An abusive behaviour (Spam) originating from your IP ip-184.108.40.206/29 has been reported to or noticed by our Abuse Team.
Technical details showing the aforementioned problem follow :
— start of the technical details —
Hello ovh.net Abuse Desk,
This is an automated message from the Spamhaus Block List (SBL) database
to advise you that the IP below has been added to sbl.spamhaus.org:
Problem: *** BOTNET CONTROLLER LISTING ***
IcedID botnet controller @220.127.116.11
SBL Ref: SBL428802
The reason for listing the IP address(es) is explained at the url:
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
The OVH Abuse team.
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.
Malware botnet controller located at 18.104.22.168 on port 443 TCP:
$ telnet 22.214.171.124 443
Connected to 126.96.36.199.
Escape character is ‘^]’
$ nslookup 188.8.131.52
Other malicious domain names hosted on this IP address: