They say "As part of our fight against Abuse, OVH has set up an international team of experts who respond daily to reports of abuse on behalf of the whole group. This team, which is based in France and Canada, deals everyday with all reports of illegal conduct on the OVH network, and they aim to do so in the shortest possible time. To facilitate our work, and due to the international nature of our team, we ask that you provide your reports in English so that they can be understood and dealt with effectively by our team. "

We did.

This was the result:

Genius: fail and try to sell to us.

51.254.131.245 , 51.255.65.90,

These IP addresses are roaming around our site at www.pleasebeinformed.com looking for a "tip a friend" function that was available in a previous version of the site and which was under sustained attack by spammers.

We also have repeated reports of "Trying to run cron while it is already running" that are triggered by 51.254.131.245

We have a number of reports similar to the following: 404 publications/bankinginsurancesecuritiescomlayout/set/dialog/content/browse/2558 . There is no /browse subdirectory and no /layout directory. Many of the hits from these IP addresses have apparently random four digits at the end. We do not use any such structure.

We suspect that these activities attack via www.bankinginsurancesecurities... which is the name of the previous site and now points to a directory in pleasebeinformed.com.

Please ascertain what IP addresses are launching these attacks and disable the users.

Regards

Nigel Morris-Cotterill
inter alia: Author "Cleaning up the 'net"