CloudFlare + ConnectWise => Report phishing

So some Scammers seem to “hide” their sites behind CloudFlare. I’ve seen this a number of times. The sites are obfuscated using JavaScript and other tools in such a way it makes it difficult to flood requests at the back-end.

I reported https://cyhelp.top/ the other day and it was marked as a Phising site. So it seems worthwhile IF the ConnectWise site is connected to CloudFlare.

Feel free to submit reports to: https://abuse.cloudflare.com/phishing

You can tell if it’s a CloudFlare fronted site when it is loading OR by checking the HTTP headers (using Web Developer Tools.)

When clicking on the green arrow, you should see in the response “server: cloudflare” or something similar:

image1706×1424 115 KB

Recent Update:

The past week or so, many connect wise sites (xxx.top or yyy.help) seem to be fronted by CloudFlare proxy tools that prevent the automated flooding of their client software.

I’ve reported a number of sites (e.g. https://smhelp.top or https://lvhelp.top or https://qfzhelp.site) and either they have been taken down by the user or CloudFlare or the back-end provider. I’m not sure if it’s CloudFlare or just the usual cycling of sites scammers perform.

Unfortunately sites like: https://wrhelp.top are still up at the moment.