa7bc2
29b7217acb615f118fba97483fb6909f81af614d76294e7e1a4bc1d3d2506c9a

HTTP Headers

GET /rp?ext=51&data=jm_GhPPIEEejhcCAVtaKppj707D&random=7809691714103878&href=http%3A%2F%2Fmail.implants.dentlap.com%2F&protocol=http:&callback=jsonpCallback HTTP/1.1
Host: fourier.taobao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:16 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
server: Tengine
cache-control: no-store
access-control-allow-credentials: true
use-raw: true
bxuuid: {"login-token":"08ee14ed8540225a7f2f91606bd590dc___273523___5a931527616fa1a24ffe93aa485af69d"}
bxpunish: 1
x5-punish-cache: miss
content-encoding: gzip
X-Firefox-Spdy: h2

mail.implants.dentlap.com/

0.0.0.0

0 B

URL User Request GET
mail.implants.dentlap.com/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET / HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

g.lazcdn.com/g/retcode/cloud-sdk/bl.js

90.84.161.26

200 OK

42 kB

URL GET
g.lazcdn.com/g/retcode/cloud-sdk/bl.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (41828), with no line terminators
Size
42 kB (41828 bytes)
Hash
e31ead706e55b7c4c100d87a5928f099
5acc29a266fd91e1bb438bc2b7851d97468a5617
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197

HTTP Headers

GET /g/retcode/cloud-sdk/bl.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 17634
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 68419557E4FB083838E0C8BB
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7956181089051082725
x-oss-storage-class: Standard
content-md5: 4x6tcG5Vt8TBANh6WSjwmQ==
x-oss-server-time: 17
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fda417491285343125602e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE4[2],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE2[2],EU-FRA-paris-GLOBAL1-CACHE3[0,TCP_HIT,0],cache26.l2fr1[1122,1122,200-0,M], cache26.l2fr1[1123,0], ens-cache9.fr6[0,0,200-0,H], ens-cache34.fr6[1,0]
ali-swift-global-savetime: 1749128535
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 13:02:15 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb617495585046071614e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 49b648a32db59cdc117db06a6a0cd8ea
nginx-hit: 1
cache-control: max-age=86400,s-maxage=60
age: 31
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzdmod/desktop-footer/6.1.1/??pc/index.css

90.84.161.26

200 OK

7.3 kB

URL GET
g.lazcdn.com/g/lzdmod/desktop-footer/6.1.1/??pc/index.css
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
ASCII text, with very long lines (7252), with CRLF line terminators
Size
7.3 kB (7256 bytes)
Hash
006001ba402d502f054f7e4bafb9a44e
ae1963e915e14e333300261885e1c46b0c07fefa
90566aed73a2035c2f72f2fbfcba62d0cf31270bb81853e441cb8d84bad7b8bd

HTTP Headers

GET /g/lzdmod/desktop-footer/6.1.1/??pc/index.css HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: text/css
content-length: 2436
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 683F6CD35DF31935370FA9ED
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9594161757221752562
x-oss-storage-class: Standard
content-md5: Zg5+ADmfoZe7+kyAM11Qfg==
x-oss-server-time: 30
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: 2ff6319c17489870907742038e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE2[3],EU-FRA-paris-GLOBAL1-CACHE9[0,TCP_HIT,1],cache10.l2fr1[0,0,200-0,H], cache22.l2fr1[0,0], ens-cache37.fr6[0,0,200-0,H], ens-cache7.fr6[1,0]
ali-swift-global-savetime: 1748987091
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 09:37:16 GMT
x-swift-cachetime: 475655
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fd9b17494618415212277e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 552044361ca259a1372c6c6e57953082
nginx-hit: 1
age: 80974
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN019tUhkL1abQnOURPrd_!!6000000003348-2-tps-96-70.png

98.98.201.152

200 OK

4.3 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN019tUhkL1abQnOURPrd_!!6000000003348-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
4.3 kB (4287 bytes)
Hash
fdc2018fbe00ad6e19532c80102001d7
f1e8e27bb35e2765a0e705d0e8bbcbcdf8609dad
2e5551d5b65b23e629b9b510cd5796475f98e91e65cb02b647b978864b7755b4

HTTP Headers

GET /g/tps/imgextra/i1/O1CN019tUhkL1abQnOURPrd_!!6000000003348-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 4287
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 463793
ali-swift-global-savetime: 1732955159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: /cIBj74ArW4ZUyyAECAB1w==
eagleid: a3b58c9b17356117548984361e
etag: "FDC2018FBE00AD6E19532C80102001D7"
expires: Wed, 11 Jun 2025 01:23:09 GMT
last-modified: Thu, 15 Aug 2024 04:47:46 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-07
x-ccdn-cachettl: 8640000
x-ccdn-expires: 2660551
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 2b53c4e8a2494dc53866276c7d2af810
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 1310652
x-swift-savetime: Mon, 30 Dec 2024 04:21:47 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

g.alicdn.com/secdev/sufei_data/3.9.14/index.js

163.181.253.194

200 OK

18 kB

URL GET
g.alicdn.com/secdev/sufei_data/3.9.14/index.js
IP
163.181.253.194:443
ASN
#0

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
JavaScript source, ASCII text, with very long lines (17754), with no line terminators
Size
18 kB (17754 bytes)
Hash
b9a5a9592db7e29feb4cc5e8814dea21
7efbde36c1131ebd7b51ae536eb087a8cebdbb7e
f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c

HTTP Headers

GET /secdev/sufei_data/3.9.14/index.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 7398
date: Fri, 11 Oct 2024 12:53:56 GMT
x-oss-request-id: 67091FE410A93F37380980FD
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12593839585633272550
x-oss-storage-class: Standard
content-encoding: gzip
cache-control: max-age=99999999
content-md5: mYdC0z0rPw0pY52mKJdpuQ==
x-oss-server-time: 27
access-control-allow-origin: *
x-bucket-code: 3
via: cache24.l2fr1[0,0,200-0,H], cache32.l2fr1[0,0], cache32.l2fr1[1,0], ens-cache2.fr6[0,0,200-0,H], ens-cache28.fr6[0,0]
age: 20907319
ali-swift-global-savetime: 1728651236
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 10 Jun 2025 00:18:21 GMT
x-swift-cachetime: 79136534
timing-allow-origin: *
eagleid: a3b5fdb017495585555177194e
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01qvF2hw1lWoZrnGZev_!!6000000004827-2-tps-96-70.png

98.98.201.152

200 OK

9.9 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01qvF2hw1lWoZrnGZev_!!6000000004827-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
9.9 kB (9860 bytes)
Hash
2025ccc5c1080f0a0a4d2768ac63e1bf
a4f180053433648878829f7499247a5b6725110f
352048753e300041b1f4a748cde42beb808d76c42d634490ee9f8a902bcf38d8

HTTP Headers

GET /g/tps/imgextra/i1/O1CN01qvF2hw1lWoZrnGZev_!!6000000004827-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 9860
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 624908
ali-swift-global-savetime: 1739885904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: ICXMxcEIDwoKTSdorGPhvw==
eagleid: a3b523a917411517814867709e
etag: "2025CCC5C1080F0A0A4D2768AC63E1BF"
expires: Wed, 11 Jun 2025 01:23:10 GMT
last-modified: Tue, 20 Aug 2024 05:00:04 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-31-05
x-ccdn-cachettl: 8640000
x-ccdn-expires: 6043833
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 7b996c7edc4dcf5659408496e151148d
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3887996
x-swift-savetime: Tue, 18 Feb 2025 13:38:28 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01uOZizA1UOFhot1z5u_!!6000000002507-2-tps-96-70.png

98.98.201.152

200 OK

11 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01uOZizA1UOFhot1z5u_!!6000000002507-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
11 kB (11068 bytes)
Hash
7d00202d7766c61acf99433e2a99bc6e
819a071137728d5d9d39c9a6bd7e9a63d3747133
67f535f6ea005ed45055bca2126b8421d3b32ec55aed99528d71c71b4d53b3ec

HTTP Headers

GET /g/tps/imgextra/i4/O1CN01uOZizA1UOFhot1z5u_!!6000000002507-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 11068
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 624908
ali-swift-global-savetime: 1734141652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: fQAgLXdmxhrPmUM+Kpm8bg==
eagleid: a3b58c9d17356117548473011e
etag: "7D00202D7766C61ACF99433E2A99BC6E"
expires: Wed, 11 Jun 2025 01:23:09 GMT
last-modified: Fri, 16 Aug 2024 06:06:40 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-31-03
x-ccdn-cachettl: 8640000
x-ccdn-expires: 8443929
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 2048ffa443c444151f1944e8ea2ec672
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 2562641
x-swift-savetime: Sun, 29 Dec 2024 10:10:11 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto/latin.woff2

90.84.161.26

200 OK

11 kB

URL GET
g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto/latin.woff2
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10748, version 1.0
Size
11 kB (10748 bytes)
Hash
ece6673e477b4d7aca12f04dace5ed60
f8ff7fbe231448a58d3989d84803dd66851b9988
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

HTTP Headers

GET /g/lzdfe/static/0.0.29/Roboto/latin.woff2 HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:13 GMT
content-type: font/woff2
content-length: 10748
server: openresty
x-oss-request-id: 68419662D86EC1383952D02F
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15489323926058991130
x-oss-storage-class: Standard
access-control-allow-origin: *
content-md5: 7OZnPkd7TXrKEvBNrOXtYA==
x-oss-server-time: 15
x-source-scheme: https
eagleeye-traceid: a3b5319a17491288017433620e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE4[2],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE9[2],EU-FRA-paris-GLOBAL1-CACHE22[0,TCP_HIT,1],cache9.l2fr1[0,0,200-0,H], cache29.l2fr1[1,0], ens-cache9.fr6[0,0,200-0,H], ens-cache33.fr6[1,0]
ali-swift-global-savetime: 1749128802
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 13:06:45 GMT
x-swift-cachetime: 604797
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb517495550822976699e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 412ce314655a641e03a4580a32cd1a32
nginx-hit: 1
age: 2680
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/tfs/TB1xEeTdBGw3KVjSZFDXXXWEpXa-75-66.png

98.98.201.152

200 OK

634 B

URL GET
lzd-img-global.slatic.net/g/tps/tfs/TB1xEeTdBGw3KVjSZFDXXXWEpXa-75-66.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 75 x 66, 8-bit colormap, non-interlaced
Size
634 B (634 bytes)
Hash
8f08398904421ce9c19035d18d940e3c
33273d2e9f1463c5faa46a3077b1f21b62dd4b12
32163dcdb6eccb0b804c76800614b1545e19cb65627842b47d5d9921340741c4

HTTP Headers

GET /g/tps/tfs/TB1xEeTdBGw3KVjSZFDXXXWEpXa-75-66.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
server: Byte-nginx
content-type: image/png
content-length: 634
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 0
age: 566828
ali-swift-global-savetime: 1721712497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: jwg5iQRCHOnBkDXRjZQOPA==
eagleid: a3b58c9517231797091128891e
etag: "8F08398904421CE9C19035D18D940E3C"
expires: Thu, 19 Jun 2025 06:24:13 GMT
last-modified: Sun, 10 Mar 2024 16:52:28 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-01
x-ccdn-cachettl: 8640000
x-ccdn-expires: 3370304
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: b969c46fa648a5afc4d96baf73faf634
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3756014
x-swift-savetime: Wed, 24 Jul 2024 18:08:03 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:13 GMT

g.lazcdn.com/g/lzdmod/??site-nav-pc/5.2.43/pc/index.css,site-menu-nav-pc/5.0.83/pc/index.css,site-menu-pc/5.0.51/pc/index.css

90.84.161.26

200 OK

39 kB

URL GET
g.lazcdn.com/g/lzdmod/??site-nav-pc/5.2.43/pc/index.css,site-menu-nav-pc/5.0.83/pc/index.css,site-menu-pc/5.0.51/pc/index.css
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
ASCII text, with very long lines (39435), with CRLF line terminators
Size
39 kB (39439 bytes)
Hash
4860926722ff0e0db37ce1d83f273764
b87d39c6fcdcaac124295f9be89d9df97a1d60e3
c49104f9d604c252ba5569ca38580bc4c1d4588672ebfbeddb41742dc3470f6b

HTTP Headers

GET /g/lzdmod/??site-nav-pc/5.2.43/pc/index.css,site-menu-nav-pc/5.0.83/pc/index.css,site-menu-pc/5.0.51/pc/index.css HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: text/css
content-length: 11084
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6846AD515BF0FD3131194422
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2241752031559070708
x-oss-storage-class: Standard
content-md5: z0H7TvnGDNUVj8l9Q2XCNQ==
x-oss-server-time: 18
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fdb517494623523684215e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE11[3],EU-FRA-paris-GLOBAL1-CACHE4[0,TCP_HIT,1],cache30.l2fr1[1024,1030,200-0,M], cache32.l2fr1[1031,0], ens-cache10.fr6[1043,141,200-0,C], ens-cache10.fr6[145,0]
ali-swift-global-savetime: 1749462353
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Mon, 09 Jun 2025 09:45:53 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fd9e17494623535028712e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 7fa0f34d4c57a6ff706597f7047cd6e4
nginx-hit: 1
age: 81904
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

mail.implants.dentlap.com/img/logos.webp

95.129.234.32

200 OK

37 kB

URL GET
mail.implants.dentlap.com/img/logos.webp
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
RIFF (little-endian) data, Web/P image
Size
37 kB (37210 bytes)
Hash
9c3a6ce0627f4906e41981c2443b9e7a
4c5120455fc5c725751cfa74120fa49731ed6461
7be6fd618962f2dc3626e0ac7444740cf3cda4de1eb49b0da404a0192c1552a6

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/logos.webp HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=1XHbUCWYsJOXQGNa; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=XaYCq0bP0GrWOW39; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
Date: Mon, 09 Jun 2025 08:26:24 GMT
Last-Modified: Tue, 06 May 2025 09:09:37 GMT
Accept-Ranges: bytes
Content-Length: 37210
Content-Type: image/webp
Age: 100969
DDG-Cache-Status: MISS,HIT

mail.implants.dentlap.com/img/thailandgirl.jpg

95.129.234.32

200 OK

180 kB

URL GET
mail.implants.dentlap.com/img/thailandgirl.jpg
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x720, components 3
Size
180 kB (179878 bytes)
Hash
ccec90052c5d1afc51a252c5c3b67ace
6b421a9eb2774f6a7de70c5d3ae37a97bfbc70ed
dac2a35d206236eae9d78144da6b573e37fe738b51bbaab8ee977d468fe16e33

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/thailandgirl.jpg HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=1XHbUCWYsJOXQGNa; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=oTFCAG5DfFm57y4t; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
Date: Tue, 10 Jun 2025 03:53:04 GMT
Last-Modified: Mon, 02 Jun 2025 16:08:50 GMT
Accept-Ranges: bytes
Content-Length: 179878
Content-Type: image/jpeg
Age: 30967
DDG-Cache-Status: MISS,HIT

lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01D6oQr31GPG1ONK9jd_!!6000000000614-2-tps-34-34.png

98.98.201.152

200 OK

466 B

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01D6oQr31GPG1ONK9jd_!!6000000000614-2-tps-34-34.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 34 x 34, 8-bit colormap, non-interlaced
Size
466 B (466 bytes)
Hash
36139dcc95bc03041783afc5b8fe13e2
968a2961def725ced068e82d4c7bd8ab8c46e6f0
1e2f353551fb6fe07ca35850dbe5075a6bf0568ac138f3e007c9b4b721557958

HTTP Headers

GET /g/tps/imgextra/i4/O1CN01D6oQr31GPG1ONK9jd_!!6000000000614-2-tps-34-34.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 466
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 550368
ali-swift-global-savetime: 1740722719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: NhOdzJW8AwQXg6/FuP4T4g==
eagleid: a3b5239f17411517816774168e
etag: "36139DCC95BC03041783AFC5B8FE13E2"
expires: Wed, 11 Jun 2025 01:19:56 GMT
last-modified: Tue, 24 Sep 2024 20:36:17 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09
x-ccdn-cachettl: 8640000
x-ccdn-expires: 2138316
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: baf5e3f930321798ae46a3ffa40b560e
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3888000
x-swift-savetime: Fri, 28 Feb 2025 06:05:19 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01zt1zOu1zsFnzoIWje_!!6000000006769-2-tps-34-34.png

98.98.201.152

200 OK

314 B

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN01zt1zOu1zsFnzoIWje_!!6000000006769-2-tps-34-34.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 34 x 34, 8-bit colormap, non-interlaced
Size
314 B (314 bytes)
Hash
86f51bd9177d52c5f2e6425e98d95cf0
30b0520aed734b206f0f421b241e7168fac215d4
4810ae2a6d9cfc4603201912516cc79e41b5470319925b428ab8daaae7daa82c

HTTP Headers

GET /g/tps/imgextra/i4/O1CN01zt1zOu1zsFnzoIWje_!!6000000006769-2-tps-34-34.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 314
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 3888000
age: 566827
ali-swift-global-savetime: 1733492905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: hvUb2Rd9UsXy5kJemNlc8A==
eagleid: a3b58c9f17364071449038104e
etag: "86F51BD9177D52C5F2E6425E98D95CF0"
expires: Mon, 30 Jun 2025 02:46:12 GMT
last-modified: Tue, 24 Sep 2024 13:34:28 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-31-01
x-ccdn-cachettl: 8640000
x-ccdn-expires: 4307622
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 13384867c8d98a5f8b8a30c9c864e451
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 1677082
x-swift-savetime: Wed, 01 Jan 2025 03:57:03 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN0193C9ay1QIykTmUlwk_!!6000000001954-2-tps-34-34.png

98.98.201.152

200 OK

818 B

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN0193C9ay1QIykTmUlwk_!!6000000001954-2-tps-34-34.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 34 x 34, 8-bit colormap, non-interlaced
Size
818 B (818 bytes)
Hash
ccd8a92cf0b406e88dce9bcc61e97eb3
7052c4c90179593c11231f414af3971666eb1b64
9756b9d29ce32ca935095424fbcef5588e4baa9c33c89cbd37aba40778c6eedc

HTTP Headers

GET /g/tps/imgextra/i4/O1CN0193C9ay1QIykTmUlwk_!!6000000001954-2-tps-34-34.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 818
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 3888000
age: 590828
ali-swift-global-savetime: 1737075859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: zNipLPC0BuiNzpvMYel+sw==
eagleid: a3b58c9d17391768009195870e
etag: "CCD8A92CF0B406E88DCE9BCC61E97EB3"
expires: Wed, 11 Jun 2025 01:19:57 GMT
last-modified: Tue, 24 Sep 2024 13:34:29 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-05
x-ccdn-cachettl: 8640000
x-ccdn-expires: 2658937
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 48397413c98d7bc676172fc6209dfa2e
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3883857
x-swift-savetime: Fri, 17 Jan 2025 02:13:22 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

laz-g-cdn.alicdn.com/lzdfe/static/0.0.37/iconfont-hp.woff

90.84.160.25

200 OK

9.9 kB

URL GET
laz-g-cdn.alicdn.com/lzdfe/static/0.0.37/iconfont-hp.woff
IP
90.84.160.25:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subjectlaz-g-cdn.alicdn.com
FingerprintA5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91
ValidityTue, 22 Apr 2025 02:21:08 GMT - Sun, 24 May 2026 02:21:07 GMT

File type
Web Open Font Format, TrueType, length 9904, version 1.0
Size
9.9 kB (9904 bytes)
Hash
d20883c6726bfde9255665ea51c33f67
ce37f7e211df8667755b92bffe55e32105f7c171
1fe8f44a5484673e59c667febe3b6ed1cacbff991e45a146748e5886aa9e6a21

HTTP Headers

GET /lzdfe/static/0.0.37/iconfont-hp.woff HTTP/1.1
Host: laz-g-cdn.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:13 GMT
content-type: font/woff
content-length: 9904
server: openresty
x-oss-request-id: 684152D31E3B5136343FB004
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17242847704197017710
x-oss-storage-class: Standard
access-control-allow-origin: *
content-md5: 0giDxnJr/eklVmXqUcM/Zw==
x-oss-server-time: 49
x-source-scheme: https
via: EU-FRA-marseille-EDGE1-CACHE1[1],EU-FRA-marseille-EDGE1-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE26[16],EU-FRA-paris-GLOBAL1-CACHE11[13,TCP_MISS,15],EU-FRA-paris-GLOBAL1-CACHE11[9,TCP_MISS,12],ens-cache28.l2nu20-20[0,0,200-0,H], ens-cache56.l2nu20-20[1,0], ens-cache20.l2hk11[0,0,200-0,H], ens-cache28.l2hk11[0,0], cache10.l2fr1[0,0,200-0,H], cache36.l2fr1[1,0], ens-cache14.fr6[0,0,200-0,H], ens-cache10.fr6[1,0]
ali-swift-global-savetime: 1749111507
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 08:21:30 GMT
x-swift-cachetime: 3417
timing-allow-origin: *
eagleid: a3b5fd9e17491148898268380e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 60add3ff56ddd8535cbc049d00277a3e
alt-svc: h3=":443"; ma=2592000
nginx-hit: 1
age: 443664
cache-control: max-age=2592000,s-maxage=3600
x-ccdn-expires: 2148374
accept-ranges: bytes
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2

90.84.161.26

200 OK

11 kB

URL GET
g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10788, version 1.0
Size
11 kB (10788 bytes)
Hash
709f6f90c7d493cd16b8cd087df492ab
8fb2a4d035a6f1a5290dc14b4cba324d558f1205
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

HTTP Headers

GET /g/lzdfe/static/0.0.29/Roboto-Medium/latin.woff2 HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:13 GMT
content-type: font/woff2
content-length: 10788
server: openresty
x-oss-request-id: 684194F5461F30383491EF2A
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9556587264596756474
x-oss-storage-class: Standard
access-control-allow-origin: *
content-md5: cJ9vkMfUk80WuM0IffSSqw==
x-oss-server-time: 22
x-source-scheme: https
eagleeye-traceid: a3b5fdb317491284364934836e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE4[2],EU-GER-frankfurt-EDGE5-CACHE1[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE6[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,1],cache24.l2fr1[1042,1041,200-0,M], cache10.l2fr1[1043,0], ens-cache32.fr6[0,0,200-0,H], ens-cache35.fr6[5,0]
ali-swift-global-savetime: 1749128437
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 13:00:37 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb717495523878393169e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 2263da734bb2dee619bbd0ae219701cb
nginx-hit: 1
age: 3360
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

g.alicdn.com/sd/baxia-entry/index.js

163.181.253.194

200 OK

18 kB

URL GET
g.alicdn.com/sd/baxia-entry/index.js
IP
163.181.253.194:443
ASN
#0

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (17899)
Size
18 kB (17908 bytes)
Hash
1da27f788daed8db3f9538b528fade0b
753e594a437d0cad965cfb91433a674b6d18ea29
65b746cd7ea3e4f9adee9f1ff5abc88a700127e5de5d694cc5a604ff0df567dd

HTTP Headers

GET /sd/baxia-entry/index.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 6338
date: Tue, 10 Jun 2025 12:13:27 GMT
vary: Accept-Encoding
x-oss-request-id: 68482167A5D3D939363EA84E
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2952046737970176587
x-oss-storage-class: Standard
cache-control: max-age=3600,s-maxage=3600
content-md5: HaJ/eI2u2Ns/lTi1KPreCw==
x-oss-server-time: 53
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
via: cache6.l2fr1[0,0,200-0,H], cache12.l2fr1[1,0], cache12.l2fr1[1,0], ens-cache29.fr6[0,0,200-0,H], ens-cache1.fr6[1,0]
age: 948
ali-swift-global-savetime: 1749557607
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 10 Jun 2025 12:13:27 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: a3b5fd9517495585552765887e
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js

90.84.161.26

200 OK

4.4 kB

URL GET
g.lazcdn.com/g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (4360), with no line terminators
Size
4.4 kB (4360 bytes)
Hash
585f01b138b311211ed74a1887076eef
a2b7842d9c2389df0a6a138851fd14ecff2e8ad0
7e4dbdd0c5823c3ae9f4b5768d6abec547046b1ca985c0c8a4c8ba444dc2293a

HTTP Headers

GET /g/lzd/assets/1.1.37/web-vitals/2.1.0/index.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 1891
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6847F135679A46383739C35E
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6511134473971354897
x-oss-storage-class: Standard
content-md5: WF8BsTizESEe10oYhwdu7w==
x-oss-server-time: 50
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fdab17495452688053134e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE27[0,TCP_HIT,1],cache22.l2fr1[1043,1044,200-0,M], cache25.l2fr1[1045,0], ens-cache24.fr6[0,0,200-0,H], ens-cache23.fr6[1,0]
ali-swift-global-savetime: 1749545269
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 10 Jun 2025 08:47:49 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdab17495452698844206e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 2379e7f806dc093e32be5fb44be4b776
nginx-hit: 1
age: 5353
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01DGonqR1H5qmpBI2hf_!!6000000000707-2-tps-96-70.png

98.98.201.152

200 OK

8.9 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01DGonqR1H5qmpBI2hf_!!6000000000707-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
8.9 kB (8912 bytes)
Hash
3a7c8800aa21df1416ca309341d0c4b7
cf72ac3a1dfb31d5ac92032b888dc47d98774df1
f832556bf78ff9accfed3397e84ca5f850b544599beeb4db5086a447d29e2ed5

HTTP Headers

GET /g/tps/imgextra/i3/O1CN01DGonqR1H5qmpBI2hf_!!6000000000707-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 8912
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 566828
ali-swift-global-savetime: 1739372926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: OnyIAKoh3xQWyjCTQdDEtw==
eagleid: a3b523a317418120300953442e
etag: "3A7C8800AA21DF1416CA309341D0C4B7"
expires: Wed, 11 Jun 2025 01:23:08 GMT
last-modified: Thu, 15 Aug 2024 05:13:35 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-21-09
x-ccdn-cachettl: 8640000
x-ccdn-expires: 2138508
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 30dd35a2d2038d8aec06ff73aa05c33e
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3375019
x-swift-savetime: Tue, 18 Feb 2025 13:38:27 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

mail.implants.dentlap.com/img/livechat.webp

95.129.234.32

200 OK

8.1 kB

URL GET
mail.implants.dentlap.com/img/livechat.webp
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
RIFF (little-endian) data, Web/P image
Size
8.1 kB (8088 bytes)
Hash
3285d36b262340bbeef4de5eaaa78b00
30063b09112a5da547db79988de5461240cbbf7b
6402ac9591bccf72ab47648d355341ff7151c3f38eb31de7d5dea3215f9ce576

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/livechat.webp HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=1XHbUCWYsJOXQGNa; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=CTblgw74IsdUW2Q0; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
Date: Tue, 10 Jun 2025 03:53:05 GMT
Last-Modified: Mon, 28 Apr 2025 15:05:14 GMT
Accept-Ranges: bytes
Content-Length: 8088
Content-Type: image/webp
Age: 30967
DDG-Cache-Status: MISS,HIT

laz-g-cdn.alicdn.com/lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/font_482437_i9tqljab236p3nmi.woff

90.84.160.25

200 OK

50 kB

URL GET
laz-g-cdn.alicdn.com/lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/font_482437_i9tqljab236p3nmi.woff
IP
90.84.160.25:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subjectlaz-g-cdn.alicdn.com
FingerprintA5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91
ValidityTue, 22 Apr 2025 02:21:08 GMT - Sun, 24 May 2026 02:21:07 GMT

File type
Web Open Font Format, TrueType, length 49860, version 1.0
Size
50 kB (49860 bytes)
Hash
9ed0a9af13e99f4a094d3667c7bfb071
e8c1a8ddde34f6f1fc5adacc1a24a29cab98c1db
e31ffa4ab077866db78d07241dddd66d8930229f67f42350ec8c8cbf278a539a

HTTP Headers

GET /lzd/assets/0.0.7/dpl-buyeruikit/2.0.1/font_482437_i9tqljab236p3nmi.woff HTTP/1.1
Host: laz-g-cdn.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:13 GMT
content-type: font/woff
content-length: 49860
server: openresty
x-oss-request-id: 68415B0A8B61273435DBE1D0
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12542599084261558410
x-oss-storage-class: Standard
content-md5: ntCprxPpn0oJTTZnx7+wcQ==
x-oss-server-time: 106
access-control-allow-origin: *
x-source-scheme: https
via: EU-FRA-marseille-EDGE1-CACHE1[2],EU-FRA-marseille-EDGE1-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE3[14],EU-FRA-paris-GLOBAL1-CACHE21[10,TCP_MISS,12],ens-cache22.l2nu20-20[0,0,200-0,H], ens-cache50.l2nu20-20[1,0], ens-cache4.l2hk11[0,0,200-0,H], ens-cache3.l2hk11[0,0], cache31.l2fr1[476,477,200-0,M], cache1.l2fr1[478,0], ens-cache30.fr6[0,0,200-0,H], ens-cache15.fr6[1,0]
ali-swift-global-savetime: 1749113610
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 08:54:12 GMT
x-swift-cachetime: 3558
timing-allow-origin: *
eagleid: a3b5fda317491151693435993e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 512dd731270cbbbf7b67a60521cfdee3
alt-svc: h3=":443"; ma=2592000
nginx-hit: 1
age: 443384
cache-control: max-age=2592000,s-maxage=3600
x-ccdn-expires: 2148623
accept-ranges: bytes
X-Firefox-Spdy: h2

fourier.alibaba.com/ts?url=&token=gGuEtXDZpiQ6ly2LxVaPQ6UYhrrLPzJXT4w7ZbVUBJqBvDOrbvMaFztKN72uQxmQV8M7zb2ZeJZQ-4oOzjh-RBUW9whLyzvXhEao9XUJENEVAdGMZ7UztMMrc8cLyzv6hETj9XHK-DYezzANsWF8rWVhrCSgMRb3ZwVlICyTIz2oEzAZsRFur8Dk_R3o-NP8xQeP_SxVtWqUnX2NzT3askSKtR7lrV7bY-ubQabo7WEUnX2NSU2mDAmixm5h5uaTQJqmzIsL_0DEzSuHwgszDTFih-g-YTjuxaNahCRNDtONh5yX_CSR2lVT_-OHtgI8x5FahCRN2gEg65yXtBf..&cna=GhPPIEEejhcCAVtaKppj707D&ext=1

47.246.165.51

200 OK

0 B

URL GET
fourier.alibaba.com/ts?url=&token=gGuEtXDZpiQ6ly2LxVaPQ6UYhrrLPzJXT4w7ZbVUBJqBvDOrbvMaFztKN72uQxmQV8M7zb2ZeJZQ-4oOzjh-RBUW9whLyzvXhEao9XUJENEVAdGMZ7UztMMrc8cLyzv6hETj9XHK-DYezzANsWF8rWVhrCSgMRb3ZwVlICyTIz2oEzAZsRFur8Dk_R3o-NP8xQeP_SxVtWqUnX2NzT3askSKtR7lrV7bY-ubQabo7WEUnX2NSU2mDAmixm5h5uaTQJqmzIsL_0DEzSuHwgszDTFih-g-YTjuxaNahCRNDtONh5yX_CSR2lVT_-OHtgI8x5FahCRN2gEg65yXtBf..&cna=GhPPIEEejhcCAVtaKppj707D&ext=1
IP
47.246.165.51:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.alibaba.com
Fingerprint5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
ValidityTue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ts?url=&token=gGuEtXDZpiQ6ly2LxVaPQ6UYhrrLPzJXT4w7ZbVUBJqBvDOrbvMaFztKN72uQxmQV8M7zb2ZeJZQ-4oOzjh-RBUW9whLyzvXhEao9XUJENEVAdGMZ7UztMMrc8cLyzv6hETj9XHK-DYezzANsWF8rWVhrCSgMRb3ZwVlICyTIz2oEzAZsRFur8Dk_R3o-NP8xQeP_SxVtWqUnX2NzT3askSKtR7lrV7bY-ubQabo7WEUnX2NSU2mDAmixm5h5uaTQJqmzIsL_0DEzSuHwgszDTFih-g-YTjuxaNahCRNDtONh5yX_CSR2lVT_-OHtgI8x5FahCRN2gEg65yXtBf..&cna=GhPPIEEejhcCAVtaKppj707D&ext=1 HTTP/1.1
Host: fourier.alibaba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:18 GMT
content-type: image/gif
content-length: 0
server: Tengine/Aserver
eagleeye-traceid: 21010c8d17495585580214103e4047
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i2/O1CN01b9cK511pjsP40xyAX_!!6000000005397-2-tps-34-34.png

98.98.201.152

200 OK

590 B

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i2/O1CN01b9cK511pjsP40xyAX_!!6000000005397-2-tps-34-34.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 34 x 34, 8-bit colormap, non-interlaced
Size
590 B (590 bytes)
Hash
2f1eecdd317c2a880392ad9fdc2ac832
48320603f6f647322e50ba4753093a95fcc5ed58
1c5ee33a75c5dcf1762c990271036927804c334533fbaa0bef7fc50c4da49ca4

HTTP Headers

GET /g/tps/imgextra/i2/O1CN01b9cK511pjsP40xyAX_!!6000000005397-2-tps-34-34.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 590
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 624907
ali-swift-global-savetime: 1733187790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: Lx7s3TF8KogDkq2f3CrIMg==
eagleid: a3b58c9917342700415305357e
etag: "2F1EECDD317C2A880392AD9FDC2AC832"
expires: Wed, 11 Jun 2025 01:23:09 GMT
last-modified: Tue, 24 Sep 2024 14:10:10 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-31-05
x-ccdn-cachettl: 8640000
x-ccdn-expires: 6211624
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 3c2d9a92fc624d3fc428aba14fcab124
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3888000
x-swift-savetime: Tue, 03 Dec 2024 01:03:10 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

g.alicdn.com/sd/baxia/2.5.31/baxiaCommon.js

163.181.253.194

200 OK

37 kB

URL GET
g.alicdn.com/sd/baxia/2.5.31/baxiaCommon.js
IP
163.181.253.194:80
ASN
#0

Requested by
http://mail.implants.dentlap.com/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (37062)
Size
37 kB (37289 bytes)
Hash
d92f78ccaaa2616aa3eb54e89d7032e5
1291a7d5ec73b551114f5175cfd05c747b827928
cc219d27d7e2ab0b6416fd4a1475fdedcd5b710123506903a526f72a4d208156

HTTP Headers

GET /sd/baxia/2.5.31/baxiaCommon.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12005
Connection: keep-alive
Date: Tue, 10 Jun 2025 10:08:51 GMT
Vary: Accept-Encoding
x-oss-request-id: 68480433A6EF25313880FF37
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8518556844306691727
x-oss-storage-class: Standard
Cache-Control: max-age=2592000,s-maxage=86400
Content-MD5: 2S94zKqiYWqj61TonXAy5Q==
x-oss-server-time: 24
Content-Encoding: gzip
Access-Control-Allow-Origin: *
x-bucket-code: 3
Via: cache7.l2fr1[47,46,200-0,M], cache5.l2fr1[48,0], cache5.l2fr1[49,0], ens-cache15.fr6[0,0,200-0,H], ens-cache21.fr6[1,0]
Age: 8424
Ali-Swift-Global-Savetime: 1749550131
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Tue, 10 Jun 2025 10:08:51 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: a3b5fda917495585554834781e

g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.css

90.84.161.26

200 OK

6.5 kB

URL GET
g.lazcdn.com/g/lzdfe/pdp-platform/0.1.22/pc.css
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
ASCII text, with very long lines (6449), with CRLF line terminators
Size
6.5 kB (6453 bytes)
Hash
17fbadd502b81b226f140e2626b59882
418a3bb9c84482cf5c6eabcb251496ec79a5c00b
f025608eb81037815a5c2de7868b0d941819fee8a0dbff8052703c7bfecd4c16

HTTP Headers

GET /g/lzdfe/pdp-platform/0.1.22/pc.css HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: text/css
content-length: 2191
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 683EC1539E335635393927EE
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3171041400854944349
x-oss-storage-class: Standard
content-md5: LO+js6UX0N1j7hLy9V9TjA==
x-oss-server-time: 21
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: 2ff6319a17489431868415178e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE4[3],EU-FRA-paris-GLOBAL1-CACHE11[0,TCP_HIT,2],cache10.l2fr1[0,0,200-0,H], cache16.l2fr1[1,0], ens-cache22.fr6[0,0,200-0,H], ens-cache6.fr6[1,0]
ali-swift-global-savetime: 1748943187
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 06 Jun 2025 09:33:13 GMT
x-swift-cachetime: 345594
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fd9a17494616145411600e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 0fb70418077424222a2867fd012fea92
nginx-hit: 1
age: 80600
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.js

90.84.161.26

200 OK

82 kB

URL GET
g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
82 kB (81573 bytes)
Hash
1663855fe3963805db3cdd7fb08ea591
b4b99318bdb2bcf37de40386cb4f2eb38d865638
49760473597b8b5964e4956f746fa8e098419b34f81f1236abb104e2e8ea9d1d

HTTP Headers

GET /g/lazada-search-fe/lzd-searchbox/0.4.11/index.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 26025
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6842BA21D7B60F39301C3350
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16651348871760440931
x-oss-storage-class: Standard
content-md5: FmOFX+OWOAXbPN1/sI6lkQ==
x-oss-server-time: 16
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fdb417492034883971134e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[4],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE4[2],EU-FRA-paris-GLOBAL1-CACHE8[0,TCP_HIT,2],cache14.l2fr1[0,0,200-0,H], cache23.l2fr1[2,0], ens-cache19.fr6[13,13,200-0,M], ens-cache19.fr6[14,0]
ali-swift-global-savetime: 1749203489
x-cache: MISS TCP_MISS dirn:11:449552524
x-swift-savetime: Mon, 09 Jun 2025 09:51:52 GMT
x-swift-cachetime: 345577
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fda717494627123233993e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 2b32e77e520b482504c404d336d20309
nginx-hit: 1
age: 82634
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/tfs/TB1jyJMv.H1gK0jSZSyXXXtlpXa-184-120.png

98.98.201.152

200 OK

6.2 kB

URL GET
lzd-img-global.slatic.net/g/tps/tfs/TB1jyJMv.H1gK0jSZSyXXXtlpXa-184-120.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 184 x 120, 8-bit colormap, non-interlaced
Size
6.2 kB (6179 bytes)
Hash
5a878340f3d6fcbd2286aba8ce992d37
85adfa61f988fc2e519e5a309d04265023c1e9d3
a0cc1b2660da8fe09c2aad9634a4ef2562e374dfcd47358b070fb139dc6bface

HTTP Headers

GET /g/tps/tfs/TB1jyJMv.H1gK0jSZSyXXXtlpXa-184-120.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 6179
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 624907
ali-swift-global-savetime: 1739432754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: WoeDQPPW/L0ihquozpktNw==
eagleid: a3b523a817416386547782474e
etag: "5A878340F3D6FCBD2286ABA8CE992D37"
expires: Thu, 17 Jul 2025 06:43:31 GMT
last-modified: Tue, 20 Aug 2024 02:14:41 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-09
x-ccdn-cachettl: 8640000
x-ccdn-expires: 5268131
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 65ee036142a13459a26707bb14a42e08
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3434847
x-swift-savetime: Tue, 18 Feb 2025 13:38:27 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

mail.implants.dentlap.com/img/home.webp

95.129.234.32

200 OK

480 B

URL GET
mail.implants.dentlap.com/img/home.webp
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
RIFF (little-endian) data, Web/P image
Size
480 B (480 bytes)
Hash
a4555bcee7337a0b1efb3e9d492ad803
33ad43dc36393250f4234e55d7676dcc2098b6cf
7fb41349d296cbd5b96f1ed6a3e15701ae8e7d50767a025bbfd161f747a32502

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/home.webp HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=1XHbUCWYsJOXQGNa; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=KSbgpWVaHVHBloaf; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
Date: Mon, 09 Jun 2025 08:26:27 GMT
Last-Modified: Mon, 28 Apr 2025 15:05:14 GMT
Accept-Ranges: bytes
Content-Length: 480
Content-Type: image/webp
Age: 100964
DDG-Cache-Status: MISS,HIT

g.alicdn.com/AWSC/et/1.83.8/et_f.js

163.181.253.194

200 OK

262 kB

URL GET
g.alicdn.com/AWSC/et/1.83.8/et_f.js
IP
163.181.253.194:443
ASN
#0

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
262 kB (262136 bytes)
Hash
fdc8d3c63a356d45a6af4495199742dd
b03b109bc585dc4e8e29982cde4195dbacb3af2e
0ab55e76a88a3662447e678025d70e9367eb0c0a5d14948440013c3670ad545d

HTTP Headers

GET /AWSC/et/1.83.8/et_f.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 91020
date: Tue, 10 Jun 2025 10:39:33 GMT
x-oss-request-id: 68480B6562E483313073EC31
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12424508067849186430
x-oss-storage-class: Standard
content-encoding: gzip
cache-control: max-age=2592000,s-maxage=86400
content-md5: EMxYD13f00uUcyuVOeMQDA==
x-oss-server-time: 3
access-control-allow-origin: *
x-bucket-code: 3
via: cache8.l2fr1[25,24,200-0,M], cache22.l2fr1[25,0], cache22.l2fr1[27,0], ens-cache7.fr6[0,0,200-0,H], ens-cache1.fr6[1,0]
age: 6582
ali-swift-global-savetime: 1749551973
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 10 Jun 2025 10:39:33 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5fd9517495585555836273e
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.css

90.84.161.26

200 OK

137 kB

URL GET
g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.css
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
ASCII text, with very long lines (65532), with CRLF line terminators
Size
137 kB (136794 bytes)
Hash
1952aa6fb1be87726e9458038df98843
f60be3d75a74da45d09d70fb822cb77cbfefd27a
0c84e192095dee0121011bea0c0b0f674bd0621edd7317e92022a827f520856a

HTTP Headers

GET /g/lzdfe/pdp-modules/1.4.4/pc-mod.css HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: text/css
content-length: 35194
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6842B6933E8FB437336BD7F0
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14096634822127312349
x-oss-storage-class: Standard
content-md5: Ok34KZAvp1FnHsMo9bNckQ==
x-oss-server-time: 32
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fda717492025790253859e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE24[4],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,2],cache19.l2fr1[1139,1139,200-0,M], cache21.l2fr1[1141,0], ens-cache18.fr6[0,0,200-0,H], ens-cache8.fr6[1,0]
ali-swift-global-savetime: 1749202580
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 06 Jun 2025 09:36:20 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fd9c17495482083596136e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 2056cae972d3747f22826a2a3cb7cb23
nginx-hit: 1
age: 5220
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto/latin.woff2

90.84.161.26

200 OK

11 kB

URL GET
g.lazcdn.com/g/lzdfe/static/0.0.29/Roboto/latin.woff2
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10748, version 1.0
Size
11 kB (10748 bytes)
Hash
ece6673e477b4d7aca12f04dace5ed60
f8ff7fbe231448a58d3989d84803dd66851b9988
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

HTTP Headers

GET /g/lzdfe/static/0.0.29/Roboto/latin.woff2 HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 12:29:15 GMT
content-type: font/woff2
content-length: 10748
server: openresty
x-oss-request-id: 68419662D86EC1383952D02F
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15489323926058991130
x-oss-storage-class: Standard
access-control-allow-origin: *
content-md5: 7OZnPkd7TXrKEvBNrOXtYA==
x-oss-server-time: 15
x-source-scheme: https
eagleeye-traceid: a3b5319a17491288017433620e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE6[2],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE9[2],EU-FRA-paris-GLOBAL1-CACHE22[0,TCP_HIT,1],cache9.l2fr1[0,0,200-0,H], cache29.l2fr1[1,0], ens-cache9.fr6[0,0,200-0,H], ens-cache33.fr6[1,0]
ali-swift-global-savetime: 1749128802
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 13:06:45 GMT
x-swift-cachetime: 604797
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb517495550822976699e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 18939fc54a76958a505f5e274c2901a4
nginx-hit: 1
age: 2682
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk

mail.implants.dentlap.com/

95.129.234.32

200 OK

623 kB

URL User Request GET
mail.implants.dentlap.com/
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

File type
HTML document, ASCII text, with CRLF line terminators
Size
623 kB (622995 bytes)
Hash
367388370667ee39be1a6e1c83a40c81
cbcfbe5423dc81811304d97069c2e81b0ee7263c
13e6a997e64daec1429969d3e124b92e139ae8c7a2697a4e80615f6771acda2c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET / HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=1XHbUCWYsJOXQGNa; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg1_=cON2xf87dCWD9uer8A7D; Domain=.dentlap.com; HttpOnly; Path=/; Expires=Wed, 10-Jun-2026 12:29:11 GMT
Date: Tue, 10 Jun 2025 12:29:11 GMT
Last-Modified: Mon, 09 Jun 2025 08:32:56 GMT
Accept-Ranges: bytes
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.js

90.84.161.26

200 OK

811 kB

URL GET
g.lazcdn.com/g/lzdfe/pdp-modules/1.4.4/pc-mod.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
811 kB (810700 bytes)
Hash
2dc6575bc96ca2ba3f25e4d4882178f2
a6fe61638e3dd7d71a4c00e1b87e5e6d1b80e474
295424257477b4cdb96b2b990bc42060434eff8b4e038655ee48903cd0ac3779

HTTP Headers

GET /g/lzdfe/pdp-modules/1.4.4/pc-mod.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 270257
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 6842B8A1152769383882E1E0
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4681579850532549158
x-oss-storage-class: Standard
content-md5: LcZXW8lsoro/JeTUiCF48g==
x-oss-server-time: 30
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fd9917492031045097754e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE4[4],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE17[2],EU-FRA-paris-GLOBAL1-CACHE4[0,TCP_HIT,2],cache12.l2fr1[1163,1164,200-0,M], cache32.l2fr1[1166,0], ens-cache23.fr6[0,0,200-0,H], ens-cache11.fr6[1,0]
ali-swift-global-savetime: 1749203105
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 06 Jun 2025 09:45:05 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fd9f17494623171544151e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 104fdaf0613032437733b0882d7ab746
nginx-hit: 1
age: 71253
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01Y8JAuA1pB4EhCiF0K_!!6000000005321-2-tps-96-70.png

98.98.201.152

200 OK

7.8 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i1/O1CN01Y8JAuA1pB4EhCiF0K_!!6000000005321-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7843 bytes)
Hash
f87442c995a605164dcff8b32c7bac9e
cc6c778e82111ae03773caef53241a16151d2075
ca437af32df2c4d2419cacb3b959fc506bc9aa42c514ed5c25093105983fdff6

HTTP Headers

GET /g/tps/imgextra/i1/O1CN01Y8JAuA1pB4EhCiF0K_!!6000000005321-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 7843
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 624908
ali-swift-global-savetime: 1730196801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: +HRCyZWmBRZNz/izLHusng==
eagleid: a3b58c9b17331267710388189e
etag: "F87442C995A605164DCFF8B32C7BAC9E"
expires: Thu, 17 Jul 2025 06:43:31 GMT
last-modified: Sat, 10 Aug 2024 09:21:36 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-15
x-ccdn-cachettl: 8640000
x-ccdn-expires: 5268113
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 27cd753b0f4ba36226bab9f689a9e01a
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 1224211
x-swift-savetime: Fri, 29 Nov 2024 06:09:50 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

arms-retcode-sg.aliyuncs.com/r.png?t=pv&times=1&page=%2F&tag=&release=&environment=prod&begin=1749558554513&uid=X7mqgbR0qX1h95zmyohkgUpgaFO9&dt=Cintatogel%20-%20Login%20Link%20Alternatif%20Situs%20Thailand%20Gacor%2C%20Daftar%20Server%20Thailand%20Terbaru&dr=&dpr=1.00&de=utf-8&ul=id-ID&sr=1280x1024&vp=1280x1024&ct=&sid=nbmd3bmqqz0h7qzI4oCOg6vijUan&pid=hyey0hz67v%400edb7c0e5e09aea&_v=1.8.30&pv_id=zRm77b43q66hhXz5knpandj5h8j4&sampling=1&dl=http%3A%2F%2Fmail.implants.dentlap.com%2F&z=mbqhznn3

8.222.203.130

200 OK

0 B

URL HEAD
arms-retcode-sg.aliyuncs.com/r.png?t=pv&times=1&page=%2F&tag=&release=&environment=prod&begin=1749558554513&uid=X7mqgbR0qX1h95zmyohkgUpgaFO9&dt=Cintatogel%20-%20Login%20Link%20Alternatif%20Situs%20Thailand%20Gacor%2C%20Daftar%20Server%20Thailand%20Terbaru&dr=&dpr=1.00&de=utf-8&ul=id-ID&sr=1280x1024&vp=1280x1024&ct=&sid=nbmd3bmqqz0h7qzI4oCOg6vijUan&pid=hyey0hz67v%400edb7c0e5e09aea&_v=1.8.30&pv_id=zRm77b43q66hhXz5knpandj5h8j4&sampling=1&dl=http%3A%2F%2Fmail.implants.dentlap.com%2F&z=mbqhznn3
IP
8.222.203.130:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.arms.aliyuncs.com
Fingerprint42:C0:78:4D:62:EF:4A:4A:B5:99:FD:F6:CF:76:75:66:EC:DC:7C:4D
ValidityThu, 16 Jan 2025 03:36:01 GMT - Tue, 17 Feb 2026 03:36:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /r.png?t=pv&times=1&page=%2F&tag=&release=&environment=prod&begin=1749558554513&uid=X7mqgbR0qX1h95zmyohkgUpgaFO9&dt=Cintatogel%20-%20Login%20Link%20Alternatif%20Situs%20Thailand%20Gacor%2C%20Daftar%20Server%20Thailand%20Terbaru&dr=&dpr=1.00&de=utf-8&ul=id-ID&sr=1280x1024&vp=1280x1024&ct=&sid=nbmd3bmqqz0h7qzI4oCOg6vijUan&pid=hyey0hz67v%400edb7c0e5e09aea&_v=1.8.30&pv_id=zRm77b43q66hhXz5knpandj5h8j4&sampling=1&dl=http%3A%2F%2Fmail.implants.dentlap.com%2F&z=mbqhznn3 HTTP/1.1
Host: arms-retcode-sg.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.implants.dentlap.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:15 GMT
content-length: 0
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Authorization,X-Dtc
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01Wdetn224xMIRNihao_!!6000000007457-2-tps-34-34.png

98.98.201.152

200 OK

476 B

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01Wdetn224xMIRNihao_!!6000000007457-2-tps-34-34.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 34 x 34, 8-bit colormap, non-interlaced
Size
476 B (476 bytes)
Hash
d9a89a501e57d0cbac81ea4a054dcfb2
6b8079fecc67d2ac01c0574bc6f7db479be07cb5
79224ccc77d1f0025f05756e8d5635604018ffea20be8f1568e4ed421c5f567a

HTTP Headers

GET /g/tps/imgextra/i3/O1CN01Wdetn224xMIRNihao_!!6000000007457-2-tps-34-34.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 476
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 624907
ali-swift-global-savetime: 1737450826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: 2aiaUB5X0MusgepKBU3Psg==
eagleid: a3b523a317406779607738457e
etag: "D9A89A501E57D0CBAC81EA4A054DCFB2"
expires: Thu, 12 Jun 2025 07:07:32 GMT
last-modified: Wed, 04 Sep 2024 03:00:34 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-03, HIT from KS-CLOUD-XG-FOREIGN-31-04
x-ccdn-cachettl: 8640000
x-ccdn-expires: 5024319
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: e9e37095e7ae7e98c0eb776912f7e6cc
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 1144187
x-swift-savetime: Sat, 22 Feb 2025 03:23:59 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

aeis.alicdn.com/sd/ncpc/nc.js?t=18507

23.49.27.47

200 OK

221 kB

URL GET
aeis.alicdn.com/sd/ncpc/nc.js?t=18507
IP
23.49.27.47:80
ASN
#16625 AKAMAI-AS

Requested by
http://mail.implants.dentlap.com/

File type
JavaScript source, ASCII text, with very long lines (32041)
Size
221 kB (221174 bytes)
Hash
11998461d3d77dde9e7ef72a65e08429
3863ac62c17ae5e0de527e1a8eeaea40e07c2531
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a

HTTP Headers

GET /sd/ncpc/nc.js?t=18507 HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 70098
x-oss-request-id: 68481AC127A1473939D74FF4
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1561788439659902122
x-oss-storage-class: Standard
Content-MD5: EZmEYdPXfd6efvcqZeCEKQ==
x-oss-server-time: 10
X-Source-Scheme: https
Content-Encoding: gzip
Ali-Swift-Global-Savetime: 1749555905
X-Swift-SaveTime: Tue, 10 Jun 2025 11:45:05 GMT
X-Swift-CacheTime: 3600
EagleId: 2ff62c9b17495560182466480e
Cache-Control: max-age=954, s-maxage=3600
Expires: Tue, 10 Jun 2025 12:45:05 GMT
Date: Tue, 10 Jun 2025 12:29:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.79.30
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *, *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.49.27.47

mail.implants.dentlap.com/img/daftar.webp

95.129.234.32

200 OK

2.5 kB

URL GET
mail.implants.dentlap.com/img/daftar.webp
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
RIFF (little-endian) data, Web/P image
Size
2.5 kB (2478 bytes)
Hash
960c90d10128de3ffb0864c2dec93e1a
2a685cc9c231ed877f7151d2863185a27d62d2ae
a7129e425590777d95dc83be65e9fbc7f75f0c398bc56a8fd4b9e708e1eba67e

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/daftar.webp HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=1XHbUCWYsJOXQGNa; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=SQE3xJtUNCzkHxQ5; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg10_=1749558551; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:11 GMT
Date: Tue, 10 Jun 2025 03:53:05 GMT
Last-Modified: Mon, 28 Apr 2025 15:05:14 GMT
Accept-Ranges: bytes
Content-Length: 2478
Content-Type: image/webp
Age: 30968
DDG-Cache-Status: MISS,HIT

laz-g-cdn.alicdn.com/lzdfe/static/0.0.48/iconfont-hp.woff

90.84.160.25

200 OK

11 kB

URL GET
laz-g-cdn.alicdn.com/lzdfe/static/0.0.48/iconfont-hp.woff
IP
90.84.160.25:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subjectlaz-g-cdn.alicdn.com
FingerprintA5:45:B9:D4:07:B7:25:BF:8B:2F:B5:D1:76:4B:72:0B:04:FD:10:91
ValidityTue, 22 Apr 2025 02:21:08 GMT - Sun, 24 May 2026 02:21:07 GMT

File type
Web Open Font Format, TrueType, length 10800, version 1.0
Size
11 kB (10800 bytes)
Hash
e7efeb5a44735dbc279376552cd36f0c
6fbf95afd6bd4b5ceaa90e0a988ee379b0ce1536
4c4d8e923e008e615f10407b2992418005e89555259fc3c048d7424a058584ba

HTTP Headers

GET /lzdfe/static/0.0.48/iconfont-hp.woff HTTP/1.1
Host: laz-g-cdn.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:13 GMT
content-type: font/woff
content-length: 10800
server: openresty
x-oss-request-id: 68415E925C88ED3432A21682
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11084093574867788336
x-oss-storage-class: Standard
access-control-allow-origin: *
content-md5: 5+/rWkRzXbwnk3ZVLNNvDA==
x-oss-server-time: 11
x-source-scheme: https
via: EU-FRA-marseille-EDGE1-CACHE1[2],EU-FRA-marseille-EDGE1-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE14[13],EU-FRA-paris-GLOBAL1-CACHE8[10,TCP_MISS,12],EU-FRA-paris-GLOBAL1-CACHE8[6,TCP_MISS,10],ens-cache25.l2nu20-20[67,66,200-0,M], ens-cache32.l2nu20-20[69,0], ens-cache2.l2hk11[0,0,200-0,H], ens-cache39.l2hk11[0,0], cache25.l2fr1[0,0,200-0,H], cache16.l2fr1[0,0], ens-cache35.fr6[0,0,200-0,H], ens-cache34.fr6[1,0]
ali-swift-global-savetime: 1749114514
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 09:11:22 GMT
x-swift-cachetime: 3432
timing-allow-origin: *
eagleid: a3b5fdb617491151711511238e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 7ee5f2ba4be0bccd04369d3d2d5a466c
alt-svc: h3=":443"; ma=2592000
nginx-hit: 1
age: 443382
cache-control: max-age=2592000,s-maxage=3600
x-ccdn-expires: 2148656
accept-ranges: bytes
X-Firefox-Spdy: h2

g.lazcdn.com/g/lzdfe/static/0.0.44/iconfont-hp.woff

90.84.161.26

200 OK

10 kB

URL GET
g.lazcdn.com/g/lzdfe/static/0.0.44/iconfont-hp.woff
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
Web Open Font Format, TrueType, length 10376, version 1.0
Size
10 kB (10376 bytes)
Hash
0eace0677309ca4896ff5e2bf56efe6c
c1982d2df0551f8b2293d6c025a2379cd893cd18
72035184dc490d665f8bb7295ce6d6a8fb65e7e0ab370820708b24d54f9f5e51

HTTP Headers

GET /g/lzdfe/static/0.0.44/iconfont-hp.woff HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 12:29:14 GMT
content-type: font/woff
content-length: 10376
server: openresty
x-oss-request-id: 6841A2376E38A13738E9AAA8
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 131960460927145503
x-oss-storage-class: Standard
access-control-allow-origin: *
content-md5: DqzgZ3MJykiW/14r9W7+bA==
x-oss-server-time: 40
x-source-scheme: https
eagleeye-traceid: a3b5fd9817491318297563339e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE6[5],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,3],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE10[0,TCP_HIT,2],cache19.l2fr1[2287,2287,200-0,M], cache22.l2fr1[2288,0], ens-cache19.fr6[0,0,200-0,H], ens-cache3.fr6[2,0]
ali-swift-global-savetime: 1749131832
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 13:57:12 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fd9717495570650876899e
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 2144e26a745a7a3639edfad32cdd24f5
nginx-hit: 1
age: 1367
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk

g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.css

90.84.161.26

200 OK

8.9 kB

URL GET
g.lazcdn.com/g/lazada-search-fe/lzd-searchbox/0.4.11/index.css
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
ASCII text, with very long lines (8849), with CRLF line terminators
Size
8.9 kB (8853 bytes)
Hash
f23672268cc87f40b08144ae6977a9b7
b4fdcc07372060da24b4f605f677bc957f6f98a9
5d3641ce34fc23d609ca95b002b0b03f652685a7a0043ffe7330546468996629

HTTP Headers

GET /g/lazada-search-fe/lzd-searchbox/0.4.11/index.css HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: text/css
content-length: 2776
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 684168AE2651A832355C27C2
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8400074587530186081
x-oss-storage-class: Standard
content-md5: BNKEEPEDNd5YwGEYwAWrzA==
x-oss-server-time: 24
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fdb217491171016421620e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[4],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE5[3],EU-FRA-paris-GLOBAL1-CACHE1[0,TCP_HIT,1],cache16.l2fr1[576,575,200-0,M], cache23.l2fr1[577,0], ens-cache27.fr6[0,0,200-0,H], ens-cache36.fr6[1,0]
ali-swift-global-savetime: 1749117102
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 09:51:42 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb817494627156196335e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 7906c427323d3f016440b3c2639effc6
nginx-hit: 1
age: 82027
cache-control: max-age=2592000,s-maxage=86400
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/tfs/TB1lbmoqYr1gK0jSZR0XXbP8XXa-340-200.png

98.98.201.152

200 OK

6.6 kB

URL GET
lzd-img-global.slatic.net/g/tps/tfs/TB1lbmoqYr1gK0jSZR0XXbP8XXa-340-200.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 340 x 200, 8-bit colormap, non-interlaced
Size
6.6 kB (6579 bytes)
Hash
8343dc273f135d150649d5f2a7040e22
11d2781f43b240835a8746ab79ea8276b5474e15
3ffff47c6c9f5d002661a268eeaa579218f8c1800f2b12a7c29c810e5cbf5464

HTTP Headers

GET /g/tps/tfs/TB1lbmoqYr1gK0jSZR0XXbP8XXa-340-200.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 6579
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 582668
ali-swift-global-savetime: 1723434727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: g0PcJz8TXRUGSdXypwQOIg==
eagleid: a3b58c9b17252570788554631e
etag: "8343DC273F135D150649D5F2A7040E22"
expires: Thu, 19 Jun 2025 06:24:12 GMT
last-modified: Sat, 20 Apr 2024 03:20:40 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-07
x-ccdn-cachettl: 8640000
x-ccdn-expires: 6188284
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 848838b5414ee61ba83dfbc29d909ca2
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3888000
x-swift-savetime: Mon, 12 Aug 2024 03:52:07 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

g.lazcdn.com/g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js

90.84.161.26

200 OK

189 kB

URL GET
g.lazcdn.com/g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, ASCII text, with very long lines (27672)
Size
189 kB (188948 bytes)
Hash
2ccd0968cdba249db3247c66f9f87c18
f2fd43093bea8756c20c99ade52e4e7089d0446e
cd1411bbb194fde0a1a0b729f03c3a5bb38ca17b43983b0eb706c519a34280ca

HTTP Headers

GET /g/??mui/feloader/5.0.0/feloader-min.js,lzdmod/site-nav-pc/5.2.38/pc/index.js,lzdmod/jquery/5.0.9/index.js,lzdmod/site-nav-pc/5.2.38/assets/links-bar/index.js,lzdmod/common-info/5.0.30/index.js,lzdmod/site-nav-pc/5.2.38/assets/reqwest/index.js,lzdmod/site-nav-pc/5.2.38/assets/common/popper/index.js,lzdmod/site-nav-pc/5.2.38/assets/cart/index.js,lzdmod/site-nav-pc/5.2.38/assets/download-app/index.js,lzdmod/site-nav-pc/5.2.38/i18n.js,lzdmod/site-nav-pc/5.2.38/assets/track-order/index.js,lzdmod/site-nav-pc/5.2.38/assets/switch-lang/index.js,lzdmod/site-nav-pc/5.2.38/assets/user-info/index.js,lzdmod/site-nav-pc/5.2.38/assets/affiliate/index.js,lzdmod/site-nav-pc/5.2.38/assets/logo-bar/index.js,lzdmod/site-nav-pc/5.2.38/assets/search-box/index.js,lzdmod/site-nav-pc/5.2.38/assets/liveup/index.js,lzdmod/site-menu-pc/5.0.45/pc/index.js,lzdmod/site-menu-nav-pc/5.0.73/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/index.js,lzdmod/desktop-footer/6.1.1/pc/reqwest/index.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 75964
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 68422372E71FDC3937BC7920
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5754340992191081510
x-oss-storage-class: Standard
content-md5: Xignf5zBtp7GvqZWEqODlA==
x-oss-server-time: 4
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: 2ff6319e17491649134684305e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[9],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE21[4],EU-FRA-paris-GLOBAL1-CACHE25[0,TCP_HIT,1],cache39.l2fr1[0,19,200-0,H], cache14.l2fr1[21,0], ens-cache36.fr6[0,0,200-0,H], ens-cache30.fr6[1,0]
ali-swift-global-savetime: 1749164914
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 06 Jun 2025 04:08:53 GMT
x-swift-cachetime: 586781
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb217495544595231604e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 79f0b3b5030617681e77eef26e3548be
nginx-hit: 1
age: 2079
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

arms-retcode-sg.aliyuncs.com/r.png?t=perf&times=1&page=%2F&tag=&release=&environment=prod&begin=1749558553399&dns=1&tcp=19&ssl=59&ttfb=204&trans=0&dom=1920&res=1050&firstbyte=225&fpt=264&tti=2184&ready=2374&load=3424&ct=&navtype=Other&fmp=4501&autoSend=true&sr=1280x1024&vp=1280x1024&uid=X7mqgbR0qX1h95zmyohkgUpgaFO9&sid=nbmd3bmqqz0h7qzI4oCOg6vijUan&pid=hyey0hz67v%400edb7c0e5e09aea&_v=1.8.30&pv_id=zRm77b43q66hhXz5knpandj5h8j4&sampling=10&z=mbqhznn4

8.222.203.130

200 OK

0 B

URL HEAD
arms-retcode-sg.aliyuncs.com/r.png?t=perf&times=1&page=%2F&tag=&release=&environment=prod&begin=1749558553399&dns=1&tcp=19&ssl=59&ttfb=204&trans=0&dom=1920&res=1050&firstbyte=225&fpt=264&tti=2184&ready=2374&load=3424&ct=&navtype=Other&fmp=4501&autoSend=true&sr=1280x1024&vp=1280x1024&uid=X7mqgbR0qX1h95zmyohkgUpgaFO9&sid=nbmd3bmqqz0h7qzI4oCOg6vijUan&pid=hyey0hz67v%400edb7c0e5e09aea&_v=1.8.30&pv_id=zRm77b43q66hhXz5knpandj5h8j4&sampling=10&z=mbqhznn4
IP
8.222.203.130:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.arms.aliyuncs.com
Fingerprint42:C0:78:4D:62:EF:4A:4A:B5:99:FD:F6:CF:76:75:66:EC:DC:7C:4D
ValidityThu, 16 Jan 2025 03:36:01 GMT - Tue, 17 Feb 2026 03:36:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /r.png?t=perf&times=1&page=%2F&tag=&release=&environment=prod&begin=1749558553399&dns=1&tcp=19&ssl=59&ttfb=204&trans=0&dom=1920&res=1050&firstbyte=225&fpt=264&tti=2184&ready=2374&load=3424&ct=&navtype=Other&fmp=4501&autoSend=true&sr=1280x1024&vp=1280x1024&uid=X7mqgbR0qX1h95zmyohkgUpgaFO9&sid=nbmd3bmqqz0h7qzI4oCOg6vijUan&pid=hyey0hz67v%400edb7c0e5e09aea&_v=1.8.30&pv_id=zRm77b43q66hhXz5knpandj5h8j4&sampling=10&z=mbqhznn4 HTTP/1.1
Host: arms-retcode-sg.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.implants.dentlap.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:16 GMT
content-length: 0
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Authorization,X-Dtc
X-Firefox-Spdy: h2

g.lazcdn.com/g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js

90.84.161.26

200 OK

62 kB

URL GET
g.lazcdn.com/g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (61349), with no line terminators
Size
62 kB (62257 bytes)
Hash
313fce95ea9fc889a2f8853921915657
06a74499752f47966db61127958a9700f8db5818
ec8b30600526cd5a830095f016c5eb1016272c154c83a406be845aec0745f2d3

HTTP Headers

GET /g/woodpeckerx/jssdk??wpkReporter.js,plugins/flow.js,plugins/interface.js,plugins/blank.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 24923
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 68419E7CD7740530397D20DD
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14095781032472792066
x-oss-storage-class: Standard
content-md5: NcCmRbKpke0jCzHXWwyfjg==
x-oss-server-time: 1
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fd9817491308752208802e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE1[4],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,2],cache20.l2fr1[1232,1233,200-0,M], cache28.l2fr1[1234,0], ens-cache15.fr6[0,0,200-0,H], ens-cache36.fr6[4,0]
ali-swift-global-savetime: 1749130876
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Jun 2025 13:41:16 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fdb817495582709461324e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 72844c06670f086465f33fd903cea1b8
nginx-hit: 1
age: 280
cache-control: max-age=86400,s-maxage=600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

g.lazcdn.com/g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js

90.84.161.26

200 OK

570 kB

URL GET
g.lazcdn.com/g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js
IP
90.84.161.26:443
ASN
#2285 Orange

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (30792)
Size
570 kB (569783 bytes)
Hash
57b2e10e609191c186511592a94d6bb6
93b3c6cc26945388a44a1442207011c80f02387c
e0bf62f312659a4a2c542885f41c26df7a9d5458e5b4c06ad6186569d3cfc919

HTTP Headers

GET /g/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-mtop/2.5.1/mtop.js,lazada-decorate/lazada-mod-lib/0.0.20/LazadaModLib.min.js HTTP/1.1
Host: g.lazcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 12:29:11 GMT
content-type: application/javascript
content-length: 185093
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-oss-request-id: 684028DE9FC71F30355CEB44
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6996595059999626840
x-oss-storage-class: Standard
content-md5: JifVEYiUXrmAm4B/x/wkKg==
x-oss-server-time: 1
access-control-allow-origin: *
x-source-scheme: https
eagleeye-traceid: a3b5fdb817490352298791000e
strict-transport-security: max-age=360000; includeSubDomains
timing-allow-origin: *
via: EU-GER-frankfurt-EDGE5-CACHE1[2],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE27[3],EU-FRA-paris-GLOBAL1-CACHE20[0,TCP_HIT,2],cache24.l2fr1[1004,1016,200-0,M], cache37.l2fr1[1017,0], ens-cache26.fr6[0,0,200-0,H], ens-cache6.fr6[1,0]
ali-swift-global-savetime: 1749035230
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 04 Jun 2025 11:07:10 GMT
x-swift-cachetime: 604800
access-control-allow-methods: GET,HEAD
alt-svc: h3=":443"; ma=2592000
eagleid: a3b5fd9a17495546474816471e
content-encoding: br
x-hcs-proxy-type: 1
x-ccdn-cachettl: 2592000
x-ccdn-req-id-46b1: 0ceb55892fb8484c2d6cc8840bbb6af7
nginx-hit: 1
age: 2677
cache-control: max-age=2592000,s-maxage=3600
accept-ranges: bytes
cdn-type: hwc
x-content-type-options: nosniff
content-security-policy: frame-ancestors pages.lazada.sg pages.lazada.vn pages.lazada.co.id pages.lazada.co.th pages.lazada.com.ph pages.lazada.com.my pages.daraz.com.bd pages.daraz.lk pages.shop.com.mm pages.daraz.com.np pages.daraz.pk
X-Firefox-Spdy: h2

gj.mmstat.com/eg.js?t=1749558553819

47.246.136.160

200 OK

91 B

URL GET
gj.mmstat.com/eg.js?t=1749558553819
IP
47.246.136.160:80
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://mail.implants.dentlap.com/

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
6950940670b28fc294f00213d8daf0ed
85ac549e6b7a785cff6d5b9c6dec78d50b3037d5
468083688789bf30b3f1491e9fd69d32eb53f2ee849dcda32d3aab1f18e4727b

HTTP Headers

GET /eg.js?t=1749558553819 HTTP/1.1
Host: gj.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 10 Jun 2025 12:29:14 GMT
Content-Type: application/javascript
Content-Length: 91
Connection: keep-alive
ETag: "GhPPIEEejhcCAVtaKppj707D"
stag: 2
Set-Cookie: cna=GhPPIEEejhcCAVtaKppj707D; expires=Fri, 08-Jun-35 12:29:14 GMT; path=/; domain=.mmstat.com;
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache

g.alicdn.com/AWSC/AWSC/awsc.js

163.181.253.194

200 OK

9.2 kB

URL GET
g.alicdn.com/AWSC/AWSC/awsc.js
IP
163.181.253.194:443
ASN
#0

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintDA:3A:AA:7B:92:DB:F4:10:34:34:38:95:9D:FD:3C:A4:2B:74:29:F5
ValidityThu, 06 Mar 2025 10:12:19 GMT - Mon, 21 Jul 2025 09:06:01 GMT

File type
JavaScript source, ASCII text, with very long lines (9179), with no line terminators
Size
9.2 kB (9179 bytes)
Hash
aa9e1d499d73b13ccfc62cea1132de82
577c8db2b04aa557a61e20bfbbeb1ebe289af8ef
b308cd4752b02e05202023560bac5d9aea721e78bab3e496f570bb9c27b2f0ca

HTTP Headers

GET /AWSC/AWSC/awsc.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.implants.dentlap.com
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 3282
date: Tue, 10 Jun 2025 12:13:24 GMT
vary: Accept-Encoding
x-oss-request-id: 68482164AF49DB393004857C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17605140350330895498
x-oss-storage-class: Standard
cache-control: max-age=7200,s-maxage=3600
content-md5: qp4dSZ1zsTzPxizqETLegg==
x-oss-server-time: 2
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
via: cache32.l2fr1[26,25,200-0,M], cache20.l2fr1[27,0], cache20.l2fr1[27,0], ens-cache21.fr6[0,0,200-0,H], ens-cache28.fr6[1,0]
age: 951
ali-swift-global-savetime: 1749557604
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 10 Jun 2025 12:13:24 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: a3b5fdb017495585555107185e
X-Firefox-Spdy: h2

mail.implants.dentlap.com/img/iconss.webp

95.129.234.32

200 OK

28 kB

URL GET
mail.implants.dentlap.com/img/iconss.webp
IP
95.129.234.32:80
ASN
#57724 Ddos-guard Ltd

Requested by
http://mail.implants.dentlap.com/

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1200, Scaling: [none]x[none], YUV color, decoders should clamp
Size
28 kB (28154 bytes)
Hash
6c16644373d52cb9f415e583c3d43ece
df33d0cef4686d6dec62b079832a34d66c62c9f4
2e1bbe2305785dd80fae27bc2b7e1b01282a2c45d94335ed9df54938b7fadb3f

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /img/iconss.webp HTTP/1.1
Host: mail.implants.dentlap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Cookie: __ddg8_=CTblgw74IsdUW2Q0; __ddg10_=1749558551; __ddg9_=91.90.42.154; __ddg1_=cON2xf87dCWD9uer8A7D; _uab_collina=174955855349474654504365
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg8_=TTmf52LJzk7YDkIh; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:13 GMT
__ddg10_=1749558553; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:13 GMT
__ddg9_=91.90.42.154; Domain=.dentlap.com; Path=/; Expires=Tue, 10-Jun-2025 12:49:13 GMT
Date: Tue, 10 Jun 2025 12:29:11 GMT
Last-Modified: Tue, 06 May 2025 09:09:44 GMT
Accept-Ranges: bytes
Content-Length: 28154
Content-Type: image/webp
Age: 2
DDG-Cache-Status: HIT,MISS

gj.mmstat.com/v.gif?logtype=1&title=Cintatogel%20-%20Login%20Link%20Alternatif%20Situs%20Thailand%20Gacor%2C%20Daftar%20Server%20Thailand%20Terbaru&pre=&scr=1280x1024&_p_url=http%3A%2F%2Fmail.implants.dentlap.com%2F&cna=GhPPIEEejhcCAVtaKppj707D&spm-cnt=Thailand.pdp_revamp.0.0.37bc6374r5UeaO&clog=o&aplus&sidx=aplusSidx&ckx=aplusCkx&p=1&o=linux&b=firefox96&s=1280x1024&w=gecko&ism=other&cache=551318e&lver=8.15.24&jsver=aplus_int&pver=0.7.12&pageid=19759d0e8f9dc87e6dc11bd18716eb4d9f114f8b8d&tag=0&stag=2&lstag=0&_slog=0

47.246.136.160

200 OK

43 B

URL GET
gj.mmstat.com/v.gif?logtype=1&title=Cintatogel%20-%20Login%20Link%20Alternatif%20Situs%20Thailand%20Gacor%2C%20Daftar%20Server%20Thailand%20Terbaru&pre=&scr=1280x1024&_p_url=http%3A%2F%2Fmail.implants.dentlap.com%2F&cna=GhPPIEEejhcCAVtaKppj707D&spm-cnt=Thailand.pdp_revamp.0.0.37bc6374r5UeaO&clog=o&aplus&sidx=aplusSidx&ckx=aplusCkx&p=1&o=linux&b=firefox96&s=1280x1024&w=gecko&ism=other&cache=551318e&lver=8.15.24&jsver=aplus_int&pver=0.7.12&pageid=19759d0e8f9dc87e6dc11bd18716eb4d9f114f8b8d&tag=0&stag=2&lstag=0&_slog=0
IP
47.246.136.160:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.mmstat.com
Fingerprint73:BF:BA:7F:66:D6:A0:89:45:65:C0:C5:EA:71:A5:B1:ED:05:ED:E1
ValidityMon, 17 Mar 2025 11:27:01 GMT - Thu, 04 Sep 2025 00:00:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /v.gif?logtype=1&title=Cintatogel%20-%20Login%20Link%20Alternatif%20Situs%20Thailand%20Gacor%2C%20Daftar%20Server%20Thailand%20Terbaru&pre=&scr=1280x1024&_p_url=http%3A%2F%2Fmail.implants.dentlap.com%2F&cna=GhPPIEEejhcCAVtaKppj707D&spm-cnt=Thailand.pdp_revamp.0.0.37bc6374r5UeaO&clog=o&aplus&sidx=aplusSidx&ckx=aplusCkx&p=1&o=linux&b=firefox96&s=1280x1024&w=gecko&ism=other&cache=551318e&lver=8.15.24&jsver=aplus_int&pver=0.7.12&pageid=19759d0e8f9dc87e6dc11bd18716eb4d9f114f8b8d&tag=0&stag=2&lstag=0&_slog=0 HTTP/1.1
Host: gj.mmstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 10 Jun 2025 12:29:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: cna=GhPPIEEejhcCAVtaKppj707D; expires=Fri, 08-Jun-35 12:29:15 GMT; path=/; domain=.mmstat.com;
sca=d7ef5f6f; path=/; domain=.mmstat.com
atpsida=ddbc0b9ed6920f98e06c1b7d_1749558555_1; path=/; domain=.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01RNizk522j2cPtaRjc_!!6000000007155-2-tps-96-70.png

98.98.201.152

200 OK

7.7 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i3/O1CN01RNizk522j2cPtaRjc_!!6000000007155-2-tps-96-70.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 96 x 70, 8-bit/color RGBA, non-interlaced
Size
7.7 kB (7663 bytes)
Hash
fd4c95d34e0fb7a0ea098e2816aed427
1819b9b759b018db77fb60269309a3ccb43011cd
d34efe5f1f7f0c134024c2e86b03ec10f231ff41e91910cf7ac6696515dad147

HTTP Headers

GET /g/tps/imgextra/i3/O1CN01RNizk522j2cPtaRjc_!!6000000007155-2-tps-96-70.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 7663
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 514675
ali-swift-global-savetime: 1741789200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: /UyV004Pt6DqCY4oFq7UJw==
eagleid: a3b5239d17446164697504060e
etag: "FD4C95D34E0FB7A0EA098E2816AED427"
expires: Wed, 30 Jul 2025 08:44:50 GMT
last-modified: Fri, 09 Aug 2024 04:00:48 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-31-07
x-ccdn-cachettl: 8640000
x-ccdn-expires: 6920652
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 6f13ab2a37079414b0e0e7fd38ca8f14
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3226341
x-swift-savetime: Thu, 20 Mar 2025 06:07:39 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN011gka8L1E0PIZlHK7e_!!6000000000289-2-tps-34-34.png

98.98.201.152

200 OK

1.9 kB

URL GET
lzd-img-global.slatic.net/g/tps/imgextra/i4/O1CN011gka8L1E0PIZlHK7e_!!6000000000289-2-tps-34-34.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 34 x 34, 8-bit colormap, non-interlaced
Size
1.9 kB (1892 bytes)
Hash
1247b00414a4c921c17e520f81b9aee4
f6ceb3c012dd4c758a4e700c8ec2500ab1d52749
d8a77cdf2b32f27183512a5d20d99d5d708433cf6fb45d3ef0beb8aec61fa9e7

HTTP Headers

GET /g/tps/imgextra/i4/O1CN011gka8L1E0PIZlHK7e_!!6000000000289-2-tps-34-34.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.implants.dentlap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Byte-nginx
content-type: image/png
content-length: 1892
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 655103
ali-swift-global-savetime: 1725121726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3888000, s-maxage=3888000
cdn-type: kds
content-md5: EkewBBSkySHBflIPgbmu5A==
eagleid: a3b58ca017272551953074985e
etag: "1247B00414A4C921C17E520F81B9AEE4"
expires: Thu, 17 Jul 2025 06:43:32 GMT
last-modified: Sat, 13 Jul 2024 02:59:00 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-01, HIT from KS-CLOUD-XG-FOREIGN-21-13
x-ccdn-cachettl: 8640000
x-ccdn-expires: 7616522
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 13c9c61b17127a94a912052a0488cbe0
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 2725392
x-swift-savetime: Sat, 14 Sep 2024 03:25:34 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:11 GMT
X-Firefox-Spdy: h2

lzd-img-global.slatic.net/g/tps/tfs/TB1nQJUcwmTBuNjy1XbXXaMrVXa-986-930.png

98.98.201.152

200 OK

108 kB

URL GET
lzd-img-global.slatic.net/g/tps/tfs/TB1nQJUcwmTBuNjy1XbXXaMrVXa-986-930.png
IP
98.98.201.152:443
ASN
#21859 ZEN-ECN

Requested by
http://mail.implants.dentlap.com/
Certificate
IssuerGlobalSign nv-sa
Subject*.lazcdn.com
FingerprintAE:2E:75:59:AE:FB:C4:C5:41:46:5A:5C:78:88:47:54:62:6E:66:FA
ValidityFri, 27 Dec 2024 07:01:06 GMT - Wed, 28 Jan 2026 07:01:05 GMT

File type
PNG image data, 986 x 930, 8-bit colormap, non-interlaced
Size
108 kB (108546 bytes)
Hash
dd3d5eccd48c2eca13d74effb06ac4c7
f8f191e59241a14eab12f0c8d0bb6143e8257f01
291eb640c321aaa04e6923e874643621f29ce8d9e0317e15d7367bb8a363735e

HTTP Headers

GET /g/tps/tfs/TB1nQJUcwmTBuNjy1XbXXaMrVXa-986-930.png HTTP/1.1
Host: lzd-img-global.slatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.lazcdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
server: Byte-nginx
content-type: image/png
content-length: 108546
accept-ranges: bytes
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
age: 634889
ali-swift-global-savetime: 1673772930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=31536000
cdn-type: kds
content-md5: 3T1ezNSMLsoT107/sGrExw==
eagleid: 740059a016738363984428737e
etag: "DD3D5ECCD48C2ECA13D74EFFB06AC4C7"
expires: Wed, 18 Jun 2025 01:18:11 GMT
last-modified: Tue, 27 Dec 2022 02:59:11 GMT
nginx-hit: 1
timing-allow-origin: *
x-bdcdn-cache-status: TCP_HIT
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-05, HIT from KS-CLOUD-XG-FOREIGN-21-12
x-ccdn-cachettl: 8640000
x-ccdn-expires: 8546409
x-hcs-proxy-type: 1
x-oss-cdn-auth: success
x-request-id: 3f91968a978c0ff1c97a64c57c4e1dbb
x-request-ip: 91.90.42.154
x-response-cache: edge_hit
x-response-cinfo: 91.90.42.154
x-swift-cachetime: 3887995
x-swift-savetime: Sun, 15 Jan 2023 08:55:35 GMT
x-tt-trace-tag: id=5
date: Tue, 10 Jun 2025 12:29:13 GMT

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML