Maybe there is a WHOIS or ASN error: Trying the following gives a different company for the said IP: $ whois 80.94.94.254 % Abuse contact for '80.94.92.0 - 80.94.95.255' is 'abuse@bunea.eu' I now have filed the AR also to that new address. Ángel González Berdasco via anti-abuse-wg wrote on 10/31/23 23:46:
John Levine wrote:
It appears that U.Mutlu <security@mutluit.com> said:
So, what to do if the hoster is uncooperative, like in this case? Where else to complain, what else to do?
If their ASN info is to be believed, they're in Bulgaria. It's unlikely anyone there cares.
Just block their network 80.94.95.0/24 and forget about it.
FWIW I got a spam blast from 80.94.95.59 a few weeks ago so it's not just that IP.
R's, John
Yes, this range is a source of other types of malicious activity.
The country in RIPE for 80.94.95.0/24 says Moldova, but the company address is in United Kingdom.
Their domain itself (bthoster.net) is suspiciously registered just a few months ago (Creation Date: 2023-07-31T09:22:59.00Z), showing a "This domain has recently been registered with Namecheap." parking page with no website.
But, interestingly, the whois data was updated *after* that, so it's not your typical case of a company that closes/bankrupts and their domain expires.
% Abuse contact for '80.94.95.0 - 80.94.95.255' is 'internethosting-ltd [] yandex.ru'
inetnum: 80.94.95.0 - 80.94.95.255 netname: Bthoster country: MD org: ORG-BA1515-RIPE admin-c: BL7954-RIPE tech-c: BL7954-RIPE status: ASSIGNED PA mnt-by: Internet-Transit-MNT created: 2019-09-10T20:41:19Z last-modified: 2023-10-10T10:54:46Z source: RIPE
organisation: ORG-BA1515-RIPE org-name: BtHoster LTD country: GB org-type: OTHER address: 26, New Kent Road, London, SE1 6TJ, UNITED KINGDOM e-mail: internethosting-ltd [] yandex.ru abuse-c: ACRO50561-RIPE mnt-ref: BtHoster-LTD-MNT mnt-by: BtHoster-LTD-MNT created: 2022-11-16T10:31:23Z last-modified: 2023-10-10T19:59:24Z source: RIPE
role: Internet Transit address: 26, New Kent Road, London, SE1 6TJ, UNITED KINGDOM e-mail: sales [] bthoster.net nic-hdl: BL7954-RIPE mnt-by: Internet-Transit-MNT created: 2022-11-16T10:29:38Z last-modified: 2023-09-22T18:36:26Z source: RIPE
% Information related to '80.94.95.0/24AS204428'
route: 80.94.95.0/24 origin: AS204428 mnt-by: UNMANAGED mnt-by: ro-btel2-1-mnt created: 2022-11-15T14:14:48Z last-modified: 2022-11-15T14:14:48Z source: RIPE