- Dec 10, 2012
- Reaction score
Problem fixed within a few minutes... thanks
I haven't been able to connect to my VPS for the past few days. And now jdrhost.com is not connecting for me either. What's going on?
no one reply on the ticket from "11/02/2014 02:33". Why you lie to me? the ip address can't be ping and the site in the vps can't open, why you say the vps is online?We have changed back the RDP port before the last ticket and never change the port on another vps. Why you say it is our problem?
all my sites down again. It`s terrible hosting. I was already tired of writing in support - no result.
Does anyone recommend me a good hosting DMCA ignored?
Just made a new account, will review in a few days. (For OP, I'm ticket #320743).
(Requested Refund, account wasn't set up in over 24 hours)
As said before - your service is suspended by the datacenter, not us. They are investigating attacks on other servers. I can't do anything about it until they finish their investigation.
your Server/Customer with the IP: *22.214.171.124* has attacked one of our servers/partners.
The attackers used the method/service: *regbot* on: *Wed, 19 Feb 2014 23:39:04 +0100*.
The time listed is from the server-time of the Blocklist-user who submitted the report.
The attack was reported to the Blocklist.de-System on: *Wed, 19 Feb 2014 23:39:29 +0100*
The IP has been automatically blocked for a period of time. For an IP to be blocked, it needs to have made several failed logins (ssh, imap....), tried to log in for an "invalid user", or have triggered several 5xx-Error-Codes (eg. Blacklist on email...), all during a short period of time.
The Server-Owner configures the number of failed attempts, and the time period they have to occur in, in order to trigger a ban and report. Blocklist has no control over these settings.
He has registered automatically on a honeypot Wiki/Forum/Blog-System....
At the site there is a notice that all postings and registrations will be reported.
He used xrumer or other Tools or had a false configured mod_rewrite/mod_proxy who is abused:
If the IP is a Tor-Server: http://blog.blocklist.de/tor-server-owner/
Please check the machine behind the IP 126.96.36.199 (hst-209-48-25-185.ist.lt) and fix the problem.
This is the 422 Attack (reported: 50) from this IP; see:
If you need the logs in another format (rather than an attachment), please let us know.
You can see the Logfiles online again: https://www.blocklist.de/en/logs.html?rid=462804794&ip=188.8.131.52
You can parse this abuse report mail with X-ARF-Tools from http://www.x-arf.org/tools.html e.g. validatexarf-php.tar.gz.
You can find more information about X-Arf V0.2 at http://www.x-arf.org/specification.html
This message will be sent again in one day if more attacks are reported to Blocklist.
In the attachment of this message you can find the original logs from the attacked system.
To pause this message for one week, you can use our "Stop Reports" feature on Blocklist.de to submit the IP you want to stop recieving emails about, and the email you want to stop receiving them on.
If more attacks from your network are recognized after the seven day grace period, the reports will start being sent again.
As you can see, there have been 422 attacks registered from your IP. The datacenter is refusing to reactivate the server until they receive 'all-clear' from the LT CERT team.
JDR Hosting Limited