Hey,
This IP is assigned to Cloudflare:
puck@dirk:~$ whois 2606:4700:3030::6815:5f93
...
NetRange: 2606:4700:: - 2606:4700::::::
CIDR: 2606:4700::/32
NetName: CLOUDFLARENET
NetHandle: NET6-2606-4700-1
Parent: NET6-2600 (NET6-2600-1)
NetType: Direct Allocation
OriginAS:
The domain is registered with webnic.cc, but all the registrar details
are hidden:
puck@dirk:~$ whois gnu-cash.org
Domain Name: gnu-cash.org
Registry Domain ID: 9a42474dfe5d4a8e9e50e0c56e101812-LROR
Registrar WHOIS Server: https://iwhois.webnic.cc
Registrar URL: https://www.webnic.cc/
Updated
Seems like this information could be used to report and pull the
gnu-cash.org domain:
Domain Name: gnu-cash.org
Registry Domain ID: 9a42474dfe5d4a8e9e50e0c56e101812-LROR
Registrar WHOIS Server: https://iwhois.webnic.cc
Registrar URL: https://www.webnic.cc/
Updated Date: 2022-10-25T22:39:36Z
OK sorry for the flood of email but as of 4:05PM US Pacific time the ad is
no longer showing for me either. So possibly already removed via my report
and others. As for the actual site there is nothing we can do, the
important thing is that it doesn't show up on Google. No trace of it on
Bing
You need to go to the main.php page link to see the fake site. Full link is
https://gnu-cash.org/main.php or possibly https://www.gnu-cash.org/main.php
Google ads are location and search history dependent so might not show up
everywhere.
Google has a separate tool to report phishing sites. But
Mystery deepens! When I tried to open this fake website it was not
available in Tor browser but pinging it revealed a response from IPV6
address 2606:4700:3030::6815:5f93. That IP does not seem to be registered
On Fri, Dec 9, 2022 at 5:40 PM Vincent Dawans wrote:
> Added screenshot showing
I don't see that ad when I search Google for gnucash; when I type
https://www.gnu-cash.org/ into my browser's address bar I'm taken to a page
titled "Dot Com Inovations"[sic] with a heading "October 20, 2022" and nothing
at all about GnuCash.
Not that there would be anything we could do about