New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Ava.hosting review and I don't recommend it
I do not recommend this provider @AvaHosting , let alone partner with them, they unilaterally suspended it on the grounds of phishing reported by Cloudflare, instead of blocking 1 IP connected to the domain, they blocked all 23 IPs, and the server was suspended by them, and they did not inform via email what happened, and could not explain how they judged a website as a phishing website, as well as Cloudflare, even though the content of the website was only a static community page, I am very disappointed with them, the server is still suspended, and backups cannot be done.
Comments
Don't do the crime if you can't do the time
I didn't do anything crime, Cloudflare marked my client's domain, and they didn't check the contents of the website and immediately suspended it.
Because phishing is against their ToS. Stop crying and move on.
Yes, of course I will move on, but I will disappoint my client because of the unilateral suspension.
Unliteral suspension? Your client is burning @AvaHosting IPs. Maybe tell him to stop those things.
The domain is no longer connected to the Ava IP, but remains suspended
Hi.
We don't allow any kind of Phishing in our Network that is very explicit through our TOS / AUP.
Of course we don't offer the possibility of doing backups if you break the rules.
Phishing is not allowed.
Best Regards,
Ava.Hosting
If you think this was a false-positive and not a real phishing, would you share some proofs of it?
what is expected is only index.html, my client told me that the content of the website is a community static website, I'm not worried anymore, my clients are all gone
I saw dozens of phishing hosted on a IPFS (more info here), which hosts only static content too. So your proof is not acceptable.
I'm not worried anymore, my clients are all gone, thank you for these 2 months, but I'm still disappointed because it was suspended immediately without any confirmation
So your business is based on reselling VPS for phishing?
static index.html? yeah you or your client is bullshitting. that “static” page was likely a front for the phishing stuff
get rekt
no i reselling for website like anime, novel, and manga
Explanation:
Applying the Equation:
Substituting the values:
Simplifying:
Interpretation:
The integral of a constant (0.646) over time is a linear function. This suggests that the probability of a phishing incident leading to significant consequences increases steadily over time.
The value of 0.646 indicates a moderate probability. However, this is influenced by the specific values assigned to the variables. A higher value would suggest a greater likelihood of negative consequences.
Conclusion:
OP deserved it.
Let me guess:
Some individuals have great success using phishing software to harvest a large number of Facebook accounts. Accounts wtih ad money are then used for advertising fake investment sites, fake loan sites, etc. They spend only small amounts of ad money at a time, so the owner of the Facebook account doesn't notice it. Normal accounts are used to post bait in Facebook groups, linking to phishing sites.
The phishing sites are often hacked WordPress websites where a suspicious-looking URL displays the phishing page, but it is only visible if a query string with a key is added to the URL.
Low-end WordPress "experts" are easy prey for this kind of fraud because they cannot locate the phishing content and often claim that the reports are false.
Although WordPress websites are the main targets, any type of website with known security vulnerabilities can be exploited by these attackers.
time to explore alternative careers
Regarding this client, we need to prove to everyone that we are in the right.
Firstly, we received about 800 emails from Cloudflare in less than 5 minutes, indicating around 500 different phishing domains. These emails showed evidence of nearly 500 unique domains, clearly demonstrating that the client knows exactly what he is doing.
The client even offered to pay extra money so he could obtain the personal information of scammed individuals to make his illicit profits.
Would you like me to provide more information? We're prepared to share specific domain names, abuse reports, and any other evidence with any forum moderator.
thanks to people like @malhuda, we can't have nice things
and this is one of the reasons as to why providers stop offering cheap yearly deals.
@DP @raindog308
500 domains? That would have been a massive operation and I'm curious how Cloudflare received so many reports in such a short timeframe.
Like the budget for the domains alone makes me wonder why the "client" would go with some random reseller.
500 domains isnt “large” and reports may have been batched explaining why a large volume were received in a short period of time
How come you don't think it's large? Domain cost alone must have been over $1k, not to speak of logistics. I'm not up to date on phishing techniques but if we're talking E-Mail spam, how many E-Mails would you do per domain? I'm thinking you'd probably end up with upwards of a million E-Mails total.
All in all doesn't seem like some childs first steps at phishing, so then why would they go with someone seemingly clueless and incompetent (OP) when I'm sure there are hosters that specialize in shady stuff like that.
For cybercriminals, if they’re even successful in phishing 1 individual, that’s typically enough to pay for the entire operation. You don’t need to be particularly smart to do so. Cloudflare reports probably indicate a phishing website, like a fake login portal or fake support for a company.
If you look at YT channels like Jim Browning, you’ll see plenty of cases of random call centers making hundreds of thousands or millions of dollars per year off of just scamming people. The scammers themselves don’t need to be master hackers to do this and even the phishing pages themselves are often copied or poorly designed. Despite this, they still get a ton of money.
you heavily underestimate the budget of bad actors. think tens of thousands per operation, not hundreds of dollars
to add to what you said
most people doing the labour part of phishing do that because its low IQ and pays better than mcdonalds
don’t overestimate the brains you need to follow a script someone else wrote
Tens of thousands invested in a phishing operation must yield something in the hundred thousands or millions in profit. I would call that large.
I think you're overestimating cybercriminals, or at least the vast majority of them. You can look at reports by KrebsOnSecurity and see that even the big fish behind large botnets, million dollar simswap heists or spear-phishing campaigns against critical infrastructure are either literal children or people from poor countries without much technical expertise or budget to speak of. The average BreachForums user was probably 16 years old at best, using NordVPN and did his schoolwork on the same laptop he tried selling health insurance databases on
i spent 7 months at the [Big Green Dot] as a junior forensics freshie before pivoting into finance, ive seen it all
A call-center is a huge operation employing literally hundreds of indians, with all the management that includes. Them making hundreds of thousands or millions per year is honestly not that impressive.
A phishing campaign is a 1-5 man operation, runs for a few weeks at best before the domains die and at such a scale would net millions within that timeframe. Do that 4*12 times per year and you're looking at becoming a billionaire.
i laughed so hard i spat out my biltong!