Hello,
We received a copyright infringement complaint regarding an abuse content hosted on your service.
— start of the technical details —
Cloudflare received a phishing report regarding:
unistop.xyz
Please be aware Cloudflare is a network provider offering a reverse proxy, pass-through security service. We are not a hosting provider. Cloudflare does not control the content of our customers.
The actual host for unistop.xyz are the following IP addresses. 192.99.55.68. Using the following command, you can confirm the site in question is hosted at that IP address: curl -v -H "Host: unistop.xyz" 192.99.55.68/
Below is the report we received:
Reporter: Anonymous
Reported URLs:
http://unistop.xyz/files/hiddis_setup_add.exe
Logs or Evidence of Abuse: Hello,
You are currently hosting a site which is associated with an ongoing malware attack. The malware is either spread via an email with a malicious attachment, which when run, appears to communicate with the following links; or it is spread directly using the following malicious links:
http://unistop.xyz/files/hiddis_setup_add.exe [104.21.49.105]
Visit the report below to see details on one of the attachments associated with this URL or IP address:
https://www.virustotal.com/en/file/0990a2572d8b275f4adb305f3673f72ba4baafa1f85c7132a2306531517ebca8/analysis/
Would it be possible to have this URL taken down as soon as possible?
Many thanks,
Netcraft
Phone: +44(0)1225 447500
Fax: +44(0)1225 448600
Netcraft Issue Number: 26051337
Please address this issue with your customer.
Regards,
Cloudflare Abuse \— Forwarded email(s) —
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
Cordially,
The OVHcloud Abuse team.
