Hello,
An abusive behaviour (Intrusion) originating from your dedicated server ns3050322.ip-178-33-122.eu has been reported to or noticed by our Abuse Team.
Technical details showing the aforementioned problem follow :
— start of the technical details —
Hello,
We have identified hosts on your network that are hiding behind open proxies to launch Credential Stuffing attacks. Please find below the list of IP addresses for these attack drivers and corresponding sample attacks launched by them. Please contact us at email-removed@provider.com, if you need any further information for your investigation to mitigate the root cause.
Thanks,
AWS Shield — Threat Research
Offending IP addresses:
178.33.122.220
217.182.198.219
57.129.2.9
146.59.47.190
Sampled attack details:
attack_timestamp: 2025-03-07 20:23:01.000 UTC
attack_target: login.live.com:80
proxy_driver_ip: 178.33.122.220
proxy_driver_port: 63682
abused_proxy_ip: 3.xxx.xxx.xxx
abused_proxy_port: 80
attack_timestamp: 2025-03-07 13:12:48.000 UTC
attack_target: the-enr4.com:999
proxy_driver_ip: 217.182.198.219
proxy_driver_port: 21258
abused_proxy_ip: 18.xxx.xxx.xxx
abused_proxy_port: 80
attack_timestamp: 2025-03-07 15:30:42.000 UTC
attack_target: api.spectrum.net:80
proxy_driver_ip: 57.129.2.9
proxy_driver_port: 55521
abused_proxy_ip: 35.xxx.xxx.xxx
abused_proxy_port: 80
attack_timestamp: 2025-03-07 12:36:31.000 UTC
attack_target: auth.adguard-vpn.com:80
proxy_driver_ip: 146.59.47.190
proxy_driver_port: 53835
abused_proxy_ip: 35.xxx.xxx.xxx
abused_proxy_port: 80
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
Cordially,
The OVHcloud Trust & Safety team.
