Sorry for the re-post, but it has been brought to my attention that
my inclusion, in my prior posting, of various unsavory FQDNs resolving
to various IPv4 addresses on AS29073 has triggered some people's
spam filters. (Can't imagine why. So I am re-posting this message
now, with just a link to where those shady FQDNs and their current
forward resolutions may be found. (I also took the opportunity to
clean up some minor typos.)
If you believe that a customer of a network service provider is in violation of that service providers AUP, you should email abuse@serviceprovider.net. Most large networks have a security team that monitors that email address regularly and will cooperate with you to address the problem.
Sorry for the re-post, but it has been brought to my attention that
my inclusion, in my prior posting, of various unsavory FQDNs resolving
to various IPv4 addresses on AS29073 has triggered some people's
spam filters. (Can't imagine why. So I am re-posting this message
now, with just a link to where those shady FQDNs and their current
forward resolutions may be found. (I also took the opportunity to
clean up some minor typos.)
Why are domain registrars allowing some of those domains, which are clearly
advertising highly illegal content that will get you in jail in most of the
world?
This discussion is not pertaining to a customer of a network service
provider. Ecatel / Quasi Networks (AS29073) has an established track
record of ignoring abuse requests for years. So much so they are now in
legal trouble, per court documents published on August 14: https://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:RBDHA:2017:9026
(Use Google Translate if you can’t read Dutch)
Setting aside the child porn, phishing sites, route hijacking, copyright
infringement, and large-scale outbound hacking activities - why would
anyone peer with another AS who deliberately ignores abuse requests?
Yesterday I spoke with BREIN, the organization leading case against
AS29073, they advised, "Our effort is aimed at outing the actual people
behind it so they can be held responsible."
If anyone has information regarding AS29073 and would like to share it with
BREIN you can submit it via this web form: https://stichtingbrein.nl/contact.php
AS29073 seem be visible (for anyone?) on AMS-IX routeserver.
I think that can explain why many ASN peer with this network.
So, thanks for this thread. I have filtered this ASN on AMS-IX RS (99 =>98).
So I am re-posting this message