GFY detectives.... I need your help.
 

I'm trying to find who actually hosts asianwench.com.

At first glance, you will see the IP resolves to 199.27.134.76, which is CloudFlare.com.

But if you contact CloudFlare.com, they will say this:

174.120.129.218 resolves to ThePlanet.com (softlayer.com), who then says this:

I've been around with both of them a few times now and am getting nowhere.

What the hell is going on, and who in the hell is hosting this site?

Both of them are pawning if off on the other.

Halp!

maybe they do this like team :) j/k but interesting, somebody must know what is going on

Thats confusing

Probably both owned by Manwin. :upsidedow

As much as that would suck for the OP that would be hilarious. :1orglaugh:1orglaugh

OP, I get the same thing as you doing a reverse IP look-up..

218.129.120.174.in-addr.arpa name = da.81.78ae.static.theplanet.com

Then I did a TR, here it is..

http://img0.uploadhouse.com/fileuplo...d2825d8cdc.jpg

Name Servers:
jay.ns.cloudflare.com
jean.ns.cloudflare.com


Sat Jun 25 14:34:55 2011
Change Packet Size: 0
Size Range: 28-4470, < 0:random.
Host Loss% Snt Last Avg Best Wrst StDev
1. ************ 0.0% 101 30.6 34.5 10.5 402.7 57.1
2. **************** 0.0% 101 10.9 10.4 8.6 29.0 3.1
3. 68.87.190.77 0.0% 101 16.9 16.4 13.4 28.4 1.9
4. 68.85.222.38 0.0% 101 15.7 15.9 12.4 30.5 2.4
5. 68.86.90.109 1.0% 101 27.1 26.7 24.8 46.5 2.3
6. 68.86.87.250 0.0% 101 25.9 27.6 24.9 61.9 4.8
7. 208.178.58.61 0.0% 100 25.2 35.0 24.9 201.4 27.2
8. 69.31.110.229 0.0% 100 28.7 28.3 26.1 32.6 1.3
9. 69.31.111.242 0.0% 100 33.6 30.5 26.2 61.2 5.3
10. 69.31.111.238 0.0% 100 30.1 27.4 25.0 43.6 2.5
11. 199.27.135.76 0.0% 100 26.7 27.2 24.9 47.0 4.0


http://whois.arin.net/rest/poc/ABUSE2916-ARIN

after looking at this for a bit, i am going to say that this guy is either using a redirect of some sort so it appears that the site is located at cloudfare when it is actually located at the planet.

at first i thought that cloudfare might be a dummy host set up but after digging around many of their dns servers, the sites they host are way to broad for that to be the case..




.

From this, it looks like asianwench is hosted at cloudfare..


http://www.robtex.com/ip/174.120.129.218.html

http://www.robtex.com/ip/199.27.134.76.html

but then look at direct-connect.asianwench.com

it is hosted at planet...

what do i win?



.

Right! Any idea why cloudflare would send me to theplanet.com?

That makes my head spin.

FYI - They are being served next week so we'll let them explain it. :2 cents:

That's what I'm talking about. :thumbsup

Just sent you an e-love letter.

Hell yeah! Hit 'em in the nuts! :thumbsup :2 cents:

Cloudflare is a CDN, sort of, not an actual host. ThePlanet is the host.

I'm naming my first born, Eric! :thumbsup

174.120.129.218 = Hostgator.com
Hostgator's servers are with ThePlanet

Indeed. As DWB pointed out though they have no real sense of 'giving a shit' which needs to be remedied. They could've shut the dns caching service off... but continue to let him run with it. Thus, they can be held contributory as well.. confirmed by copyright counsel before I even screwed with it.

Yup.

ThePlanet.com totally denies it and sends me back to CloudFlare, who in turn sends me back to ThePlanet.

Nada. Host Gator says no go.

Oh the hackers love Cloudflare They like hosting thier sites with them

(Request-Line) GET / HTTP/1.1

Host asianwench.com

User-Agent Mozilla/5.0 (X11; Linux x86_64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1

Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language en-us,en;q=0.5

Accept-Encoding gzip, deflate

Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive 115

DNT 1

Connection keep-alive

Referer https://gfy.com/showthread.php?t=1027944

Cookie __cfduid=db09e9af9f6676a050a421a40af35e23a13090391 80; __utma=119040409.1038048610.1309039231.1309039231. 1309039231.1; __utmb=119040409.1.10.1309039231; __utmc=119040409; __utmz=119040409.1309039231.1.1.utmcsr=gfy.com|utm ccn=(referral)|utmcmd=referral|utmcct=/showthread.php; __qca=P0-305264067-1309039231391

Cache-Control max-age=0

=====

(Status-Line) HTTP/1.1 200 OK

Server cloudflare-nginx

Date Sat, 25 Jun 2011 22:00:01 GMT

Content-Type text/html; charset=UTF-8

Transfer-Encoding chunked

Connection keep-alive

X-CF-Powered-By WP 1.1.6

X-Pingback http://asianwench.com/xmlrpc.php

Vary User-Agent,Accept-Encoding

Content-Encoding gzip

=====

They have no traffic registering with Google ...
http://trends.google.com/websites?q=...ate=all&sort=0

Really? http://174.120.129.218

171 domains hosted on IP address 174.120.129.218
Most using Hostgator DNS.

i think hostgator is confused. if you go to direct-connect.asianwench.com

you get a HG 404..

i have a feeling what this guy is doing and my money is that the content is sitting on that HG box...




.

check where the luzsec site is hosted :) That is why they use it :)

DNS1: may.ns.cloudflare.com
DNS2: rob.ns.cloudflare.com

Good luck with that. Maybe you'll get lucky and find some success trying to DMCA DNS providers now instead of hosts. :1orglaugh If it works, you don't have to bother with the hosts anymore, just hit whoever provides a DNS service. Have you tried the registrar?

:thumbsup

yep the are at hostgator

look at ASIANWENCH.COM DNS RECORDS

http://mail.asianwench.com/

hostagator servrs are at theplanet

Good job bringing it here DWB, but I wouldn't be surprised if the guy claiming to be asianwench in the other place is not the actual site owner but somebody caught up in all this Philippines "he said she said" comedy bullshit they have there.....

Yea, some of those cats are in a world of their own.

I'm just trying to pin point where the site is. I've never had this happen before. Very clever and a total pain in the ass. I'd expect more from US based companies.

404s right to Host Gator, yet they say its not with them either.

I spoke to their tech, now I'm waiting to hear back from "abuse@" to confirm it's not there, but the tech said he couldn't find it and suggested I mail abuse.

:)

Definitely with Hostgator, and I'm guessing the most likely conclusion to take away from this isn't that anyone's trying to hide it from you, but that the techs you've spoken with at Planet or Hostgator just aren't very good and it's confusing them because of the DNS. The only one that's given you accurate information here was probably more knowledgable of the bunch, and that being Cloudflare.

Thanks Esq... :pimp

With HG you gotta bump it up to Level 3...Tell them to. Serious issue. Then a brain steps in...
They also have an email that goes direct to owner of HG. Ask them for it.

DWB, I believe you were speaking with the douche last night here. New member, June 2011.
I may be wrong but I believe its same guy at foo...

you should be abble to cut it directly at cludflare according
theirs terms http://www.cloudflare.com/terms.html
SECTION 11: PROHIBITED USES

i told you 3 times in this thread already..

direct-connect.asianwench.com

thats what is sitting on the HG ip...

ask them to see if that subdomain has a folder on the HG server..




.

No, probably not. The way Cloudflare works is they leave you with a 'direct' DNS entry to your host, so that you can still connect direct instead of going through the Cloudflare DNS or reverse proxy.

If you were to add a site to Cloudflare, they mirror the current DNS and add one called 'direct' that leaves the real IP in place.

asianwench.com is sitting on the cloudflare ip

direct-connect.asianwench.com is sitting on the HG ip

i am assuming that he is redirecting asianwench.com to direct-connect.asianwench.com and then back to asianwench.com..




,

Make a complaint via a telephone interpreter to Crime Prevention and Detection Command Center, Ministry of Public Security http://www.mps.gov.cn

If you can speak to the right person you might find the results pleasantly surprising. It's a serious criminal offence in China to run a porn site.

Right, Cloudflare is certainly caching the pages and filtering the dns but not hosting the content. The caches expire regularly and Cloudflare retrieves them from HostGator. HostGator is hosting asianwench.com and www.asianwench.com, but not direct-connect.asianwench.com even though it is pointed to their IP.

Not that you'd need to but you can also confirm this is hosted at HostGator by editing your HOSTS file.
It resolves correctly to the page hosted at HostGator. You get the 404 because HostGator's configuration doesn't have 'direct-connect' added, but the webmaster can use the direct-connect entry for SSH or FTP or whatever.

yes, now i see...

this is very clever..

i wish this was available back when i was spamming... :1orglaugh





.