Hello,
We received a copyright infringement complaint regarding an abuse content hosted on your service.
— start of the technical details —
Hello,
Cloudflare received a phishing report regarding payment-now.top
Please be aware Cloudflare offers network service solutions including pass-through security services, a content distribution network (CDN) and registrar services. Due to the pass-through nature of our services, our IP addresses appear in WHOIS and DNS records for websites using Cloudflare. Cloudflare is generally not a website hosting provider, and we cannot remove material from the Internet that is hosted by others.
The actual host for payment-now.top are the following IP addresses. 54.36.127.177. Using the following command, you can confirm the site in question is hosted at that IP address: curl -v -H «Host: payment-now.top» 54.36.127.177/
Below is the information we received:
Reporter’s Name: The National Bank of Ukraine
Reporter’s Email Address: csirt-nbu@bank.gov.ua
Reporter’s Title: Phishing URLs targeting citizens of Ukraine, finance fraud
Reported URLs:
http://postnord-se.payment-now.top/pay/order/87246950
Logs or Evidence of Abuse: Finance fraud phishing URL, that target bank account of ukrainian
Please address this issue with your customer.
To respond to this issue, please reply to email-removed@provider.com.
Regards,
Cloudflare Trust & Safety
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
Cordially,
The OVHcloud Trust & Safety team.
