Report - dts.ge/

Report Overview

Submitted URL
dts.ge/
IP
188.93.95.4
ASN
#57814 Cloud 9 Ltd.
Submitted
2023-12-03 23:33:28
Access
public
Website Title
Account Suspended
Final URL
dts.ge/cgi-sys/suspendedpage.cgi
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dts.ge	unknown	unknown	No data	No data	1.9 kB	16 kB	188.93.95.4
use.fontawesome.com	942	2012-10-18	2017-01-30	2023-12-03	966 B	75 kB	172.64.141.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-22	medium	dts.ge/	Office365
2023-11-22	medium	dts.ge/	Office365
2023-11-22	medium	dts.ge/	Office365
2023-11-22	medium	dts.ge/	Office365

PhishTank

Scan Date	Severity	Indicator	Alert
2023-11-22	medium	dts.ge/	Microsoft
2023-11-22	medium	dts.ge/cgi-sys/suspendedpage.cgi	Microsoft
2023-11-22	medium	dts.ge/favicon.ico	Microsoft
2023-11-22	medium	dts.ge/cgi-sys/suspendedpage.cgi	Microsoft

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	dts.ge	Sinkholed
2023-12-03	medium	dts.ge	Sinkholed
2023-12-03	medium	dts.ge	Sinkholed
2023-12-03	medium	dts.ge	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

URL IP Response Size

dts.ge/

188.93.95.4

302 Found

224 B

URL User Request GET HTTP/1.1
dts.ge/
IP
188.93.95.4:443
ASN
#57814 Cloud 9 Ltd.

Certificate
IssuercPanel, Inc.
Subjectdts.ge
FingerprintF5:20:9F:9D:B3:68:4C:4D:0A:49:87:74:EC:EA:C2:AE:57:26:87:57
ValidityMon, 23 Oct 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
224 B (224 bytes)
Hash
e9bb126d38e47788eb742cde0911e3e3
870bc7e20eeea554fb588093cbbeb73c847cc611
2c8921fb0f30c249b3cf1158d0de8ca6f33bae1676a266778055ea13c574519c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: dts.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sun, 03 Dec 2023 23:33:11 GMT
Server: Apache
Location: https://dts.ge/cgi-sys/suspendedpage.cgi
Content-Length: 224
Connection: close
Content-Type: text/html; charset=iso-8859-1

dts.ge/cgi-sys/suspendedpage.cgi

188.93.95.4

200 OK

7.6 kB

URL GET HTTP/1.1
dts.ge/cgi-sys/suspendedpage.cgi
IP
188.93.95.4:443
ASN
#57814 Cloud 9 Ltd.

Requested by
https://dts.ge/cgi-sys/suspendedpage.cgi
Certificate
IssuercPanel, Inc.
Subjectdts.ge
FingerprintF5:20:9F:9D:B3:68:4C:4D:0A:49:87:74:EC:EA:C2:AE:57:26:87:57
ValidityMon, 23 Oct 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4070)
Size
7.6 kB (7590 bytes)
Hash
1686644ed503768a035ff2567faa174b
5a30f4db6b7e2880a57731dc43c10dc5128aafa0
a6df2df62e37d24d18f62104ad072499724278b17b4914ecf38638c8517ccb71

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: dts.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 23:33:12 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html

dts.ge/favicon.ico

188.93.95.4

302 Found

224 B

URL GET HTTP/1.1
dts.ge/favicon.ico
IP
188.93.95.4:443
ASN
#57814 Cloud 9 Ltd.

Requested by
https://dts.ge/cgi-sys/suspendedpage.cgi
Certificate
IssuercPanel, Inc.
Subjectdts.ge
FingerprintF5:20:9F:9D:B3:68:4C:4D:0A:49:87:74:EC:EA:C2:AE:57:26:87:57
ValidityMon, 23 Oct 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
224 B (224 bytes)
Hash
e9bb126d38e47788eb742cde0911e3e3
870bc7e20eeea554fb588093cbbeb73c847cc611
2c8921fb0f30c249b3cf1158d0de8ca6f33bae1676a266778055ea13c574519c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dts.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dts.ge/cgi-sys/suspendedpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sun, 03 Dec 2023 23:33:13 GMT
Server: Apache
Location: https://dts.ge/cgi-sys/suspendedpage.cgi
Content-Length: 224
Connection: close
Content-Type: text/html; charset=iso-8859-1

use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2

172.64.141.13

200 OK

39 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2
IP
172.64.141.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dts.ge/cgi-sys/suspendedpage.cgi
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 38784, version 1.0\012- data
Size
39 kB (38784 bytes)
Hash
f9b85c9463af7103b9b24bbbf09a06ed
d28d7222bcbeb8ea701a771e85f7efe006e62fb1
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

HTTP Headers

GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dts.ge
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:33:13 GMT
content-type: application/font-woff2
content-length: 38784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "f9b85c9463af7103b9b24bbbf09a06ed"
last-modified: Fri, 22 Sep 2023 01:44:10 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZyizm1Doiyu%2FZb6ih1bysu9bzto7m4Crl%2FDWceVXajVynkDjcKvJtI1lhG6vSf4bcHzz%2FEPfSDRGPNCH0bts5y32sTms2WjRQYXiR4RIwj8W4E2oz%2BdUvuq%2BC0jl5U2U5gVERXm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9d041a7252c3-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dts.ge/cgi-sys/suspendedpage.cgi

188.93.95.4

200 OK

7.6 kB

URL GET HTTP/1.1
dts.ge/cgi-sys/suspendedpage.cgi
IP
188.93.95.4:443
ASN
#57814 Cloud 9 Ltd.

Requested by
https://dts.ge/cgi-sys/suspendedpage.cgi
Certificate
IssuercPanel, Inc.
Subjectdts.ge
FingerprintF5:20:9F:9D:B3:68:4C:4D:0A:49:87:74:EC:EA:C2:AE:57:26:87:57
ValidityMon, 23 Oct 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4070)
Size
7.6 kB (7590 bytes)
Hash
1686644ed503768a035ff2567faa174b
5a30f4db6b7e2880a57731dc43c10dc5128aafa0
a6df2df62e37d24d18f62104ad072499724278b17b4914ecf38638c8517ccb71

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: dts.ge
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dts.ge/cgi-sys/suspendedpage.cgi
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 23:33:13 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html

use.fontawesome.com/releases/v5.0.6/css/all.css

172.64.141.13

200 OK

35 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.0.6/css/all.css
IP
172.64.141.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dts.ge/cgi-sys/suspendedpage.cgi
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (34556)
Size
35 kB (34734 bytes)
Hash
42eaa52604673b64d6b356c2fd7f87e3
6b59cb703b2d4a7a2691f13008062b46a6bc7fdb
ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce

HTTP Headers

GET /releases/v5.0.6/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dts.ge/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:33:12 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"42eaa52604673b64d6b356c2fd7f87e3"
last-modified: Fri, 22 Sep 2023 01:44:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 243453
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwm4Woa2v2Plgs9DpRvjeq9AjBVV277umQICo%2FdwIdLbHcvXRCwOLYRODbh6BIf%2FZJglgMuo64AnWl9QutotT8FN%2B%2FQOKK8pDkgtbJJLoiXo%2FIksOo8hrKV2i5KKi6OPQlg1CbEI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9d031b2748b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (6)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by