Hello,
An abusive behaviour (Network Attack) originating from your domain xakin.ovh has been reported to or noticed by our Abuse Team.
Technical details showing the aforementioned problem follow :
— start of the technical details —
\— about — http://xakin.ovh/index.php \— description follows — A person infects minecraft server files, and then distributes them on the Internet.
From your IP addresses, he manages infected servers to send commands for attacks, as well as monitor his botnet.
A person has already been doing this from your servers for over a year.
5.252.194.150 \— logs follow — one of the infected servers to which he constantly contacts for control.
1565 22:28:59,860478953 5.252.194.150 212.22.93.69 TCP 70 11110 34036 11110 \u2192 34036 [ACK] Seq=3906 Ack=7030 Win=118 Len=0 TSval=103779524 TSecr=4242057303
1570 22:29:02,860297489 5.252.194.150 212.22.93.69 TCP 75 11110 34036 11110 \u2192 34036 [PSH, ACK] Seq=3916 Ack=7048 Win=118 Len=5 TSval=103780274 TSecr=4242057803
1571 22:29:02,861227210 5.252.194.150 212.22.93.69 TCP 70 11110 34036 11110 \u2192 34036 [ACK] Seq=3921 Ack=7057 Win=118 Len=0 TSval=103780274 TSecr=4242058053 Category: ddos \— Forwarded email(s) —
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
Cordially,
The OVHcloud Abuse team.
