i got the following notification from my anti-cracker service:
A user with IP addr 2001:41d0:305:1000::1250 has been locked out from signing in or using the password recovery form for the following reason: Used an invalid username '[login]' to try to sign in.
The duration of the lockout is 2 months.
User IP: 2001:41d0:305:1000::1250
User hostname: hr914433990.reseller.mis.ovh.net
User location: France
i’ve been seeing these login attempts using “[login]” for some time now — and why, in the name of all that’s holy, would ANYONE use, or allow another person to use “[login]” as a username, is beyond my limited imagination, but that’s not the main reason this notification caught my eye…
it’s because of the user hostname, which is a reseller host at ovh.net 🙄
i’ve been dealing with spam and cracking attempts from OVH for AT LEAST ten years. unfortunately, it’s nothing new… but this is the first time they’ve tried to get around my blocks by using an IPv6 address.
and it wasn’t OVH directly, it was a reseller, but the fact is still plain that OVH STILL enables spammers and crackers to work with impunity from their networks.
FUCK OVH! 🤬😠👎👎‼
and add 2001:41d0::/32 to my block list! 🙄