1485
Welp that answers a lot of why all .ml are down
(i.imgur.com)
This is a most excellent place for technology news and articles.
Yes, but it is very quick and cheap to get a domain validated cert from a CA that is generally trusted by most web browsers, so once the bad actor has the domain, the should be able to trick most users, only maybe certificate pinning might help, but that is not widely used.