In message <[email protected]>, Job Snijders <[email protected]> wrote:
>The dates, the website at https://www.thriftdrug.org/, the non-US origin >of the announcement all seem to suggest that someone discovered the >block was dangling, the domain unregistered, and some quick registration >& forgery could lead to treasure. Yes. My apologies to all. I made a bit of a mistake here. Note that I no longer use the term "hijacked" because it is too imprecise. These days I only use the terms "squatted" or "stolen" where the latter is a term that I reserve for cases where the relevant WHOIS record has actually been fiddled. Upon further review, this block (206.195.224.0/19) now appears to have been stolen, i.e. with the (assumed unwitting) participation of ARIN. As Job has noted, multiple aspects of the WHOIS record are most certainly non-conformant with common sense. I highlight these below. (I have attempted to call the new contact phone number and it is dead/disconnected.) It is my hope, of course, that the apparent illicit take-over of this block was a product of garden variety incompetence @ ARIN, rather than, you know, the alternative. It appears from ARIN WhoWas data that this takeover began on 2019-08-12 with additional fradulent changes to the WHOIS also on 2019-08-14, 2019-08-15, and lastly 2019-09-24, when the OriginAS was fiddled to its present state. ================================================================== [Source: whois://whois.arin.net 2020-01-27 04:18:39 UTC] NetRange: 206.195.224.0 - 206.195.255.255 CIDR: 206.195.224.0/19 NetName: THRIFT-NET-1 NetHandle: NET-206-195-224-0-1 Parent: NET206 (NET-206-0-0-0-0) NetType: Direct Assignment OriginAS: AS12679 <========================= Russia ???? Organization: Thrift Drug, Inc. (THRIFT) RegDate: 1995-08-03 Updated: 2019-09-24 Ref: https://rdap.arin.net/registry/ip/206.195.224.0 OrgName: Thrift Drug, Inc. OrgId: THRIFT Address: 100 Delta Drive City: Pittsburgh StateProv: PA PostalCode: 15238 Country: US RegDate: 1994-03-15 Updated: 2019-08-14 Ref: https://rdap.arin.net/registry/entity/THRIFT OrgAbuseHandle: WEBBK16-ARIN OrgAbuseName: Webb, Kristi OrgAbusePhone: +1-885-923-1290 <================ dead/bogus OrgAbuseEmail: [email protected] <=============== bogus/parked OrgAbuseRef: https://rdap.arin.net/registry/entity/WEBBK16-ARIN OrgTechHandle: WEBBK16-ARIN OrgTechName: Webb, Kristi OrgTechPhone: +1-885-923-1290 <================ dead/bogus OrgTechEmail: [email protected] <=============== bogus/parked OrgTechRef: https://rdap.arin.net/registry/entity/WEBBK16-ARIN
