| |  216.239.36.21 | 302 Found | 297 B |
URL User Request GET HTTP/2IP216.239.36.21:443
CertificateIssuerGoogle Trust Services LLC Subjectfcc.zip Fingerprint50:C9:BE:CE:02:35:79:B8:16:53:00:8E:F4:13:86:09:FC:C8:85:E7 ValiditySat, 16 Mar 2024 09:15:42 GMT - Fri, 14 Jun 2024 10:06:54 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash884608828ab10b236e1a586cecbfc996 5d07bfaa33dc2a4ee1a6ddc8b127b2d90496d2ea b77ab7ee351de7c4e27ac35251291af8e27151a7b8a8828178d986634667c089
GET / HTTP/1.1
Host: fcc.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks//
date: Thu, 25 Apr 2024 23:14:51 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 297
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// | 141.193.213.11 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks// HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 25 Apr 2024 23:14:51 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
x-powered-by: WP Engine
expires: Fri, 26 Apr 2024 00:09:20 GMT
x-redirect-by: WordPress
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 17
x-cache-group: normal
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q; path=/; expires=Thu, 25-Apr-24 23:44:51 GMT; domain=.www.ghacks.net; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a208214ad60b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png | 141.193.213.11 | 200 OK | 4.7 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2020/11/ghack-logo-menu.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Hash529ca77a46f1e149ce81fd1c5bd038c6 a66893d379545af6ddd3b7204c32a71e6a6c3199 5931a8cf7624e0f9b46d05b093fb5a2376c58a3eda52e74138c02180b527eb78
GET /wp-content/uploads/2020/11/ghack-logo-menu.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/webp
content-length: 4678
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5352
content-disposition: inline; filename="ghack-logo-menu.webp"
etag: "654bd8e3-14e8"
last-modified: Wed, 08 Nov 2023 18:52:19 GMT
vary: Accept
cf-cache-status: HIT
age: 327105
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825bd7eb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp | 141.193.213.11 | 200 OK | 1.9 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.webp IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 235x51, Scaling: [none]x[none], YUV color, decoders should clamp Hash41926b99191b448707764362cd435e60 ddde62391af0241aec95ed172373bf3fa2d3c46a b6bf4f0fc4ce6aec190d2a66ae9302b3bf67b116b44342972289b8cd04e3d2ff
GET /wp-content/uploads/2005/10/ghacks-technology-news.webp HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/webp
content-length: 1948
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: "654bda54-79c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 325559
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825bd81b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg | 141.193.213.11 | 200 OK | 224 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size224 kB (223752 bytes) Hashd0ecc959148dfc251676b1f3bb81473a 8377ee1f920694d25eb699616faac4b4e03caa4e 46ff9b2281e7ca80920ac790bee565f5665ea1b87b569181bb36882b6039cfb3
GET /wp-content/uploads/2024/04/slejven-djurakovic-0uXzoEzYZ4I-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 223752
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=252600
etag: "661cb922-3dab8"
last-modified: Mon, 15 Apr 2024 05:20:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327105
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825bd82b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg | 141.193.213.11 | 200 OK | 81 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x801, components 3 Hash5ca9851d57d4a1b322d9c9c9dc09eac7 33c11808d28bb2e9fb20c853836d2d920daa04b7 fd6e88fcd78d2296406279adb65f4ec51220e788eee0ee5497f5312157b49997
GET /wp-content/uploads/2024/03/KeePassXC-adds-support-for-Passkeys-improves-database-import-from-Bitwarden-and-1Password.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 81182
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90301
etag: "65ee9f82-160bd"
last-modified: Mon, 11 Mar 2024 06:06:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327057
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825bd84b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png | 141.193.213.11 | 200 OK | 134 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/03/malwarebytes-5.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size134 kB (133884 bytes) Hash81de53c4fe536e66f067773770264818 736e5b48335a4e0bcf66b9ce4efeb04135b06a23 fb07bd1905b07345d5a993ad01ab37812b34f4402d883959200cbd6ad38f8336
GET /wp-content/uploads/2024/03/malwarebytes-5.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/webp
content-length: 133884
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=181930
content-disposition: inline; filename="malwarebytes-5.webp"
etag: "65e6f562-2c6aa"
last-modified: Tue, 05 Mar 2024 10:35:14 GMT
vary: Accept
cf-cache-status: HIT
age: 327057
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825cd89b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg | 141.193.213.11 | 200 OK | 59 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x828, components 3 Hashb05213945a64f99030ed8dbaed5274d7 5f2c357ae61868aa529c940543ccee44a8838678 39c72f8478154a7eeaacdc5f2551b3d59bdc2c3809a0f6dfed182d0309800cfb
GET /wp-content/uploads/2024/02/RustDoor-malware-targets-macOS-users-by-posing-as-a-Visual-Studio-Update.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 59007
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=69012
etag: "65c9a984-10d94"
last-modified: Mon, 12 Feb 2024 05:15:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327057
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825cd8ab512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg | 141.193.213.11 | 200 OK | 410 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x857, components 3 Size410 kB (409787 bytes) Hash8acb5c60569d8386d579a7984ef23990 04fdae2255a42aaa3d0b872d105a48d880ebd29a 7623c1d41bf059d221f74630150427b0fedc8d4abbe07f9b997d0c5c239f9563
GET /wp-content/uploads/2024/02/samantha-lam-zFy6fOPZEu0-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 409787
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=456158
etag: "65c07f7a-6f5de"
last-modified: Mon, 05 Feb 2024 06:26:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327057
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825cd8bb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg | 141.193.213.11 | 200 OK | 68 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash56bd3ba4b2999f1a7564638f5f03529c 2229bdaa6917b6ba3293e89f90125d653678cccd a93eb535d6d2a0be0c434a21d2d930afab75fc5f50fa3e880e40effeefe7627a
GET /wp-content/uploads/2024/01/70-million-account-credentials-were-leaked-in-a-massive-password-dump.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 67966
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=75468
etag: "65a95084-126cc"
last-modified: Thu, 18 Jan 2024 16:23:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327057
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825cd8cb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg | 141.193.213.11 | 200 OK | 84 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/google-amp_02.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x751, components 3 Hash821f120d83ccc2b943701459fd8c2676 fe7a435e6b6ae64c80d005c9a6d1e02985090a03 e03c4dee893e4ab667b0e92e791bd76021c03a88925e4a6124e0115372b85d55
GET /wp-content/uploads/2023/05/google-amp_02.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 83942
last-modified: Wed, 08 Nov 2023 18:51:31 GMT
etag: "654bd8b3-147e6"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825bd7fb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-6DL3S186WS | 142.250.74.168 | 200 OK | 87 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-6DL3S186WS IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Hashdbbe1c28ded84f00e40ae868317c470d 4be9edfc3336d1fcedcb600bd4331d6e083b4a7b dff99b322006d19cf5b8791ee773df59e9a54884533d95b2a976fe7c9ee94136
GET /gtag/js?id=G-6DL3S186WS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:14:52 GMT
expires: Thu, 25 Apr 2024 23:14:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86562
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png | 141.193.213.11 | 200 OK | 195 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/05/microsoft-phishing-zip.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typePNG image data, 1173 x 633, 8-bit/color RGB, non-interlaced Size195 kB (194628 bytes) Hash5b5721bbfdca1406e738116fad0fed0b 19a0d5a69b70b0dba7f7680ee832de26c3a4b809 29d5ab51a91ff4ceb4b0159c7d148d8a8dc6e231777fcc36194a5dc2be3a5863
GET /wp-content/uploads/2023/05/microsoft-phishing-zip.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/png
content-length: 194628
last-modified: Wed, 08 Nov 2023 18:51:32 GMT
etag: "654bd8b4-2f844"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825bd80b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg | 141.193.213.11 | 200 OK | 478 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size478 kB (477863 bytes) Hash655d08cf6d96a363e39c465dac10190f a3bdea8f139718bf47497e04d9a333d14a2cfa9f ec60f80cd5c197f9b81538bd10f38084a91066faea759c879d5673d68808b99f
GET /wp-content/uploads/2024/04/fredrick-suwandi-csXTAyTiESo-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 477863
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=535385
etag: "66167e38-82b59"
last-modified: Wed, 10 Apr 2024 11:55:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327105
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825cd8fb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg | 141.193.213.11 | 200 OK | 265 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x799, components 3 Size265 kB (264740 bytes) Hash8cbfde1dabbf6353242204fb36efaea4 f2368204588944a6da3bb8d8339d9b03ad1a3989 e0383d956b4ba021221c00ceb187cd3a46b7095b2b0ee4a498881e4391b7ebfa
GET /wp-content/uploads/2023/10/clint-patterson-yGPxCYPS8H4-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 264740
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=289019
etag: "654bd8a6-468fb"
last-modified: Wed, 08 Nov 2023 18:51:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327105
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825dd91b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.1.91 | 200 OK | 54 kB |
URL GET HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash08744fedd69da7e5a93ee570031a3c7b e96d7e8fcdb12e00fe2b83ef4708428a7b75cf29 a0cabb56423061f953337f2fec955be2e1e1bc890857c496a581ba212db4c5ca
GET /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"ef32cb6607170b97e3fcdfce89dd5abc"
x-version: 1.1381.0
x-request-id: 62fb61c7-fb78-4ff4-a199-e6e5d40e88a5
content-encoding: br
x-envoy-upstream-service-time: 288
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 33721
date: Thu, 25 Apr 2024 23:14:52 GMT
x-served-by: cache-ams21024-AMS, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 44, 0
x-timer: S1714086893.898415,VS0,VE2
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54042
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg | 141.193.213.11 | 200 OK | 215 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x828, components 3 Size215 kB (214750 bytes) Hash516950906fdeb9383252a8c263b5ca0b 7910e4e7a6c0e24e000d6e90ec350f9ac43e4260 70c02b96bf2fb64da5658faa29379f58eb5ace80efc16ebe0f802824c4fbbb06
GET /wp-content/uploads/2024/04/Ecosia-browser-released-for-Windows-and-macOS.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 214750
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=227328
etag: "662753d1-37800"
last-modified: Tue, 23 Apr 2024 06:23:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 225887
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825dd97b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg | 141.193.213.11 | 200 OK | 246 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size246 kB (246065 bytes) Hashd840cd6998cfa2928ae3e7b81acc1dc4 7a40cbb702721b9cac375840f7fb07effe9ecef8 c11f87af868f757be514cbda7f0b5e99dc07a9556acf0661fefcc5ca763ba0ad
GET /wp-content/uploads/2024/04/mike-petrucci-c9FQyqIECds-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 246065
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=263508
etag: "66260c65-40554"
last-modified: Mon, 22 Apr 2024 07:06:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 316292
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825dd98b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg | 141.193.213.11 | 200 OK | 153 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x900, components 3 Size153 kB (153005 bytes) Hash2b9c54d60720c2eb83f235265e058f90 a16a9443302ef2df51197cdea6f3d37162be9a9a d6282d7808651a3a8a86885958df07702350ee738a249abe95fa4d1251272dc3
GET /wp-content/uploads/2024/04/jon-tyson-XzUMBNmQro0-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 153005
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=165934
etag: "66222569-2882e"
last-modified: Fri, 19 Apr 2024 08:03:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 327105
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825dd99b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/brave-search-answer-with-ai.png | 141.193.213.11 | 200 OK | 636 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/brave-search-answer-with-ai.png IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeRIFF (little-endian) data, Web/P image Size636 kB (635680 bytes) Hash9447613d5819f09411035b05009d764a 2c0572f32c8fcc9bb5503227bc9deffc81b3933a 7f90d491a7a2af6bda0e5ce269bebb1b5b56e54b73921792797057c92d6c40c5
GET /wp-content/uploads/2024/04/brave-search-answer-with-ai.png HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/webp
content-length: 635680
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=821728
content-disposition: inline; filename="brave-search-answer-with-ai.webp"
etag: "6620b0bb-c89e0"
last-modified: Thu, 18 Apr 2024 05:33:47 GMT
vary: Accept
cf-cache-status: HIT
age: 325924
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825dd9ab512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg | 141.193.213.11 | 200 OK | 91 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x800, components 3 Hash4c9a7b2fb5e42b0daa9b3d4e261e47af 1fad98077c471b361e68ee27644c84ef621ac681 fe874a387810041328a72df62c42890597e6cd4cece35f2e7e88f604adb008a9
GET /wp-content/uploads/2024/04/Delta-emulator-is-now-available-on-the-iOS-App-Store-but-not-for-EU-users.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 91434
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=94325
etag: "66209cd0-17075"
last-modified: Thu, 18 Apr 2024 04:08:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 325924
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825ed9cb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg | 141.193.213.11 | 200 OK | 283 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, progressive, precision 8, 1200x800, components 3 Size283 kB (283351 bytes) Hashed3c9b7207420906ae33273a8ddcbe3f 6884948c2dbd858c3ea0f214ea2c4bd5676a62b2 35eaa364539cb55b67861801e0bd9b4bc691c7198b1be8d585f05e38a832a5cd
GET /wp-content/uploads/2024/01/microsoft-edge-TcC5qr3dpgA-unsplash.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 283351
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=306779
etag: "65aa11db-4ae5b"
last-modified: Fri, 19 Jan 2024 06:08:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 325924
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825eda1b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg | 141.193.213.11 | 200 OK | 26 kB |
URL GET HTTP/3www.ghacks.net/wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1200x675, components 3 Hashfa56fbf0f90b4e67f31da67fab67f849 094074474786c02ec09d61a2a0a3be94025d7669 4fa5fb28521342d00a510235305ad0934debab6775813f3af98bdb68003077f0
GET /wp-content/uploads/2024/04/Mozilla-Firefox-125-brings-text-highlighting-in-PDFs-URL-Paste-Suggestion.jpg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: image/jpeg
content-length: 25524
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31987
etag: "661e4ca0-7cf3"
last-modified: Tue, 16 Apr 2024 10:02:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 325924
accept-ranges: bytes
server: cloudflare
cf-ray: 87a20825eda2b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 | 141.193.213.11 | 200 OK | 2.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7651), with no line terminators Hashf647b4eac81ac671319b059dd7923af4 51f5d10fdb6286075d6fbdcee8dc208dde1a3e6b 67ebe421d6af2f1115d6bf5105ce6ea473e28cfc904cef68d434db3c51da3b84
GET /wp-content/plugins/responsive-menu/v4.0.0/assets/js/rmp-menu.min.js?ver=4.3.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 22 Apr 2024 04:14:33 GMT
etag: W/"6625e429-1de3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327105
server: cloudflare
cf-ray: 87a208260dadb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14916) Hash5e7f7ff3266816dcc5f6788fa83937cf 8db62c96b2f6b45549e7aadf0fac75252a5b2949 f45cd9b233359f93287b58c02c16915e1af7c540f778a85752997c75b825505b
GET /wp-content/plugins/geoip-detect/js/dist/frontend_full.js?ver=5.3.2 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:18 GMT
etag: W/"657fc71a-3a6f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a20825fda7b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 | 141.193.213.11 | 200 OK | 11 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeUnicode text, UTF-8 text, with very long lines (1659) Hash64b2c0946873f197643e17b6083ece3f b8ffd1a228052b6269e356a404d5394491d9a6d3 69804f3fd93008b0ea1e4ff61873498daba6fe2d3202318aee7c86862c6e6eb0
GET /wp-content/themes/new-ghacks-preview/revamp-infinite-leaderboard.js?ver=0.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-18d0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325559
server: cloudflare
cf-ray: 87a208265dd5b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 | 151.101.1.91 | 200 OK | 0 B |
URL GET HTTP/2spn-v1.revampcdn.com/publishers/ghacks.js?modern=1 IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /publishers/ghacks.js?modern=1 HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"ef32cb6607170b97e3fcdfce89dd5abc"
x-version: 1.1381.0
x-request-id: 62fb61c7-fb78-4ff4-a199-e6e5d40e88a5
content-encoding: br
x-envoy-upstream-service-time: 288
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 23:14:53 GMT
age: 33721
x-served-by: cache-ams21024-AMS, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 44, 1
x-timer: S1714086894.612103,VS0,VE1
vary: Accept-Encoding,x-device-platform,x-platform-id
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54042
X-Firefox-Spdy: h2
|
|
| sdk.mrf.io/statics/marfeel-sdk.js?id=2544 | 172.67.159.162 | 200 OK | 43 kB |
URL GET HTTP/2sdk.mrf.io/statics/marfeel-sdk.js?id=2544 IP172.67.159.162:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectsdk.mrf.io FingerprintE3:5F:E1:81:2C:18:A0:6B:1A:CF:FB:54:9E:3E:3F:A5:6C:31:E1:FE ValidityWed, 27 Mar 2024 00:15:55 GMT - Tue, 25 Jun 2024 00:15:54 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61847) Hash733b603322a399e0bba15a327b87e3ee 01619481b0478a029e7a743285ad296807e564b8 34129a55d34105adae0bfa8265d03ecf61dc0083a2915aecd1184de38fac4527
GET /statics/marfeel-sdk.js?id=2544 HTTP/1.1
Host: sdk.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 42610
cache-control: max-age=1800
access-control-allow-origin: *
x-response-time: 2ms
content-encoding: gzip
x-envoy-upstream-service-time: 13
cf-cache-status: HIT
age: 67
last-modified: Thu, 25 Apr 2024 23:13:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a2082d0e885694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 | 141.193.213.11 | 200 OK | 97 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (8874), with no line terminators Hash68671fadf610269ccfb27f5a3b62b39a 0524cc4b457129c6e49d44617edbc591118e5cde 27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db
GET /wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:33 GMT
etag: W/"654bda59-22aa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208259d60b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-NHW6RDK IP142.250.74.168:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2022) Hash90c986f586c8764db453a60489449c34 ce61b36700a71fe7b95d6f160fd117939dbc82fc 3fa209d93c8e68fb5fd269a8d8b84dd3ef9d859eb84027d4d4bcc2aa63a331bd
GET /gtm.js?id=GTM-NHW6RDK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:14:53 GMT
expires: Thu, 25 Apr 2024 23:14:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 21:56:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true |  104.22.74.216 | 200 OK | 18 kB |
URL GET HTTP/2btloader.com/tag?o=5633429348548608&domain=ghacks.net&upapi=true IP104.22.74.216:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectbtloader.com Fingerprint70:F7:F9:F7:42:5B:08:2E:94:58:BB:71:DF:F9:4D:8C:F5:09:57:DA ValiditySun, 14 Apr 2024 06:05:01 GMT - Sat, 13 Jul 2024 06:05:00 GMT
File typeJavaScript source, ASCII text, with very long lines (55080) Hash15ce8b579881cb583e8d48d495bb9707 b2a222bcf05e9953da93f0bc6e80171381ebbb55 bba3a16748ae1653de65962e61a348311cc9e3512f1d88f06b8d6dc7e9116ce8
GET /tag?o=5633429348548608&domain=ghacks.net&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: application/javascript
content-length: 18411
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "c15f54172f48d8d96e1953e4847ee214"
last-modified: Thu, 25 Apr 2024 23:12:58 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 87a2082dea318f60-CPH
X-Firefox-Spdy: h2
|
|
| notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 |  139.45.197.253 | 200 OK | 108 B |
URL GET HTTP/2notix.io/settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 IP139.45.197.253:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
Hashc2e526b87becea70e84e59e6140c1667 d81024ed28402da62f33d0c87a0502edae040086 6bf0a4f3020094b5acbfbec37adcfe72560f05e78022b8d60c42bdf8160317d3
GET /settings?appId=100463775616ecb625f0290cd8eaf73&ver=0.16.4 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: application/json; charset=utf-8
content-length: 108
access-control-allow-origin: https://www.ghacks.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/favicon.ico | 141.193.213.11 | 200 OK | 0 B |
URL GET HTTP/3www.ghacks.net/favicon.ico IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q; rv_prebid_position=652; rv_test_position=889; rv_fp_ad_session_id=c94bc007-865a-4b0e-8a78-762989344112; rv_fp_pv=1; _dd_s=rum=2&id=d564e365-38c3-41dd-a472-4056b42bff43&created=1714086893977&expire=1714087793977
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:54 GMT
content-type: image/x-icon
content-length: 0
last-modified: Fri, 19 Apr 2024 23:01:49 GMT
etag: "6622f7dd-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 327106
accept-ranges: bytes
server: cloudflare
cf-ray: 87a208303c00b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ad-delivery.net/px.gif?ch=2 | 104.26.2.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=2 IP104.26.2.70:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:14:54 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1098202
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqfb%2BRKIvK9ITdphG6d%2Ffu2iIbO5Dd5LiistzyimvtLd4DcEr3ItCHNNM2Dj%2BA5FXsRW9n%2FWvEMo%2BoNhRriqmVFavvrq1E4jHbavo2eDIRj8cJZcYWpGRWVLNCaIE2tewQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20830affeb527-OSL
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 | 142.250.74.131 | 200 OK | 181 kB |
URL GET HTTP/2www.gstatic.com/readaloud/player/web/api/js/api.js?ver=1 IP142.250.74.131:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (5280) Size181 kB (180715 bytes) Hash1f1319b651c980800276fe55eb86b8f5 0a1c600cfa3596686e6d564f5e38cbdc3b6d047a 8fdb846f4a09e6e57c84908277101c3878d9f3eec18f3c3408a68aedc16b8cb9
GET /readaloud/player/web/api/js/api.js?ver=1 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="speakr"
report-to: {"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-length: 180715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 23:14:41 GMT
expires: Fri, 26 Apr 2024 00:04:41 GMT
cache-control: public, max-age=3000
age: 13
last-modified: Sun, 10 Mar 2024 09:27:38 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=1&e=0.5459634627089355 | 104.26.2.70 | 200 OK | 43 B |
URL GET HTTP/2ad-delivery.net/px.gif?ch=1&e=0.5459634627089355 IP104.26.2.70:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectad-delivery.net Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18 ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.5459634627089355 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:14:54 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 1098202
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRH78LlwGpubushlR1VjgcmkGyJ2xFAl8OWKOOprdTvg8vnaRwc6DBwO%2BePFtw4%2FlVgukH1cOUkHt7T5SaytySfbxcdjVJiYqu6k1SlxV9Fb4yjLt2Gb7MMIL8QCbjsPGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20830c810b527-OSL
X-Firefox-Spdy: h2
|
|
| imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 | 142.250.74.106 | 200 OK | 136 kB |
URL GET HTTP/2imasdk.googleapis.com/js/sdkloader/ima3.js?ver=1 IP142.250.74.106:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (1754) Size136 kB (135608 bytes) Hash61eaa70d7948780d391ebb60170131b6 5eeb9408b943af3c7e670125b68158cba3a25196 b6a0dc033049e4e05526c0c761456ace62442066b3e162841e9e8187aa383a5c
GET /js/sdkloader/ima3.js?ver=1 HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 135608
date: Thu, 25 Apr 2024 23:14:54 GMT
expires: Thu, 25 Apr 2024 23:14:54 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/mw/state?bt_env=prod | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/mw/state?bt_env=prod IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Thu, 25 Apr 2024 23:14:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c1e70cf6-f738-4fa4-a7bd-8b259d185cb4&batch_time=1714086894280 | 3.233.159.172 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c1e70cf6-f738-4fa4-a7bd-8b259d185cb4&batch_time=1714086894280 IP3.233.159.172:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hash6a7292101d86f735c02254004a669485 a703f6c6e0208b38ec357b5ce757350874a1d239 9e909cc0e6d1810600ff77ea446d053583f926f73f1b23e7ddfbc94795f44f00
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c1e70cf6-f738-4fa4-a7bd-8b259d185cb4&batch_time=1714086894280 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15961
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 25 Apr 2024 23:14:54 GMT
content-type: application/json
content-length: 53
dd-request-id: c1e70cf6-f738-4fa4-a7bd-8b259d185cb4
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=8a4a675f-c4a9-410e-9471-406a7c49ea5a&batch_time=1714086894267 | 3.233.159.172 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=8a4a675f-c4a9-410e-9471-406a7c49ea5a&batch_time=1714086894267 IP3.233.159.172:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hashf8dfcea9e2d657f93a07813fa5da504a a5e1db1e9366135359cefee25a58f311df7252b6 136aef8cf579ce115bdafdf2fce34b56fd931b841f0eba189df8bed514246a42
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=8a4a675f-c4a9-410e-9471-406a7c49ea5a&batch_time=1714086894267 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16173
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 25 Apr 2024 23:14:54 GMT
content-type: application/json
content-length: 53
dd-request-id: 8a4a675f-c4a9-410e-9471-406a7c49ea5a
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=a61293dd-1328-464f-8f3c-2445a02abafe&batch_time=1714086894273 | 3.233.159.172 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=a61293dd-1328-464f-8f3c-2445a02abafe&batch_time=1714086894273 IP3.233.159.172:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hashd473e2d1d7cda8d59e66a38a019b372a 29bd18e7789248cde8334a5fa6a4c0827ee89664 e074658a3cc9a52e59caa42447a6e1767ba04bff7f1a68cc7abd7eccbeb18ac8
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=a61293dd-1328-464f-8f3c-2445a02abafe&batch_time=1714086894273 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15876
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 25 Apr 2024 23:14:54 GMT
content-type: application/json
content-length: 53
dd-request-id: a61293dd-1328-464f-8f3c-2445a02abafe
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=bb7f4272-8d05-4cce-b07d-df7143b458f0&batch_time=1714086894259 | 3.233.159.172 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=bb7f4272-8d05-4cce-b07d-df7143b458f0&batch_time=1714086894259 IP3.233.159.172:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hasha4db822d91913494f20abc627715fec5 ded3e5b3837d01263f4a2cb0e5fec24822941d05 f7c8a4df2da67c81feb438e0596f2fd2e9714dc24681782cef350e900edc9ebe
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=bb7f4272-8d05-4cce-b07d-df7143b458f0&batch_time=1714086894259 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15517
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Thu, 25 Apr 2024 23:14:54 GMT
content-type: application/json
content-length: 53
dd-request-id: bb7f4272-8d05-4cce-b07d-df7143b458f0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| api.btloader.com/country?o=5633429348548608 | 130.211.23.194 | 200 OK | 37 B |
URL GET HTTP/2api.btloader.com/country?o=5633429348548608 IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashbdfe458835550c34f45fc9fdfeebb12a 0f08aa02e7bcbf4c5e991a5defb2fdbd03a86f3d ad26ec64cc613fbfbd47faaf39f9921c2b19769bde1d3c5c2857a671e7863cf9
GET /country?o=5633429348548608 HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Thu, 25 Apr 2024 23:14:55 GMT
content-length: 37
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/pv?tid=YSvaafTek&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=vXzBFjlP&pm=true&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL GET HTTP/2api.btloader.com/pv?tid=YSvaafTek&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=vXzBFjlP&pm=true&upapi=true IP130.211.23.194:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerGoogle Trust Services LLC Subjectapi.btloader.com Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=YSvaafTek&w=5874461553721344&o=5633429348548608&cv=2.1.43&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&sid=vXzBFjlP&pm=true&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 25 Apr 2024 23:14:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c8390579-06cd-48bf-8401-18d5d87899ae&batch_time=1714086895113 | 3.233.159.172 | 202 Accepted | 53 B |
URL POST HTTP/2rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c8390579-06cd-48bf-8401-18d5d87899ae&batch_time=1714086895113 IP3.233.159.172:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.browser-intake-datadoghq.com Fingerprint90:98:16:E4:5F:36:C7:67:0F:C6:18:49:63:19:73:FC:82:36:C1:4E ValiditySat, 17 Jun 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hashe5b6a1cded147de80132c7a12b5a605c d0c4ee5688688810973219427a7203a238f29592 0c4d7f647a8b0a89824f0de1bc2f13279c98e0827154a97d8ff77592ed1301e0
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Aghacks%2Cversion%3A1.1381.0&dd-api-key=pub63eca18f566b01699c3718b5f82d3cab&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=c8390579-06cd-48bf-8401-18d5d87899ae&batch_time=1714086895113 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15918
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 202 Accepted
date: Thu, 25 Apr 2024 23:14:55 GMT
content-type: application/json
content-length: 53
dd-request-id: c8390579-06cd-48bf-8401-18d5d87899ae
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php |  57.128.96.93 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.93:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 842
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:14:59 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.93 | 200 OK | 86 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.93:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hasha11cb9e4896c278cd189ffb9789da066 465a668593ed60b4cee5d2ece09c5cd0b346008b c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 848
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:14:59 GMT
content-length: 86
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/recirculation.php | 57.128.96.93 | 200 OK | 12 B |
URL POST HTTP/2events.newsroom.bi/recirculation.php IP57.128.96.93:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hashaf472541e2d2b40737f6e7e9b55de6c7 9c9e4af771378e62f91a9f74b3f5696228c4167b a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
POST /recirculation.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2761
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:15:05 GMT
content-length: 12
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=07496a0d-ad8a-4852-9c66-303ea1d47f92&fvst=1714086894&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=11&sid=2544&useg=&utyp=0&vfrq=6 | 104.21.50.90 | 200 OK | 75 B |
URL GET HTTP/2flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=07496a0d-ad8a-4852-9c66-303ea1d47f92&fvst=1714086894&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=11&sid=2544&useg=&utyp=0&vfrq=6 IP104.21.50.90:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectflowcards.mrf.io FingerprintCD:D3:F7:18:EC:9C:A7:C1:6D:05:F1:5C:54:84:BD:27:EE:08:49:3F ValidityTue, 16 Apr 2024 05:29:37 GMT - Mon, 15 Jul 2024 05:29:36 GMT
Hash86fa40a699df8edead4fdc88e68ecf89 42c28cce3e35436cc7ad0486385ebe9ea944632f 4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50
GET /json/experiences?url=https%3A%2F%2Fwww.ghacks.net%2F2023%2F05%2F15%2Fgoogles-zip-top-level-domain-is-already-used-in-phishing-attacks%2F&clid=07496a0d-ad8a-4852-9c66-303ea1d47f92&fvst=1714086894&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2023-05-15T11:53:31+00:00&sdu=11&sid=2544&useg=&utyp=0&vfrq=6 HTTP/1.1
Host: flowcards.mrf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:15:05 GMT
content-type: application/json; charset=utf-8
content-length: 75
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
x-envoy-upstream-service-time: 63
cf-cache-status: BYPASS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a20874992f0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.93 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.93:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 849
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:15:10 GMT
content-length: 2
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| events.newsroom.bi/ingest.php | 57.128.96.93 | 200 OK | 2 B |
URL POST HTTP/2events.newsroom.bi/ingest.php IP57.128.96.93:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectssl03.cert.cl11.k8s.mrf.io Fingerprint5F:48:D7:AE:28:B3:B0:F7:9E:F7:1B:12:DE:26:49:86:0E:4C:22:C0 ValidityThu, 04 Apr 2024 06:11:16 GMT - Wed, 03 Jul 2024 06:11:15 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /ingest.php HTTP/1.1
Host: events.newsroom.bi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 849
Origin: https://www.ghacks.net
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.ghacks.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: private,no-store
content-type: application/json
date: Thu, 25 Apr 2024 23:15:15 GMT
content-length: 2
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 8.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (8193), with no line terminators Hashd0b1eed64061803f153cd21d2d0c8b0d 7945b89f7f9431761433b169e44fff149157eee9 64b9ef49ce14cc0e3e5163c8023207bd0393932f673b27e23f4cd83d27116077
GET /wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-1f19"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208258d56b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 | 141.193.213.11 | 200 OK | 978 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (999), with no line terminators Hashcb8c054c5cd8cfb0cba355a6ab0267b7 ad24e21c1d4093056fe3b9ea7f529cbb05a5e718 13bb6de7dfea9458b5a590c92fdb80a727356c1f91c557b1d030a2888cdd7369
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-3d2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208259d64b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
etag: W/"6482bd64-3509"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208259d6cb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js | 141.193.213.11 | 200 OK | 30 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (21977), with CRLF line terminators Hash136c745e6d222776ff48f5baf3568739 def0672c6e899debea85b4bb0b4bbe3f09c9c315 554f3ff96cba4f2f33ff2c37c48282006ab24a85cf9ca0ac8b22b0a06126c1d4
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-73e0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a20825ad71b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 | 141.193.213.11 | 200 OK | 1.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (1473), with no line terminators Hash2e336def6a6179c366ae7b5807f71230 fd798016e1b4de12c4bdb918808a44ba956d82ef da453daa00bd04b5837395427c6fc357970aa9b4154c9c57e971acc538f2327d
GET /wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-57b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208258d59b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.datadoghq-browser-agent.com/datadog-rum-v4.js | 54.230.83.119 | 200 OK | 153 kB |
URL GET HTTP/2www.datadoghq-browser-agent.com/datadog-rum-v4.js IP54.230.83.119:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerDigiCert Inc Subject*.datadoghq-browser-agent.com Fingerprint8E:43:FD:49:B4:79:B9:C5:3C:18:E1:BA:9F:28:56:E8:C3:73:9A:C7 ValidityTue, 12 Dec 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Size153 kB (153156 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /datadog-rum-v4.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 25 Apr 2024 23:13:59 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HeBgZ9qpu_ijU7xOLFmXa5tE4LfzTVNiBh9VX5OOhXlGCQtH14DTCg==
age: 57
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 14 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (13353) Hash7e29eec1f366019442c2e0b4979cb161 7644bbdcbc0f8cf275cd7d6c7b0aa8b9b2bf932f 58bbd6a241262127ddef359bd0d40bcbb1d84b1218f35164bc8d0348b5e8ec20
GET /wp-content/plugins/my-custom-functionality-master/assets/css/swiper.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-3528"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208258d58b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| polyfill.io/v2/polyfill.min.js?features=fetch | 104.18.52.27 | 200 OK | 103 B |
URL GET HTTP/2polyfill.io/v2/polyfill.min.js?features=fetch IP104.18.52.27:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerSectigo Limited Subject*.polyfill.io Fingerprint19:AA:59:2F:D9:8A:C1:48:99:20:3C:64:45:4E:E5:A6:1D:E4:92:0C ValidityTue, 20 Feb 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash9873517c6208ccf281b22546f8898e8c e76333df8509395e7287905624a940524305051c 117b8d7befad35ab652867c373d5a510f7cfee434d85af052d3078eb63e382a5
GET /v2/polyfill.min.js?features=fetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 87a20825edca56a9-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=14400
content-encoding: gzip
expires: Fri, 26 Apr 2024 03:14:53 GMT
last-modified: Thu, 25 Apr 2024 23:14:53 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,HEAD,OPTIONS
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 | 141.193.213.11 | 200 OK | 2.0 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (2099), with no line terminators Hash82d65a4965205ef6700c742003e1050f 10616a26d306cc152543750ce1b6a8673aa12585 a5d6a71abbf8c8f90b1f9ab66118bd96d2c3bc9fd399b84a57a0129855287937
GET /wp-content/themes/new-ghacks-preview/css/affiliate-link-shortcode.css?ver=5.6.13 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7d8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a20825fda3b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 | 141.193.213.11 | 200 OK | 1.6 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (1599), with no line terminators Hash70f91a2b08190feff505484d662177a3 09a304715dd90ea73f87bd90eb429c97e4059405 5a6da8b217356a219a09169c66c162f2460915b6737c66b90b023285f3a12768
GET /wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:37 GMT
etag: W/"654bda5d-62b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208257d55b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 | 141.193.213.11 | 200 OK | 6.2 kB |
URL GET HTTP/3www.ghacks.net/wp-content/tablepress-combined.min.css?ver=7 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (6246), with no line terminators Hash8b5521ad075a12c55832f020b436e4cd 98dae794a2c78e0f57f8cbe37fc6d1c834b147fa bf180216fdfcd4098ee0c30421c1c55143be800f3b39e67ab29e31bf540bcef0
GET /wp-content/tablepress-combined.min.css?ver=7 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 08 Apr 2024 04:15:10 GMT
etag: W/"66136f4e-184e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208258d5fb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 871 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (893), with no line terminators Hash4a575beeab891c7e0c9c5aabf017af61 f17b0229a69419ee1a60b4bbdb8949f136f3c90b b46cef510a78ae4fa455975a4ba95a7971eef079b05ba3be196094cf887d92b6
GET /wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-367"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327105
server: cloudflare
cf-ray: 87a208265dd3b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ | 141.193.213.11 | 200 OK | 150 kB |
URL User Request GET HTTP/2www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Size150 kB (150215 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
link: <https://www.ghacks.net/wp-json/>; rel="https://api.w.org/", <https://www.ghacks.net/wp-json/wp/v2/posts/194771>; rel="alternate"; type="application/json", <https://www.ghacks.net/?p=194771>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 13
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a20822ab240b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 110 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Size110 kB (110147 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
etag: W/"65b15ec4-1ae43"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208257d54b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 | 141.193.213.11 | 200 OK | 59 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/css/dashicons.min.css?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (58981) Hashd68d6bf519169d86e155bad0bed833f8 27ba9c67d0e775fc4e6dd62011daf4c3902698fc c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
GET /wp-includes/css/dashicons.min.css?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208258d5bb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 | 141.193.213.11 | 200 OK | 136 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65281) Size136 kB (136235 bytes) Hash109e655465f9d245b3a1e362a0191de1 0e0f00c77214ae421645005171d1c8721f917670 d36ac645d9f3443fe2b4ee6306a14b305bc3d93f3ed72e913d067d02200e889c
GET /wp-content/plugins/my-custom-functionality-master/assets/js/swiper.min.js?ver=9.9.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:36 GMT
etag: W/"654bda5c-2142b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a20825fda9b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 | 141.193.213.11 | 200 OK | 344 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with very long lines (356), with no line terminators Hash6ec6d67da3e14434b1f44c0274dd6426 cf3db60c5d16f64df4a71ef57a7a284dd53b68b6 d9d4801056836c4f0101417fe4b7ceb30c9444b350cf4ef5bc67f1dd57e66a99
GET /wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.26 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-158"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208258d5db512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 | 141.193.213.11 | 200 OK | 2.4 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (2705), with no line terminators Hash52b78c16f3448205252e13c78042da8e 25cc42371ff3e4c7d22ebfd79fb7e1bf7b46852b 25375b10fec2eb232f35f30fd4c9b78577d3cd0b98f775dc5da48607e85e4400
GET /wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=1.0 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:40 GMT
etag: W/"654bda60-95c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208259d65b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg | 141.193.213.11 | 200 OK | 894 B |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/images/search-icon.svg IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeSVG Scalable Vector Graphics image Hash31ffae4dc3f9513b90cece58e109d074 3d9d4360489d8a2213ced78ea01d7299456ef5dc 11c7f674f5c8f6705071eeb9c4036f51243fc4e79c06ba784e92324fef1e4f94
GET /wp-content/themes/new-ghacks-preview/images/search-icon.svg HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-37e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a2082ca9c3b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js | 54.230.111.7 | 200 OK | 271 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js IP54.230.111.7:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Size271 kB (270587 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/ui-gdpr-en-web.6432b45dc598961221a51f31d27d31da884aa131.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 30828
date: Thu, 25 Apr 2024 14:41:07 GMT
last-modified: Thu, 25 Apr 2024 14:39:52 GMT
etag: W/"8765146caccc91cbbae5375f58959e3d-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GDfs7rX8-hKv9XittdIq76-sdy0ixKpx1kp-_LwHLzcArVOp9sCdFQ==
|
|
| notix.io/ent/current/enot.min.js | 139.45.197.253 | 200 OK | 145 kB |
URL GET HTTP/2notix.io/ent/current/enot.min.js IP139.45.197.253:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectnotix.io Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145421 bytes) Hash9a3ae56c31a58c28e606e1e069a21059 ea3cdfcda002044373d2090e1745f83a15b82d17 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55
| Analyzer | Verdict | Alert |
|---|
| Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:38 GMT
etag: W/"65f18b52-2380d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 141.193.213.11 | 200 OK | 88 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
etag: W/"64ecd5ef-15601"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208259d68b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 | 141.193.213.11 | 200 OK | 3.0 kB |
URL GET HTTP/3www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=6.4.3 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeASCII text, with very long lines (3056), with no line terminators Hashdc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.4.3 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-ba5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325559
server: cloudflare
cf-ray: 87a208265dd4b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/statics/dfp.js | 141.193.213.11 | 404 Not Found | 146 B |
URL GET HTTP/3www.ghacks.net/statics/dfp.js IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
GET /statics/dfp.js HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 67
server: cloudflare
cf-ray: 87a2082c6980b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 | 141.193.213.11 | 200 OK | 11 kB |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hash91954b488a9bfcade528d6ff5c7ce83f edf589eb28247c73ccc04e5b34ad107b90bd1b2e 6bc5622bfab1a16855ad49b99a3f9ed8eb24f49da469a113f9000b866f109e2e
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1711341113 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 25 Mar 2024 04:31:53 GMT
etag: W/"6600fe39-2c7c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325559
server: cloudflare
cf-ray: 87a208265dd6b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 | 141.193.213.11 | 200 OK | 32 kB |
URL GET HTTP/3www.ghacks.net/wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/new-ghacks-preview/css/single.css?ver=5.6.15 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
etag: W/"654bda54-7b08"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 325560
server: cloudflare
cf-ray: 87a208258d5eb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 | 141.193.213.11 | 200 OK | 838 B |
URL GET HTTP/3www.ghacks.net/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeJavaScript source, ASCII text, with very long lines (898), with no line terminators Hashe54984c1349a2e08fc2fb047ef82ed5d 7953e56df0a1f5330cbbf865b13ae63c48b3289f 1eea5dc94ae2aacafcedf09f7e54d77d3ed9a60c21035551386a98b24955e6a2
GET /wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.4 HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:14:52 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 18 Dec 2023 04:14:54 GMT
etag: W/"657fc73e-346"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
cf-cache-status: HIT
age: 327106
server: cloudflare
cf-ray: 87a208259d6db512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js | 54.230.111.7 | 200 OK | 350 kB |
URL GET HTTP/3sdk.privacy-center.org/sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js IP54.230.111.7:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Size350 kB (349891 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/6432b45dc598961221a51f31d27d31da884aa131/modern/sdk.6432b45dc598961221a51f31d27d31da884aa131.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400
age: 30898
date: Thu, 25 Apr 2024 14:39:56 GMT
last-modified: Thu, 25 Apr 2024 14:39:49 GMT
etag: W/"70dc649d56fa01872df07dc9558652c6-1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rdZkRWfkGL_gBgdGhQN7e5hjYRbrEyPL5LED2wMvKI-hnWoiwVc7Gg==
|
|
| spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js | 151.101.1.91 | 200 OK | 336 kB |
URL GET HTTP/3spn-v1.revampcdn.com/prebid/ghacks/prebid-client.js IP151.101.1.91:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subject*.revampcdn.com FingerprintE5:5F:0C:7F:47:E7:70:A7:CE:2A:3A:DA:BE:26:A1:A3:EB:22:F5:58 ValidityTue, 02 Apr 2024 09:59:54 GMT - Mon, 01 Jul 2024 09:59:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size336 kB (336489 bytes) Hash800ee0a8091abc36b316b172573321cb 45f54af5e23eec352fb27ff4c76e8073ec515424 ff61dc78e659dd793eaa0e5ea0d6409da29d4faf94d22a505aae5a0f91925610
GET /prebid/ghacks/prebid-client.js HTTP/1.1
Host: spn-v1.revampcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 95597
server: istio-envoy
content-type: application/javascript; charset=utf-8
x-publisher-id: ghacks
etag: W/"a258da22da081ed7367d11911943f6b5"
x-version: 1.1379.0
x-request-id: 3b733d31-5a3d-4a8b-b282-9464db7c36a1
content-encoding: br
x-envoy-upstream-service-time: 76
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 23:14:53 GMT
age: 125096
x-served-by: cache-ams21030-AMS, cache-hel1410028-HEL
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1714086894.622778,VS0,VE2
vary: Accept-Encoding,x-country-code,x-device-platform
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
x-browser-name: Firefox
x-browser-version: 96.0
x-platform-id: Linux
x-platform-version:
cache-control: max-age=172500, private, stale-if-error=31536000, stale-while-revalidate=864000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net | 54.230.111.7 | 200 OK | 58 kB |
URL GET HTTP/2sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net IP54.230.111.7:443
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerAmazon Subject*.privacy-center.org Fingerprint1A:7E:F9:30:82:3B:8F:CF:86:98:3F:EC:6B:3C:10:21:07:6E:A0:8B ValiditySun, 10 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=www.ghacks.net HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ghacks.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-amzn-requestid: f2b92855-b1b1-42f0-8c7b-75f339633647
x-didomi-configs-version: 102
x-amzn-trace-id: root=1-662a7d2b-2e14265313a7f4d0760f2c14;parent=75b19cc49a7151fc;sampled=0;lineage=eaae1266:0
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
content-encoding: br
date: Thu, 25 Apr 2024 22:12:50 GMT
cache-control: max-age=7200, public
etag: W/"1bb1873f37530e5e36cde01a73f818dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nHRdtavG4oqXzjXvUDLH9PNPSSmOPK8szRAfsO-veiljLs8Vp0uR3g==
age: 5684
X-Firefox-Spdy: h2
|
|
| www.ghacks.net/statics/px.gif | 141.193.213.11 | 404 Not Found | 146 B |
URL GET HTTP/3www.ghacks.net/statics/px.gif IP141.193.213.11:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/ CertificateIssuerLet's Encrypt Subjectwww.ghacks.net Fingerprint12:1D:35:65:99:DC:0C:3B:62:83:F6:D5:77:BF:20:27:5E:AE:4E:77 ValiditySun, 21 Apr 2024 11:14:39 GMT - Sat, 20 Jul 2024 11:14:38 GMT
File typeHTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
GET /statics/px.gif HTTP/1.1
Host: www.ghacks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=4EPkbHjcL7LUCtucAkYWbGXBh_CU7jgevO_GjmAU.00-1714086891-1.0.1.1-F.DL0UIkGbxo1wZqHNcxvgMn4_g5vIdSvrkQsHZQn3lYF4mXxn.y4ov6b7oh49oVUM_xPphm_as36Pu4AWK5_Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 23:14:53 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 67
server: cloudflare
cf-ray: 87a2082c6981b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
0.0.0.0