| | 216.239.34.21 | 302 Found | 297 B |
URL User Request GET HTTP/2IP216.239.34.21:443
CertificateIssuerGoogle Trust Services LLC Subjectamtrak.zip FingerprintFE:18:E1:9D:A4:0F:4B:5A:8E:68:B7:DD:FB:63:C0:4B:98:ED:15:79 ValidityWed, 13 Mar 2024 07:20:36 GMT - Tue, 11 Jun 2024 08:11:08 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash884608828ab10b236e1a586cecbfc996 5d07bfaa33dc2a4ee1a6ddc8b127b2d90496d2ea b77ab7ee351de7c4e27ac35251291af8e27151a7b8a8828178d986634667c089
GET / HTTP/1.1
Host: amtrak.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks//
date: Thu, 25 Apr 2024 23:17:45 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 297
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// | 141.193.213.11 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
x-powered-by: WP Engine
expires: Fri, 26 Apr 2024 00:09:20 GMT
x-redirect-by: WordPress
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 19
x-cache-group: normal
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA; path=/; expires=Thu, 25-Apr-24 23:47:46 GMT; domain=.www.ghacks.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a20c61ea2f5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png | 141.193.213.11 | 200 OK | 4.7 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Hash529ca77a46f1e149ce81fd1c5bd038c6 a66893d379545af6ddd3b7204c32a71e6a6c3199 5931a8cf7624e0f9b46d05b093fb5a2376c58a3eda52e74138c02180b527eb78
GET /wp-content/uploads/2020/11/ghack-logo-menu.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/webp
content-length: 4678
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5352
content-disposition: inline; filename="ghack-logo-menu.webp"
etag: "654bd8e3-14e8"
last-modified: Wed, 08 Nov 2023 18:52:19 GMT
vary: Accept
cf-cache-status: HIT
age: 327279
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c660979568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg | 141.193.213.11 | 200 OK | 78 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x751, components 3 Hash07f3a4bfd7b3d79ddb7b4a3f251abf31 a07c4a3b9d1ce31149f7b4bced33030964d2e24c afdf4a0f2eaa6f72fba670480c99fd8bd45632342e012abd8fe9f5ab4b5ac8c6
GET /wp-content/uploads/2023/05/google-amp_02.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 77811
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=83942
etag: "654bd8b3-147e6"
last-modified: Wed, 08 Nov 2023 18:51:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 174
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c66097b568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png | 141.193.213.11 | 200 OK | 148 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size148 kB (147828 bytes) Hash7ea206f68208511fc3fade65652d5ae9 eaa378c5e9e569aea039d5cedc0aba64ea3bd9dc 9830cba07c321077a9707aee2c114925cb966283afc46ebd8dd2fb5bf7f95113
GET /wp-content/uploads/2023/05/microsoft-phishing-zip.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/webp
content-length: 147828
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=194628
content-disposition: inline; filename="microsoft-phishing-zip.webp"
etag: "654bd8b4-2f844"
last-modified: Wed, 08 Nov 2023 18:51:32 GMT
vary: Accept
cf-cache-status: HIT
age: 174
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c661983568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp | 141.193.213.11 | 200 OK | 1.9 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 235x51, Scaling: [none]x[none], YUV color, decoders should clamp Hash41926b99191b448707764362cd435e60 ddde62391af0241aec95ed172373bf3fa2d3c46a b6bf4f0fc4ce6aec190d2a66ae9302b3bf67b116b44342972289b8cd04e3d2ff
GET /wp-content/uploads/2005/10/ghacks-technology-news.webp HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/webp
content-length: 1948
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: "654bda54-79c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 325733
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c66298d568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg | 141.193.213.11 | 200 OK | 224 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size224 kB (223752 bytes) Hashd0ecc959148dfc251676b1f3bb81473a 8377ee1f920694d25eb699616faac4b4e03caa4e 46ff9b2281e7ca80920ac790bee565f5665ea1b87b569181bb36882b6039cfb3
GET /wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 223752
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=252600
etag: "661cb922-3dab8"
last-modified: Mon, 15 Apr 2024 05:20:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327279
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c66298e568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg | 141.193.213.11 | 200 OK | 81 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x801, components 3 Hash5ca9851d57d4a1b322d9c9c9dc09eac7 33c11808d28bb2e9fb20c853836d2d920daa04b7 fd6e88fcd78d2296406279adb65f4ec51220e788eee0ee5497f5312157b49997
GET /wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 81182
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90301
etag: "65ee9f82-160bd"
last-modified: Mon, 11 Mar 2024 06:06:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327231
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c662991568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png | 141.193.213.11 | 200 OK | 134 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size134 kB (133884 bytes) Hash81de53c4fe536e66f067773770264818 736e5b48335a4e0bcf66b9ce4efeb04135b06a23 fb07bd1905b07345d5a993ad01ab37812b34f4402d883959200cbd6ad38f8336
GET /wp-content/uploads/2024/03/malwarebytes-5.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/webp
content-length: 133884
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=181930
content-disposition: inline; filename="malwarebytes-5.webp"
etag: "65e6f562-2c6aa"
last-modified: Tue, 05 Mar 2024 10:35:14 GMT
vary: Accept
cf-cache-status: HIT
age: 327231
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c662994568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg | 141.193.213.11 | 200 OK | 59 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x828, components 3 Hashb05213945a64f99030ed8dbaed5274d7 5f2c357ae61868aa529c940543ccee44a8838678 39c72f8478154a7eeaacdc5f2551b3d59bdc2c3809a0f6dfed182d0309800cfb
GET /wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 59007
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=69012
etag: "65c9a984-10d94"
last-modified: Mon, 12 Feb 2024 05:15:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327231
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c662995568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg | 141.193.213.11 | 200 OK | 410 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x857, components 3 Size410 kB (409787 bytes) Hash8acb5c60569d8386d579a7984ef23990 04fdae2255a42aaa3d0b872d105a48d880ebd29a 7623c1d41bf059d221f74630150427b0fedc8d4abbe07f9b997d0c5c239f9563
GET /wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 409787
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=456158
etag: "65c07f7a-6f5de"
last-modified: Mon, 05 Feb 2024 06:26:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327231
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c662996568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg | 141.193.213.11 | 200 OK | 68 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash56bd3ba4b2999f1a7564638f5f03529c 2229bdaa6917b6ba3293e89f90125d653678cccd a93eb535d6d2a0be0c434a21d2d930afab75fc5f50fa3e880e40effeefe7627a
GET /wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 67966
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=75468
etag: "65a95084-126cc"
last-modified: Thu, 18 Jan 2024 16:23:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327231
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c662997568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg | 141.193.213.11 | 200 OK | 478 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size478 kB (477863 bytes) Hash655d08cf6d96a363e39c465dac10190f a3bdea8f139718bf47497e04d9a333d14a2cfa9f ec60f80cd5c197f9b81538bd10f38084a91066faea759c879d5673d68808b99f
GET /wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 477863
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=535385
etag: "66167e38-82b59"
last-modified: Wed, 10 Apr 2024 11:55:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327279
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6679b3568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.1.91 | 200 OK | 54 kB |
URL GET HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash08744fedd69da7e5a93ee570031a3c7b e96d7e8fcdb12e00fe2b83ef4708428a7b75cf29 a0cabb56423061f953337f2fec955be2e1e1bc890857c496a581ba212db4c5ca
GET /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"ef32cb6607170b97e3fcdfce89dd5abc"
x-version: 1.1381.0
x-request-id: 62fb61c7-fb78-4ff4-a199-e6e5d40e88a5
content-encoding: br
x-envoy-upstream-service-time: 288
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 23:17:46 GMT
age: 33894
x-served-by: cache-ams21024-AMS, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 44, 2
x-timer: S1714087067.775800,VS0,VE0
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54042
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg | 141.193.213.11 | 200 OK | 265 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x799, components 3 Size265 kB (264740 bytes) Hash8cbfde1dabbf6353242204fb36efaea4 f2368204588944a6da3bb8d8339d9b03ad1a3989 e0383d956b4ba021221c00ceb187cd3a46b7095b2b0ee4a498881e4391b7ebfa
GET /wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 264740
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=289019
etag: "654bd8a6-468fb"
last-modified: Wed, 08 Nov 2023 18:51:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327279
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6679b4568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg | 141.193.213.11 | 200 OK | 153 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x900, components 3 Size153 kB (153005 bytes) Hash2b9c54d60720c2eb83f235265e058f90 a16a9443302ef2df51197cdea6f3d37162be9a9a d6282d7808651a3a8a86885958df07702350ee738a249abe95fa4d1251272dc3
GET /wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 153005
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=165934
etag: "66222569-2882e"
last-modified: Fri, 19 Apr 2024 08:03:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327279
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6729e3568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg | 141.193.213.11 | 200 OK | 215 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x828, components 3 Size215 kB (214750 bytes) Hash516950906fdeb9383252a8c263b5ca0b 7910e4e7a6c0e24e000d6e90ec350f9ac43e4260 70c02b96bf2fb64da5658faa29379f58eb5ace80efc16ebe0f802824c4fbbb06
GET /wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 214750
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=227328
etag: "662753d1-37800"
last-modified: Tue, 23 Apr 2024 06:23:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 226061
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6679b5568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg | 141.193.213.11 | 200 OK | 246 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size246 kB (246065 bytes) Hashd840cd6998cfa2928ae3e7b81acc1dc4 7a40cbb702721b9cac375840f7fb07effe9ecef8 c11f87af868f757be514cbda7f0b5e99dc07a9556acf0661fefcc5ca763ba0ad
GET /wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 246065
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=263508
etag: "66260c65-40554"
last-modified: Mon, 22 Apr 2024 07:06:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 316466
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6729df568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-6DL3S186WS | 142.250.74.168 | 200 OK | 87 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-6DL3S186WS IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Hash682db19f5b6b7da6e435b01456f4397d 8664625ca82c4c117f734dee1691bf9dcc15d6be f86cfdd4d3714cecedf3964ed7926bba5da940169d1e40d1ac141062a105983c
GET /gtag/js?id=G-6DL3S186WS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:17:46 GMT
expires: Thu, 25 Apr 2024 23:17:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg | 141.193.213.11 | 200 OK | 91 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash4c9a7b2fb5e42b0daa9b3d4e261e47af 1fad98077c471b361e68ee27644c84ef621ac681 fe874a387810041328a72df62c42890597e6cd4cece35f2e7e88f604adb008a9
GET /wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 91434
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=94325
etag: "66209cd0-17075"
last-modified: Thu, 18 Apr 2024 04:08:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 326098
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6729e5568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.1.91 | 200 OK | 0 B |
URL GET HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"ef32cb6607170b97e3fcdfce89dd5abc"
x-version: 1.1381.0
x-request-id: 62fb61c7-fb78-4ff4-a199-e6e5d40e88a5
content-encoding: br
x-envoy-upstream-service-time: 288
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 23:17:47 GMT
age: 33895
x-served-by: cache-ams21024-AMS, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 44, 3
x-timer: S1714087067.182128,VS0,VE0
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54042
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2024/04/brave-search-answer-with-ai.png | 141.193.213.11 | 200 OK | 636 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/brave-search-answer-with-ai.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size636 kB (635680 bytes) Hash9447613d5819f09411035b05009d764a 2c0572f32c8fcc9bb5503227bc9deffc81b3933a 7f90d491a7a2af6bda0e5ce269bebb1b5b56e54b73921792797057c92d6c40c5
GET /wp-content/uploads/2024/04/brave-search-answer-with-ai.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/webp
content-length: 635680
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=821728
content-disposition: inline; filename="brave-search-answer-with-ai.webp"
etag: "6620b0bb-c89e0"
last-modified: Thu, 18 Apr 2024 05:33:47 GMT
vary: Accept
cf-cache-status: HIT
age: 326098
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6729e4568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg | 141.193.213.11 | 200 OK | 283 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size283 kB (283351 bytes) Hashed3c9b7207420906ae33273a8ddcbe3f 6884948c2dbd858c3ea0f214ea2c4bd5676a62b2 35eaa364539cb55b67861801e0bd9b4bc691c7198b1be8d585f05e38a832a5cd
GET /wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 283351
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=306779
etag: "65aa11db-4ae5b"
last-modified: Fri, 19 Jan 2024 06:08:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 326098
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6729e6568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg | 141.193.213.11 | 200 OK | 26 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x675, components 3 Hashfa56fbf0f90b4e67f31da67fab67f849 094074474786c02ec09d61a2a0a3be94025d7669 4fa5fb28521342d00a510235305ad0934debab6775813f3af98bdb68003077f0
GET /wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: image/jpeg
content-length: 25524
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31987
etag: "661e4ca0-7cf3"
last-modified: Tue, 16 Apr 2024 10:02:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 326098
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6729e7568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js | 151.101.1.91 | 200 OK | 96 kB |
URL GET HTTP/2spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash800ee0a8091abc36b316b172573321cb 45f54af5e23eec352fb27ff4c76e8073ec515424 ff61dc78e659dd793eaa0e5ea0d6409da29d4faf94d22a505aae5a0f91925610
GET /prebid/ghacks/prebid-client.js HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"a258da22da081ed7367d11911943f6b5"
x-version: 1.1379.0
x-request-id: 3b733d31-5a3d-4a8b-b282-9464db7c36a1
content-encoding: br
x-envoy-upstream-service-time: 76
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 125270
date: Thu, 25 Apr 2024 23:17:47 GMT
x-served-by: cache-ams21030-AMS, cache-hel1410024-HEL
x-cache: MISS, HIT
x-cache-hits: 0, 0
x-timer: S1714087067.275126,VS0,VE1
vary: Accept-Encoding,x-country-code,x-device-platform
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 95597
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 78 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (58981) Hashd68d6bf519169d86e155bad0bed833f8 27ba9c67d0e775fc4e6dd62011daf4c3902698fc c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
GET /wp-includes/css/dashicons.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65b94f568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2022) Hash90c986f586c8764db453a60489449c34 ce61b36700a71fe7b95d6f160fd117939dbc82fc 3fa209d93c8e68fb5fd269a8d8b84dd3ef9d859eb84027d4d4bcc2aa63a331bd
GET /gtm.js?id=GTM-NHW6RDK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:17:47 GMT
expires: Thu, 25 Apr 2024 23:17:47 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 21:56:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true | 104.22.75.216 | 200 OK | 18 kB |
URL GET HTTP/2btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true IP104.22.75.216:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectbtloader.com Fingerprint70:F7:F9:F7:42:5B:08:2E:94:58:BB:71:DF:F9:4D:8C:F5:09:57:DA ValiditySun, 14 Apr 2024 06:05:01 GMT - Sat, 13 Jul 2024 06:05:00 GMT
File typeJavaScript source, ASCII text, with very long lines (55080) Hash15ce8b579881cb583e8d48d495bb9707 b2a222bcf05e9953da93f0bc6e80171381ebbb55 bba3a16748ae1653de65962e61a348311cc9e3512f1d88f06b8d6dc7e9116ce8
GET /tag?o=5633429348548608&domain=ghacks.net&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: application/javascript
content-length: 18411
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "c15f54172f48d8d96e1953e4847ee214"
last-modified: Thu, 25 Apr 2024 23:12:58 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 174
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6c9f54be60-CPH
X-Firefox-Spdy: h2
|
|
| sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js | 54.230.111.79 | 200 OK | 90 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js IP54.230.111.79:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65434) Hashf9c5661171a4ac1a48607beb209e2823 5ee19fd635ec0f4450189b49214a56c61c288be1 3564b4a56c90905a9e336c94e0ea234199a05195938fb398026b1e1ada89563c
GET /sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 31072
date: Thu, 25 Apr 2024 14:39:56 GMT
last-modified: Thu, 25 Apr 2024 14:39:49 GMT
etag: W/"70dc649d56fa01872df07dc9558652c6-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z9t8y42U5rRWswGdoiLtu4pFCKOKb7mb7lvZSVHvky0M80_gRCuMqg==
|
|
| www.datadoghq-browser-agent.com/datadog-rum-v4.js | 54.230.83.119 | 200 OK | 184 kB |
URL GET HTTP/2www.datadoghq-browser-agent.com/datadog-rum-v4.js IP54.230.83.119:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.datadoghq-browser-agent.com Fingerprint8E:43:FD:49:B4:79:B9:C5:3C:18:E1:BA:9F:28:56:E8:C3:73:9A:C7 ValidityTue, 12 Dec 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size184 kB (183981 bytes) Hash2630b3d7ad4a41fac67742216e506d83 dda36227690cb7c9ec74de3667dd595d59fb8eec cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
GET /datadog-rum-v4.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 25 Apr 2024 23:17:00 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AzSPxvJs8-nvpZD59cp-quy6vRSnI6MUW88TNy6McAErx8V6X35d6g==
age: 51
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 | 141.193.213.11 | 200 OK | 16 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hash1c207e9a2b0faf10eb63d472fe2b01cf 57765678f4bf7eda35c3de1f5a7101d97a172af7 f332c2a693b39e9f0520a36c333131cdce39e0b51ea8cedb6bfe30168dd3bfc8
GET /wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-57b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65a94b568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 | 139.45.197.253 | 200 OK | 108 B |
URL GET HTTP/2notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 IP139.45.197.253:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
Hashc2e526b87becea70e84e59e6140c1667 d81024ed28402da62f33d0c87a0502edae040086 6bf0a4f3020094b5acbfbec37adcfe72560f05e78022b8d60c42bdf8160317d3
GET /settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: application/json; charset=utf-8
content-length: 108
access-control-allow-origin: https://www.ghacks.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 4.8 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text Hashdd94b73631d1d3b07fdf3a8700ef7816 f6086cc43e768c2663f24bf06970cc36d725cd53 da1bbbe576802e12834e9db2bfc8d8fbb28e6bcffb3881b13c17a5f8ce325762
GET /wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-158"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65b951568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 | 141.193.213.11 | 200 OK | 184 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Size184 kB (183974 bytes) Hash91954b488a9bfcade528d6ff5c7ce83f edf589eb28247c73ccc04e5b34ad107b90bd1b2e 6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 25 Mar 2024 04:31:53 GMT
etag: W/"6600fe39-2c7c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325733
server: cloudflare
cf-ray: 87a20c6729f0568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 | 141.193.213.11 | 200 OK | 1.3 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (8874), with no line terminators Hash68671fadf610269ccfb27f5a3b62b39a 0524cc4b457129c6e49d44617edbc591118e5cde 27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db
GET /wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:33 GMT
etag: W/"654bda59-22aa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65c958568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 | 141.193.213.11 | 200 OK | 2.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (6143) Hash6e57326bcc943d3f25208ded5b706bba 13e56fa7fd5fd067638c84652c2e18c663b68a2b 7aafd545cc2b47695925a11b7ebe8f823ceca7cc0915e285c5e44ca78a4d912c
GET /wp-content/tablepress-combined.min.css?ver=7 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 08 Apr 2024 04:15:10 GMT
etag: W/"66136f4e-184e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65c957568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 | 141.193.213.11 | 200 OK | 9.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hash85c9f8b83e8bacfcf5f21149f53517eb c7ed3ee4fb22143920dcbec95df5de61735d0ed3 c83ba2335eb11ba594d4f7a11e28385e20d76f67cd151b59009725ff862ed843
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-3d2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65c959568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 | 141.193.213.11 | 200 OK | 13 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeassembler source, Unicode text, UTF-8 text, with very long lines (449) Hashdda4f396838a93a90dfd43fc4d8d756f 53e51ee863a0c33c7b12d030c897665143294f11 674d2522bec4d5ed4e48890b0690d15d0d0b297b65a60c0e1b0f7654e4b403ce
GET /wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7b08"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325734
server: cloudflare
cf-ray: 87a20c65b952568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 | 141.193.213.11 | 200 OK | 714 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with CRLF line terminators Hashd2ed043204d00b1eb7463bbd55119242 cffebd7d2e55ccbc5294bc35109adc0203d41549 cda8a294e49e463b6fc52b515803872736d8b7c12452c6aa7396f4177a74c4be
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-95c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65c95a568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js | 54.230.111.79 | 200 OK | 56 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js IP54.230.111.79:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65419) Hasha44e1d5bf79594998aa228e7cf49e602 a184ed8b6215052da245285e11f3440063c8f784 ef20650560248405bf467e9a443f872ee805ae1a72874f5f5bcc3fc6e507cde8
GET /sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 31002
date: Thu, 25 Apr 2024 14:41:07 GMT
last-modified: Thu, 25 Apr 2024 14:39:52 GMT
etag: W/"8765146caccc91cbbae5375f58959e3d-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: re1y8cmureS_8btVL9ST4iAeNTZScIMtIX8IqsuUtBbIy8m7K_t3LA==
|
|
| api.btloader.com/pv?tid=j3XYJNvmr&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=bIdnpakLM&pm=true&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/pv?tid=j3XYJNvmr&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=bIdnpakLM&pm=true&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=j3XYJNvmr&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=bIdnpakLM&pm=true&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 25 Apr 2024 23:17:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 841
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:17:53 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 844
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:17:53 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/recirculation.php | 57.128.96.94 | 200 OK | 12 B |
URL POST HTTP/2events.newsroom.bi/recirculation.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hashaf472541e2d2b40737f6e7e9b55de6c7 9c9e4af771378e62f91a9f74b3f5696228c4167b a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
POST /recirculation.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2761
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:17:58 GMT
content-length: 12
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=df3eda75-f9d0-4244-aa0a-cd1df720584a&fvst=1714087068&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 | 104.21.50.90 | 200 OK | 75 B |
URL GET HTTP/2flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=df3eda75-f9d0-4244-aa0a-cd1df720584a&fvst=1714087068&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 IP104.21.50.90:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectflowcards.mrf.io FingerprintCD:D3:F7:18:EC:9C:A7:C1:6D:05:F1:5C:54:84:BD:27:EE:08:49:3F ValidityTue, 16 Apr 2024 05:29:37 GMT - Mon, 15 Jul 2024 05:29:36 GMT
Hash86fa40a699df8edead4fdc88e68ecf89 42c28cce3e35436cc7ad0486385ebe9ea944632f 4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50
GET /json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=df3eda75-f9d0-4244-aa0a-cd1df720584a&fvst=1714087068&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=10&sid=2544&useg=&utyp=0&vfrq=6 HTTP/1.1
Host: flowcards.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:58 GMT
content-type: application/json; charset=utf-8
content-length: 75
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
x-envoy-upstream-service-time: 95
cf-cache-status: BYPASS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20cb06d977129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 848
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:18:03 GMT
content-length: 2
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.94 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.94:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 848
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:18:08 GMT
content-length: 2
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| api.btloader.com/mw/state?bt_env=prod | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/mw/state?bt_env=prod IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Thu, 25 Apr 2024 23:17:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| notix.io/ent/current/enot.min.js | 139.45.197.253 | 200 OK | 145 kB |
URL GET HTTP/2notix.io/ent/current/enot.min.js IP139.45.197.253:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145421 bytes) Hash9a3ae56c31a58c28e606e1e069a21059 ea3cdfcda002044373d2090e1745f83a15b82d17 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:38 GMT
etag: W/"65f18b52-2380d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 1.6 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (1599), with no line terminators Hash70f91a2b08190feff505484d662177a3 09a304715dd90ea73f87bd90eb429c97e4059405 5a6da8b217356a219a09169c66c162f2460915b6737c66b90b023285f3a12768
GET /wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-62b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65a947568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (13353) Hash7e29eec1f366019442c2e0b4979cb161 7644bbdcbc0f8cf275cd7d6c7b0aa8b9b2bf932f 58bbd6a241262127ddef359bd0d40bcbb1d84b1218f35164bc8d0348b5e8ec20
GET /wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-3528"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65a949568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/statics/dfp.js | 141.193.213.11 | 404 Not Found | 548 B |
URL GET HTTP/3www.ghacks.net/statics/dfp.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash5b3bd9705af8e4446f589e073b64d64c e25d724de194a431213080e10392963efc18ad75 ad8ec7fd0face5bd866b2a915cd34853cf60f18229acc156dfa99f5dd5d3c775
GET /statics/dfp.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: br
cf-cache-status: HIT
server: cloudflare
cf-ray: 87a20c698ab4568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 | 141.193.213.11 | 200 OK | 3.0 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (3056), with no line terminators Hashdc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-ba5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325733
server: cloudflare
cf-ray: 87a20c6729ee568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ | 141.193.213.11 | 200 OK | 150 kB |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Size150 kB (150215 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
link: <https://www.ghacks.net/wp-json/>; rel="https://api.w.org/", <https://www.ghacks.net/wp-json/wp/v2/posts/194771>; rel="alternate"; type="application/json", <https://www.ghacks.net/?p=194771>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 15
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a20c636b495684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (2099), with no line terminators Hash82d65a4965205ef6700c742003e1050f 10616a26d306cc152543750ce1b6a8673aa12585 a5d6a71abbf8c8f90b1f9ab66118bd96d2c3bc9fd399b84a57a0129855287937
GET /wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7d8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c6729e8568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 | 142.250.74.35 | 200 OK | 524 kB |
URL GET HTTP/2www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 IP142.250.74.35:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (5280) Size524 kB (524035 bytes) Hash1f1319b651c980800276fe55eb86b8f5 0a1c600cfa3596686e6d564f5e38cbdc3b6d047a 8fdb846f4a09e6e57c84908277101c3878d9f3eec18f3c3408a68aedc16b8cb9
GET /readaloud/player/web/api/js/api.js?ver=1 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="speakr"
report-to: {"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-length: 180715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 22:48:24 GMT
expires: Thu, 25 Apr 2024 23:38:24 GMT
cache-control: public, max-age=3000
age: 1763
last-modified: Sun, 10 Mar 2024 09:27:38 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/country?o=5633429348548608 | 130.211.23.194 | 200 OK | 37 B |
URL GET HTTP/2api.btloader.com/country?o=5633429348548608 IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash184e332312061d1740184beb07bef7af f8535d5ac4207eebee8a59f4014f916ae66c151f 637e3640e1e3ff9c0a20073ffb4dee2a6f1ea584b4ac2308cc3f4a4c413d41bc
GET /country?o=5633429348548608 HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Thu, 25 Apr 2024 23:17:48 GMT
content-length: 37
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sdk.mrf.io/statics/marfeel-sdk.js?id=2544 | 172.67.159.162 | 200 OK | 157 kB |
URL GET HTTP/2sdk.mrf.io/statics/marfeel-sdk.js?id=2544 IP172.67.159.162:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectsdk.mrf.io FingerprintE3:5F:E1:81:2C:18:A0:6B:1A:CF:FB:54:9E:3E:3F:A5:6C:31:E1:FE ValidityWed, 27 Mar 2024 00:15:55 GMT - Tue, 25 Jun 2024 00:15:54 GMT
Size157 kB (157305 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /statics/marfeel-sdk.js?id=2544 HTTP/1.1
Host: sdk.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 42610
cache-control: max-age=1800
access-control-allow-origin: *
x-response-time: 2ms
content-encoding: gzip
x-envoy-upstream-service-time: 13
cf-cache-status: HIT
age: 241
last-modified: Thu, 25 Apr 2024 23:13:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20c6bcbef56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=2 | 104.26.2.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=2 IP104.26.2.70:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1098375
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8Kv4aO0HdCNcQa7wceb9N1l3zyjfCk3f%2FqPnzDw6NOzR8H5EXnCE%2BN%2F9GRc%2BkDzBj%2F6WQx1VzgDut0D91TSUB%2FOIYZ%2B%2BDh0E4%2BeczjZH8jqWlBfo%2F3OdTRbqRu1f1HZ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20c6e4ae1b518-OSL
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 8.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (8193), with no line terminators Hashd0b1eed64061803f153cd21d2d0c8b0d 7945b89f7f9431761433b169e44fff149157eee9 64b9ef49ce14cc0e3e5163c8023207bd0393932f673b27e23f4cd83d27116077
GET /wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-1f19"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65a948568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 | 141.193.213.11 | 200 OK | 15 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14916) Hash5e7f7ff3266816dcc5f6788fa83937cf 8db62c96b2f6b45549e7aadf0fac75252a5b2949 f45cd9b233359f93287b58c02c16915e1af7c540f778a85752997c75b825505b
GET /wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:18 GMT
etag: W/"657fc71a-3a6f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c6729e9568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 | 141.193.213.11 | 200 OK | 136 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65281) Size136 kB (136235 bytes) Hash109e655465f9d245b3a1e362a0191de1 0e0f00c77214ae421645005171d1c8721f917670 d36ac645d9f3443fe2b4ee6306a14b305bc3d93f3ed72e913d067d02200e889c
GET /wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-2142b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c6729ea568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net | 54.230.111.79 | 200 OK | 58 kB |
URL GET HTTP/2sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net IP54.230.111.79:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-amzn-requestid: f2b92855-b1b1-42f0-8c7b-75f339633647
x-didomi-configs-version: 102
x-amzn-trace-id: root=1-662a7d2b-2e14265313a7f4d0760f2c14;parent=75b19cc49a7151fc;sampled=0;lineage=eaae1266:0
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
content-encoding: br
date: Thu, 25 Apr 2024 22:12:50 GMT
cache-control: max-age=7200, public
etag: W/"1bb1873f37530e5e36cde01a73f818dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yu5e-jXq0f8HjYn6tn876MaS_5Jr0eXsKS0NoNLekmw5iEZ5tn5R3A==
age: 5858
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 | 141.193.213.11 | 200 OK | 838 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (898), with no line terminators Hashe54984c1349a2e08fc2fb047ef82ed5d 7953e56df0a1f5330cbbf865b13ae63c48b3289f 1eea5dc94ae2aacafcedf09f7e54d77d3ed9a60c21035551386a98b24955e6a2
GET /wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-346"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65d962568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js | 141.193.213.11 | 200 OK | 30 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (21977), with CRLF line terminators Hash136c745e6d222776ff48f5baf3568739 def0672c6e899debea85b4bb0b4bbe3f09c9c315 554f3ff96cba4f2f33ff2c37c48282006ab24a85cf9ca0ac8b22b0a06126c1d4
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-73e0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65e96c568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 | 141.193.213.11 | 200 OK | 7.7 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7916), with no line terminators Hashe397e33f80d0711a44d701037fe5eff5 bb0da078edab3b21ddeb70d1719afb77bc68a85d 436e7337050ebacf96ca2ef3790aa307cb6986aef2d5fe276768074ca5c0e556
GET /wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 22 Apr 2024 04:14:33 GMT
etag: W/"6625e429-1de3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327279
server: cloudflare
cf-ray: 87a20c6729eb568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 | 141.193.213.11 | 200 OK | 6.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeUnicode text, UTF-8 text, with very long lines (6532), with no line terminators Hash820395478e46e88a5c526ae7d80659c3 74d172c64ae14947204d6bd4c684882eda8c5bd0 91765311b10376ca26258f0209b0da0685b54026e584347831f0efa515e464d1
GET /wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-18d0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325733
server: cloudflare
cf-ray: 87a20c6729ef568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| polyfill.io/v2/polyfill.min.js?features=fetch | 104.18.52.27 | 200 OK | 103 B |
URL GET HTTP/2polyfill.io/v2/polyfill.min.js?features=fetch IP104.18.52.27:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerSectigo Limited Subject*.polyfill.io Fingerprint19:AA:59:2F:D9:8A:C1:48:99:20:3C:64:45:4E:E5:A6:1D:E4:92:0C ValidityTue, 20 Feb 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash9873517c6208ccf281b22546f8898e8c e76333df8509395e7287905624a940524305051c 117b8d7befad35ab652867c373d5a510f7cfee434d85af052d3078eb63e382a5
GET /v2/polyfill.min.js?features=fetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 87a20c660afd56a4-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 173
cache-control: public, max-age=14400
content-encoding: gzip
expires: Fri, 26 Apr 2024 03:17:46 GMT
last-modified: Thu, 25 Apr 2024 23:14:53 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,HEAD,OPTIONS
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 141.193.213.11 | 200 OK | 88 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"64ecd5ef-15601"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65c95c568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg | 141.193.213.11 | 200 OK | 894 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeSVG Scalable Vector Graphics image Hash31ffae4dc3f9513b90cece58e109d074 3d9d4360489d8a2213ced78ea01d7299456ef5dc 11c7f674f5c8f6705071eeb9c4036f51243fc4e79c06ba784e92324fef1e4f94
GET /wp-content/themes/new-ghacks-preview/images/search-icon.svg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA; rv_prebid_position=670; rv_test_position=736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-37e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c698ab6568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ad-delivery.net/px.gif?ch=1&e=0.2604649507059319 | 104.26.2.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=1&e=0.2604649507059319 IP104.26.2.70:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.2604649507059319 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1098375
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjrUqXyu%2F6bM6KOpNfXFRvGtk0lR655SDTkidkvPkDJHj%2BJyBv70mwIH8RXKjhqPu5RRtQiVaNuivhU%2BcRe95uzPlMFa1TjkHL9diw6%2FjlgupwtprGPOL1lxsIistS0l7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20c6e7af6b518-OSL
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
etag: W/"6482bd64-3509"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c65d961568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/statics/px.gif | 141.193.213.11 | 404 Not Found | 548 B |
URL GET HTTP/3www.ghacks.net/statics/px.gif IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash5b3bd9705af8e4446f589e073b64d64c e25d724de194a431213080e10392963efc18ad75 ad8ec7fd0face5bd866b2a915cd34853cf60f18229acc156dfa99f5dd5d3c775
GET /statics/px.gif HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-encoding: br
cf-cache-status: HIT
server: cloudflare
cf-ray: 87a20c698ab5568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/favicon.ico | 141.193.213.11 | 200 OK | 0 B |
URL GET HTTP/3www.ghacks.net/favicon.ico IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA; rv_prebid_position=670; rv_test_position=736; rv_fp_ad_session_id=96457e99-370e-4fa7-bfc7-cf9cc4acbb7d; rv_fp_pv=1; _ga_6DL3S186WS=GS1.1.1714087067.1.0.1714087067.0.0.0; _ga=GA1.1.731608773.1714087067; _dd_s=rum=0&expire=1714087967683
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:47 GMT
content-type: image/x-icon
content-length: 0
last-modified: Fri, 19 Apr 2024 23:01:49 GMT
etag: "6622f7dd-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 327279
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20c6d5c1f568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 871 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (893), with no line terminators Hash4a575beeab891c7e0c9c5aabf017af61 f17b0229a69419ee1a60b4bbdb8949f136f3c90b b46cef510a78ae4fa455975a4ba95a7971eef079b05ba3be196094cf887d92b6
GET /wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-367"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327279
server: cloudflare
cf-ray: 87a20c6729ec568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 | 142.250.74.74 | 200 OK | 396 kB |
URL GET HTTP/2imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 IP142.250.74.74:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (1754) Size396 kB (395874 bytes) Hash61eaa70d7948780d391ebb60170131b6 5eeb9408b943af3c7e670125b68158cba3a25196 b6a0dc033049e4e05526c0c761456ace62442066b3e162841e9e8187aa383a5c
GET /js/sdkloader/ima3.js?ver=1 HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 135608
date: Thu, 25 Apr 2024 23:17:47 GMT
expires: Thu, 25 Apr 2024 23:17:47 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 110 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Size110 kB (110147 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=5L6KVsW1qDuiKjw3v47f51WJ2OPdKj4XtlOzErQrSiA-1714087066-1.0.1.1-oVx6dUsIxc94culliyigdrbnCV16th6V_II63kSljZOvW7cVLFvLGI8vG._qXtT.6f_ra1jZ4Ci3dZTdmDVcdA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:46 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
etag: W/"65b15ec4-1ae43"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327280
server: cloudflare
cf-ray: 87a20c659945568b-OSL
alt-svc: h3=":443"; ma=86400
|
|