I got caught last week and received an email from my ISP concerning the sharing of a file like 24hrs or so after downloading it.

I took a break for a few months while keeping on the straight and narrow until last week when I needed an episode.

I was using PeerGuardian 2 which didn't save me this time. However when I looked through previous people's posts, PeerGuardian should have had the IP blocked so I don't know how one slipped through.


> Internet Anti-Piracy Team,
> Worldwide Anti-Piracy Operations
> NBC UNIVERSAL
> 100 Universal City Plaza 1220/2
> Universal City, CA 91608
> tel. (818) 777-4876
> fax (818) 866-2155
> antipiracy@nbcuni.com
>
> *pgp public key is available on the key server at
> ldap://keyserver.pgp.com
> ** For any correspondence regarding this case, please send your emails to antipiracy@unistudios.com and refer to Notice ID: *. If you need immediate assistance or if you have general questions please call the number listed above.
> Title: ***TV EPISODE***(TV)
> Infringement Source: BitTorrent
> Initial Infringement Timestamp: 14 Mar 2006 22:49:27 GMT Recent
> Infringment Timestamp: 14 Mar 2006 22:49:27 GMT Infringer Username:
> Infringing Filename: >***TV EPISODE***
> Infringing Filesize: 183554048
> Infringers IP Address: MY IP ADDRESS
> Infringers DNS Name: MY IP ADDRESS.*.*.*.co.uk
> Infringing URL:
> MY IP ADDRESS\>***TV EPISODE***
>
>
> - ---Start ACNS XML
> <?xml version="1.0" encoding="iso-8859-1"?>
>
> <Infringement xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:noNamespaceSchemaLocation="http://mpto.unistudios.com/xml/Infringe
> ment_schema.xsd">
> <Case>
> <ID>*</ID>
> <Status>Pending</Status>
> </Case>
> <Complainant>
> <Entity>NBC Universal</Entity>
> <Contact>Aaron Markham, Director of Internet Anti-Piracy</Contact>
> <Address>100 Universal City Plaza (2160/7E), Universal City,
> California 91608 United States of America</Address>
> <Phone>818-777-4876,</Phone> <Email>antipiracy@nbcuni.com</Email>
> </Complainant>
> <Service_Provider>
> <Entity>UK ISP</Entity>
> <Address>UK ISP
> </Address>
> <Email>abuse@*.co.uk</Email>
> </Service_Provider>
> <Source>
> <IP_Address>MY IP ADDRESS</IP_Address>
> <DNS_Name>MY IP ADDRESS.*.*.*.co.uk</DNS_Name>
> <Type>BitTorrent</Type>
> <UserName></UserName>
> <Number_Files>1</Number_Files>
> <Deja_Vu>False</Deja_Vu>
> </Source>
> <Content>
> <Item>
> <Title>***TV EPISODE***(TV)</Title>
> <FileName>***TV EPISODE***</FileName>
> <FileSize>183554048</FileSize>
> <URL>MY IP ADDRESS\***TV EPISODE***</URL>
> <TimeStamp>2006-03-14T22:49:27.000Z</TimeStamp>
> </Item>
> </Content>
> </Infringement>
> - ---End ACNS XML
> -----BEGIN PGP SIGNATURE-----
> Version: 8.0

did you happen to have pg2 logging at this time?

__________________
PeerGuardian § Posting PeerGuardian 2-Logs § HOSTS File § Windows Worm Doors Cleaner § "Personal Firewalls" are snake-oil! § VLC media player § Media Player Classic § FrostWire (LimeWire alternative) § µtorrent § Invalid IP Reports (Bluetack)

Yeah! We need to see a log. There are quite a few NBC IP's but there very well could be a new range for them too. Thanks!

__________________
HYBRID MAN!

My websites: http://wwwmyblogprostatehealth-treatment.blogspot.com/
http://sportscue.blogspot.com/
http://hubpages.com/profile/tonybologna
http://prostatecare.weebly.com/

Well PG2 is always running and I believe it should be logging as default.

I'll get a log later for you guys when I'm back home.

EDIT:

My allowed log is 24Mb or so.

Should I filter out all the entries and just leave the bittorent entries identified by my bittorent port number to limit the size of the log?

Or what is the best way for me to submit.

Also, if the infringment is stated at such a time, does one like myself that lives in the UK have consider the time difference when tracing the suspected log entry?

Take a look at this guide for posting your PG2 logs here on the forums:

http://forums.phoenixlabs.org/t10999...-pg2-logs.html

Be sure to block out your IP address when posting the log. Also, we only need about 30 minutes before & 30 minutes after the alleged infringement timestamp. I sure hope you had PG2 setup to log 'Allowed" connections too. This will help tremendously in determining if there is possibly a new IP range for NBC. Thanks!

__________________
HYBRID MAN!

My websites: http://wwwmyblogprostatehealth-treatment.blogspot.com/
http://sportscue.blogspot.com/
http://hubpages.com/profile/tonybologna
http://prostatecare.weebly.com/

Since the Initial Infringement Timestamp was 14 Mar 2006 22:49:27 GMT, you should gather all possible logs 30 minutes before and after that time stamp.

You will need to take in consideration your timezone with GMT...to export all possible logs, please use this image as a guide,


When the logs are exported, how big are they?

If they aren't too big, post them as an attachment.

__________________
PeerGuardian § Posting PeerGuardian 2-Logs § HOSTS File § Windows Worm Doors Cleaner § "Personal Firewalls" are snake-oil! § VLC media player § Media Player Classic § FrostWire (LimeWire alternative) § µtorrent § Invalid IP Reports (Bluetack)

Since the Timestamp is GMT, I don't have to consider the time change.

Attached is my Allowed PG2. Its a zipped txt file to obey the attachment size regulation.

Hopefully someone spots something.

Attached Files

pg2allowedlog.zip (396.3 KB, 7 views)

I have checked through your log file for a few entries. I checked 5 minutes before & 5 minutes after the alleged infringment timestamp(March 14th 22:49:27) & I didn't find anything suspicious from NBC. However, I will look into the log further over the weekend & possibly someone else here will help us too. Thanks!

I was able to do a WHOIS lookup on the IP from the exact timestamp(March 14th 22:49:27) & here's the results for ya: This wouldn't have anything to do with your infringment so we need to look into this more. Thanks!

219.155.111.166


Blacklist Status: Clear
Cached Whois: Cached today
Whois History: 2 records stored
Oldest: 2006-03-16
Newest: 2006-03-24
Record Type: IP Address
IP Location: China China - Shanghai - Shanghai - Cncgroup Henan Province Network
Reverse IP: No websites hosted using this IP address
Reverse DNS: not set
inetnum: 219.154.0.0 - 219.157.255.255
netname: CNCGROUP-HA
country: CN
descr: CNCGROUP Henan province network
admin-c: CH455-AP
tech-c: WW444-AP
status: ASSIGNED NON-PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HA
mnt-routes: MAINT-CNCGROUP-RR
changed: Whois Privacy and Spam Prevention by Whois Source 20031201
changed: Whois Privacy and Spam Prevention by Whois Source 20040302
changed: Whois Privacy and Spam Prevention by Whois Source 20040927
changed: Whois Privacy and Spam Prevention by Whois Source 20060124
changed: Whois Privacy and Spam Prevention by Whois Source 20060126
source: APNIC

route: 219.154.0.0/15
descr: CNC Group CHINA169 Henan Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: Whois Privacy and Spam Prevention by Whois Source 20060118
source: APNIC

role: CNCGroup Hostmaster
e-mail: Whois Privacy and Spam Prevention by Whois Source
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: Whois Privacy and Spam Prevention by Whois Source 20041119
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Wei Wang
nic-hdl: WW444-AP
e-mail: Whois Privacy and Spam Prevention by Whois Source
address: #37 Wei Wu Road, Zhengzhou, Henan Provice
phone: +86-371-65952358
fax-no: +86-371-65968952
country: CN
changed: Whois Privacy and Spam Prevention by Whois Source 20060205
mnt-by: MAINT-CNCGROUP-HA
source: APNIC

__________________
HYBRID MAN!

My websites: http://wwwmyblogprostatehealth-treatment.blogspot.com/
http://sportscue.blogspot.com/
http://hubpages.com/profile/tonybologna
http://prostatecare.weebly.com/

What were you using to download these files? The letter mentions BitTorrent, but what client and version?

The UDP connections are probably just DHT, and I don't know if they could be linked with Antip2p or not...since those are likely just DHT peers asking "hey, do you have this file in your queue?".

__________________
PeerGuardian § Posting PeerGuardian 2-Logs § HOSTS File § Windows Worm Doors Cleaner § "Personal Firewalls" are snake-oil! § VLC media player § Media Player Classic § FrostWire (LimeWire alternative) § µtorrent § Invalid IP Reports (Bluetack)