# Warning to hosting company providers - urge action taken



## RiotSecurity (Oct 4, 2013)

This guy is currently going around to providers on *LET* and *WHT*, possibily *VPSBoard* (traced it back to *LET* mostly) and purcashing services to host his CP.

Domain: "*jaybeee*" . * (current: name) (warning: graphic content, *do not suggest visiting, urge you take action to terminate this customer if he registers for your hosting company)*
Infraction: Child Porn hosted *(posession, distrubution)*
Current Provider: *PrivateLayer* (Swiss)

Information --
*First Name Jimmy
Last Name Mojeno
Email Address [email protected]
Address 1 * Removed *
City Quezon city
State/Region mla
Postcode * Removed *
Country PH - Philippines
Phone Number * Removed **

His current provider has multiple complaints been sent in.


----------



## blergh (Oct 4, 2013)

That old jaybee.cc site? I remember the perlscript that scraped the entire site, lulz.


----------



## jarland (Oct 4, 2013)

Thank you for the warning.


----------



## DaringHost (Oct 4, 2013)

Thanks for the warning, I've made note of it. Luckily he hasn't signed up with us. Hopefully it stays that way!


----------



## RiotSecurity (Oct 4, 2013)

jarland said:


> Thank you for the warning.


No problem.


----------



## kro (Oct 5, 2013)

Yes many thanks!


----------



## XLvps (Oct 5, 2013)

Thanks for the heads up.


----------



## RiotSecurity (Oct 5, 2013)

As of today, he has changed hosting companies to Portlane Networks AB


----------



## MartinD (Oct 5, 2013)

There's more to this story than this. What else is happening is he's running nginx reverse proxy and various other bits.


----------



## ServerBros (Oct 6, 2013)

We have had him sign up, and terminated him - His excuse was they were not underage however it was clear from the start that they were. Utter scum, hope he rots in hell.


----------



## RiotSecurity (Oct 6, 2013)

ServerBros said:


> We have had him sign up, and terminated him - His excuse was they were not underage however it was clear from the start that they were. Utter scum, hope he rots in hell.


I hope he didn't use a VPN or Proxy and you reported it (even if he did or not).


----------



## ServerBros (Oct 6, 2013)

RiotSecurity said:


> I hope he didn't use a VPN or Proxy and you reported it (even if he did or not).


We reported him to IC3 and ACPO - hopefully the scum gets caught, didn't seem to be a proxy from what I can see, heres his details from our signup.

First Name Jimmy Last Name Moheno Company Name   Email Address [email protected] Address 1 HIDDEN Address 2   City Quezon city State/Region mla

DOMAIN : jaybeee.name

Date: 15/09/2013 14:59

IP Address: 112.210.168.159

Host: 112.210.168.159.pldt.net


----------



## RiotSecurity (Oct 6, 2013)

ServerBros said:


> We reported him to IC3 and ACPO - hopefully the scum gets caught, didn't seem to be a proxy from what I can see, heres his details from our signup.
> 
> First Name Jimmy Last Name Moheno Company Name   Email Address [email protected] Address 1 HIDDEN Address 2   City Quezon city State/Region mla
> 
> ...


 ISP:

Philippine Long Distance Telephone

Organization:

Philippine Long Distance Telephone


----------



## blergh (Oct 6, 2013)

Ah, this does not seem to be the same person as i previously mentioned. Nice with CP on clearweb, ugh.


----------



## RiotSecurity (Oct 6, 2013)

He's changed hostings again.


----------



## Magiobiwan (Oct 6, 2013)

Has anyone informed the FBI/Law Enforcement about this person? They tend to take a dim view of pedophiles and/or people who host child porn materials.


----------



## kro (Oct 6, 2013)

Magiobiwan said:


> Has anyone informed the FBI/Law Enforcement about this person? They tend to take a dim view of pedophiles and/or people who host child porn materials.



Looks easy enough: http://www.asacp.org/index.php?content=report

But he'll just keep jumping ship :/


----------



## jarland (Oct 6, 2013)

blergh said:


> Ah, this does not seem to be the same person as i previously mentioned. Nice with CP on clearweb, ugh.


I love it. Easy catch. These are the people who deserve their door bashed in. Supporting the exploitation of children.


----------



## MartinD (Oct 7, 2013)

The relevant authorities (CEOP and CPIIU) have been informed and are aware of what's going on.


----------



## drmike (Oct 7, 2013)

Umm, not to jump on the bandwagon....

How did we discover this user was hosting such?


----------



## MartinD (Oct 7, 2013)

I'd imagine an abuse complaint was received by someone.


----------



## RiotSecurity (Oct 7, 2013)

buffalooed said:


> Umm, not to jump on the bandwagon....
> 
> How did we discover this user was hosting such?


My mate informed me of it, as he was using my mates hosting after Romanian police kicked in the doors and shutdown a server for a few hours.


----------



## RiotSecurity (Oct 7, 2013)

MartinD said:


> I'd imagine an abuse complaint was received by someone.


You could say that...

Romanian police kicking the server offline is kinda like a abuse report.


----------



## Aldryic C'boas (Oct 7, 2013)

Birds of a feather.


----------



## drmike (Oct 7, 2013)

Oh Romania....  That country and hosting sure are a fun topic.

So they frown on the young content, but everything else is fine  ?

I worry about legitimate claims of such content, but more importantly the producers of such content.

Equally disturbing is the emotional jerk strings such content has nearly universally.  It is becoming the new thing to plant on folks, as drugs were in the past.


----------



## jarland (Oct 7, 2013)

buffalooed said:


> Umm, not to jump on the bandwagon....
> 
> 
> How did we discover this user was hosting such?


Hard to be in this business without seeing it. Still makes my blood boil every time.


----------



## kro (Oct 7, 2013)

jarland said:


> Hard to be in this business without seeing it. Still makes my blood boil every time.


Yeah its a bit of a pitta, if only it could be automated ;/


----------



## NetWatcher (Oct 8, 2013)

ServerBros said:


> We reported him to IC3 and ACPO - hopefully the scum gets caught, didn't seem to be a proxy from what I can see, heres his details from our signup.
> 
> First Name Jimmy Last Name Moheno Company Name   Email Address [email protected] Address 1 HIDDEN Address 2   City Quezon city State/Region mla
> 
> ...


Reporting to Resell.biz (Cloud Group Limited) - domain registry

Also might be good idea. 

Such ill minds should be stopped at any possible way. 

@Topic creator 

Thanks for warning!


----------



## drmike (Oct 8, 2013)

Well, I had to go look and see what this site was...

F'n great...  Thanks a lot.

What is disturbing is the images.  There are 200+ pages of them.  Active still working photos go all the way back to 2011 at least.

How has this fool continued to spew this stuff for so long?


----------



## Magiobiwan (Oct 8, 2013)

AND you just gave the FBI reason to arrest you for CP should they desire. Apparently viewing it is illegal, since you retain it on your computer in the form of cache.


----------



## jarland (Oct 8, 2013)

Magiobiwan said:


> AND you just gave the FBI reason to arrest you for CP should they desire. Apparently viewing it is illegal, since you retain it on your computer in the form of cache.


Which is hilarious considering that they have not only viewed, but allowed or encouraged distribution themselves in their efforts. My least favorite phrase is "the end justifies the means."


----------



## drmike (Oct 9, 2013)

Magiobiwan said:


> AND you just gave the FBI reason to arrest you for CP should they desire. Apparently viewing it is illegal, since you retain it on your computer in the form of cache.


The FBI can fuck off truly.  If seeing what is there was a crime, then their ilk is hardcore offender.  Add it to their laundry list and put it on my life tab.

I'm was wondering if this site was still online - and hadn't been pushed offline and of course the mechanics of how the host was delivering these files (all 3rd party image upload sites).

Images on that site seem to be hugely taken from cam hosting services. Exploitation via chat and webcam.

Note to self - cam hosting and image hosting = bad businesses to freely and idealistically provide services in.  Filter and babysit.  ToS prohibiting such or greatly restricting them.

I run cacheless BTW... nothing hits a disk either.   I saw 5000 murders on TV yesterday.  Maybe the FIBs can address those too.


----------



## MartinD (Oct 9, 2013)

It's a grey area.

If you're a webhosting provider and you are alerted to the presence of this material then for you to go and check (effectively looking at the material) isn't an offence per se. If, however, you go to check it and spend an hour or whatever looking through it all then your motives are questionable. On the other hand, if you quickly flick through and form the opinion that the content is indeed of a questionable nature and proceed to inform the authorities then you have, in essence, washed your hands clean of any involvement in the distribution or cultivation of said material and done the right thing. It is then up to the authorities to direct you in the correct course of action with a view to having the distribution stopped and the offender caught or at least traced.

@buffalooed, sitting there and going through it when you don't really have a reason to be would be questionable IN MY OPINION. I do, however, understand the curiosity in seeing what technology is being used for distribution.. as would be the case of any website and not one specific to this disgusting crap.

If it were me, unless you have a direct involvement in the issue, steer well clear. Just because you run cacheless and nothing hits the disk doesn't mean you cannot be tracked, traced or prosecuted.


----------



## Joodle (Oct 9, 2013)

I wish i never visited that website...

This is just really disgusting that people enjoy watching this 

Thanks for the warning though, will keep an eye on orders with this domain name


----------



## WSWD (Oct 9, 2013)

buffalooed said:


> How has this fool continued to spew this stuff for so long?


To be honest...it continues because nobody cares about that stuff.  That's just speaking from my experience.  Others may have had different luck, but I've encountered child pornography a small handful of times on our servers over the years, reported them to all sorts of folks, and never heard back...not once.  Literally not one time has anybody ever contacted me for further information.  Hell, I probably still have their sites archived on CD somewhere (they were deleted from the server darn near immediately).  But nobody has ever contacted me.  Ah well...


----------



## kro (Oct 9, 2013)

WSWD said:


> To be honest...it continues because nobody cares about that stuff.  That's just speaking from my experience.  Others may have had different luck, but I've encountered child pornography a small handful of times on our servers over the years, reported them to all sorts of folks, and never heard back...not once.  Literally not one time has anybody ever contacted me for further information.  Hell, I probably still have their sites archived on CD somewhere (they were deleted from the server darn near immediately).  But nobody has ever contacted me.  Ah well...


Small fish is small fish.


Catching the source is probably the goal :/


----------



## rds100 (Oct 9, 2013)

@WSWD careful with that, you never know who might decide to accuse you of collection child porn (and even archiving it on CDs).


----------



## WSWD (Oct 10, 2013)

rds100 said:


> @WSWD careful with that, you never know who might decide to accuse you of collection child porn (and even archiving it on CDs).


I probably couldn't even find those if I tried, but I know I put them on CD originally.  Most of them are quite a few years old.

I took a full archive of the site, webpages and everything.  Also had screenshots of the user's website, domain whois, client info, client login IPs, etc.  Agreed that it might not be prudent just to take the images and store them somewhere.  In fact, that would probably be really bad.  ha ha!  But I would hope the FBI or whomever investigates that stuff would understand the need for archiving the material, so that it could be deleted from the server.  Hell, if I left it on the server and waited for them, it would still be there...years later.  LOL!


----------

