Before the final redirect to the real AusPost website it puts a fake cookie with a type/extension mismatch in your browser's cache that looks like a real AusPost cookie. It was only doing it with Chrome.
Now a million dollar question, what is your purpose? Those webpages exist for a reason, to scam people, if they mistype an address.
Trying to report a fake webpage hosted on top, xyz or whatever TLD is pointless, they are designed to last for this purpose alone.
Now a million dollar question, what is your purpose? Those webpages exist for a reason, to scam people, if they mistype an address.
Trying to report a fake webpage hosted on top, xyz or whatever TLD is pointless, they are designed to last for this purpose alone.
That's what I'm interested in. I want to see where the reporting has broken down. Why can't I report their certificate authority or their host? Nothing works?
Certificate authority only verifies the authenticity of the webpage, it is not designed to handle malicious reports otherwise many "free" webpages would be shut down as the result.
When there is like 1 IT person on an island responsible for thousands of domains, he has his hands full, besides he is lucky to get paid, even $20 is a lot, so he does not really care.
Technically he only handles registrations, servers can be anywhere in the world and hosts move the responsibility to the TLD owner, so it is much easier and faster to let DNS to block.
The TLDs that distribute malware the most are.ga,.xyz,.cf,,tk,.org, and.ml. Phishing actors prefer to use.net domains, with.pw,.top,.ga, and.icu, following with notable volumes.
Out of over a thousand top-level domain choices, cyber-criminals and threat actors prefer a small set of 25, which accounts for 90% of all malicious sites.