vps交流

[美国VPS] Cloudflare的workers套jsproxy被微软举报欺诈?


就搭个jsproxy用来加速OneDrive,没后缀的时候就指向微软的登录界面
以下为原文内容
Cloudflare received a phishing report regarding:

crcc.workers.dev

Below is the report we received:

Reporter: Anonymous
Reported URLs:

http://onedrive.crcc.workers.dev/1fee427f-e744-4544-b7c7-556acc8d3140/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code+id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=779A069656D5B3479201E60D96E2E8D1D3EF1629A430090F-36C65954620577B2D4BAD8C8E625C8CC3689401B18509FBA84BEA2E9F9D319A3&redirect_uri=https%253A%252F%252Fcoo-my.sharepoint.com%252F_forms%252Fdefault.aspx&state=OD0w&claims=%257B%2522id_token%2522%253A%257B%2522xms_cc%2522%253A%257B%2522values%2522%253A%255B%2522CP1%2522%255D%257D%257D%257D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=68ef5ea0-00a4-5000-0516-7868e4e9a2d8&sso_reload=True

Logs or Evidence of Abuse: Hello,

We have discovered a phishing attack located on your network:

http://onedrive.crcc.workers.dev/1fee427f-e744-4544-b7c7-556acc8d3140/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code+id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=779A069656D5B3479201E60D96E2E8D1D3EF1629A430090F-36C65954620577B2D4BAD8C8E625C8CC3689401B18509FBA84BEA2E9F9D319A3&redirect_uri=https%253A%252F%252Fcoo-my.sharepoint.com%252F_forms%252Fdefault.aspx&state=OD0w&claims=%257B%2522id_token%2522%253A%257B%2522xms_cc%2522%253A%257B%2522values%2522%253A%255B%2522CP1%2522%255D%257D%257D%257D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=68ef5ea0-00a4-5000-0516-7868e4e9a2d8&sso_reload=True [104.21.85.88]

This attack targets our customer, Microsoft, website URL https://www.microsoft.com/.

Would it be possible to have the fraudulent content, and any other associated fraudulent content, taken down as soon as you are able to?

Additionally, please keep the fraudulent content safe so that our customer and law enforcement agencies can investigate this incident further once the site is offline.

More information about the detected issue is provided at https://incident.netcraft.com/8e1304875b76/

Many thanks,

Netcraft

Phone: +44(0)1225 447500
Fax: +44(0)1225 448600
Netcraft Issue Number: 35266375

We have restricted access to the phishing-related content until it has been removed.

Regards,

Cloudflare Trust & Safety