We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

198.50.140.181 extremely hacked - owned by OVH?


Phil @ OVH
2015-09-03, 09:50 AM
Hello,

That is definitely one of our IPs. I've forwarded the information to our Abuse team, they will look into it promptly.

Regards,
Phil C.

brandon.hume
2015-09-02, 10:05 AM
According to ARIN OVH owns the IP address 198.50.140.181. This server hosts both schlager-fun-radio.com and radio-muckebude.com. Both of these sites have been hacked and are hosting phishing sites. In the case of radio-muchebude.com it's a fake DHL site hidden under "/2/dh/", and in the case of schlager-fun-radio.com it's a bunch of different phishing sites blatantly visible from the front page (Paypal sites, Alibaba sites, etc)

Since there's multiple sites hacked on the same server, I'd wager that the entire server has been compromised.

I've reported this site three times to OVH, and haven't even received a "we received your report" notice. The only change I've noticed is that more and more phishing sites continue to appear on schlager-fun.

Is the ARIN record wrong? Does OVH not own this IP address?