Supposed DYNCORP IPs are VPNs

Supposed DYNCORP IPs are VPNs (pizzagate)

submitted 8.3 years ago by tazytale

Related thread: https://voat.co/v/pizzagate/1527919

As you can see, I'm a first-time poster and please correct me, if I did something wrong while posting and of course if I missed some information.

It did basicly makes "sense" to me, that those organizations act the way they want and don't even try to hide their identity and it would be an interesting coincidence, but it seems like it is, because those IPs should be VPN IPs (of course it's possible, that they use the VPN provider to attack the wiki).

So I started researching the IP ranges the suspicious IPs are in. As pointed out before^[1] the IPs belong to CachedNet LLC. A lot of those ranges are banned by several Anti Spam services^[2], which is typical for VPN/Proxy-Providers.

After more research, since this is just speculation yet, I ended up in the support forum^[3] of a VPN-Provider called "privateinternetaccess". There are multiple threads, in which people are complaining about the VPN, because it's not working that well. People, who use the VPN, get IPs (in Delaware) of CachedNet LLC, because the VPN-Provider probably bought them from CachedNet. You can also find a reference about the IPs status in spam databases like Spamhaus. The IPs are used for a lot of spam.

Quote from the forum user:

This doesn't appear to be working, when I connect via the New Zealand location. I have checked the IP location, and it comes up as Delaware U.S.A.

So, as I said at the beginning, DYNCORP might use the VPN to attack the Wiki, but the IPs location in Delaware is no evidence itself. Correct me, if I missed a fact.

[1] https://voat.co/v/pizzagate/1527919/7433447

[2] http://www.spambotsecurity.com/forum/viewtopic.php?f=7&t=3874

https://stopforumspam.com/ipcheck/162.212.171.37

https://cleantalk.org/blacklists/162.212.171.37

etc. etc.

[3] https://www.privateinternetaccess.com/forum/discussion/18802/new-zealand-vpn-not-working

Archive in case of deletion: http://archive.is/ACcDs

39 comments

You are viewing a single comment's thread.

view the rest of the comments →

PizzaDestroyer 8.3 years ago

At the very least it is really annoying that ARIN allows a "business" like CachedNet to have an AS Number when they have no apparent signs of a legitimate business on the internet.

When doing a traceroute to cachednet.net(http://network-tools.com/default.asp?prog=trace&host=cachednet.net)), the nearest hop is a business registered right down the road in Wilmington DE called Netirons. Guess what - Netirons' website, http://netirons.com/, doesn't even work... a webhosting company with a broken website... and they are actually probably better off with a broken website because when it was up (https://web.archive.org/web/20160311003031/http://netirons.com/)) you could see that they were making some highly questionable claims about their business. They claimed to have 12,345 happy clients which supposedly included Equinix, NTT Communications, and Peak10 among others. Looks like a front for a spammers to me...

Then the next hop up is PCCW Global, who was previously named "Beyond The Network America" or BTNA (https://www.pccwglobal.com/en/dmca)). It appears that BTNA has a long history of hosting spamming and malicious services - https://community.spiceworks.com/topic/74374-beyond-the-network-america

link