| | 216.239.38.21 | 302 Found | 297 B |
URL User Request GET HTTP/2IP216.239.38.21:443
CertificateIssuerGoogle Trust Services LLC Subjectfederalreserve.zip Fingerprint33:38:81:48:E7:78:4F:CF:00:60:7E:0A:4E:65:D6:E3:87:CE:09:D0 ValiditySat, 02 Mar 2024 12:35:41 GMT - Fri, 31 May 2024 13:23:51 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash884608828ab10b236e1a586cecbfc996 5d07bfaa33dc2a4ee1a6ddc8b127b2d90496d2ea b77ab7ee351de7c4e27ac35251291af8e27151a7b8a8828178d986634667c089
GET / HTTP/1.1
Host: federalreserve.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks//
date: Thu, 25 Apr 2024 23:18:11 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 297
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// | 141.193.213.11 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 25 Apr 2024 23:18:11 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
x-powered-by: WP Engine
expires: Fri, 26 Apr 2024 00:09:20 GMT
x-redirect-by: WordPress
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 22
x-cache-group: normal
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA; path=/; expires=Thu, 25-Apr-24 23:48:11 GMT; domain=.www.ghacks.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a20d01b9031c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png | 141.193.213.11 | 200 OK | 4.7 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Hash529ca77a46f1e149ce81fd1c5bd038c6 a66893d379545af6ddd3b7204c32a71e6a6c3199 5931a8cf7624e0f9b46d05b093fb5a2376c58a3eda52e74138c02180b527eb78
GET /wp-content/uploads/2020/11/ghack-logo-menu.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/webp
content-length: 4678
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5352
content-disposition: inline; filename="ghack-logo-menu.webp"
etag: "654bd8e3-14e8"
last-modified: Wed, 08 Nov 2023 18:52:19 GMT
vary: Accept
cf-cache-status: HIT
age: 327305
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d059d40b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg | 141.193.213.11 | 200 OK | 78 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x751, components 3 Hash07f3a4bfd7b3d79ddb7b4a3f251abf31 a07c4a3b9d1ce31149f7b4bced33030964d2e24c afdf4a0f2eaa6f72fba670480c99fd8bd45632342e012abd8fe9f5ab4b5ac8c6
GET /wp-content/uploads/2023/05/google-amp_02.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 77811
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=83942
etag: "654bd8b3-147e6"
last-modified: Wed, 08 Nov 2023 18:51:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 200
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d059d47b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png | 141.193.213.11 | 200 OK | 148 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size148 kB (147828 bytes) Hash7ea206f68208511fc3fade65652d5ae9 eaa378c5e9e569aea039d5cedc0aba64ea3bd9dc 9830cba07c321077a9707aee2c114925cb966283afc46ebd8dd2fb5bf7f95113
GET /wp-content/uploads/2023/05/microsoft-phishing-zip.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/webp
content-length: 147828
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=194628
content-disposition: inline; filename="microsoft-phishing-zip.webp"
etag: "654bd8b4-2f844"
last-modified: Wed, 08 Nov 2023 18:51:32 GMT
vary: Accept
cf-cache-status: HIT
age: 200
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d059d48b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp | 141.193.213.11 | 200 OK | 1.9 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 235x51, Scaling: [none]x[none], YUV color, decoders should clamp Hash41926b99191b448707764362cd435e60 ddde62391af0241aec95ed172373bf3fa2d3c46a b6bf4f0fc4ce6aec190d2a66ae9302b3bf67b116b44342972289b8cd04e3d2ff
GET /wp-content/uploads/2005/10/ghacks-technology-news.webp HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/webp
content-length: 1948
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: "654bda54-79c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 325759
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d05ad4bb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg | 141.193.213.11 | 200 OK | 224 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size224 kB (223752 bytes) Hashd0ecc959148dfc251676b1f3bb81473a 8377ee1f920694d25eb699616faac4b4e03caa4e 46ff9b2281e7ca80920ac790bee565f5665ea1b87b569181bb36882b6039cfb3
GET /wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 223752
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=252600
etag: "661cb922-3dab8"
last-modified: Mon, 15 Apr 2024 05:20:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327305
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d05ad4eb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg | 141.193.213.11 | 200 OK | 81 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x801, components 3 Hash5ca9851d57d4a1b322d9c9c9dc09eac7 33c11808d28bb2e9fb20c853836d2d920daa04b7 fd6e88fcd78d2296406279adb65f4ec51220e788eee0ee5497f5312157b49997
GET /wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 81182
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90301
etag: "65ee9f82-160bd"
last-modified: Mon, 11 Mar 2024 06:06:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327257
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d05bd52b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png | 141.193.213.11 | 200 OK | 134 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size134 kB (133884 bytes) Hash81de53c4fe536e66f067773770264818 736e5b48335a4e0bcf66b9ce4efeb04135b06a23 fb07bd1905b07345d5a993ad01ab37812b34f4402d883959200cbd6ad38f8336
GET /wp-content/uploads/2024/03/malwarebytes-5.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/webp
content-length: 133884
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=181930
content-disposition: inline; filename="malwarebytes-5.webp"
etag: "65e6f562-2c6aa"
last-modified: Tue, 05 Mar 2024 10:35:14 GMT
vary: Accept
cf-cache-status: HIT
age: 327257
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d05bd56b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg | 141.193.213.11 | 200 OK | 59 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x828, components 3 Hashb05213945a64f99030ed8dbaed5274d7 5f2c357ae61868aa529c940543ccee44a8838678 39c72f8478154a7eeaacdc5f2551b3d59bdc2c3809a0f6dfed182d0309800cfb
GET /wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 59007
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=69012
etag: "65c9a984-10d94"
last-modified: Mon, 12 Feb 2024 05:15:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327257
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d77b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg | 141.193.213.11 | 200 OK | 410 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x857, components 3 Size410 kB (409787 bytes) Hash8acb5c60569d8386d579a7984ef23990 04fdae2255a42aaa3d0b872d105a48d880ebd29a 7623c1d41bf059d221f74630150427b0fedc8d4abbe07f9b997d0c5c239f9563
GET /wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 409787
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=456158
etag: "65c07f7a-6f5de"
last-modified: Mon, 05 Feb 2024 06:26:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327257
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d78b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg | 141.193.213.11 | 200 OK | 68 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash56bd3ba4b2999f1a7564638f5f03529c 2229bdaa6917b6ba3293e89f90125d653678cccd a93eb535d6d2a0be0c434a21d2d930afab75fc5f50fa3e880e40effeefe7627a
GET /wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 67966
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=75468
etag: "65a95084-126cc"
last-modified: Thu, 18 Jan 2024 16:23:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327257
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d79b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-6DL3S186WS | 142.250.74.168 | 200 OK | 87 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-6DL3S186WS IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Hasha3e4709be17831bc6d1b7aa2eb65549c f0ca0578e84d7b49a77721108dff63832ee86163 ed5f6d79375431e4c923c47a6311e9fcbd41bf3dd8462fc079f5c0abb76c6111
GET /gtag/js?id=G-6DL3S186WS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:18:12 GMT
expires: Thu, 25 Apr 2024 23:18:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg | 141.193.213.11 | 200 OK | 265 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x799, components 3 Size265 kB (264740 bytes) Hash8cbfde1dabbf6353242204fb36efaea4 f2368204588944a6da3bb8d8339d9b03ad1a3989 e0383d956b4ba021221c00ceb187cd3a46b7095b2b0ee4a498881e4391b7ebfa
GET /wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 264740
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=289019
etag: "654bd8a6-468fb"
last-modified: Wed, 08 Nov 2023 18:51:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327305
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d7bb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg | 141.193.213.11 | 200 OK | 215 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x828, components 3 Size215 kB (214750 bytes) Hash516950906fdeb9383252a8c263b5ca0b 7910e4e7a6c0e24e000d6e90ec350f9ac43e4260 70c02b96bf2fb64da5658faa29379f58eb5ace80efc16ebe0f802824c4fbbb06
GET /wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 214750
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=227328
etag: "662753d1-37800"
last-modified: Tue, 23 Apr 2024 06:23:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 226087
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d7cb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg | 141.193.213.11 | 200 OK | 246 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size246 kB (246065 bytes) Hashd840cd6998cfa2928ae3e7b81acc1dc4 7a40cbb702721b9cac375840f7fb07effe9ecef8 c11f87af868f757be514cbda7f0b5e99dc07a9556acf0661fefcc5ca763ba0ad
GET /wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 246065
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=263508
etag: "66260c65-40554"
last-modified: Mon, 22 Apr 2024 07:06:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 316492
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d7db51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg | 141.193.213.11 | 200 OK | 153 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x900, components 3 Size153 kB (153005 bytes) Hash2b9c54d60720c2eb83f235265e058f90 a16a9443302ef2df51197cdea6f3d37162be9a9a d6282d7808651a3a8a86885958df07702350ee738a249abe95fa4d1251272dc3
GET /wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 153005
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=165934
etag: "66222569-2882e"
last-modified: Fri, 19 Apr 2024 08:03:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327305
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d7fb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.1.91 | 200 OK | 54 kB |
URL HEAD HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash08744fedd69da7e5a93ee570031a3c7b e96d7e8fcdb12e00fe2b83ef4708428a7b75cf29 a0cabb56423061f953337f2fec955be2e1e1bc890857c496a581ba212db4c5ca
GET /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"ef32cb6607170b97e3fcdfce89dd5abc"
x-version: 1.1381.0
x-request-id: 62fb61c7-fb78-4ff4-a199-e6e5d40e88a5
content-encoding: br
x-envoy-upstream-service-time: 288
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 23:18:12 GMT
age: 33920
x-served-by: cache-ams21024-AMS, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 44, 1
x-timer: S1714087092.416496,VS0,VE1
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54042
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2024/04/brave-search-answer-with-ai.png | 141.193.213.11 | 200 OK | 636 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/brave-search-answer-with-ai.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size636 kB (635680 bytes) Hash9447613d5819f09411035b05009d764a 2c0572f32c8fcc9bb5503227bc9deffc81b3933a 7f90d491a7a2af6bda0e5ce269bebb1b5b56e54b73921792797057c92d6c40c5
GET /wp-content/uploads/2024/04/brave-search-answer-with-ai.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/webp
content-length: 635680
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=821728
content-disposition: inline; filename="brave-search-answer-with-ai.webp"
etag: "6620b0bb-c89e0"
last-modified: Thu, 18 Apr 2024 05:33:47 GMT
vary: Accept
cf-cache-status: HIT
age: 326124
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d065d94b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg | 141.193.213.11 | 200 OK | 91 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash4c9a7b2fb5e42b0daa9b3d4e261e47af 1fad98077c471b361e68ee27644c84ef621ac681 fe874a387810041328a72df62c42890597e6cd4cece35f2e7e88f604adb008a9
GET /wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 91434
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=94325
etag: "66209cd0-17075"
last-modified: Thu, 18 Apr 2024 04:08:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 326124
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d065d96b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg | 141.193.213.11 | 200 OK | 283 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size283 kB (283351 bytes) Hashed3c9b7207420906ae33273a8ddcbe3f 6884948c2dbd858c3ea0f214ea2c4bd5676a62b2 35eaa364539cb55b67861801e0bd9b4bc691c7198b1be8d585f05e38a832a5cd
GET /wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 283351
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=306779
etag: "65aa11db-4ae5b"
last-modified: Fri, 19 Jan 2024 06:08:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 326124
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d065d97b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg | 141.193.213.11 | 200 OK | 26 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x675, components 3 Hashfa56fbf0f90b4e67f31da67fab67f849 094074474786c02ec09d61a2a0a3be94025d7669 4fa5fb28521342d00a510235305ad0934debab6775813f3af98bdb68003077f0
GET /wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 25524
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31987
etag: "661e4ca0-7cf3"
last-modified: Tue, 16 Apr 2024 10:02:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 326124
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d065d98b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.mrf.io/statics/marfeel-sdk.js?id=2544 | 104.21.50.90 | 200 OK | 43 kB |
URL GET HTTP/2sdk.mrf.io/statics/marfeel-sdk.js?id=2544 IP104.21.50.90:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectsdk.mrf.io FingerprintE3:5F:E1:81:2C:18:A0:6B:1A:CF:FB:54:9E:3E:3F:A5:6C:31:E1:FE ValidityWed, 27 Mar 2024 00:15:55 GMT - Tue, 25 Jun 2024 00:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61847) Hash733b603322a399e0bba15a327b87e3ee 01619481b0478a029e7a743285ad296807e564b8 34129a55d34105adae0bfa8265d03ecf61dc0083a2915aecd1184de38fac4527
GET /statics/marfeel-sdk.js?id=2544 HTTP/1.1
Host: sdk.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 42610
cache-control: max-age=1800
access-control-allow-origin: *
x-response-time: 2ms
content-encoding: gzip
x-envoy-upstream-service-time: 13
cf-cache-status: HIT
age: 266
last-modified: Thu, 25 Apr 2024 23:13:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20d09dece56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.1.91 | 200 OK | 0 B |
URL HEAD HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"ef32cb6607170b97e3fcdfce89dd5abc"
x-version: 1.1381.0
x-request-id: 62fb61c7-fb78-4ff4-a199-e6e5d40e88a5
content-encoding: br
x-envoy-upstream-service-time: 288
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 23:18:12 GMT
age: 33920
x-served-by: cache-ams21024-AMS, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 44, 2
x-timer: S1714087093.807285,VS0,VE1
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54042
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/statics/px.gif | 141.193.213.11 | 404 Not Found | 96 kB |
URL GET HTTP/3www.ghacks.net/statics/px.gif IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash370e16c3b7dba286cff055f93b9a94d8 65f3537c3c798f7da146c55aef536f7b5d0cb943 d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /statics/px.gif HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA; rv_prebid_position=836; rv_test_position=120; rv_fp_ad_session_id=b18614fb-e041-4b07-8dc7-7673b3f9e8fa; rv_fp_pv=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 25
server: cloudflare
cf-ray: 87a20d09aec9b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg | 141.193.213.11 | 200 OK | 19 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeSVG Scalable Vector Graphics image Hashe25093cad47d0c68f92b37715f81ee1b 2cf2ec1c5931206f2c5afd0ca14afbcb0cbceb3e c56ae0ce6a61669700b75187f654ea8b5fe23cb1377e463c7fc93d052eade027
GET /wp-content/themes/new-ghacks-preview/images/search-icon.svg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA; rv_prebid_position=836; rv_test_position=120; rv_fp_ad_session_id=b18614fb-e041-4b07-8dc7-7673b3f9e8fa; rv_fp_pv=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-37e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327305
server: cloudflare
cf-ray: 87a20d09aecab51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 | 141.193.213.11 | 200 OK | 79 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14916) Hash5e7f7ff3266816dcc5f6788fa83937cf 8db62c96b2f6b45549e7aadf0fac75252a5b2949 f45cd9b233359f93287b58c02c16915e1af7c540f778a85752997c75b825505b
GET /wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:18 GMT
etag: W/"657fc71a-3a6f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d065d9bb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 | 139.45.197.253 | 200 OK | 108 B |
URL GET HTTP/2notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 IP139.45.197.253:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
Hashc2e526b87becea70e84e59e6140c1667 d81024ed28402da62f33d0c87a0502edae040086 6bf0a4f3020094b5acbfbec37adcfe72560f05e78022b8d60c42bdf8160317d3
GET /settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:18:13 GMT
content-type: application/json; charset=utf-8
content-length: 108
access-control-allow-origin: https://www.ghacks.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=2 | 104.26.3.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=2 IP104.26.3.70:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:18:13 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1098401
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ff8nzC%2FusDu8SnrG%2BOv5rYcnZRjOWpt7iJ9TJrbrsrO5dIyJJsoenfwxG4tm4sZRQMQHFQF1qbE65p5eQ3mKRcwRX4zWRkpfPgqdPLfMUq%2BWy9w36k%2BL%2F03G0TUPAitdYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20d0c3a63b500-OSL
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=1&e=0.2358308921986838 | 104.26.3.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=1&e=0.2358308921986838 IP104.26.3.70:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.2358308921986838 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:18:13 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1098401
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tG%2F6iUvKFlVrx7zLl8MhdIq2I3GECsnmuMnB8Ekq1MCvE3Gmz%2Fk1NrRbDNr3QcfY6pwdpf%2F0hh%2FpLDRtj0VhV643wQ8nhNlbZBd2N30f7hzTtWQgU%2BBYgKY9UKPudDMG4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20d0c3a66b500-OSL
X-Firefox-Spdy: h2
|
|
| api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL POST HTTP/2api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 140
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 25 Apr 2024 23:18:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL POST HTTP/2api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 162
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 25 Apr 2024 23:18:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/mw/state?bt_env=prod | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/mw/state?bt_env=prod IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Thu, 25 Apr 2024 23:18:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL POST HTTP/2api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 25 Apr 2024 23:18:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/favicon.ico | 141.193.213.11 | 200 OK | 0 B |
URL GET HTTP/3www.ghacks.net/favicon.ico IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA; rv_prebid_position=836; rv_test_position=120; rv_fp_ad_session_id=b18614fb-e041-4b07-8dc7-7673b3f9e8fa; rv_fp_pv=1; _ga_6DL3S186WS=GS1.1.1714087092.1.0.1714087092.0.0.0; _ga=GA1.1.1833855968.1714087093; _dd_s=rum=0&expire=1714087992940; didomi_token=eyJ1c2VyX2lkIjoiMThmMTc4ZDYtMzljMy02ZjA0LThkMWQtODZiODc5ZTVkZDk4IiwiY3JlYXRlZCI6IjIwMjQtMDQtMjVUMjM6MTg6MTMuMTQ4WiIsInVwZGF0ZWQiOiIyMDI0LTA0LTI1VDIzOjE4OjEzLjE0OVoiLCJ2ZXJzaW9uIjpudWxsfQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:13 GMT
content-type: image/x-icon
content-length: 0
last-modified: Fri, 19 Apr 2024 23:01:49 GMT
etag: "6622f7dd-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 327305
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d0e0898b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js | 54.230.111.7 | 200 OK | 63 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js IP54.230.111.7:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65419) Hasha44e1d5bf79594998aa228e7cf49e602 a184ed8b6215052da245285e11f3440063c8f784 ef20650560248405bf467e9a443f872ee805ae1a72874f5f5bcc3fc6e507cde8
GET /sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 31027
date: Thu, 25 Apr 2024 14:41:07 GMT
last-modified: Thu, 25 Apr 2024 14:39:52 GMT
etag: W/"8765146caccc91cbbae5375f58959e3d-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7-FkdYTlcaJvETMdfzzUkOfaukUQBke6XC02TcgpYNiv2HO2_uV8aQ==
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 | 141.193.213.11 | 200 OK | 1.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hash5e58c21f83c8b6ef2a6b1fd8bb532a64 d969a1283374733a8c93da6cfa249ef105a20b2f edd64771968759d16472eccb1ca51c644cfaa4b8844ad64ee0bafc04cf73a1a0
GET /wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7d8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d065d99b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 | 142.250.74.163 | 200 OK | 181 kB |
URL GET HTTP/2www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 IP142.250.74.163:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (5280) Size181 kB (180715 bytes) Hash1f1319b651c980800276fe55eb86b8f5 0a1c600cfa3596686e6d564f5e38cbdc3b6d047a 8fdb846f4a09e6e57c84908277101c3878d9f3eec18f3c3408a68aedc16b8cb9
GET /readaloud/player/web/api/js/api.js?ver=1 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="speakr"
report-to: {"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-length: 180715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 23:14:41 GMT
expires: Fri, 26 Apr 2024 00:04:41 GMT
cache-control: public, max-age=3000
age: 212
last-modified: Sun, 10 Mar 2024 09:27:38 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/country?o=5633429348548608 | 130.211.23.194 | 200 OK | 37 B |
URL GET HTTP/2api.btloader.com/country?o=5633429348548608 IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashbdfe458835550c34f45fc9fdfeebb12a 0f08aa02e7bcbf4c5e991a5defb2fdbd03a86f3d ad26ec64cc613fbfbd47faaf39f9921c2b19769bde1d3c5c2857a671e7863cf9
GET /country?o=5633429348548608 HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Thu, 25 Apr 2024 23:18:13 GMT
content-length: 37
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/pv?tid=3FM3NBEFtI&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=lGCwjOVmxz&pm=true&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/pv?tid=3FM3NBEFtI&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=lGCwjOVmxz&pm=true&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=3FM3NBEFtI&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=lGCwjOVmxz&pm=true&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 25 Apr 2024 23:18:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL POST HTTP/2api.btloader.com/log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log?tid=3FM3NBEFtI&cv=2.1.43&sid=lGCwjOVmxz&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 178
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 25 Apr 2024 23:18:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 843
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:18:18 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 849
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:18:18 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/recirculation.php | 57.128.96.94 | 200 OK | 12 B |
URL POST HTTP/2events.newsroom.bi/recirculation.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hashaf472541e2d2b40737f6e7e9b55de6c7 9c9e4af771378e62f91a9f74b3f5696228c4167b a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
POST /recirculation.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2761
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:18:23 GMT
content-length: 12
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=9f8f7e23-dbc8-4e90-b815-7d2c25f93466&fvst=1714087093&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 | 172.67.159.162 | 200 OK | 75 B |
URL GET HTTP/2flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=9f8f7e23-dbc8-4e90-b815-7d2c25f93466&fvst=1714087093&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 IP172.67.159.162:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectflowcards.mrf.io FingerprintCD:D3:F7:18:EC:9C:A7:C1:6D:05:F1:5C:54:84:BD:27:EE:08:49:3F ValidityTue, 16 Apr 2024 05:29:37 GMT - Mon, 15 Jul 2024 05:29:36 GMT
Hash86fa40a699df8edead4fdc88e68ecf89 42c28cce3e35436cc7ad0486385ebe9ea944632f 4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50
GET /json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=9f8f7e23-dbc8-4e90-b815-7d2c25f93466&fvst=1714087093&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 HTTP/1.1
Host: flowcards.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:18:23 GMT
content-type: application/json; charset=utf-8
content-length: 75
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
x-envoy-upstream-service-time: 65
cf-cache-status: BYPASS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20d4d4a0b5688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 850
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:18:28 GMT
content-length: 2
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 850
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:18:33 GMT
content-length: 2
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 1.6 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (1599), with no line terminators Hash70f91a2b08190feff505484d662177a3 09a304715dd90ea73f87bd90eb429c97e4059405 5a6da8b217356a219a09169c66c162f2460915b6737c66b90b023285f3a12768
GET /wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-62b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d055d24b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 | 141.193.213.11 | 200 OK | 32 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7b08"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325760
server: cloudflare
cf-ray: 87a20d056d2bb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 | 141.193.213.11 | 200 OK | 978 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (999), with no line terminators Hashcb8c054c5cd8cfb0cba355a6ab0267b7 ad24e21c1d4093056fe3b9ea7f529cbb05a5e718 13bb6de7dfea9458b5a590c92fdb80a727356c1f91c557b1d030a2888cdd7369
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-3d2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d056d32b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/statics/dfp.js | 141.193.213.11 | 404 Not Found | 548 B |
URL GET HTTP/3www.ghacks.net/statics/dfp.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash5b3bd9705af8e4446f589e073b64d64c e25d724de194a431213080e10392963efc18ad75 ad8ec7fd0face5bd866b2a915cd34853cf60f18229acc156dfa99f5dd5d3c775
GET /statics/dfp.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA; rv_prebid_position=836; rv_test_position=120; rv_fp_ad_session_id=b18614fb-e041-4b07-8dc7-7673b3f9e8fa; rv_fp_pv=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 25
server: cloudflare
cf-ray: 87a20d09aec8b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 344 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with very long lines (356), with no line terminators Hash6ec6d67da3e14434b1f44c0274dd6426 cf3db60c5d16f64df4a71ef57a7a284dd53b68b6 d9d4801056836c4f0101417fe4b7ceb30c9444b350cf4ef5bc67f1dd57e66a99
GET /wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-158"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d056d2ab51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 | 141.193.213.11 | 200 OK | 3.0 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (3056), with no line terminators Hashdc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-ba5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325759
server: cloudflare
cf-ray: 87a20d065da0b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js | 54.230.111.7 | 200 OK | 350 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js IP54.230.111.7:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Size350 kB (349891 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 31097
date: Thu, 25 Apr 2024 14:39:56 GMT
last-modified: Thu, 25 Apr 2024 14:39:49 GMT
etag: W/"70dc649d56fa01872df07dc9558652c6-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3C3dNyy4nkx8s72A6Kn1SZdAXp3egTX3KG1oy2u6G8hk4kDbb3MeQg==
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 | 141.193.213.11 | 200 OK | 6.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeUnicode text, UTF-8 text, with very long lines (6532), with no line terminators Hash820395478e46e88a5c526ae7d80659c3 74d172c64ae14947204d6bd4c684882eda8c5bd0 91765311b10376ca26258f0209b0da0685b54026e584347831f0efa515e464d1
GET /wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-18d0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325759
server: cloudflare
cf-ray: 87a20d065da1b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 | 141.193.213.11 | 200 OK | 136 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65281) Size136 kB (136235 bytes) Hash109e655465f9d245b3a1e362a0191de1 0e0f00c77214ae421645005171d1c8721f917670 d36ac645d9f3443fe2b4ee6306a14b305bc3d93f3ed72e913d067d02200e889c
GET /wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-2142b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d065d9cb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 871 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (893), with no line terminators Hash4a575beeab891c7e0c9c5aabf017af61 f17b0229a69419ee1a60b4bbdb8949f136f3c90b b46cef510a78ae4fa455975a4ba95a7971eef079b05ba3be196094cf887d92b6
GET /wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-367"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327305
server: cloudflare
cf-ray: 87a20d065d9eb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notix.io/ent/current/enot.min.js | 139.45.197.253 | 200 OK | 145 kB |
URL GET HTTP/2notix.io/ent/current/enot.min.js IP139.45.197.253:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145421 bytes) Hash9a3ae56c31a58c28e606e1e069a21059 ea3cdfcda002044373d2090e1745f83a15b82d17 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:39 GMT
etag: W/"65f18b53-2380d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 | 142.250.74.74 | 200 OK | 396 kB |
URL GET HTTP/2imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 IP142.250.74.74:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (1754) Size396 kB (395874 bytes) Hash61eaa70d7948780d391ebb60170131b6 5eeb9408b943af3c7e670125b68158cba3a25196 b6a0dc033049e4e05526c0c761456ace62442066b3e162841e9e8187aa383a5c
GET /js/sdkloader/ima3.js?ver=1 HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 135608
date: Thu, 25 Apr 2024 23:18:13 GMT
expires: Thu, 25 Apr 2024 23:18:13 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 | 141.193.213.11 | 200 OK | 1.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (1473), with no line terminators Hash2e336def6a6179c366ae7b5807f71230 fd798016e1b4de12c4bdb918808a44ba956d82ef da453daa00bd04b5837395427c6fc357970aa9b4154c9c57e971acc538f2327d
GET /wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-57b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d055d27b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 141.193.213.11 | 200 OK | 88 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"64ecd5ef-15601"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d057d34b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 | 141.193.213.11 | 200 OK | 11 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hash91954b488a9bfcade528d6ff5c7ce83f edf589eb28247c73ccc04e5b34ad107b90bd1b2e 6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 25 Mar 2024 04:31:53 GMT
etag: W/"6600fe39-2c7c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325759
server: cloudflare
cf-ray: 87a20d065da2b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 | 141.193.213.11 | 200 OK | 8.9 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (8922), with no line terminators Hashf997ab8b5d11afb85c9d3dde3a3e2f12 675d52d60ab0a2907bbb6a87d2093040958fb81b 506cddd8ab140dba8790b114bac2893f9e12c9ede5c7c8c4fe3edcde4927d232
GET /wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:33 GMT
etag: W/"654bda59-22aa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d056d2fb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net | 54.230.111.7 | 200 OK | 58 kB |
URL GET HTTP/2sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net IP54.230.111.7:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-amzn-requestid: f2b92855-b1b1-42f0-8c7b-75f339633647
x-didomi-configs-version: 102
x-amzn-trace-id: root=1-662a7d2b-2e14265313a7f4d0760f2c14;parent=75b19cc49a7151fc;sampled=0;lineage=eaae1266:0
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
content-encoding: br
date: Thu, 25 Apr 2024 22:12:50 GMT
cache-control: max-age=7200, public
etag: W/"1bb1873f37530e5e36cde01a73f818dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ecz9vKZR62_9xZqq-yCDIDcWG-0ecKxQxe4zBlh6M8VolHwi4_Fqbw==
age: 5883
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 59 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (58981) Hashd68d6bf519169d86e155bad0bed833f8 27ba9c67d0e775fc4e6dd62011daf4c3902698fc c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
GET /wp-includes/css/dashicons.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d056d29b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| polyfill.io/v2/polyfill.min.js?features=fetch | 104.18.51.3 | 200 OK | 103 B |
URL GET HTTP/2polyfill.io/v2/polyfill.min.js?features=fetch IP104.18.51.3:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerSectigo Limited Subject*.polyfill.io Fingerprint19:AA:59:2F:D9:8A:C1:48:99:20:3C:64:45:4E:E5:A6:1D:E4:92:0C ValidityTue, 20 Feb 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash9873517c6208ccf281b22546f8898e8c e76333df8509395e7287905624a940524305051c 117b8d7befad35ab652867c373d5a510f7cfee434d85af052d3078eb63e382a5
GET /v2/polyfill.min.js?features=fetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 87a20d065ad21c0e-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 199
cache-control: public, max-age=14400
content-encoding: gzip
expires: Fri, 26 Apr 2024 03:18:12 GMT
last-modified: Thu, 25 Apr 2024 23:14:53 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,HEAD,OPTIONS
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (13353) Hash7e29eec1f366019442c2e0b4979cb161 7644bbdcbc0f8cf275cd7d6c7b0aa8b9b2bf932f 58bbd6a241262127ddef359bd0d40bcbb1d84b1218f35164bc8d0348b5e8ec20
GET /wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-3528"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d055d26b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ | 141.193.213.11 | 200 OK | 150 kB |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Size150 kB (150215 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:18:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
link: <https://www.ghacks.net/wp-json/>; rel="https://api.w.org/", <https://www.ghacks.net/wp-json/wp/v2/posts/194771>; rel="alternate"; type="application/json", <https://www.ghacks.net/?p=194771>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 18
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a20d0329721c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 8.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (8193), with no line terminators Hashd0b1eed64061803f153cd21d2d0c8b0d 7945b89f7f9431761433b169e44fff149157eee9 64b9ef49ce14cc0e3e5163c8023207bd0393932f673b27e23f4cd83d27116077
GET /wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-1f19"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d055d25b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg | 141.193.213.11 | 200 OK | 478 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size478 kB (477863 bytes) Hash655d08cf6d96a363e39c465dac10190f a3bdea8f139718bf47497e04d9a333d14a2cfa9f ec60f80cd5c197f9b81538bd10f38084a91066faea759c879d5673d68808b99f
GET /wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: image/jpeg
content-length: 477863
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=535385
etag: "66167e38-82b59"
last-modified: Wed, 10 Apr 2024 11:55:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327305
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d060d7ab51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 | 141.193.213.11 | 200 OK | 7.7 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7916), with no line terminators Hashe397e33f80d0711a44d701037fe5eff5 bb0da078edab3b21ddeb70d1719afb77bc68a85d 436e7337050ebacf96ca2ef3790aa307cb6986aef2d5fe276768074ca5c0e556
GET /wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 22 Apr 2024 04:14:33 GMT
etag: W/"6625e429-1de3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327305
server: cloudflare
cf-ray: 87a20d065d9db51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true | 172.67.41.60 | 200 OK | 55 kB |
URL GET HTTP/2btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true IP172.67.41.60:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectbtloader.com Fingerprint70:F7:F9:F7:42:5B:08:2E:94:58:BB:71:DF:F9:4D:8C:F5:09:57:DA ValiditySun, 14 Apr 2024 06:05:01 GMT - Sat, 13 Jul 2024 06:05:00 GMT
File typeJavaScript source, ASCII text, with very long lines (55080) Hash15ce8b579881cb583e8d48d495bb9707 b2a222bcf05e9953da93f0bc6e80171381ebbb55 bba3a16748ae1653de65962e61a348311cc9e3512f1d88f06b8d6dc7e9116ce8
GET /tag?o=5633429348548608&domain=ghacks.net&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
content-length: 18411
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "c15f54172f48d8d96e1953e4847ee214"
last-modified: Thu, 25 Apr 2024 23:17:40 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20d0a3a1456ba-OSL
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 | 141.193.213.11 | 200 OK | 6.2 kB |
URL GET HTTP/3www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (6246), with no line terminators Hash8b5521ad075a12c55832f020b436e4cd 98dae794a2c78e0f57f8cbe37fc6d1c834b147fa bf180216fdfcd4098ee0c30421c1c55143be800f3b39e67ab29e31bf540bcef0
GET /wp-content/tablepress-combined.min.css?ver=7 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 08 Apr 2024 04:15:10 GMT
etag: W/"66136f4e-184e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d056d2db51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
etag: W/"6482bd64-3509"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d057d36b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK | 142.250.74.168 | 200 OK | 203 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2022) Size203 kB (203297 bytes) Hasha31b8127f180791c536f30b1ea7b37d7 516abeb8f37df4dde99fa541d39b3cfa467706e1 36c10acb70e8d989e5973366163a453fca3365be7b8f7e842182b0ba08e4fb4f
GET /gtm.js?id=GTM-NHW6RDK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:18:12 GMT
expires: Thu, 25 Apr 2024 23:18:12 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 21:56:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.datadoghq-browser-agent.com/datadog-rum-v4.js | 54.230.83.119 | 200 OK | 153 kB |
URL GET HTTP/2www.datadoghq-browser-agent.com/datadog-rum-v4.js IP54.230.83.119:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.datadoghq-browser-agent.com Fingerprint8E:43:FD:49:B4:79:B9:C5:3C:18:E1:BA:9F:28:56:E8:C3:73:9A:C7 ValidityTue, 12 Dec 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Size153 kB (153156 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /datadog-rum-v4.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 25 Apr 2024 23:17:59 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _hSH0znzHr8BThByVhJkkJUHHJShbJbHlL4TeI4TgVgpoQn9G_Pf_A==
age: 16
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js | 151.101.1.91 | 200 OK | 336 kB |
URL GET HTTP/3spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size336 kB (336489 bytes) Hash800ee0a8091abc36b316b172573321cb 45f54af5e23eec352fb27ff4c76e8073ec515424 ff61dc78e659dd793eaa0e5ea0d6409da29d4faf94d22a505aae5a0f91925610
GET /prebid/ghacks/prebid-client.js HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 95597
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"a258da22da081ed7367d11911943f6b5"
x-version: 1.1379.0
x-request-id: 3b733d31-5a3d-4a8b-b282-9464db7c36a1
content-encoding: br
x-envoy-upstream-service-time: 76
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 23:18:12 GMT
age: 125295
x-served-by: cache-ams21030-AMS, cache-hel1410026-HEL
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1714087093.820686,VS0,VE1
vary: Accept-Encoding,x-country-code,x-device-platform
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 110 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Size110 kB (110147 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
etag: W/"65b15ec4-1ae43"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d055d22b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 | 141.193.213.11 | 200 OK | 2.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (2705), with no line terminators Hash52b78c16f3448205252e13c78042da8e 25cc42371ff3e4c7d22ebfd79fb7e1bf7b46852b 25375b10fec2eb232f35f30fd4c9b78577d3cd0b98f775dc5da48607e85e4400
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-95c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d057d33b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js | 141.193.213.11 | 200 OK | 30 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (21977), with CRLF line terminators Hash136c745e6d222776ff48f5baf3568739 def0672c6e899debea85b4bb0b4bbe3f09c9c315 554f3ff96cba4f2f33ff2c37c48282006ab24a85cf9ca0ac8b22b0a06126c1d4
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-73e0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d057d3bb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 | 141.193.213.11 | 200 OK | 838 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (898), with no line terminators Hashe54984c1349a2e08fc2fb047ef82ed5d 7953e56df0a1f5330cbbf865b13ae63c48b3289f 1eea5dc94ae2aacafcedf09f7e54d77d3ed9a60c21035551386a98b24955e6a2
GET /wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=SzN2LCpz8FCDdXetx90AnIaT7zprkdGWcAZL.pqB7bQ-1714087091-1.0.1.1-HJF.c7OQ0_4VvsMN1ietWiDdLmw7TFHz7yMpLMAd95hYyB8YOR.SX2feayqe51DDAhmINZEcRlatkJOoev8ZHA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-346"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327306
server: cloudflare
cf-ray: 87a20d057d37b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|