Slashdot Mirror

Never run into this before so new to me, but centerbluray.info is being back linked to majestic.com https://www.robtex.com/dns-loo...

https://majestic.com/reports/s... one time use (cookie)

It's appears good, it's cloudflare.com not 127.0.0.1 cloudfront.net
https://www.robtex.com/dns-loo...

But does go through a lot of edge servers (can throttle network traffic to adjust loads).

Bail that answer that site is bad news, I posted too early search further I found this dire warning from Domain Registration
http://www.webhostingtalk.com/... and https://www.complaintsboard.co... first two searching eNom Inc.

Really sorry about that.

It's appears good, it's cloudflare.com not 127.0.0.1 cloudfront.net
https://www.robtex.com/dns-loo...

But does go through a lot of edge servers (can throttle network traffic to adjust loads).

Last I looked thepiratebay.org only had one ISP https://www.robtex.com/dns-loo... one of many that we have a right to.

A post rather than a reply - an attempt at a shot out to cloudflare and a thank you for your service.

This one hits home. While I haven't downloaded from thepiratebay.org in awhile, it's access was important to me, it showed an open Internet. I guess it's 4chan.org now, this only because it's hosted by cloudflare.com as well. https://www.robtex.com/?dns=4c...

Fucking floors me every time just how blind end users are to the justifications behind a business collecting data or enabling "features".

Of all the ToS's I've read Rovio.com (then angry birds) was the best and most informative.

Explaining These games collect your data, then sale it to Flurry.com (at the time Google) who added what they had and sold it to target advertisers.

So I added Rovio.com, Flurry.com to the HOSTS, opting out of Flurry.com no easy task -at the time this program was required
https://play.google.com/store/... to obtain the number requested.

I've told many, I've seen none care.

So you maintain a HOSTS file? That floors me, such a simple thing as text file and weekly maintenance allowing some of the best security one can have, I've talked nobody into using one.

Side note: few weeks ago Flurry.com seemed out of Yahoo.com, yet Robtex.com touches on a broader relationship. https://www.robtex.com/?dns=fl...

If you didn't use PSN, why did you apply the update that removed OtherOS?

One couldn't access the the PS3, it was locked down (while PSN was blocked, it was always connected to the Internet). There was one person pleading to the rest of us that he could hack the update and all future updates maintaining the PS3's Linux ability, and he did just that yet 2 months after the update in question was required. He continued for a few updates but the few people who waited for him or in my case found it out too late - whatever, quit hacking the ROM after the third update.

It was a HOSTS file block, another site can pop up and one not be aware of it until it causes problems. https://robtex.com/ wasn't available at the time (it might of helped).

Your aware that an installed Linux hacked the PS3, they just couldn't have that. Taking the update seriously, while still promoting PS3's Linux ability.

Why is it I can't find any references to the Tiananamen Square Massacre on the web anymore? Why do all references to "Taiwan" either refer to "Chinese Taipei" or just give a blank page? Too bad .. I really liked Opera.

I've been watching Opera.com for awhile now, it's never gone away.
https://www.robtex.com/en/advi...

https://www.robtex.com/ clicking on a disqus.com icon you will be met with a requester to abort and reason: "Logging into Disqus can allow it to track you around the web". Answering no shows what u had to post was not that important.

My Post was to help, the IP address 72.21.91.29 shows over 100 pages containing malware (most I've seen) but it's a feed for the UseNet where Malware is expected and fairly obvious. Not a big deal.

I took a back door approach to get a disqus.com account (through robtex.com) I had no ToS (privacy policy) to read.

Post to Robtex.com can be posted without account, and how I will from now on.

Was kool though, sitting unobtrusively all this time in the menu bar, when it tosses up an alert you take notice. The reason for Privacy Badger showing a plus, sorry but many just say a bad site ahead awaits u.

That Disqus.com didn't make the HOSTS file? No clue, I dropped the ball.

I have checked https://www.robtex.com/ while I found no Google links before, nor mention of Google in the FAQ (no ToS), the site reeks of Google (very nice, good useful info). It's no big deal, it's just http://testmy.net/ was Google yet they hid the fact, vs Flurry.com, it took some digging and many links from original ToS but you would find a Google ToS. A post reply was by one of the admins of how much they enjoyed working for Google, and I questioned the ToS; It was changed to a Google ToS; Changed now to: no clue (not read yet) but just assume Google and do what you do - I leave Google alone but for advertising, and data collection other than what I know (my choice) is going to be Public domain (my searches for one).

FWIW https://disqus.com/ gives no alert.

https://www.robtex.com/ clicking on a disqus.com icon you will be met with a requester to abort and reason: "Logging into Disqus can allow it to track you around the web". Answering no shows what u had to post was not that important.

My Post was to help, the IP address 72.21.91.29 shows over 100 pages containing malware (most I've seen) but it's a feed for the UseNet where Malware is expected and fairly obvious. Not a big deal.

I took a back door approach to get a disqus.com account (through robtex.com) I had no ToS (privacy policy) to read.

Post to Robtex.com can be posted without account, and how I will from now on.

Was kool though, sitting unobtrusively all this time in the menu bar, when it tosses up an alert you take notice. The reason for Privacy Badger showing a plus, sorry but many just say a bad site ahead awaits u.

That Disqus.com didn't make the HOSTS file? No clue, I dropped the ball.

I have checked https://www.robtex.com/ while I found no Google links before, nor mention of Google in the FAQ (no ToS), the site reeks of Google (very nice, good useful info). It's no big deal, it's just http://testmy.net/ was Google yet they hid the fact, vs Flurry.com, it took some digging and many links from original ToS but you would find a Google ToS. A post reply was by one of the admins of how much they enjoyed working for Google, and I questioned the ToS; It was changed to a Google ToS; Changed now to: no clue (not read yet) but just assume Google and do what you do - I leave Google alone but for advertising, and data collection other than what I know (my choice) is going to be Public domain (my searches for one).

FWIW https://disqus.com/ gives no alert.

the list i use only blocks known ads.

And those ads will be blocked, by editing it yourself your taking the bias out of the one who made the list, and blocking what you want blocked. Mine started from http://someonewhocares.org/hos... years ago and now at 144272 lines, yes it's huge but effective.

I have disabled the DNS Client service (Windows) as it can cause problems.

This is a small grab from the top of my HOSTS file these are my private blocks something you won't download from any list.

Addthis.com was added just yesterday use https://www.robtex.com/ it's a very good address to see what goes on here. All points end at addthis.com but through Google addresses and lots of them; by being an end point it doesn't affect Google access in any way.

127.0.0.1 addthis.com #social site alert
127.0.0.1 S7.addthis.com #social site alert
127.0.0.1 googleleads.g.doubleclick.net
127.0.0.1 fls.doubleclick.net
127.0.0.1 apis.google.com
127.0.0.1 acdseeonline.com #Acdsee auth check
127.0.0.1 dp.g.doubleclick.net #duh
127.0.0.1 regexbuddy.com # regexbuddy
127.0.0.1 intouch.arcsoft.com #Scanner Program
127.0.0.1 right10.com
127.0.0.1 arcsoft.com #Scanner Program
127.0.0.1 facebook.com

(When I run my Scanner it likes to phone home, I don't need that)

http://tech.slashdot.org/comme...

Mentions a HOSTS file editor, a reply to that will show you how you can block what bothers you.

Microsoft is tricky to block, a lot of the times you end up blocking a certification site.

http://www.nirsoft.net/ has two programs I use HTTPNetworkSniffer and smartsniff (both require Wincap) as well as reading ToS's is how I determine what's needed to be blocked. https://www.robtex.com/ is what I use to make sure I'm not blocking something I shouldn't.

I've no reason to upgrade, Win7 is a fairly decent OS.

8.1 (spare laptop) got a lot easier after learning the Win key takes one to a normal screen and putting a shutdown shortcut on the desktop: Shutdown.exe /s /f /t 10 -But it's just a container for music/movies and not connected to the Internet, no reason at all to screw with it.

use this http://www.abelhadigital.com/h... system wide adblcoking.

I'll give it a try, I edit my HOSTS file by hand and UltraEdit, HostsXpert I've used but has a tendency of replacing the space after local host with a tab.

Microsoft is tricky to block, a lot of the times you end up blocking a certification site. The very first thing your system (Win7) does is send a request to Microsoft, that I blocked after KB3035583.

http://www.nirsoft.net/ has two programs I use HTTPNetworkSniffer and smartsniff (both require Wincap) as well as reading ToS's is how I determine what's needed to be blocked. https://www.robtex.com/ is what I use to make sure I'm not blocking something I shouldn't.

Editing ones HOSTS file is becoming quite an exercise.

uBlock Origin has prevented the following page from loading:

http://kickass.to/

Because of the following filter

||kickass.to^
Found in: Malware filter list by Disconnect

I'd take it's word for it, read the post below (the .to site has been down a few years now)
Re:signs you may be ignorant twat when using brows
by iggymanz

But they still use the old IP address's out of Montréal, Canada; this game of hide and seek isn't working all that well.

Kickass.to
The IP address 68.71.58.34
The IP address 78.138.99.144
The IP address 205.204.64.122

"Which hostnames and domains point to the same IP address as kickass.to? kat.cr"
https://www.robtex.com/en/advi...

Kat.cr
The IP address 68.71.58.34
The IP address 78.138.99.144
The IP address 205.204.64.122
https://www.robtex.com/en/advi...

uBlock Origin has prevented the following page from loading:

http://kickass.to/

Because of the following filter

||kickass.to^
Found in: Malware filter list by Disconnect

I'd take it's word for it, read the post below (the .to site has been down a few years now)
Re:signs you may be ignorant twat when using brows
by iggymanz

But they still use the old IP address's out of Montréal, Canada; this game of hide and seek isn't working all that well.

Kickass.to
The IP address 68.71.58.34
The IP address 78.138.99.144
The IP address 205.204.64.122

"Which hostnames and domains point to the same IP address as kickass.to? kat.cr"
https://www.robtex.com/en/advi...

Kat.cr
The IP address 68.71.58.34
The IP address 78.138.99.144
The IP address 205.204.64.122
https://www.robtex.com/en/advi...

If you RTFA, it mentioned the fact that they are currently domain-hopping due to their domains being shutdown. It's hard to remember a domain that isn't the same as the one you visited last time.

To agree to this, and show one can't be sure if it's a real or fake site there are at least 100 thepiratebay sites https://www.robtex.com/q/x1?q=... odd thing about the list is the real address (or last good address) is at the very bottom.

You can bet those retarded assholes would be much more polite if they weren't cowering behind a veil of anonymity.

I've seen many post where one threatens the other with death threats or for libel yet it went no further (and this was when the posters IP address was listed in the headers).

Didn't think of it when posting.

My Usenet provider retains many years of post in some areas, here's part of a header as a cit, if you go to https://www.robtex.com/ and input the "NNTP-Posting-Host:" you can see where this person lived or still lives.

All you see anymore is the message bouncing back and forth between Google servers with 10.x.x.x addresses.

--------

Subject: Re: Really #ucked up kid
Date: Mon, 4 Jun 2007 20:40:01 -0400
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.3028
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
X-RFC2646: Format=Flowed; Original
Message-ID:
Lines: 74
NNTP-Posting-Host: 68.47.165.88

Domain returns to 104.28.4.42 CloudFlare, Inc. (AS13335). I wouldn't trust that...

104.28.4.42
https://www.robtex.com/en/advi...

AS13335
https://www.robtex.com/as/as13...

Domain returns to 104.28.4.42 CloudFlare, Inc. (AS13335). I wouldn't trust that...

104.28.4.42
https://www.robtex.com/en/advi...

AS13335
https://www.robtex.com/as/as13...

I'm glad you're blocking Samsung's corporate website at your router. There's no possible way that they could ever have servers under unrelated IP addresses or hostnames -- we all know that would be breaking Internet Laws.

I'd used to be able to say not a problem, but https://www.robtex.com/ isn't showing what it used to, if fact nothing more than if a site is safe or not.

Not saying Samsung is blocked as one can't, but I do what I can, and https://www.robtex.com/ used to tell me all of the ip addresses of a company.
and that all paths lead to Google :}

It's more than blocking them at the router level, I don't use the WiFI and haven't or plan on getting a Sumsung account so no place to pigion hole any thing they may get.

Bottom line is it's very intrusive, required to providing you with a fairly decent service. And a question I've been asked on /. a few times, am I willing to give up my freedoms just to watch TV. - Which I don't use the Samsung for it's, my PC monitor

I'm glad you're blocking Samsung's corporate website at your router. There's no possible way that they could ever have servers under unrelated IP addresses or hostnames -- we all know that would be breaking Internet Laws.

I'd used to be able to say not a problem, but https://www.robtex.com/ isn't showing what it used to, if fact nothing more than if a site is safe or not.

Not saying Samsung is blocked as one can't, but I do what I can, and https://www.robtex.com/ used to tell me all of the ip addresses of a company.
and that all paths lead to Google :}

It's more than blocking them at the router level, I don't use the WiFI and haven't or plan on getting a Sumsung account so no place to pigion hole any thing they may get.

Bottom line is it's very intrusive, required to providing you with a fairly decent service. And a question I've been asked on /. a few times, am I willing to give up my freedoms just to watch TV. - Which I don't use the Samsung for it's, my PC monitor

It's not enough to log out, you have to wipe the cookies, too. Google sets a lot of them and then there are Google-related sites like Youtube which also set Cookies. I'm not sure how much these other sites share Cookies with Google, but I wouldn't trust them on it.

It's much more than not logging in to block tracking, just one step. Web Beacons are the concern logging in or reading html email.
http://en.wikipedia.org/wiki/Web_beacons running a huge a$$ HOSTS file is also very important.

Ever hear of flurry http://flurry.com/ https://top.robtex.com/flurry.com.html#records
that's a biggie to block. It's Google analytics, for a price they provide advertisers
user demographics and what ads to send to you.

Mostly used for mobile devices Flurry.com will let you opt-out if you give them your device ID.
http://www.flurry.com/user-opt-out.html every time I change the OS on my rooted Xoom tablet the ID changes
so I block it at the router level (just got a new router with firewall). Also your device ID isn't all that easy to find.
- for Android > play.store look for: Device ID

Read the ToS, Privacy Policy at http://rovio.com/ it explains in detail what angry birds does with your collected data.
One is they send your info to Flurry.com who in return sends them prospective clients.

----

Here's a good one... Read the ToS at http://flurry.com/ you'd never know it was Google.
I registered at http://testmy.net/ to keeps a data base of my connection rates; of course I read their terms of service,
it led you to https://www.google.com/intl/en/policies/?fg=1

There was a thread about tracking I happened on after my registration, the operator of that site
replied to the thread mentioning he was very happy to be working for Google, it was a good company.
I replied that it's odd your so up front about being part of Google yet one would never know through the ToS
http://flurry.com/ was Google as well. Now reading the ToS you'd never know http://testmy.net/ is part of Google. :}
unless you went to Robtex.com https://top.robtex.com/testmy.net.html#records

Yes Google provides a service and expects something in return, they can have my searches and the links
I visit, as I find them through Google. But I don't need Google+ shoved not only in my face, but into my lifel
Google+ isn't a service it's totally different.

It's not enough to log out, you have to wipe the cookies, too. Google sets a lot of them and then there are Google-related sites like Youtube which also set Cookies. I'm not sure how much these other sites share Cookies with Google, but I wouldn't trust them on it.

It's much more than not logging in to block tracking, just one step. Web Beacons are the concern logging in or reading html email.
http://en.wikipedia.org/wiki/Web_beacons running a huge a$$ HOSTS file is also very important.

Ever hear of flurry http://flurry.com/ https://top.robtex.com/flurry.com.html#records
that's a biggie to block. It's Google analytics, for a price they provide advertisers
user demographics and what ads to send to you.

Mostly used for mobile devices Flurry.com will let you opt-out if you give them your device ID.
http://www.flurry.com/user-opt-out.html every time I change the OS on my rooted Xoom tablet the ID changes
so I block it at the router level (just got a new router with firewall). Also your device ID isn't all that easy to find.
- for Android > play.store look for: Device ID

Read the ToS, Privacy Policy at http://rovio.com/ it explains in detail what angry birds does with your collected data.
One is they send your info to Flurry.com who in return sends them prospective clients.

----

Here's a good one... Read the ToS at http://flurry.com/ you'd never know it was Google.
I registered at http://testmy.net/ to keeps a data base of my connection rates; of course I read their terms of service,
it led you to https://www.google.com/intl/en/policies/?fg=1

There was a thread about tracking I happened on after my registration, the operator of that site
replied to the thread mentioning he was very happy to be working for Google, it was a good company.
I replied that it's odd your so up front about being part of Google yet one would never know through the ToS
http://flurry.com/ was Google as well. Now reading the ToS you'd never know http://testmy.net/ is part of Google. :}
unless you went to Robtex.com https://top.robtex.com/testmy.net.html#records

Yes Google provides a service and expects something in return, they can have my searches and the links
I visit, as I find them through Google. But I don't need Google+ shoved not only in my face, but into my lifel
Google+ isn't a service it's totally different.

All this unknown traffic is because more sites use Amazon's Cloud to host their content.

Good point.

I put this together to show what I block Amazon wise, yet have very few problems surfing sites.

These are just ones with "amazon" in the string. Lots are without the amazon string but too much work to sort out.
an example would be 207.171.184.25 which hops to Smtp-fw-9101.amazon.com according to http://www.robtex.com/

Amazon.com
aan.amazon.com
aax-us-east.amazon-adsystem.com
amazon.adsonar.com
amazon.adsonar.com
amazon1.msn.de
amazon2.msn.de
amazon-giftcard.info
assoc-amazon.com
astore.amazon.com
client-log.amazon.com
cls.assoc-amazon.com
dra.amazon-adsystem.com
fls-na.amazon.com
free-amazon-coupon.com
rcm.amazon.com
rcm-de.amazon.de
rcm-images.amazon.com
rcm-it.amazon.it
rcm-uk.amazon.co.uk
s.amazon-adsystem.com
s1k-amazon.com
s2e-amazon.com
secure-amazon.net
sis.amazon.com
ssl-payment-amazon.com
uedata.amazon.com
users-logins-amazon.com
ws.amazon.com
amazon-giftcard.info
assoc-amazon.com
xml-eu.amazon.com

I've got a lot of links with amazonaws.com blocked, amazonaws.com appears to pertain to Amazon's cloud service.

s3-1-w.amazonaws.com
10bet.s3.amazonaws.com
a6522.s3-website-us-east-1.amazonaws.com
admarvel.s3.amazonaws.com
ads.avitu.com.s3.amazonaws.com
adtago.s3.amazonaws.com
adzerk.s3.amazonaws.com
adzerk-www.s3.amazonaws.com
alexa-sitestats.s3.amazonaws.com
apture.s3.amazonaws.com
assets-hellobar-com.s3.amazonaws.com
biowebb-data.s3.amazonaws.com
blamads-assets.s3.amazonaws.com
bo-videos.s3.amazonaws.com
bro1.s3.amazonaws.com
btrpreroll.s3.amazonaws.com
cadreon.s3.amazonaws.com
cdnpuaf.s3.amazonaws.com
cdx-eu.s3.amazonaws.com
cdx-us.s3.amazonaws.com
click.s3.amazonaws.com
cloudfront-labs.amazonaws.com
clutchmag.s3.amazonaws.com
e23121.s3-website-sa-east-1.amazonaws.com
ecommstats.s3.amazonaws.com
entrecard.s3.amazonaws.com

It's much more involved for me as the above just pertains to Amazon. I block all links that I shouldn't be linked to.
FaceBook and Google are two others that are a B!tc# blocking new links to, but block them I do and still use Google
as a search engine, email other Google services with no problems. Facebook I've no use for.

Yes, looks like a squatter has set up shop and a very impressive web page it is; If you like motorcycles.

http://debian-multimedia.org/

visible DNS info http://dns.robtex.com/debian-multimedia.org.html#records

I have a provider that still supplies Usenet/newsgroups as part of the service for no
extra cost (Charter.Net), yet I can't connect to mega.co.nz. I've searched
my HOSTS file, see that it's online http://pop.robtex.com/mega.co.nz.html#records
I just can't connect, thepiratebay.sx not a problem.

Hope it's a misspelling, or temporary.

Robtex says that Dimenoc contains part of an anti-spam outfit too.

www.Flurry.com sells analytical services to it's customers (ASTRO, Angry Birds, to name two), ie what AD's to show on YOUR hand held. Flurry.com does keep identifiable information. Reading the Flurry.com ToS nowhere does it mention it's Google. That Flurry.com was Google could only be found (by me) through http://www.robtex.com/ also a Google service :} http://top.robtex.com/flurry.com.html#records To block Flurry.com tracking, download ANDROID_ID from the google store, obtain your ID (16 digits long) and paste it here http://www.flurry.com/user-opt-out.html anytime you change ROMS you will need to reopt-out as your ID will of changed.

www.Flurry.com sells analytical services to it's customers (ASTRO, Angry Birds, to name two), ie what AD's to show on YOUR hand held. Flurry.com does keep identifiable information. Reading the Flurry.com ToS nowhere does it mention it's Google. That Flurry.com was Google could only be found (by me) through http://www.robtex.com/ also a Google service :} http://top.robtex.com/flurry.com.html#records To block Flurry.com tracking, download ANDROID_ID from the google store, obtain your ID (16 digits long) and paste it here http://www.flurry.com/user-opt-out.html anytime you change ROMS you will need to reopt-out as your ID will of changed.

Screwing around I found the domain name dumpgodaddy is blocked from Godaddy.com :)
I might be wrong but I found it humorous
Invalid Search: DUMPGODADDY has been removed. Please select a different domain name to search on.

Checking http://www.robtex.com/ there is no dumpgodaddy.anything

The problem with all of these cheap VPS providers is that they almost all operate out of some of the worst data centers in the country. I don't mean to pick on linode in particular but last i checked their west coast facility was hurricane electric, fremont 2. That facility is single homed and known for being just about the cheapest colocation money can buy anywhere on the planet. If you're curious about some of the issues HE FM2 experiences take a look at this thread: http://www.webhostingtalk.com/showthread.php?t=1058700 As you move up the ranks in facilities the costs rise dramatically, "cheap" VPS's are a huge DDOS risk as people purchase them for all sorts of nefarious reasons, so unless they operate their own networks the high end data centers won't touch them with a 10' pole. If http://asn.cymru.com/cgi-bin/whois.cgi and check who they use for transport via robtex: http://www.robtex.com/ The easiest rule to follow: if hurricane electric or cogent are in the mix run and don't look back!

Why? look at where he is hosted
http://www.robtex.com/ip/66.147.244.85.html
Since when has America taken spam seriously ?

along with lots of spammy sites ? dont you guys have a police force ? or is the USA still a spammers haven ?

http://www.robtex.com/ip/67.228.37.8.html

Did Comcast become transit free when I was not looking? Nope they still buy transit L3 should grow a pair and cancel there settlement free peering with Comcast, worst case is they end up with an imbalance with another transit free provider. Right now comcast is not paying for the bandwidth L3 should grow a pair and make them pay for those bits even it's to att or similar. Time Warner is in the same boat. Look at it more as Comcast needs to find some source of packets to send to L3 to get the ratio's back inline if they want to play with the big boys. Take a look at there network http://www.robtex.com/as/as7922.html Comcast is an obvious bad actor they like many of the cable co's chew through AS numbers because they don't want to have a backbone they do want everybody to do the hard work for them.

Here's a graph of the network structure as seen by BGP.

AS29216 at the right is the AS which I.ROOT-SERVERS.NET is located in. As we can see, it is only reachable through AS8674 (NETNOD-IX).

Which in turn is reachable directly from a few different AS:es, including AS24151 (CNNIC-CRITICAL-AP).

My guess is that Netnod simply started filtering out the routes to AS29216 via AS8674 on the BGP session to AS24151.

The DNS server itself might have been using BGP, it might not have. But in the end every system on the Internet is reachable with some kind of BGP route somewhere.

Well, the bill being zero is just speculation from the author of the article. It doesn't imply that there are no running costs providing all of that, but that the bandwidth itself could be close to zero cost if Google is directly peering with other companies (every other article previously assumes that Google is buying their bandwidth). I work at the same place where the main IXP of my country is and while I don't know the details, it's not an uncommon thing with smaller companies either. I'm quite sure there are similar contracts between ISP's and certain big media companies that rely heavily on the Internet as it just makes business sense to everyone. It would be stupid not to use that.

Hell, there are weirder peering contracts too. A good example is that of The Pirate Bay, which has several AS to run their site and provide stable peering. DCSnet, PRQ and other belong all under the same umbrella and by the looks of it, have been improving their contracts with other ISP's to both get TPB to be more stable and maybe also to monetarize their peering contracts with several big ISP's. Remember that they're backed up by Carl Lundström who founded Rix Telecom AB (Port80), and Google also is peering with Port80.

Even when smaller companies are doing that, it would be stupid of Google not to utilize their infrastructure. But I'm quite certain they do, they are a geek company after all, so they must know it.

I really don't see why Google would be paying much. It seems the guy who wrote that article now discovered how peering works.

Routing graph for YouTube AS
Routing graph for Google AS

YouTube alone has direct peering contracts with AT&T, RETN, TINET and via Google AS with Net Access, NTT Communications, Telia, Level3, SIG, Sprint, Global Crossing, MFN, Cogent, Port80, Internet2 and AOL.

Depending on the terms, it means Google can also act as a peering or transit point between these companies and or even have an IXP's at their locations, so theres incentive for ISP's to sign up beneficial transit agreement, especially considering Google has data centers around the world. Google has more power than Tier 1 ISP's alone. The article's note about "serving customers YouTube faster" is a moot point - Google's infrastructure and routing contracts alone act as a great incentive for ISP's to make a peering agreement with Google.

I really don't see why Google would be paying much. It seems the guy who wrote that article now discovered how peering works.

Routing graph for YouTube AS
Routing graph for Google AS

YouTube alone has direct peering contracts with AT&T, RETN, TINET and via Google AS with Net Access, NTT Communications, Telia, Level3, SIG, Sprint, Global Crossing, MFN, Cogent, Port80, Internet2 and AOL.

Depending on the terms, it means Google can also act as a peering or transit point between these companies and or even have an IXP's at their locations, so theres incentive for ISP's to sign up beneficial transit agreement, especially considering Google has data centers around the world. Google has more power than Tier 1 ISP's alone. The article's note about "serving customers YouTube faster" is a moot point - Google's infrastructure and routing contracts alone act as a great incentive for ISP's to make a peering agreement with Google.

In my day, we called this stuff Core Wars, and we kept our viruses in jars and shook them to make them fight.

looking at the searchXX.in url mentioned the URL redirects according to its input
in each case they are hosted in USA

http://www.robtex.com/dns/newbluepill.com.html#records

why the FBI/CIA doesnt get involved i dunno, seems a simple job to catch em (just like the 419s) just follow the money and round them up

I pulled a reverse DNS lookup on it. It's static, and points back to servage.net in Germany. But wait, there's more...

Look at all of these registered Domains and where they point to. http://www.robtex.com/ip/77.232.92.199.html

Clearly the AC wanted readers on Slashdot to become useful idiots in a DOS attack. Not me.

Before more and more people jump in with their stupid whois links domain->ip links saying "look, their ip is 194.71.107.15 and its in sweden"...

TPB is hosted on their owners own AS and ip block "DCPNetworks" which is one of the couple ones they have. It's info is registered to be in Stockholm, Sweden, but its manual info given to RIPE. It doesn't mean its physically there. More so, it could had been there but moved elsewhere later. Lots of people seem to think these geolocations are some magical system to determine exactly where ip location is, but it's all based on manually typed in info when you register with RIPE or other registreries.

What you have to look at is their upstream providers. robtex shows still the old info too. More so, my own look up goes to amsterdam and leaseweb as their last upstream provider.

Actually this seems to be a fail over system of theirs. PatrikWeb, their only upstream besides DCS and SPACEDUMP, stopped providing bandwidth so their fail safe system kicked in and started providing bandwidth in Ukraine when one of their upstream providers stopped routing. They probably have more providers in place too to pick up quickly.

It's an intelligent system and not a surprise that those who haven't looked into BGP and routing more dont understand what's going on and just point out that the IP space is registered in sweden and dont see it can actually be located anywhere.

That would be like paypal.com inexplicably using paypalobjects.com! Unpossible.

You can start by blocking all of these 180solutions.com domains with the method of your choice. Make sure to scroll down to get the list of related domains which ns1.180solutions.com answers authoritatively for. From a cursory glance, you're accomplishing a great deal just by dropping traffic to/from 64.94.137.0/25 and 66.150.14.0/25.

ePluribus Media reported this story back in Nov 2006 -- "Ken Blackwell Outsources Ohio Election Results to GOP Internet Operatives, Again"

The NetCraft IP funny business was noted, and the election.sos.state.oh.us was updated and checked on from 2005 onwards, that is why you can look at NetCraft today on see a history of it. The list of domains hosted on SMARTech were also added to Robtex by querying a list of servers with a long list and adding to it over the years.

This was posted by some asshat who read the Free Press article The GOP's cyber election hit squad and is trying to take credit.

One interesting method is to query an anti-spam database using your IP address, and see if you are listed as a spam source. Quick checks can be done at robtex or dnsstuff.

If your IP address shows up on PSBL, CBL, SpamCop, or WPBL your host is probably infected and a source of spam or other abuse.

Multi-RBL check

Type in a few of your favourite IP addresses. See which lists have fewest missess.

Last year my smtp server was arbitrarily blocked by Verizon at about the same time it blocked all of Europe. I dutifully filled in the whitelist form, waited a week or so, and was apparently added to the whitelist, or removed from the blacklist.

Everything was fine until a month or two ago when one of my college classmates said he wasn't receiving any of the listserver messages I handle for the class. Sure enough, he was on Verizon, so I once again dutifully filled in the whitelist form, etc., and was cleared in a couple of days.

Last night one of my clients was unable to reach a Verizon customer and forwarded to me the SMTP error reply that was posted in this article. So, once again, I have filled out the form and am waiting breathlessly for their response.

Now I'm not opposed to blacklisting IP's or IP address blocks; I do so myself. But my blocks are of the form "don't take mail allegedly From someone@aol.com unless it originates on a server in *.aol.com". I do block whole swaths of IP space that belong to clueless cable, DSL, or dialup providers like terra.com.br or tiscali.fr. But I'm also very careful to limit those blocks to subdomains that are clearly customer-premises lines. I worked hard over the years to customize the block list very carefully to avoid false positives. The result is to block about 40% of incoming messages at the smtp level.

That being said, there's no reason Verizon should be blocking my server. I'm connected over a ATT-provided business T1; I'm not on any anti-spam blacklist (see http://www.robtex.com/ for a nice one-stop RBL check); I maintain SPF records for all my domains. Yet they have arbitrarily blocked my server on three separate occasions.

My fear is that they respond to customer complaints and blacklist servers because someone received a message with a forged From address. One or another of the domains I host gets forged from time to time. This happened recently to one of my customers. Perhaps a Verizon customer got one of these forged messages, complained to Verizon, and they put my server on the block list (despite the SPF record I maintain for the domain that was forged).

Unfortunately Verizon seems to treat its anti-spam practices as some sort of trade secret. Despite the furor over blocking mail from Europe last year and the class action suit that ensued, they still provide no information about the criteria they use to block senders. And, of course, there's absolutely no information about how to contact a human being to fix any of these problems. In fact, unless Verizon's web site has been changed, there's no way to find the whitelisting form either. You have to know the secret URL or use a Google search to bring up the form.

It's especially unfortunate since I live in Massachusetts, which is Verizon country, so a number of my clients have correspondents with Verizon addresses.