Report - hst.com.ec/uuas/

Report Overview

Visited public
2023-12-08 06:37:58
Tags
URL
hst.com.ec/uuas/
Finishing URL
hst.com.ec/
IP / ASN
192.185.158.163
#46606 UNIFIEDLAYER-AS-1
Title
Bienvenido

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

148

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-07 07:59:33	2.8 kB	246 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-07 07:16:25	522 B	28 kB	142.250.74.106
hst.com.ec	unknown	unknown	2015-06-08 15:45:03	2023-01-17 11:51:15	20 kB	1.1 MB	192.185.158.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed
2023-12-07	medium	hst.com.ec	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	hst.com.ec/templates/ltcorepair/js/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-05-11
Pretty URL hst.com.ec/templates/ltcorepair/js/bootstrap.min.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 17:04 Times Seen27580 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	hst.com.ec/templates/ltcorepair/js/jquery.sticky.js	ScriptElement	5.7 kB	2023-03-07	2025-05-06
Pretty URL hst.com.ec/templates/ltcorepair/js/jquery.sticky.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33 Last Seen2025-05-06 13:06 Times Seen373 Hash 112dbba9abde250c3cb1db46757c9e50 58ec8f6b9df6fd3712677528a954c21cdecb9707 d4a6a006e6fb1b81be2d15ce5f82771b6c2d68ae06141348e5cde8edb0c00bed Loading...

	hst.com.ec/templates/ltcorepair/js/main.js	ScriptElement	944 B	2023-06-05	2023-12-08
Pretty URL hst.com.ec/templates/ltcorepair/js/main.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:30 Last Seen2023-12-08 23:00 Times Seen5 Hash f3f35a2b83bc2d105c08e40e945a4412 180d5bba6ed81c191b056265e30a7bb21b670ea3 ffa0ad2124b819273a27b1fc33985da1a7a7581888a6305ea72f85c82080eba8 Loading...

	hst.com.ec/templates/ltcorepair/js/wow.min.js	ScriptElement	4.8 kB	2023-03-07	2025-05-06
Pretty URL hst.com.ec/templates/ltcorepair/js/wow.min.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12 Last Seen2025-05-06 13:06 Times Seen187 Hash 3fcf8f685dc926ccc2866296061ae168 80945eebd84a463827395151a74b1e78408df4d8 186412f7166b1cc4ae633617a83bac2a507e549387c6e97f69f7654881f086ac Loading...

	hst.com.ec/libraries/xef/assets/js/modernizr.min.js	ScriptElement	14 kB	2023-12-08	2023-12-08
Pretty URL hst.com.ec/libraries/xef/assets/js/modernizr.min.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 00:13 Last Seen2023-12-08 23:00 Times Seen5 Hash 161ebe90bd890874e42b2900ceefe0be 7379d85b74bd52596ea56775579f9a04dbb65d21 f52a0987c4a8f37cbe389d044a88791ecc67a38bdcc8fbb1ce371320b52eb8ea Loading...

	hst.com.ec/media/jui/js/jquery.min.js?ceade744a0abe395bf13d028476750c1	ScriptElement	98 kB	2023-03-07	2025-05-10
Pretty URL hst.com.ec/media/jui/js/jquery.min.js?ceade744a0abe395bf13d028476750c1 IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 21:06 Times Seen1229 Hash 48a197817927a6eda6f531064f1dba71 5ba19dcca2e2d7ac659af0fbc97dc99e505c498b 05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba Loading...

	hst.com.ec/templates/ltcorepair/js/scroll.js	ScriptElement	1.2 kB	2023-06-05	2023-12-08
Pretty URL hst.com.ec/templates/ltcorepair/js/scroll.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:30 Last Seen2023-12-08 23:00 Times Seen5 Hash 2cea7b7a9a63440270de5dfa1cf05a7a a6be94a2be4cc71b721fc28af9c50bfc52b282c5 81f7c89a531ae68caedcee0fc18f89a5fd9728ff73067bae812ffd04c6db59c1 Loading...

	hst.com.ec/media/jui/js/jquery-noconflict.js?ceade744a0abe395bf13d028476750c1	ScriptElement	21 B	2023-03-07	2025-05-10
Pretty URL hst.com.ec/media/jui/js/jquery-noconflict.js?ceade744a0abe395bf13d028476750c1 IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 21:06 Times Seen2371 Hash e2060c4e5e5955c824723b13a212d3ec 18420ce484978f8ba3d7371febf1638828bb7a67 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6 Loading...

	hst.com.ec/media/system/js/caption.js?ceade744a0abe395bf13d028476750c1	ScriptElement	491 B	2023-03-07	2025-05-10
Pretty URL hst.com.ec/media/system/js/caption.js?ceade744a0abe395bf13d028476750c1 IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 21:06 Times Seen1037 Hash 27e0e11b572de3bc44be960d25d65570 9c431113357e1a7147388978bde9b70a3ff6114a 20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc Loading...

	hst.com.ec/templates/ltcorepair/js/jquery.easing.min.js	ScriptElement	2.5 kB	2023-03-07	2025-05-11
Pretty URL hst.com.ec/templates/ltcorepair/js/jquery.easing.min.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:58 Times Seen2660 Hash e2d41e5c8fed838d9014fea53d45ce75 bde98133f735398b27339c423a817e755329f7d1 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349 Loading...

	hst.com.ec/modules/mod_parallaxslider/assets/js/pslider.js	ScriptElement	7.2 kB	2023-12-08	2023-12-08
Pretty URL hst.com.ec/modules/mod_parallaxslider/assets/js/pslider.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 00:13 Last Seen2023-12-08 23:00 Times Seen5 Hash 4aa976aaa8b941224b6d4e4333cd816f 8a7248772786dc6ebb47c1dfc0c5c13784644c47 ab53ebca602ca8d55270e8d772117197399d2a8b4b0701d61f241f2b2a57e258 Loading...

	hst.com.ec/media/jui/js/jquery-migrate.min.js?ceade744a0abe395bf13d028476750c1	ScriptElement	10 kB	2023-03-07	2025-05-11
Pretty URL hst.com.ec/media/jui/js/jquery-migrate.min.js?ceade744a0abe395bf13d028476750c1 IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:26 Times Seen15159 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	hst.com.ec/templates/ltcorepair/js/custom.js	ScriptElement	2.5 kB	2023-05-14	2023-12-08
Pretty URL hst.com.ec/templates/ltcorepair/js/custom.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 09:55 Last Seen2023-12-08 23:00 Times Seen5 Hash 78f05c955d49ba54ff676b91d5ed0a4e 63948c03097de43e6e0df598a14e8b439c346b40 07bde936aa72223a8d7afb8c5eb6c30bfcfc544623d4222785c3910982d53c86 Loading...

	hst.com.ec/templates/ltcorepair/js/frontend-edit.js	ScriptElement	1.9 kB	2023-03-13	2023-12-08
Pretty URL hst.com.ec/templates/ltcorepair/js/frontend-edit.js IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:03 Last Seen2023-12-08 23:00 Times Seen5 Hash 1bed3553491693d437d568c252480183 f679ad1c85f45a251185fde943be15249a7677be d33e1e7e578934f7e1d61ec036a2d691911b7b113c3891b32a1ae3de7833c088 Loading...

	hst.com.ec/	ScriptElement	349 B	2023-12-08	2024-08-20
Pretty URL hst.com.ec/ IP 192.185.158.163 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 00:13 Last Seen2024-08-20 16:24 Times Seen5 Hash f4d61d74a78a022a2ddb5c7babdf838d 3e0112bcabbb0613c0b6b863e926d26544133391 803f269a0286b21b76400e842b7f228b7fee4ee9afa4c42e6abe3bfb87c2d445 Loading...

HTTP Transactions (43)

URL IP Response Size

hst.com.ec/uuas/

192.185.158.163

302 Found

0 B

URL User Request GET HTTP/2
hst.com.ec/uuas/
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uuas/ HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: no-store
location: /
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 06:37:39 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/

192.185.158.163

200 OK

7.2 kB

URL User Request GET HTTP/2
hst.com.ec/
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3638), with CRLF, CR, LF line terminators
Size
7.2 kB (7172 bytes)
Hash
a0964f456befcc5ad8d3ce6c481d979c
6a002693f3995a31b35c9d3cc736eff060f22173
f2b869f8f6aa706d446c1d939c1a757f0b4b95fe47d809d9f361acdb221d34bf

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5; path=/; HttpOnly
last-modified: Fri, 08 Dec 2023 06:37:41 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 7172
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 06:37:40 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/font-awesome.min.css

192.185.158.163

200 OK

7.1 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/font-awesome.min.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7114 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/font-awesome.min.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7114
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/default.css

192.185.158.163

200 OK

5.7 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/default.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
5.7 kB (5702 bytes)
Hash
c2c914ed87e6ec6703e154af4aaebceb
6add4bdbeb85e5318bbce5d0e0a8f1a57c8c2c34
dfa413237406ffea8f6b2abdf4dc2afb30f8e8c24a293b2b5a79644e02ede1b5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/default.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5702
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/djclassifields.css

192.185.158.163

200 OK

786 B

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/djclassifields.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
786 B (786 bytes)
Hash
d35e914f685480b0ac0028e1c00040c0
64a3b4b6a13d1afc7e614b183b22ac5710e3fe12
e56dde27d1f1a2869b0c17347c00e0101ccd3e06183e0b719f0276fb04fb585e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/djclassifields.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 786
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/presets/preset1.css

192.185.158.163

200 OK

1.8 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/presets/preset1.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
1.8 kB (1825 bytes)
Hash
0130997860e523cd856d364567449016
c03af2038dc153615583ac5232b0e923ff23fc41
f46cf2b9896c9bf0aac6a1322f5a9c5ed211b2a00f7272f6f3d7d04d4394730c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/presets/preset1.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1825
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/modules/mod_parallaxslider/assets/css/maximus.css

192.185.158.163

200 OK

2.2 kB

URL GET HTTP/2
hst.com.ec/modules/mod_parallaxslider/assets/css/maximus.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
2.2 kB (2169 bytes)
Hash
e2d68b8f3186b1d2f7a8933ff15304fe
ec225bb9c3dde0d3223c2843e3916829b1048048
534e43069c09009b7b54fca2476d4e3cf9e12ef2479a2aac5fbcbce43e850ac4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_parallaxslider/assets/css/maximus.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 19:57:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2169
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/legacy.css

192.185.158.163

200 OK

5.8 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/legacy.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
5.8 kB (5768 bytes)
Hash
54cd2a58e632debfae26703d92bb4448
5253fbab82a310ae79613c7c9002274bd68ecf94
95ef2fed8a0af5ad9226d210e723e20c5caf3e67a98980c39fba50e9d9ad11f7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/legacy.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5768
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/frontend-edit.css

192.185.158.163

200 OK

966 B

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/frontend-edit.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
966 B (966 bytes)
Hash
2f42c01a1d3353170eef74338a83b85c
a07458c0ed667f73325330033ba3077709f6a2c8
0db1834873899f92b365e7800a4abe19f5a40cb87cb566e7d93aa437fa08eaa1

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/frontend-edit.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 966
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/template.css

192.185.158.163

200 OK

16 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/template.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
16 kB (16302 bytes)
Hash
d0dc29b02f8f355b4df97de5edbd83d5
4888f6404b1a50863fff6b0bb84319a572f75804
82e4f00eadc47bd58aedfb8612548aa151a0b20b076d593d8c41a5dc4d898fc9

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/template.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16302
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/media/jui/js/jquery-migrate.min.js?ceade744a0abe395bf13d028476750c1

192.185.158.163

200 OK

4.4 kB

URL GET HTTP/2
hst.com.ec/media/jui/js/jquery-migrate.min.js?ceade744a0abe395bf13d028476750c1
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (9959)
Size
4.4 kB (4444 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-migrate.min.js?ceade744a0abe395bf13d028476750c1 HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4444
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/main.js

192.185.158.163

200 OK

475 B

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/main.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
475 B (475 bytes)
Hash
f3f35a2b83bc2d105c08e40e945a4412
180d5bba6ed81c191b056265e30a7bb21b670ea3
ffa0ad2124b819273a27b1fc33985da1a7a7581888a6305ea72f85c82080eba8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/main.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 475
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/wow.min.js

192.185.158.163

200 OK

1.9 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/wow.min.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (4746), with CRLF line terminators
Size
1.9 kB (1867 bytes)
Hash
3fcf8f685dc926ccc2866296061ae168
80945eebd84a463827395151a74b1e78408df4d8
186412f7166b1cc4ae633617a83bac2a507e549387c6e97f69f7654881f086ac

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/wow.min.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1867
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/jquery.sticky.js

192.185.158.163

200 OK

1.9 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/jquery.sticky.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
1.9 kB (1908 bytes)
Hash
112dbba9abde250c3cb1db46757c9e50
58ec8f6b9df6fd3712677528a954c21cdecb9707
d4a6a006e6fb1b81be2d15ce5f82771b6c2d68ae06141348e5cde8edb0c00bed

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/jquery.sticky.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1908
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/scroll.js

192.185.158.163

200 OK

516 B

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/scroll.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
516 B (516 bytes)
Hash
2cea7b7a9a63440270de5dfa1cf05a7a
a6be94a2be4cc71b721fc28af9c50bfc52b282c5
81f7c89a531ae68caedcee0fc18f89a5fd9728ff73067bae812ffd04c6db59c1

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/scroll.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 516
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/bootstrap.min.js

192.185.158.163

200 OK

14 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/bootstrap.min.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (32033)
Size
14 kB (14394 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/bootstrap.min.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14394
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/images/image.png

192.185.158.163

200 OK

12 kB

URL GET HTTP/2
hst.com.ec/images/image.png
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
PNG image data, 221 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12018 bytes)
Hash
003bb0b696f52fc4dc77d66fc1f29385
8f4b131e738093a16238a62bb6b9f2641c0b52d9
f25ad1928e5a706f346a1408b98707f03f8e6e43f1b6996ba71e624596fe595d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/image.png HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 11 Nov 2019 21:04:29 GMT
accept-ranges: bytes
content-length: 12018
content-type: image/png
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/jquery.easing.min.js

192.185.158.163

200 OK

823 B

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/jquery.easing.min.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (2532), with no line terminators
Size
823 B (823 bytes)
Hash
e2d41e5c8fed838d9014fea53d45ce75
bde98133f735398b27339c423a817e755329f7d1
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/jquery.easing.min.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 823
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/images/concursoFM.jpeg

192.185.158.163

200 OK

212 kB

URL GET HTTP/2
hst.com.ec/images/concursoFM.jpeg
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 957x819, components 3\012- data
Size
212 kB (212408 bytes)
Hash
de515c0d12e69a9ec20cc6b6903c864a
3c7c77ea681ca5ffaea9941ea2ee73387f87aac9
86ec9bb87c8a73fd31740a25050dc28ab97197ca6eb2b84767dea3fea0075f56

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/concursoFM.jpeg HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 02 Jun 2020 18:56:05 GMT
accept-ranges: bytes
content-length: 212408
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/frontend-edit.js

192.185.158.163

200 OK

689 B

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/frontend-edit.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
689 B (689 bytes)
Hash
1bed3553491693d437d568c252480183
f679ad1c85f45a251185fde943be15249a7677be
d33e1e7e578934f7e1d61ec036a2d691911b7b113c3891b32a1ae3de7833c088

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/frontend-edit.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 689
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/media/jui/js/jquery-noconflict.js?ceade744a0abe395bf13d028476750c1

192.185.158.163

200 OK

21 B

URL GET HTTP/2
hst.com.ec/media/jui/js/jquery-noconflict.js?ceade744a0abe395bf13d028476750c1
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
21 B (21 bytes)
Hash
e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-noconflict.js?ceade744a0abe395bf13d028476750c1 HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
accept-ranges: bytes
content-length: 21
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/modules/mod_parallaxslider/assets/js/pslider.js

192.185.158.163

200 OK

2.1 kB

URL GET HTTP/2
hst.com.ec/modules/mod_parallaxslider/assets/js/pslider.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2126 bytes)
Hash
4aa976aaa8b941224b6d4e4333cd816f
8a7248772786dc6ebb47c1dfc0c5c13784644c47
ab53ebca602ca8d55270e8d772117197399d2a8b4b0701d61f241f2b2a57e258

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_parallaxslider/assets/js/pslider.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 19:57:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2126
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/media/system/js/caption.js?ceade744a0abe395bf13d028476750c1

192.185.158.163

200 OK

336 B

URL GET HTTP/2
hst.com.ec/media/system/js/caption.js?ceade744a0abe395bf13d028476750c1
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (413)
Size
336 B (336 bytes)
Hash
27e0e11b572de3bc44be960d25d65570
9c431113357e1a7147388978bde9b70a3ff6114a
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/caption.js?ceade744a0abe395bf13d028476750c1 HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 336
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/libraries/xef/assets/js/modernizr.min.js

192.185.158.163

200 OK

6.5 kB

URL GET HTTP/2
hst.com.ec/libraries/xef/assets/js/modernizr.min.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
HTML document, ASCII text, with very long lines (13730)
Size
6.5 kB (6535 bytes)
Hash
161ebe90bd890874e42b2900ceefe0be
7379d85b74bd52596ea56775579f9a04dbb65d21
f52a0987c4a8f37cbe389d044a88791ecc67a38bdcc8fbb1ce371320b52eb8ea

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /libraries/xef/assets/js/modernizr.min.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 19:57:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6535
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/js/custom.js

192.185.158.163

200 OK

996 B

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/js/custom.js
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text
Size
996 B (996 bytes)
Hash
78f05c955d49ba54ff676b91d5ed0a4e
63948c03097de43e6e0df598a14e8b439c346b40
07bde936aa72223a8d7afb8c5eb6c30bfcfc544623d4222785c3910982d53c86

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/js/custom.js HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 996
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/images/asesoria.jpg

192.185.158.163

200 OK

48 kB

URL GET HTTP/2
hst.com.ec/images/asesoria.jpg
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x513, components 3\012- data
Size
48 kB (48355 bytes)
Hash
2ab0567cf0c7508c16a334c585361adc
14aa8679542801fb095aa76b0265f8b2d321359e
a64f7b0b1053665434ed621382f62e40c6e701d467bb6f70f7bd73c997ee2492

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/asesoria.jpg HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 30 May 2020 18:30:15 GMT
accept-ranges: bytes
content-length: 48355
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/images/logo2.png

192.185.158.163

200 OK

56 kB

URL GET HTTP/2
hst.com.ec/images/logo2.png
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
PNG image data, 632 x 270, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (56364 bytes)
Hash
879c8a26642fd462cc5579539b2e5507
3b90c961b6c686e58ec585eeba3f4fd9e8b31135
94a1eab23c7a24a7d284bb8d5e3c1848facd8a33505f405b4b384c1bce02ae60

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo2.png HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 30 May 2020 18:32:21 GMT
accept-ranges: bytes
content-length: 56364
content-type: image/png
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/images/serviciosTICs.jpg

192.185.158.163

200 OK

81 kB

URL GET HTTP/2
hst.com.ec/images/serviciosTICs.jpg
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1200x630, components 3\012- data
Size
81 kB (81322 bytes)
Hash
2159ce9e8ec9e8c377ae64322176b54c
9b3c5e09372fcd68c4b7a8cf136129688bd96a16
8e7dd56d314044c7586e96060680566f4daa16a3ed0401618022f209fa54a325

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/serviciosTICs.jpg HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 28 May 2020 13:46:49 GMT
accept-ranges: bytes
content-length: 81322
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/images/rollupHST.jpeg

192.185.158.163

200 OK

214 kB

URL GET HTTP/2
hst.com.ec/images/rollupHST.jpeg
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 558x1280, components 3\012- data
Size
214 kB (213967 bytes)
Hash
ffffa51fe86ca438874fdf81b4eab958
572a9b9da0a3e13e1419a4719b623b3e95975677
e52394d2c12c20d605d20c0437b6b00b6ef4c115d972bd2ab61516b1da5b6772

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/rollupHST.jpeg HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 15 Dec 2020 14:35:24 GMT
accept-ranges: bytes
content-length: 213967
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hst.com.ec/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hst.com.ec
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 92204
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hst.com.ec/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hst.com.ec
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 92204
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hst.com.ec/images/fondo.jpg

192.185.158.163

200 OK

81 kB

URL GET HTTP/2
hst.com.ec/images/fondo.jpg
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
JPEG image data, progressive, precision 8, 785x730, components 3\012- data
Size
81 kB (80574 bytes)
Hash
08eff25fcf79737339c40c4f655a83bb
af026f568c6e50b4c79c0bb5704695db78143f5f
80698866750c2732d85cacfc9de4a37483d28208edfbe4c206d37979edd61134

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/fondo.jpg HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 06 Nov 2019 22:39:09 GMT
accept-ranges: bytes
content-length: 80574
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:37:42 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/modules/mod_parallaxslider/assets/images/arrows.png

192.185.158.163

200 OK

1.5 kB

URL GET HTTP/2
hst.com.ec/modules/mod_parallaxslider/assets/images/arrows.png
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
PNG image data, 40 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1516 bytes)
Hash
4d2099bf4e8865bae0f5f4c5438191ca
acfb4474dd9b9d2a1550c9f164919a124aada274
631987b6103897b98d0e6f301fbfae592178662db4b97954afde6514fd23e03b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_parallaxslider/assets/images/arrows.png HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/modules/mod_parallaxslider/assets/css/maximus.css
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 19:57:46 GMT
accept-ranges: bytes
content-length: 1516
content-type: image/png
date: Fri, 08 Dec 2023 06:37:42 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/fonts/fontawesome-webfont.woff2?v=4.7.0

192.185.158.163

200 OK

77 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/templates/ltcorepair/css/font-awesome.min.css
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Fri, 08 Dec 2023 06:37:42 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hst.com.ec/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hst.com.ec
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 92204
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hst.com.ec/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hst.com.ec
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 92204
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://hst.com.ec/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hst.com.ec
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 92204
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/fonts/IcoMoon.woff

192.185.158.163

200 OK

25 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/fonts/IcoMoon.woff
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
Web Open Font Format, CFF, length 25424, version 1.0\012- data
Size
25 kB (25424 bytes)
Hash
910a8fd387e6c5ac62dbe014dc131960
78d797741e92a0fb3094ad076dfd0ae8f1c36713
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/fonts/IcoMoon.woff HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/templates/ltcorepair/css/template.css
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
content-length: 25424
content-type: font/woff
date: Fri, 08 Dec 2023 06:37:42 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/modules/mod_parallaxslider/assets/images/navigator.png

192.185.158.163

200 OK

2.4 kB

URL GET HTTP/2
hst.com.ec/modules/mod_parallaxslider/assets/images/navigator.png
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
PNG image data, 19 x 55, 8-bit/color RGBA, interlaced\012- data
Size
2.4 kB (2397 bytes)
Hash
8e9e63621178035c0b1bdbc6888f50c5
372c4612b022d7dd5585c547462a45cc970e2ab3
11ab087f3349924d5d3ffa841d84aad801c35be684e4a5ceb649255a977a71aa

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_parallaxslider/assets/images/navigator.png HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/modules/mod_parallaxslider/assets/css/maximus.css
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 19:57:46 GMT
accept-ranges: bytes
content-length: 2397
content-type: image/png
date: Fri, 08 Dec 2023 06:37:42 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/images/image.png

192.185.158.163

200 OK

12 kB

URL GET HTTP/2
hst.com.ec/images/image.png
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
PNG image data, 221 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12018 bytes)
Hash
003bb0b696f52fc4dc77d66fc1f29385
8f4b131e738093a16238a62bb6b9f2641c0b52d9
f25ad1928e5a706f346a1408b98707f03f8e6e43f1b6996ba71e624596fe595d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/image.png HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 11 Nov 2019 21:04:29 GMT
accept-ranges: bytes
content-length: 12018
content-type: image/png
date: Fri, 08 Dec 2023 06:37:42 GMT
server: Apache
X-Firefox-Spdy: h2

hst.com.ec/templates/ltcorepair/css/bootstrap.min.css

192.185.158.163

200 OK

121 kB

URL GET HTTP/2
hst.com.ec/templates/ltcorepair/css/bootstrap.min.css
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
cac488e4f918f747404025ee2cf738d5
f3e0bd14aa68d1bce0e93e0e2a9ad5334b5a578d
b5be378a5f5c0accf0ccb2d3d273bcd3d1cf708d7d41bc5d541e391c423e9cfe

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/ltcorepair/css/bootstrap.min.css HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 04 Feb 2020 17:37:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&subset=latin

142.250.74.106

200 OK

28 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&subset=latin
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://hst.com.ec/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
28 kB (27635 bytes)
Hash
3e3f262b81699cff226ddfd43e81c0bf
60f993b3a4d1f6f31c191e981951d0117f15600e
b13d4ba577f8a1e50ca84576732bd47c5608583931791b476d06bf7bed513585

HTTP Headers

GET /css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 06:37:41 GMT
date: Fri, 08 Dec 2023 06:37:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hst.com.ec/media/jui/js/jquery.min.js?ceade744a0abe395bf13d028476750c1

192.185.158.163

200 OK

98 kB

URL GET HTTP/2
hst.com.ec/media/jui/js/jquery.min.js?ceade744a0abe395bf13d028476750c1
IP
192.185.158.163:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://hst.com.ec/
Certificate
IssuerLet's Encrypt
Subjecthst.com.ec
FingerprintC4:F2:CC:76:F5:67:C3:99:4E:56:72:A6:A9:B2:45:E5:BF:84:FB:11
ValiditySat, 18 Nov 2023 21:44:13 GMT - Fri, 16 Feb 2024 21:44:12 GMT

File type
ASCII text, with very long lines (65462)
Size
98 kB (97646 bytes)
Hash
48a197817927a6eda6f531064f1dba71
5ba19dcca2e2d7ac659af0fbc97dc99e505c498b
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery.min.js?ceade744a0abe395bf13d028476750c1 HTTP/1.1
Host: hst.com.ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hst.com.ec/
Cookie: ef66e1496fad4650767fbe6fb7b5fe8e=7cdf083fcca7ca065331d2c9422e15a5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sat, 08 Jul 2023 21:23:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 08 Dec 2023 06:37:41 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by