Hello,
An abusive behaviour (Phishing) originating from your dedicated server ns3072633.ip-164-132-206.eu has been reported to or noticed by our Abuse Team.
Technical details showing the aforementioned problem follow :
— start of the technical details —
Cloudflare received a phishing report regarding:
skydonate.ru
Please be aware Cloudflare offers network service solutions including pass-through security services, a content distribution network (CDN) and registrar services. Due to the pass-through nature of our services, our IP addresses appear in WHOIS and DNS records for websites using Cloudflare. Cloudflare is generally not a website hosting provider, and we cannot remove material from the Internet that is hosted by others.
The actual host for skydonate.ru are the following IP addresses. 164.132.206.67. Using the following command, you can confirm the site in question is hosted at that IP address: curl -v -H «Host: skydonate.ru» 164.132.206.67/
Below is the report we received:
Reporter’s Name: Anton Aforenko
Reporter’s Email Address: marinkafiolo@gmail.com
Reported URLs:
https://skydonate.ru/
Original Work: https://easydonate.ru/
Logs or Evidence of Abuse: This website is a phishing site.
Official website: https://easydonate.ru/
This phishing site mimics the functionality of the official EasyDonate website. If users enter their real credentials (used on the official site), their accounts are compromised within approximately 5–50 minutes.
The site is clearly created to deceive users and steal access to their accounts. Please investigate and take the necessary actions to block or suspend this malicious resource.
If you click the “Register” button (in Russian) on the fake site, a login window appears requesting user credentials. After submitting the information and clicking the “Create Account” button (in Russian), the data is sent via a POST request directly to the owners of the phishing site — who then use it to hijack the account and possibly engage in fraud or further deception.
The site also imitates a fake control panel, which is designed not only to manage stolen accounts but also to gain control over users’ domains.
Please address this issue with your customer.
To respond to this issue, please reply to abusereply@cloudflare.com.
Regards,
Cloudflare Trust & Safety
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
Cordially,
The OVHcloud Trust & Safety team.
