New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
is m247 faking their locations?
https://airvpn.org/forums/topic/48682-is-m247-falsifying-server-locations/
is this even possible?
Comments
Geolocation can be set to anything the provider wants really.
M247 helpfully sent us some unsolicited mail the other day, so here's a list of the full virtual => physical mappings for their services.
(Direct lift from their email. It's implied any other locations are physical PoPs).
IP Geolocated in :
Asia - Vietnam – Hanoi (Physical Server located in Singapore)
Asia - Philippines – Manila (Physical Server located in Singapore)
Asia - Cambodia - Phnom Penh (Physical Server located in Singapore)
Asia - South Africa,Johannesburg (Physical Server located in Singapore)
Asia - Taiwan (Physical Server located in Singapore)
Europe - Egypt – Cairo (Physical Server located in Bucharest)
Europe - Turkey – Istanbul (Physical Server located in Sofia)
Europe – Russia (Physical Server located in Norway)
USA - Brazil (Physical Server located in Miami)
USA - Mexic (Physical Server located in Miami)
Neat, didn't know that Egypt has moved to Europe 😂
Trump will be delighted to find out that Mexico is in fact in the USA. That's why he didn't build the wall.
OVH, IBM and now m247 practicing dirty marketing tricks. Shame! Shame!
My VPS from HostUS is located in Amsterdam, NL (from Clouvider) and it displays location as: America/Chicago
Very typical with many commercial VPN services. They require this kind of geolocation changes from their hosting providers to "offer" locations where they do not have physical servers.
Maybe offtopic but, many VPN providers do fake their server locations. They claim they offer many exotic locations but it turns out that the server is actually located in US or EU. The whois country code is that exotic location tho.
When you contact them, they say GeoIP databases are unrelieable. This seems to be a common practice now.
Yeah, this is trivial to prove through ping times.
I think this is different to just fake geolocation. M247 are lying to AirVPN and saying that the servers are physically located in a Cogent data center in Phoenix, but I get ~0.4ms pings from one of my VPSes in Los Angeles to their "Phoenix" VPN servers, which is physically impossible.
I'm "Daniel15" in that thread too... I'll just copy and paste my comment here:
As a side note, AirVPN are a very good VPN provider, and they allow port forwarding (up to 20 ports, and you can pick the port numbers)
Plot twist, your LA server is in Phoenix.
Plot twist: All the Cogent
lax
routers are actually in Phoenix tooMaybe that's what "co-location" meant all along.
I believe this is mostly as a result of people going toward using the cheapest geolocation services that don't really update the geolocation often or make super ballpark guesses rather than attempt to do it logically. And then of course no one really asking these providers for "proof" to correct them.
The only geolocation service provider I've seen that appears to geolocate properly is:
https://db-ip.com/
Yet they are relatively expensive, so not as many people use them. Instead, they go to Maxmind that basically, as far as I know sells people a database much cheaper, rather than even using live API calls. So it adds another degree of issues.
When you contact them, they say GeoIP databases are unrelieable. This seems to be a common practice now.
We've also had issues with them (Maxmind) in the past where in effort of blocking these companies from coming up with fake locations, they just denied our request to fix the geolocation. Then of course, customer gets upset with us because a third party is doing something wrong. So it goes both ways, even when we are trying to correct these locations they won't listen.
Easiest solution that could be fairly accurate would be if the person's IP address is pinged/triangulated on top of the geolocation service but I guess no one wants to set that up.
There's two mistakes Maxmind seems to make, the first is "averaging" an IP when they're unsure rather than saying they're unsure. So if they think it's somewhere in US, then it's in Kansas. The second, which is what you seem to be facing, is they usually go with the original company that was assigned the IP addresses and where they were located for the country, so it could just mean Clouvider is using an IP block that was at some point registered to a company in Chicago.
Not sure if your geolocation is from them, but just a quick educated guess.
Unfortunately it seems like even db-ip doesn't catch this one. I've seen db-ip be fairly accurate but there might be a threshold they use for ping times and they see this one as close enough to Phoenix so I assume they just take their word for it and assume it is in fact Phoenix.
I've seen db-ip report some of our IPs in Buffalo as somewhere in Pennsylvania maybe in the past when Maxmind marked it as "Kansas" because it was guessing it. So they're definitely using some kind of triangulation or something, but it's not perfect.
Yeah, this makes me think they keep it just close enough to where the ping times are semi-believable and they slip through other methods of checking geolocation as well.
It makes M247 pretty desirable for fraud, a lot of these that used to slip through our Maxmind anti-fraud system were M247. Our new anti-fraud system does luckily detect these better though but it also ends up hurting people that have a smaller ISP that incorrectly gets marked as being a VPN.
They faked a couple locations when we worked with them, Phoenix being one of those. I called them out, they refused to admit that it’s true despite pretty obvious local traceroutes and later a tip from someone. Then I just wasn’t having any of it and we dropped everything we did with M247 (thankfully)
GeoIP databases are, I had an IP range Google kept geolocating the IP to somewhere in the UAE, it was rather annoying if I'd logged into gmail via an IP from that range it would often cause an alert.
Given I'd physically visited the rack and installed some of the hardware I can confidently say it wasn't in the UAE unless someone had stolen the kit and shipped it half way round the world when I was sleeping and managed to pull it off without tripping a single monitoring alarm.
The first time I know Location can be fake... I mean, it should be contract stated, right?
i heard some crazy conspiracy theories on irc about m247, also some other vpn providers, but specially about airvpn and their relation ship to m247 and a guy who is hunted by polish intelligence agency xD
We have several dedicated servers from M247 and all of them are performing very well compare with other suppliers. As per our conversation with M247, the physical locations are connected with other locations via dedicated transports where they are assuring connectivity and specific IPs, and we can not complain about any issue with those locations. I think this makes the difference between them and other suppliers and their time to react to different issues that could occur in the network.
hmm not really. We are located in Catania while it says we are in Milan. Two completely opposite areas of Italy.
That's weird. Our account manager is very helpful and did give us a full list of sites and Phoenix and some EU locations are marked as virtual location.
When was that? Our situation happened just as those "locations" opened. I assume people complained afterward, so maybe they gave in.
Please tell us. I love such stories!
Around Feb 2019.
The fact that I can ping their "Phoenix" servers from Los Angeles with a 0.4ms RTT means that the server isn't actually in Phoenix at all. If they did have some sort of dedicated backhaul to Phoenix, it should be reflected in the ping times. As far as I can tell, the Phoenix servers are physically in Los Angeles.
For Google, that's usually not geolocation, it's because Google tends to try to "remember" the last user for some reason and it goes off different data to try to identify the "real" location of someone. It's also kind of creepy.
So if someone from the UAE last used the IP address, Google makes an assumption they're there based on whatever that user did on the IP. It's their "solution."
in short:
some "pr0grammer's" thought, that a guy is working for mossad, gchq or something like that. they collected data about him and gave this data and other stuff to one polish intelligence agency.