Cloudflare received a phishing report regarding:
Please be aware Cloudflare is a network provider offering a reverse proxy, pass-through security service. We are not a hosting provider. Cloudflare does not control the content of our customers.
The actual host for ru-info.me are the following IP addresses. 220.127.116.11. Using the following command, you can confirm the site in question is hosted at that IP address: curl -v -H «Host: ru-info.me» 18.104.22.168/
Below is the report we received:
Reported URLs: http://mvideo.ru-info.me/3ds.php
Logs or Evidence of Abuse: Greetings,
We are BI.ZONE-CERT computer security incident response team. We are a
competent organization of Coordination Center for RU/ top level domain names.
BI.ZONE-CERT is a member of FIRST association and we cooperate with other
teams against online fraud and cybercrime: https://first.org/members/teams/bi-zone-cert
You've received this message because you are the WHOIS contact for the
network mentioned below. This message is intended for the person who is
responsible for computer security at your site. If this is not the
correct address, please forward this message to the appropriate party.
We have detected a phishing web site hosted at http://mvideo.ru-info.me/3ds.php
Please block the resource in order to stop the illegal activities.
Thank you for your cooperation.
With Best Regards,
BI.ZONE-CERT (FIRST Team) +7 (499) 110-25-34 firstname.lastname@example.org https://first.org/members/teams/bi-zone-cert
Please address this issue with your customer.