Hello,
An abusive behaviour (Intrusion) originating from your dedicated server ns3050322.ip-178-33-122.eu has been reported to or noticed by our Abuse Team.
Technical details showing the aforementioned problem follow :
— start of the technical details —
Hello,
We have identified hosts on your network that are hiding behind open proxies to launch Credential Stuffing attacks. Please find below the list of IP addresses for these attack drivers and corresponding sample attacks launched by them. Please contact us at email-removed@provider.com, if you need any further information for your investigation to mitigate the root cause.
Thanks,
AWS Shield — Threat Research
Offending IP addresses:
162.19.94.119
146.59.199.107
178.33.122.220
Sampled attack details:
attack_timestamp: 2025-02-25 01:05:49.000 UTC
attack_target: mintj.com:80
proxy_driver_ip: 162.19.94.119
proxy_driver_port: 62301
abused_proxy_ip: 13.xxx.xxx.xxx
abused_proxy_port: 17962
attack_timestamp: 2025-02-25 11:56:00.000 UTC
attack_target: orangetv.orange.es:80
proxy_driver_ip: 146.59.199.107
proxy_driver_port: 6330
abused_proxy_ip: 13.xxx.xxx.xxx
abused_proxy_port: 3128
attack_timestamp: 2025-02-25 12:15:47.000 UTC
attack_target: login.live.com:80
proxy_driver_ip: 178.33.122.220
proxy_driver_port: 49703
abused_proxy_ip: 52.xxx.xxx.xxx
abused_proxy_port: 3128
— end of the technical details —
Your should investigate and fix this problem, as it constitutes a violation to our terms of service.
Please answer to this e-mail indicating which measures you’ve taken to stop the abusive behaviour.
Cordially,
The OVHcloud Trust & Safety team.
