In message <67b3e0d5-7d09-42e2-a753-eb6c93859...@getmailspring.com>, Florian Brandstetter <flori...@globalone.io> wrote:
>if you'd open the traceroute you just sent you'd see that the target >is route looping and not actually used by their alleged customer? Yea. So? How is that relevant to my fundamental narrative? Cogent was announcing the whole of 168.198.0.0/16. Do we agree? Theye were most probably *not* doing so just for laughs or just to create routing loops. Do we agree? Traceroutes show that from Cogent, packets were further being passed to FDCServers. Do we agree? Now, if you want to know who FDCSewer's customer was in this case, why don't you try asking them? I am satisfied that the intel that I've already collected indicates the exceptionally high probability that this entire legacy /16 block... along with many many others, also of entirely dubious provenance... were all being routed to and for a certain Mr. Elad Cohen and his company, Netstyle Atarim, Ltd.: organisation: ORG-NAL9-RIPE org-name: NETSTYLE A. LTD org-type: LIR address: Derech Menachem Begin 156 address: 6492108 address: Tel-Aviv address: ISRAEL phone: +972-1-800-204-404 e-mail: info (at) netstyle.io >Also, what would the target IP have been in this case, since it was omitted? If you look carefully, I gave that in the post you are responding to: >> My apologies. In my furious haste, I botched that one URL. Here is the >> correct file conatining my traceroute to 168.198.12.242 as performed by >> me on August 23rd: >> >> https://pastebin.com/raw/TrLbGZuW Regards, rfg
