UGVPS = Thomas Dale = Crystal Dale = ChicagoVPS = Dig the Mine

[drmike]

( Hey LowEndTalk @jake, steal this post and repost  )

TL;DR 2.0

Thomas LEOnard Dale owns UGVPS and works for ChicagoVPS.   His IPs match recent IRC logins and past tense logins as an administrator of Chicago VPS, account  tleonard.  He goes by the username CVPS_Tleo on LowEndTalk, so say hello to him.

---------------------------------------------------------------------------------------------------------------------

UGVPS = Thomas Dale = Crystal Dale = ChicagoVPS

If you have been around the LowEnd hosting world for the past year, you likely noticed UGVPS (UniqueGeek).
[http://ugvps.com/]

UGVPS appeared on November 1,2012, with a $4.99/mo 1GB OpenVZ offer in Lenoir, NC (Dacentec), Chicago, IL (Colocrossing) and Newcastle, UK.
[http://lowendbox.com/blog/ug-vps-4-99month-1gb-openvz-vps-in-north-carolina-chicago-and-uk/]

By December 15, 2012, UGVPS did its best ChicagoVPS impersonation with a $6.99/mo 2GB of RAM offer and added a second Colocrossing location in Los Angeles to the mix.
[http://lowendbox.com/blog/ugvps-6-99month-2048mb-openvz-vps-in-los-angeles-chicago-lenoir-newcastle-uk/]

April 2, 2013, brought another milestone offer from UGVPS with $19 for 6 months of 2GB RAM OpenVZ ($3.16 a month). Added to the locations, Colo@ in Atlanta. Problem like with most Colocrossing shell companies is that the colocation upstream owner is indeed Colo@, but between UGVPS and Colo@ is Colocrossing.
[http://lowendbox.com/blog/ugvps-19half-year-2gb-openvz-in-atlanta-chicago-los-angeles/]


The Fall of ChicagoVPS – a summary of two major bloopers with customer database

ChicagoVPS is known for insane pricing on large RAM VPS packages (2GB and more recently 3GB) at less than $7 a month. Rumors persist that ChicagoVPS is able to offer these prices due to two factors:

1. Mass overselling of resources (substantiated by the database ratio of accounts to servers)
2. Relationship / ownership by popular low end dedicated server and colo facility Colocrossing.

What you got for being a valued CVPS customer in the past year was your account information made public, your data lost and long wait times as CVPS and their unrelated “host” Colocrossing and a batch of other questionable VPS companies mopped up the destruction.

These database disclosures are the source of validation that UGVPS isn't just another ChicagoVPS / Colocrossing customer, but is something far more.


Introducing CVPS_Tleo taking over where CVPS_Adam left off
How to catch a rat in a trap

As witnessed just this week via a popular industry IRC channel:










[email protected]) is authed as cvps-tleo
Who is this masked man called cvps-tleo? CVPS = ChicagoVPS and cvps-tleo thrown into Google yields the account information on LowEndTalk where CVPS-Tleo has replaced CVPS_Kevin, ahh renamed CVPS_Adam after last hack since admin data showed Kevin = Adam Ng. Another long term lie sprung upon the industry by ChicagoVPS, see here for conversation on Kevin/Admin:
http://vpsboard.com/topic/780-kevin-hillstrand-is-a-fraud-adam-ng-is-his-name//

Back to Tom living at 198.23.128.0:










Netrange 198.23.134.0

NetRange: 198.23.134.0 - 198.23.134.31
CIDR: 198.23.134.0/27
OriginAS: AS36352
NetName: CC-198-23-134-0-27
NetHandle: NET-198-23-134-0-1
Parent: NET-198-23-128-0-1
NetType: Reallocated
RegDate: 2013-07-18
Updated: 2013-07-18
Ref: http://whois.arin.net/rest/net/NET-198-23-134-0-1

OrgName: Dig The Mine
OrgId: DM-141
Address: 16 Ambrose St
City: Pittston
StateProv: PA
PostalCode: 18640
Country: US
RegDate: 2013-07-18
Updated: 2013-07-18
Ref: http://whois.arin.net/rest/org/DM-141

So what? Some fellow in Pittston, Pennsylvania, with a domain called digthemine.com, yawn.


Whois digthemine.com










Domain Name: DIGTHEMINE.COM
Registrar URL: http://www.godaddy.com
Updated Date: 2013-06-30 02:33:18
Creation Date: 2013-06-30 00:48:25
Registrar Expiration Date: 2014-06-30 00:48:25
Registrar: GoDaddy.com, LLC
Registrant Name: Thomas Dale
Registrant Organization:
Registrant Street: 16 Ambrose Street
Registrant City: Pittston
Registrant State/Province: Pennsylvania
Registrant Postal Code: 18640
Registrant Country: United States
Admin Name: Thomas Dale
Admin Organization:
Admin Street: 16 Ambrose Street
Admin City: Pittston
Admin State/Province: Pennsylvania
Admin Postal Code: 18640
Admin Country: United States
Admin Phone: +1.5709918195
Admin Fax:
Admin Email: [email protected]
Tech Name: Thomas Dale
Tech Organization:
Tech Street: 16 Ambrose Street
Tech City: Pittston
Tech State/Province: Pennsylvania
Tech Postal Code: 18640
Tech Country: United States
Tech Phone: +1.5709918195
Tech Fax:
Tech Email: [email protected]
Name Server: NS1.DIGTHEMINE.COM
Name Server: NS2.DIGTHEMINE.COM

Thomas Dale? Hmmmm where have I heard this name before?

http://www.corporationwiki.com/Pennsylvania/Wilkes-Barre/thomas-dale/93227596.aspx

That yields ---> Warfront Cafe LLC

What or who is Warfront Cafe? Don't trust me, trust that pillar of trust LowEndBox:
http://lowendbox.com/blog/ug-vps-4-99month-1gb-openvz-vps-in-north-carolina-chicago-and-uk/
 

“UG VPS were launched earlier this month. I’ve been informed that they are not yet a registered company but will be in the near future. Their domain is, however, registered to a “Warfront Café LLC” which it appears was a previous project of theirs; interestingly enough, a gaming cafe”

Well hello Crystal, how are you doing, hun? All we hear in the industry is this UGVPS and that hottie Crystal, a geek chic. Think again dweebs.

But, maybe it's just some name confusion or something sinister and conspiratorial 

whois ugvps.com
 








Domain Name: UGVPS.COM
Registrar URL: http://www.godaddy.com
Updated Date: 2013-08-01 12:24:55
Creation Date: 2012-10-02 17:00:08
Registrar Expiration Date: 2014-10-02 17:00:08
Registrar: GoDaddy.com, LLC
Registrant Name: Crystal Dale
Registrant Organization: Warfront Cafe LLC
Registrant Street: 23 walnut st
Registrant City: wilkes barre
Registrant State/Province: Pennsylvania
Registrant Postal Code: 18702
Registrant Country: United States
Admin Name: Crystal Dale
Admin Organization: Warfront Cafe LLC
Admin Street: 23 walnut st
Admin City: wilkes barre
Admin State/Province: Pennsylvania
Admin Postal Code: 18702
Admin Country: United States
Admin Phone: +1.5707987184
Admin Fax:
Admin Email: [email protected]
Tech Name: Crystal Dale
Tech Organization: Warfront Cafe LLC
Tech Street: 23 walnut st
Tech City: wilkes barre
Tech State/Province: Pennsylvania
Tech Postal Code: 18702
Tech Country: United States
Tech Phone: +1.5707987184
Tech Fax:
Tech Email: [email protected]
Name Server: DNS1.UGVPS.COM
Name Server: DNS2.UGVPS.COM

Mapping addresses:

Warfront Cafe:
Warfront Cafe LLC
23 walnut st
wilkes-barre, PA 18702
US

UGVPS:
23 walnut st
Wilkes-Barre, PA 18702





 

How close are these addresses geographically? 7.3 miles with pretty much a straight drive along River Road, only complicated by one way streets exiting Wilkes-Barre. One is urban and the other is the escape to the suburbs.

SO WHAT, THAT DOESN'T PROVE ANYTHING!!! WHERE'S THE SMOKING GUN?

Remember that ChicagoVPS hack? The one back on June 17, 2013, with time stamp of 7:51AM yields your smoking gun.


Remember:

As witnessed just this week via a popular industry IRC channel:
[email protected]) is authed as cvps-tleo

Looking at administrator access log information from the SolusVM exported data from CVPS hack in June 2013, we find a new administrator since the last hack in November 2012.

The new administrator, tleonard. Sounds quite a bit like CVPS_Tleo, doesn't it?

Remember we have Tleo traced back to DIGTHEMINE.COM, UGVPS and Warfront Cafe, but connecting him to ChicagoVPS internally, drumroll please.

tleonard (ChicagoVPS admin from CVPS data dump) --- these are the IP's used as per the dump log information:
 






108.50.20.76 – Verizon Scranton, PA
172.245.32.7 - ChicagoVPS
198.23.164.125 - ChicagoVPS
71.181.141.194 - Verizon Scranton, PA
71.181.141.198 - Verizon - Hazelton
72.79.130.76 - Verizon - Scranton - Hazelton
72.79.132.113 - Verizon

Darn it! Nothing. Oh wait, here we go:

198.23.134.9 - Dig the Mine

whois 198.23.134.9






#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.23.134.9?showDetails=true&showARIN=false&ext=netref2
#


# start

NetRange: 198.23.128.0 - 198.23.255.255
CIDR: 198.23.128.0/17
OriginAS: AS36352
NetName: CC-10
NetHandle: NET-198-23-128-0-1
Parent: NET-198-0-0-0-0
NetType: Direct Allocation
RegDate: 2012-10-05
Updated: 2012-10-05
Ref: http://whois.arin.net/rest/net/NET-198-23-128-0-1

OrgName: ColoCrossing
OrgId: VGS-9
Address: 8469 Sheridan Drive
Address: ATTN: ARIN
City: Williamsville
StateProv: NY
PostalCode: 14221
Country: US
RegDate: 2005-06-20
Updated: 2012-01-10
Ref: http://whois.arin.net/rest/org/VGS-9

OrgNOCHandle: VIALA-ARIN
OrgNOCName: Vial, Alex
OrgNOCPhone: +1-800-518-9716
OrgNOCEmail: [email protected]
OrgNOCRef: http://whois.arin.net/rest/poc/VIALA-ARIN

OrgTechHandle: NETWO882-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-800-518-9716
OrgTechEmail: [email protected]
OrgTechRef: http://whois.arin.net/rest/poc/NETWO882-ARIN

OrgAbuseHandle: ABUSE3246-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-800-518-9716
OrgAbuseEmail: [email protected]
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE3246-ARIN

# end


# start

NetRange: 198.23.134.0 - 198.23.134.31
CIDR: 198.23.134.0/27
OriginAS: AS36352
NetName: CC-198-23-134-0-27
NetHandle: NET-198-23-134-0-1
Parent: NET-198-23-128-0-1
NetType: Reallocated
RegDate: 2013-07-18
Updated: 2013-07-18
Ref: http://whois.arin.net/rest/net/NET-198-23-134-0-1

OrgName: Dig The Mine
OrgId: DM-141
Address: 16 Ambrose St
City: Pittston
StateProv: PA
PostalCode: 18640
Country: US
RegDate: 2013-07-18
Updated: 2013-07-18
Ref: http://whois.arin.net/rest/org/DM-141

OrgAbuseHandle: DALET3-ARIN
OrgAbuseName: Dale, Thomas
OrgAbusePhone: +1-716-435-7305
OrgAbuseEmail: [email protected]
OrgAbuseRef: http://whois.arin.net/rest/poc/DALET3-ARIN

OrgTechHandle: DALET3-ARIN
OrgTechName: Dale, Thomas
OrgTechPhone: +1-716-435-7305
OrgTechEmail: [email protected]
OrgTechRef: http://whois.arin.net/rest/poc/DALET3-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

 

[MannDude]

Good write up, good facts, easy-to-read. Wonder what their excuse will be?

EDIT: Any idea there has been an involvement? Fairly certain in the past they denied any sort of involvement. "Rent to own" or whatever. I don't know.

 

[AnthonySmith]

omfg with these threads, what is your problem, if you don't know you should seek professional help, this much obsession is not healthy.

I see a lot of coincidence but yet again no actual smoking gun.

Sold x-fered domain etc, and have access to the same network blocks due to CC cross over provider/host.

debunked because.... no actual evidence.

 

[drmike]

Facts are: 

1. "tleonard" works for CVPS

1.5 There is no T. Leonard as in first and last name order

2. tleonard = Thomas L.(eondard) Dale  

3. tleonard / Thomas Dale use IPs in same limited from Dig the Mine to access IRC (as CVPS_tleo) currently and to do admin work at CVPS as tleonard (early June 2013).

Here's the fucking pipe bomb:

4. Dig the Mine (digthemine.com) didn't exist prior to JUNE 30, 2013.  It was an expired domain.  When the CVPS hack happened (June 17, 2013) the IP range 198.23.134.0/27 was registered to someone else in Colocrossing land.  Maybe CVPS, maybe UGVPS.

AnthonySmith, don't you have some mythologically huge VPS offers to make somewhere?   I see some coincidence that you weren't joining the no-end til zero VPS offer toilet pool but now are the leader of it with 16GB VPS offers.  Just saying, you are acting a tad strange since you have a dog in this subsector race.

 

[AnthonySmith]

oh god...

smoking gun dude... show it to me and I am all over it, you have... coincidence.

VERY suspicious but as always no proof.

I wonder which host you secretly work for that is trying to destroy CVPS, very strange behaviour.. <see what I did there?

 

[texteditor]

buffalooed I love you this is art

 

[MartinD]

oh god...

smoking gun dude... show it to me and I am all over it, you have... coincidence.

VERY suspicious but as always no proof.

I wonder which host you secretly work for that is trying to destroy CVPS, very strange behaviour.. <see what I did there?

For someone who thinks everything buffalooed is doing is a waste of time you quite like to chime in on it, don't you?

 

[texteditor]

oh god...

smoking gun dude... show it to me and I am all over it, you have... coincidence.

VERY suspicious but as always no proof.

I wonder which host you secretly work for that is trying to destroy CVPS, very strange behaviour.. <see what I did there?

CVPS did a pretty good job of destroying themselves but I always enjoy buffalooed digging up gas to throw on their fire.

 

[drmike]

smoking gun dude... show it to me and I am all over it, you have... coincidence.

Septmber 2013:  IRC --> [email protected]) is authed as cvps-tleo

198.23.134.20 = Dig the mine. = UGVPS

198.23.134.9 = IP for tleonard used as ADMINISTRATOR at ChicagoVPS circa June 17, 2013 or earlier.

198.23.134.20 and 198.23.134.9 are in the same IP block.  That IP block is owned by CC and issued to Dig the Mine aka UGVPS.

You call that coincidence???!?!?!?!?!  

We aren't talking about some dynamic IP pool here ala Adam Ng's excuses.

 

[AnthonySmith]

Hey I agree with him, he is probably completely and totally 100% correct.

The point I am trying to make is that none of this constitutes actual evidence.

Your right MartinD I am vocal about it, be is about CVPS or anyone else, because its not healthy, its clearly an obsession which just trurns this place in to a cesspit of negativity, It seems you admins/owners dont care so .... sigh carry on regardless. 

 

[AnthonySmith]

You call that coincidence???!?!?!?!?!  

We aren't talking about some dynamic IP pool here ala Adam Ng's excuses.

I call it high probability. not evidence absolute. i.e. a smoking gun.

 

[drmike]

I call it high probability.  

Now we are getting somewhere.

 

[Aldryic C'boas]

For someone who thinks everything buffalooed is doing is a waste of time you quite like to chime in on it, don't you?

He's been rather vocal and hostile lately about issues not affecting him that could easily be ignored.  Not quite sure what his vested personal interest is.

 

[AnthonySmith]

indeed. but no actual proof

 

[MannDude]

It seems you admins/owners dont care so .... sigh carry on regardless. 

I don't remove threads, sink threads to disappear them, or censor threads unless absolutely warranted. CVPS_Chris (only mentioning him due to the nature of this particular thread) or someone could come here with a write-up supported by information they dug up or facts about Buffalooed, and it'd not go anywhere. This is an open community and anything legal will be tolerated.

Negative? Perhaps. But you're going to be hard-pressed to find a community for the industry that will allow such discussion.

If what has been stated is untrue, we've got an open registration and anyone can come and dispute it and provide their own side.

 

[AnthonySmith]

He's been rather vocal and hostile lately about issues not affecting him that could easily be ignored.  Not quite sure what his vested personal interest is.

Your right, I am being more vocal, the reason is simple.. the negativity and anti host gang is growing and it gets on my nerves.

I guess it has reached that time of the year or something, perhaps I do need a chill pill.

I will slowly back out of this before the bigger boys gang up on me. :wub:

 

[drmike]

Wait a second.. Is Anthony editing details of his posts just to materially make the thread look insane?

"Sold x-fered domain etc, and have access to the same network blocks due to CC cross over provider/host."

That wasn't there before.....

Squirm excuses all you want.  Please submit them to ChicagoVPS.  They'll need help on this one.

 

[Aldryic C'boas]

Nothing wrong with expressing an opinion   I'm past the point of caring about ChicagoCrossingVPS myself - even without the public drama, they've more than proven themselves untrustworthy just in our own business dealings.  Anything new like this is just so much noise to me - but honestly, I do enjoy these threads just to give props and respect for pub's investigation skills.

Continuing the honesty though... yeah, you have been a bit harsh lately.  But like you said, could be that time of year.  I've certainly had those moments myself

 

[AnthonySmith]

Nothing wrong with expressing an opinion   I'm past the point of caring about ChicagoCrossingVPS myself - even without the public drama, they've more than proven themselves untrustworthy just in our own business dealings.  Anything new like this is just so much noise to me - but honestly, I do enjoy these threads just to give props and respect for pub's investigation skills.

Continuing the honesty though... yeah, you have been a bit harsh lately.  But like you said, could be that time of year.  I've certainly had those moments myself

Yeah your right, I got so far past caring it actually gets annoying when brought up again, that is probably what hit my trigger this time. I know I have my moments that probably comes across as a rage but honestly I mean nothing by it, I am literally the most placid person in the known universe 99% of the time.

Ho hum. carry on, sorry for the disturbance.

edit... or did I?

 

[drmike]

"Sold x-fered domain etc, and have access to the same network blocks due to CC cross over provider/host."

1. 198.23.134.20 and 198.23.134.9  Those IPs I can't say the history of, but someone else can dig them up.  CC's allocation.

2. The IP's of those accesses for tleonard the CVPS admin are in the same geographic service area as UGVPS principals reside.

3. The cvps-tleo and thomas leonard match up pretty good as name variations of the same person.

But all that aside, we have someone coming into IRC with a DIGTHEMINE IP, which is owned by UGVPS, with his username being cvps-tleo.

There is no reason or explanation to explain why CVPS employee would be utilizing UGVPS delegated IPs today/recently and doing so in the past (June 2013) when the IPs weren't issued to DigTheMine since it didn't exist.  But all that happened.

So it is either Thomas / Crystal Dale and working for ChicagoVPS or you are massively delusional.   There isn't an inch of wiggle room on this one.

What excuses are folks going to make for the piss poor behavior here on this?  Some other person with same info/names/geographically basically that isn't them?  Or wait, Crystal owns and operates UGVPS and her husband works for ChicagoVPS but there is no conflict or anything.