[anti-abuse-wg] Abuse Report ignored. What to do as next?
- Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
U.Mutlu
security at mutluit.com
Wed Nov 1 00:42:43 CET 2023
Maybe there is a WHOIS or ASN error: Trying the following gives a different company for the said IP: $ whois 80.94.94.254 % Abuse contact for '80.94.92.0 - 80.94.95.255' is 'abuse at bunea.eu' I now have filed the AR also to that new address. Ángel González Berdasco via anti-abuse-wg wrote on 10/31/23 23:46: > John Levine wrote: >> It appears that U.Mutlu <security at mutluit.com> said: >>> So, what to do if the hoster is uncooperative, like in this case? >>> Where else to complain, what else to do? >> >> If their ASN info is to be believed, they're in Bulgaria. It's >> unlikely anyone there cares. >> >> Just block their network 80.94.95.0/24 and forget about it. >> >> FWIW I got a spam blast from 80.94.95.59 a few weeks ago >> so it's not just that IP. >> >> R's, >> John > > Yes, this range is a source of other types of malicious activity. > > The country in RIPE for 80.94.95.0/24 says Moldova, but the company > address is in United Kingdom. > > > Their domain itself (bthoster.net) is suspiciously registered just a > few months ago (Creation Date: 2023-07-31T09:22:59.00Z), showing a > "This domain has recently been registered with Namecheap." parking page > with no website. > > > But, interestingly, the whois data was updated *after* that, so it's > not your typical case of a company that closes/bankrupts and their > domain expires. > > > > % Abuse contact for '80.94.95.0 - 80.94.95.255' is 'internethosting-ltd [] yandex.ru' > > inetnum: 80.94.95.0 - 80.94.95.255 > netname: Bthoster > country: MD > org: ORG-BA1515-RIPE > admin-c: BL7954-RIPE > tech-c: BL7954-RIPE > status: ASSIGNED PA > mnt-by: Internet-Transit-MNT > created: 2019-09-10T20:41:19Z > last-modified: 2023-10-10T10:54:46Z > source: RIPE > > organisation: ORG-BA1515-RIPE > org-name: BtHoster LTD > country: GB > org-type: OTHER > address: 26, New Kent Road, London, SE1 6TJ, UNITED KINGDOM > e-mail: internethosting-ltd [] yandex.ru > abuse-c: ACRO50561-RIPE > mnt-ref: BtHoster-LTD-MNT > mnt-by: BtHoster-LTD-MNT > created: 2022-11-16T10:31:23Z > last-modified: 2023-10-10T19:59:24Z > source: RIPE > > role: Internet Transit > address: 26, New Kent Road, London, SE1 6TJ, UNITED KINGDOM > e-mail: sales [] bthoster.net > nic-hdl: BL7954-RIPE > mnt-by: Internet-Transit-MNT > created: 2022-11-16T10:29:38Z > last-modified: 2023-09-22T18:36:26Z > source: RIPE > > % Information related to '80.94.95.0/24AS204428' > > route: 80.94.95.0/24 > origin: AS204428 > mnt-by: UNMANAGED > mnt-by: ro-btel2-1-mnt > created: 2022-11-15T14:14:48Z > last-modified: 2022-11-15T14:14:48Z > source: RIPE > >
- Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]