[applause] IP addresses are in short enough supply that this would be breach of fiduciary trust, if we were talking about a bank manager and loans, rather than allocating IP addresses. (and no, don’t tell me v6 – there’s far more of this going on there, and that is something we will regret a few decades or less down the line). Oh, and for those of you who want to trot out that “we are not the internet police” meme .. keep at it. We’ll all collectively regret it some day. From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Sergey <gforgx@fotontel.ru> Date: Tuesday, 9 August 2016 at 5:32 PM To: <andre@ox.co.za>, <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Russian carding... no, Islandic carding... no Belizian carding! Are you blind, Andre? Okay, I'll cite the website rfg has pointed at for you then:
Hacking services
Email marketing - SPAM (the Russian text says it clearly: "spam sending services")
Malware & Coding
Sell CC & DUMPs, Enroll, Bank accounts, DOB+SSN
That is okay, you think? I don't think so. I think this mailing list is intended to deal with all of this. Don't be pretend to be a fool by sending links to pages which are innocent in comparison this. It's not about TLDs. It's about the content. On 08/09/16 14:24, andre@ox.co.za wrote: Agreed. I do not understand what Ronald F. Guilmette is complaining about or even what this thread is about... I own some and operate many other .com domains, I also operate .me (like example https://wishes.me ) Speaking of which, I recently created this: https://about.me/andrecoetzee - kinda cool! no? this does not mean that I am pretending to be in Montenegro, just that some countries are more open, free and forward thinking and that some domain tld's are suitable for custom type names, for example .is and .in and others. So, as I said, I have absolutely no idea what the initial post is even about at all, maybe Ronald F. Guilmette can point out the ABUSE that will be super helpful and not seem like such a complete waste of time. Andre On Tue, 9 Aug 2016 13:11:21 +0200 Volker Greimann <vgreimann@key-systems.net> wrote: Speaking on general terms, not on the specific website, anything you cite could also occur in a legit website. In a globalized world, users are free to deal with any service provider they trust and register domains in any TLD they chose. There is nothing fishy about that per se. The domain name string you cite is quite a nice string, which probably was not available in many TLDs anymore. Further, the TLD sting. ".is" can be used as a hack as it is an English language word. Just my 2 cents, Volker Am 09.08.2016 um 05:14 schrieb Ronald F. Guilmette: https://www.verified.is/ (Gee! Big surprise! Russian language only.) -> .IS = Iceland -> 82.221.130.101 That site is obviously all written in Russian, but it is resident on a little /26 IP address block that's pretending to be owned by a Belizian company. (See below.) But of course, it's actually physically sitting in a data center somewhere in Iceland, and on an Icelandic AS. I am seeing this kind of thing almost every day now... bullshit domains sitting on bullshit networks, almost always in RIPE IP space, but all claiming to be in either Belize or UAE. I've given up any hope that posting any of this kind of information here will have any impact on anything, ever. A part of me wants to scream "Which part of this repeating pattern do you folks not understand?" but I know that doing so here is pointless. So I'm really only posting this here so that later on, nobdy can say to me "Gee Ron, why didn't you ever say anything to anybody about that?" I did say something. In fact I said plenty... about both Belize and UAE. It's not my fault if everybody with power and influence within RIPE continued to ignore the now all-too-obvious patterns because the self- evident truths about what's been going on doesn't suit their own financial interests. Regards, rfg P.S. At least the .IS domain administrators are looking at possibly suspending the doamin name on the grounds that the registration info "isn't accurate". I commend them for that. That's one hell of a lot more than the network operator (AS50613, Advania) is willing to do. Advania didn't even have the courtesy to answer my email, even if only to tell me to go pound sand. ========================================================================= inetnum: 82.221.130.64 - 82.221.130.127 netname: ORANGEWEB descr: OrangeWebsite.com - Network org: ORG-IL351-RIPE country: IS admin-c: OTD3-RIPE tech-c: OTD3-RIPE status: ASSIGNED PA mnt-by: MNT-ADVANIA created: 2016-01-27T15:08:11Z last-modified: 2016-01-27T15:08:11Z source: RIPE organisation: ORG-IL351-RIPE org-name: Icenetworks Ltd. org-type: OTHER address: 60 Market Square address: Belize City, Belize <== I hope they speak Russian down there! e-mail: sales@orangewebsite.com abuse-c: OTD3-RIPE mnt-ref: MNT-ADVANIA mnt-by: MNT-ADVANIA created: 2014-11-05T10:30:10Z last-modified: 2014-11-05T10:46:28Z source: RIPE role: OrangeWebsite.com Technical Department address: OrangeWebsite.com address: Klapparstigur 7 address: 101 Reykjavik address: Iceland abuse-mailbox: abuse@orangewebsite.com e-mail: support@orangewebsite.com admin-c: AK12182-RIPE tech-c: AK12182-RIPE mnt-by: MNT-ADVANIA nic-hdl: OTD3-RIPE created: 2013-12-16T09:41:11Z last-modified: 2013-12-16T09:41:11Z source: RIPE % Information related to '82.221.128.0/19AS50613' route: 82.221.128.0/19 descr: Advania / Thor Data Center origin: AS50613 mnt-by: THOR-MNT mnt-lower: THOR-MNT created: 2013-07-30T12:15:23Z last-modified: 2013-07-30T12:15:23Z source: RIPE -- Kind regards, CTO at Foton Telecom CJSC Tel.: +7 (499) 679-99-99 AS42861 on PeeringDB, Qrator, BGP.HE.NET http://ipv6actnow.org/