Dear Provider

I’m George Egri, the Co-Founder and CEO of BitNinja Server Security. I’m writing to inform you that we have detected malicious requests from the IP 188.xxx.xxx.220 directed at our clients’ servers.

As a result of these attacks, we have added your IP to our greylist to prevent it from attacking our clients’ servers.
Servers are increasingly the target of botnet attacks and you might not be aware that your server is being used as a “bot” to send malicious attacks over the Internet.

I’ve collected some detailed logs of the traffic that may help you disinfect your server

tcp 0 17349 212.#.#.110:80 188.xxx.xxx.220:4042 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3974 ESTABLISHED
tcp 0 23528 212.#.#.110:80 188.xxx.xxx.220:4046 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3976 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3980 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4049 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3997 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4032 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4051 ESTABLISHED
tcp 0 41850 212.#.#.110:80 188.xxx.xxx.220:4034 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3975 ESTABLISHED
tcp 0 3752 212.#.#.110:80 188.xxx.xxx.220:3992 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4010 ESTABLISHED
tcp 0 30278 212.#.#.110:80 188.xxx.xxx.220:4068 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3967 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3985 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4006 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:3983 ESTABLISHED
tcp 0 15303 212.#.#.110:80 188.xxx.xxx.220:4037 ESTABLISHED
tcp 0 0 212.#.#.110:80 188.xxx.xxx.220:4011 ESTABLISHED
..76 more lines.

We have enabled new firewall rules to filter out traffic of this nature. Once the responsible party is identified they will have their account terminated.

Also Read

New Jersey DMCA - True Detective S01E01 HDTV x264-KILLERS[ettv]
DATE:2014-04-11T00:45:32ZDear Sir/Madam,We are writing this message on behalf of HOME BOX OFFICE,...
Network attack received from an IP on your network
Hi, We have detected a network attack from an IP ( Redacted ) from your network, a computer...
NJ Hacking - 09/Oct/2014
A site was recently compromised from an IP in your allocation. Here is the log...
Attack on Mod Security
The IP address (DE/Germany/) was found attacking mod_security on sun.rightdns.com 10 times in the...
California - 106 Notices of Claimed Infringements
They sent 106 notices of infringmnet instead of 1 notice. Here is a compiliation of...