Prefix hijacking by Michael Lindsay via Internap
Adrian
choprboy at dakotacom.net
Sun Aug 21 02:13:04 UTC 2011
On Saturday 20 August 2011 18:05, Denis Spirin wrote:
> Hello All,
>
> I was hired by the Russian ISP company to get it back to the business. Due
> to impact of the financial crisis, the company was almost bankrupt, but
> then found the investor and have a big wish to life again.
...
Received: from mail-qy0-f177.google.com ([209.85.216.177])
by mailman.nanog.org with esmtp (Exim 4.76 (FreeBSD))
(envelope-from <noc at link-telecom.net>) id 1QuwTJ-000AP1-FT
for nanog at nanog.org; Sat, 20 Aug 2011 20:05:05 -0500
Received: by qyk2 with SMTP id 2so1654839qyk.15
for <nanog at nanog.org>; Sat, 20 Aug 2011 18:05:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.229.247.15 with SMTP id ma15mr447953qcb.1.1313888704629; Sat,
20 Aug 2011 18:05:04 -0700 (PDT)
Received: by 10.229.95.15 with HTTP; Sat, 20 Aug 2011 18:05:04 -0700 (PDT)
X-Originating-IP: [192.251.226.206]
Non-authoritative answer:
206.226.251.192.in-addr.arpa canonical name = rev-206.blutmagie.de.
rev-206.blutmagie.de name = anonymizer2.blutmagie.de.
Non-authoritative answer:
Name: anonymizer2.blutmagie.de
Address: 192.251.226.206
Resolving anonymizer2.blutmagie.de... 192.251.226.206, 2a02:3010:100:1::1:6de8
Connecting to anonymizer2.blutmagie.de|192.251.226.206|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4939 (4.8K) [text/html]
Saving to: `index.html'
index.html:
================
This is a Tor Exit Router
Most likely you are accessing this website because you had some issue with the
traffic coming from this IP. This router is part of the Tor Anonymity
Network, which is dedicated to providing privacy to people who need it most:
average computer users. This router IP should be generating no other traffic,
unless it has been compromised.
...
================
Hmmmm, interesting......
Adrian
More information about the NANOG
mailing list