Related thread: https://voat.co/v/pizzagate/1527919
As you can see, I'm a first-time poster and please correct me, if I did something wrong while posting and of course if I missed some information.
It did basicly makes "sense" to me, that those organizations act the way they want and don't even try to hide their identity and it would be an interesting coincidence, but it seems like it is, because those IPs should be VPN IPs (of course it's possible, that they use the VPN provider to attack the wiki).
So I started researching the IP ranges the suspicious IPs are in. As pointed out before[1] the IPs belong to CachedNet LLC. A lot of those ranges are banned by several Anti Spam services[2], which is typical for VPN/Proxy-Providers.
After more research, since this is just speculation yet, I ended up in the support forum[3] of a VPN-Provider called "privateinternetaccess". There are multiple threads, in which people are complaining about the VPN, because it's not working that well. People, who use the VPN, get IPs (in Delaware) of CachedNet LLC, because the VPN-Provider probably bought them from CachedNet. You can also find a reference about the IPs status in spam databases like Spamhaus. The IPs are used for a lot of spam.
Quote from the forum user:
This doesn't appear to be working, when I connect via the New Zealand location. I have checked the IP location, and it comes up as Delaware U.S.A.
So, as I said at the beginning, DYNCORP might use the VPN to attack the Wiki, but the IPs location in Delaware is no evidence itself. Correct me, if I missed a fact.
[1] https://voat.co/v/pizzagate/1527919/7433447
[2] http://www.spambotsecurity.com/forum/viewtopic.php?f=7&t=3874
https://stopforumspam.com/ipcheck/162.212.171.37
https://cleantalk.org/blacklists/162.212.171.37
etc. etc.
[3] https://www.privateinternetaccess.com/forum/discussion/18802/new-zealand-vpn-not-working
Archive in case of deletion: http://archive.is/ACcDs
view the rest of the comments →
DarkMath ago
"VPN-Provider"....A VPN "provider" doesn't give you an ip address the company that's using that VPN software does. That's why all these attacks are coming from Dyncorp. Basically what I'm saying is I don't understand the point you're trying to make. Care to help me understand?
tazytale ago
The main points are included in Edit #1 and #2. Those are typical automated bot attacks. Important is, that the bots are randomly chosing targets to spam at and those IPs are known spamers on WordPress Blogs, MediaWiki (pizzagate.wiki's software) & more.
I don't really get what you are saying and asking to be honest. A lot of people call the business, where you pay for the (mostly) shared server capacity and (mostly) shared IPs VPN provider. In this case: privateinternetaccess. It's Business-to-Customer. That provider has to buy the IPs the websites will see, when a user connects to them with the server-structures (and their IPs) of the provider as a middleman. privateinternetaccess as a provider is using the suspected IPs from CachedNet LLC for their customers (they probably rented or bought them). So a user's computer (a bot in this particular case) connects to the VPN-servers of privateinternetaccess, chooses a server (they are categorized by the country/ip) and will connect to every third party over the VPN-servers now, so they will see the CachedNet LLC IPs at the end.
Those IPs are located in locations like Delaware, where the company related to DYNCORP is located. That's the only reason they thought it's DYNCORP (and they are mostly directly visiting the /DynCorp page of the wiki, the bots might have found this page first while searching for targets on Google or something else). The fact it's VPN IPs, this is typical bot behaviour and those IPs are known for attacking sites like this, says it all.
DarkMath ago
I think the issue is VPN is too general a term. My experience with VPNs is through work. So if I was working from home one day I'd start up my companies VPN software which would create a secure IP tunnel from my computer to the companies network. My IP address would then change to one given to my by my company. From then on while I was logged into the VPN and say I went to cnn or foxnews or wherever they would see my IP as coming from the company I work for not from my own IP address originally given to me from Comcast(in my case). I think you're talking about a different type of VPN basically, one that I'm not familiar with. When I read this thread for the first time my immediate thought was "Oh, some people working for Dyncorp are working from home this weekend and after they joined the Dyncorp VPN that day they then went and did X, Y or Z thing like try to hijack the PizzaGate Wiki or delete valid posts on voat as NumbChuck did." Does that make anymore sense?
tazytale ago
Okay, now I get the point. Replace the company you are working at with a commerical service, where you just pay for using their VPN-servers and IPs. That's basicly it. They provide it to give some privacy and a bit of anonymity to the user. The people, wo are running those spambots, don't want their real IP in the website's owner hand, so they use a VPN.
DarkMath ago
But Dyncorp doesn't sell that VPN service. I don't get it.
tazytale ago
That's it. That's my point. DYNCORP has nothing to do with the company (privateinternetaccess), which is providing the suspicious IPs to their users. It's not DYNCORP trying to spam to the wiki. Look at my two edits in the post, those IPs attack a lot of random websites which run the software (MediaWiki) the pizzagate wiki uses. They are just a random target of an idiotic kid (or not) which is running a bot over a VPN by privateinternetaccess.
DarkMath ago
But the PizzaGate Wiki moderator said the IP address of the person maliciously trying to edit the Wiki was from Raytheon/Dyncorp in Waltham MA.
tazytale ago
He said
When I looked into our analytics the page itself was being accessed by Waltham, Massachusetts..He didn't say the spamers IP is from Waltham, Massachusetts. All the IPs he posted are Wilmington, Delaware (https://www.iplocation.net/)). He also wrote it (Edit: Well he actually said it's sure the attacker is located in Wilmington, but he didn't not provide any proof, the only proofs are those IPs, and they are VPN IPs and random bots anyway). The location of the IPs, which are trying to spam, are not relevant at all anyway, since they are VPN IPs and the actual user/bot can live on the moon basicly, as I said before.
DarkMath ago
Why did he say the page "was being accessed by Waltham, MA"?
tazytale ago
Do you know what those analytic softwares do? They save the IPs accessing the page and you can see where your users or bots come from. A normal user or bot connected to the page from an IP, which is located in Waltham, MA. Raytheon, the company connected to DYNCORP, has their HQ in Waltham, MA. That's it. This is why he connected those other IPs (which turned out to be VPNs) are attackers from DYNCORP. But at the end, those are just... Yea, I wrote it a lot of times now. Just read my post and comments.
There is no reason (with a REAL proof), that DYNCORP did this. Bots do this all the time with VPNs. They are a random target. Actually the post violates the rules imo, there is no proof for what he is saying.
DarkMath ago
I agree but that's quite a coincidence having the PizzaGate Wiki page for Dyncorp get attacked from the town Dyncorp is based in (or has an office in).
tazytale ago
A company with a big relation to DYNCORP has their HQ there, yes. But the IPs from the bots where located in Wilmington, Delaware, not Waltham, MA, where the company has their HQ. And even if it would be the same town, it's still just VPNs (so location doesn't matter) and the bot behaviour is nothing special.
DarkMath ago
I don't mean to beat a dead horse but I think RebelSkum referenced a Google Analytics page that showed locations(not ips, at least on the Analytics page) accessing the /Dyncorp page on the PizzaGate wiki. In the screen shot there's no IP address just a name like Charlotte, Miami, Pittsburgh etc. This is where it get's a little sketchy, RebelSkum said he saw Waltham in the list but when he went back it said "not set".
I want to believe the guy. If it was Waltham and it was changed to "not set" then to me that's legitimate evidence of some sort of cover up. No?
tazytale ago
No problem at all, this whole subvoat has been created to discuss and share.
So we're talking about this I guess.
I actually can't tell you that much about Google Analytics in detail (everyone should use Piwik, it's a great open source analytics software, you can host yourselve, so no data for big brother Google), but (not set) is nothing that unusal. Especially not, when it comes to bots. Just googled around a bit and found an article, which covers spike of some analytics data and is dealing with bots in that context. You don't have to read it, just as a reference. Sometimes historical data changed to (not set) as well.
And if this wasn't the case, do you want to believe they connected to the page clear IP (think, thousands of people are using this page here and probably a lot of them found the wiki, and this is just one way to find it, so why wouldn't user from there find the page?), closed it after like 0 seconds, because they noticed they did not use a VPN, call their friend Google and they delete it within minutes/hours (don't know the range, doesn't matter if it would be days for me though) and then they do those spam bullshit on the wiki. On top of that, it's a coincidence, that those IPs do it on a daily base, because they are VPNs?
The "evidence", that all bots connected to the /DynCorp page is old, don't know if you read that, there are other entry pages to. So the only thing is a connection from Waltham, MA (I googled it, 60.000+ people live there), where a company related to DynCorp has their HQ in?