As my opinion, Cloudflare is protecting scammers. I do many reports (before using phish.report) and want to say that them block ~10%. Sometimes when they forward request to hosting it works, but CF “red” page is rarely used and never (!) stopped service.
Also notice that Cloudlfare always forward your request to their client and scammers can just start to creating new domain/hosting and move from those, what you report.
So, for now - I’am or not reporting to CF or in few hours after others.
Also, i didn’t see service (like this, Netcraft or other) that get bypass from CF to automate checks websites. They don’t want to turn off captcha for gov or anti-phishing services.
They should get an lawsuit at this point.
I agree, our team has basically given up on Cloudflare. The time it takes for them to respond and for you to complete the abuse form is astounding. They don’t offer any support to independent security researchers or us in general. They could support us by creating an API to automate sending abuse complaints to Cloudflare, but that’s not happening anytime soon, it seems. @Iogroi2
As @whoops mentioned, CF is basically handing your information over to the scammer on a gift-wrapped silver platter, and notifying the owner of the offending domain that an abuse complaint has been filed against their domain. So the scammer or spammer simply moves on to another domain and simply cancels or deletes the old domain.
In our experience, our system is basically blocked from even accessing the spammy sites. This is because Cloudflare blocks us with a captcha. Yes, in theory we could implement a system to solve or bypass the brand new “Cloudflare Turnstile” captcha screen, but as with any other captcha, it takes a really long time to be solved by an AI, which significantly slows down our automated system’s ability to check the sites and take a screenshot if necessary. It’s just a really bad situation in general as it makes our lives a lot harder as we basically have to either ignore it or get a member of our human team to take the screenshots manually.
On the other hand, Sorry for writing the entire holy bible as this reply.
They only forward your details if you tick a box, as I recall. They also started forwarding my reports to the scammer’s hosting provider and put a block or warning on the scam site.
Just checked, to be sure, and it’s how I remember it.
System27 nailed it. Have been noticing a huge trend of Cloudflare supported phishing sites. “You have been blocked from viewing this website” Might have used Burpsuite and got my IP logged though. Which means all of Cloudflare block my IP now. I will have to setup another VPN.
I hate Cloudflare. CEO Matthew Prince should burn in hell. CF host a lot of Russian domain name scam phishing URLs that steal steamcommunity . com user names and passwords at fake login prompts. These URL are bot spammed in Steam User Group Chats, where as there is no moderation in groups or Valve to remove the malicious urls or the user bots posting them.
Coincidentally CF is also the partner host CDN of Valve + steampowered.com images etc in the Steam Store.
examples urls hosted by CF:
https : //urlscan . io/result/0a34974a-eba3-4016-b48c-a09921d03b15/related/
https : //urlscan . io/result/079e6a36-d73a-4e87-9d9d-108157f73fc0/related/
Did they change that?
Nevermind, It’s still the same for us.
Welcome to the Phish.report community!
We agree, Cloudflare clearly isn’t interested in taking down stuff. Their captcha systems also block our automated systems from Taking Pictures of the site, which is just annoying.
I can get you a USA VPN, System27 has a few VPNs setup which I can give out to members here.
If you need one, shoot me a direct message.
Please, please tell me what the hell is going on…
Sick for weeks, today get back into threat hunting.
95 percent of the usual phishing sites have all blocked me with a trusty 1020 Cloudflare ip ban…even after I use NordVPN and change it to somewhere else in my city.
Anyone else noticing this trend…?
How do I bypass the Cloudflare? Thanks
Try to use a different browser, Try incognito mode.
Does Cloudflare log and block useragents?
Im an idiot. It never even crossed my mind. Will try. Thanks.
Happens to the best of us
I actually reported stuff to cloudflare without ticking that checkbox and I actually got some “useless” responses from cloudflare.
At this point cloudflare is a plain scammer. The biggest one.
Microsoft or Google should just block cloudflare from even seeing the Internet.
They’re just like that one enemy you can’t kill (like in a videogame) and it’s annoying.
Or that one enemy where you absolutely K.O him but then rebirth and then he K.Os you.
Have tried System27’s solution of changing browsers etc. Changed VPN servers.
To no avail. Apparently, the dreaded Cloudflare 1020 (you are blocked) error runs pretty deep. There are some solutions, but they are way above my pay grade, which is $0.
Will keep digging.
We’ll try to figure out something for you, We’ll private message you or post a comment with the solution here.