Welcome to Pin the Tale on the Donkey !
This is an unabashedly liberal webpage, but I am introducing all of you to facts and correlations that I have found regarding the misinformation and bald-faced lies that have been circulating for far too long.
The first topic addresses the so-called "hacking" by Russia of the American Internet, for which I have found evidence by collecting the Raw Access files that my Internet Provider collects and has saved at my request for more than ten years. Those Russian miscreants were not active in these files until September of 2016, a couple of months before the 2016 election. The activity peaked in January of 2017 and continues to the present day. For example, here are the data for April, 2018 in a large, detailed webpage.
The analysis of Topic One is contained in the following pages:
Mode (this page); History; Patterns; Operation; Examples (AS9123); Examples (AS24940); Timing - Simultaneous Arrival of HEAD / HTTP requests; and the complete data set of HEAD / HTTP/1.1 requests from September 2016 through December 2017. The timing method is illuminated here. The potential for even greater harm is illustrated here. For those in a hurry, here are some graphs of what's going on.
The data for January through August 2018 (which is a slow-loading, large file) indicate that the efforts to compromise our Internet continue.
There is another branch to the hacking business: Exploitation of weaknesses in the software of the popular website-creation program WordPress, including weak passwords, in order to take over the Internet servers on which the affected domains reside. See my analysis of the associated Raw Access Files of MiDomane.com for May 2018.
Direct your constructive comments & questions to: Contact email address
Topic One; Mode of Russian Interference:

Meddling by certain individuals, particularly a couple of people in Russia and another person claiming an address in the Seychelles, has been ongoing since
September, 2016; the tables presented for just two days in December of 2017 below shows how these few folks have been hammering away at MiDomane.com
(anonymized with a generic domain name, of course), trying to uncover personal data and/or infiltrate Internet servers in the USA so as to capture these
servers to function as robots to disseminate false information and Me-Too opinions within  Social Media.

The request that they are making is termed "HEAD /HTTP/1.1" of which the following is an example, anonymized:

HEAD http://www.MiDomane.com/pub/WWW/index.htm HTTP/1.1
406 Not Acceptable
Connection: close
Date: Sun, 17 Dec 2017 17:35:31 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Client-Date: Sun, 17 Dec 2017 17:35:30 GMT
Client-Peer: [MiDomane's IPv4 address & port number]
Client-Response-Num: 1


These requests & their requestors are blocked from access to MiDomane.com, so they cannot get any data from MiDomane.com, but they continue anyway,
because the requests are issued through an as-yet-unidentified robot which is likely to be trying this tactic on virtually all the domain names that they can
find. The requesters show no other interest in MiDomane.com and never request any of the HTM or JPG content of those webpages.

Here's the puzzle: The tables below show just two days worth of HEAD / HTTP attacks on MiDomane. Originally spreadsheets sorted strictly according to
the time stamps of the individual access requests, I have added spaces between some rows to delineate the groups, within each of which I can attribute the
requests to a specific person who is controlling all of the grouped servers.

Here are the functions of the columns in the first table:

Column 1 - IPv4 address of the requestor
Column 2 - Canonical name of the requestor's server
Column 3 - IPv4 address range in CIDR format for the requestor's server
Column 4 - Autonymous System Number for the requestor's server
Column 5 - Date & time stamp of the request
Column 6 - Protocol of the request
Column 7 - Error code (i.e. Forbidden)
Column 8 - Bytes transmitted to the requestor - null
Column 9 - URL of the Intermediary Domain through which the request was made
Column 10 - Country code of the Intermediary Domain (RU = Russia; UA = Ukraine; DE = Germany)
Column 11 - IPv4 address of the Intermediary Domain
Column 12 - IPv4 address range in CIDR format of the Intermediary Domain's hosting server
Column 13 - Autonymous System Number of the Intermediary Domain's server
Column 14 - User Agent claimed for the request

Note that Column 14 lists various versions of Microsoft Internet Explorer and of the Windows operating system; that suggests that the individuals controlling
the access requests in the first column are attempting to exploit flaws in the MSIE/Windows environment.

What is noticeable in Column 5 is that the individuals initiating each group of access requests are executing those requests through a select group of
Intermediary Domains (listed in Column 9) within one or two seconds during each flurry of access requests. That suggests to me that there is a master IPv4
address from which each flurry of access requests is initiated.

Note also that the few persons (three or four, it seems) are sharing intermediary [compromised] domains, many (but not all) hosted in the .RU or .UA
country code, so the same AS numbered servers are showing up in different flurries of HEAD / HTTP requests controlled by the three or four different persons.

Finally, questions:

1. Is there any way of finding out from the CIDR's AS numbers whether there are connections between the different but overlapping groups of AS-numbered
    servers in Columns 9 through 13 ?

2. Can one trace the routes between the various servers in Column 9 or the routes between the various servers in Column 1 (all different within each group
    of access requests, by the way, in spite of the similarity betweeen the canonical names) to find if there is another server or IP address common to all the
    servers in each group ?

The table below was prepared from data collected in the Raw Access File of MiDomane.com on December 15, 2017 and is representative of what has been
going on within MiDomane.com ever since September of 2016 and which is continuing to the present day.


Revelation ! During an hour-long conversation with my beloved brother, he came up with the equivalent of the ultimate anti-Internet weapon: After
accumulating the URLs of just about every page of every domain on the US Internet, the attacker will make a near-simultaneous request for each and
every one of those HTML files and JPG images at the key moment when Internet connectivity is most important to the US economy and/or security ...


Beware: There is every reason to believe that the URLs listed in the URL columns are not safe to visit ... but they and
others like them are likely to be the origins from which this ultimate Internet attack will be coming.


Searcher IP Canonical Name Server CIDR Range AS Number Column5 Column6 Col7 Col8 Do not visit these URL's if you have a Windows Operating System !
CC Intermediary IP Intermediary CIDR Intermediary AS# Column14














195.133.201.163 ptr.ruvds.com 195.133.201.0/24 AS48347 [15/Dec/2017:00:23:30 HEAD / HTTP/1.1 403 - http://kabinet-online-sberbank.ru RU 193.124.93.100 193.124.93.0/24 AS197695 Mozilla/4.0 (compatible; MSIE3.00; Windows 2003)
195.133.145.199 ptr.ruvds.com 195.133.144.0/22 AS48347 [15/Dec/2017:00:23:30 HEAD / HTTP/1.1 403 - https://it36rus.ru/remont-noutbukov/samsung RU 185.5.249.36 185.5.248.0/22 AS48666 Mozilla/2.0 (compatible; MSIE3.00; Windows 2004)
194.87.94.251 ptr.ruvds.com 194.87.92.0/22 AS48347 [15/Dec/2017:00:23:30 HEAD / HTTP/1.1 403 - https://pamjatnik.com.ua/statji-o-pamjatnikah/66-instrukciya-po-ustanovke UA 185.68.16.245 185.68.16.0/22 AS200000 Mozilla/5.0 (compatible; MSIE5.00; Windows 2003)
195.133.147.6 ptr.ruvds.com 195.133.144.0/22 AS48347 [15/Dec/2017:00:23:31 HEAD / HTTP/1.1 403 - http://pitall.ru/ UA 31.131.18.85 31.131.18.0/24 AS56851 Mozilla/5.0 (compatible; MSIE4.00; Windows 2008)
194.87.236.223 unspecified.mtw.ru 194.87.236.0/22 AS48347 [15/Dec/2017:00:23:31 HEAD / HTTP/1.1 403 - https://voronezh.spec-nout.ru/remont_noutbukov/remont_noutbukov_semiluki RU 194.67.200.183 194.67.200.0/21 AS48666 Mozilla/7.0 (compatible; MSIE4.00; Windows 2002)














62.210.80.21 mx1.heimdall.net 62.210.0.0/16 AS12876 [15/Dec/2017:02:11:57 HEAD / HTTP/1.1 403 - http://www.MiDomane.com



Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28
62.210.80.21 mx1.heimdall.net 62.210.0.0/16 AS12876 [15/Dec/2017:02:12:01 HEAD / HTTP/1.1 403 - http://www.MiDomane.com



Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28
62.210.80.21 mx1.heimdall.net 62.210.0.0/16 AS12876 [15/Dec/2017:02:12:05 HEAD / HTTP/1.1 403 - http://www.MiDomane.com



Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28














52.0.75.78 ...amazonaws.com 52.0.0.0/11 AT-88-Z [15/Dec/2017:06:23:52 HEAD / HTTP/1.0 403 - -



User-Agent: Drupal (+http://drupal.org/)
52.0.75.78 ...amazonaws.com 52.0.0.0/11 AT-88-Z [15/Dec/2017:06:24:02 HEAD / HTTP/1.0 403 - -



User-Agent: Drupal (+http://drupal.org/)














194.87.94.251 ptr.ruvds.com 194.87.92.0/22 AS48347 [15/Dec/2017:18:53:40 HEAD / HTTP/1.1 403 - http://uytdom.com.ua/respekt/ UA 185.68.16.182 185.68.16.0/22 AS200000 Mozilla/5.0 (compatible; MSIE2.00; Windows 2008)
194.87.236.223 unspecified.mtw.ru 194.87.236.0/22 AS48347 [15/Dec/2017:18:53:40 HEAD / HTTP/1.1 403 - https://voronezh.spec-nout.ru/remont_noutbukov/ne_rabotaet_blyutuz RU 194.67.200.183 194.67.200.0/21 AS48666 Mozilla/7.0 (compatible; MSIE2.00; Windows 2006)
195.133.201.163 ptr.ruvds.com 195.133.201.0/24 AS48347 [15/Dec/2017:18:53:40 HEAD / HTTP/1.1 403 - http://kabinet-online-sberbank.ru RU 193.124.93.100 193.124.93.0/24 AS197695 Mozilla/5.0 (compatible; MSIE3.00; Windows 2008)
195.133.147.6 ptr.ruvds.com 195.133.144.0/22 AS48347 [15/Dec/2017:18:53:41 HEAD / HTTP/1.1 403 - http://xn----dtbbjn3acd8j.xn--p1ai/shop/shkafy-wity-boksy-korpusa/ RU 188.225.47.230 188.225.47.0/24 AS9123 Mozilla/5.0 (compatible; MSIE2.00; Windows 2004)














77.220.213.173 example.com 77.220.213.0/24 AS24875 [15/Dec/2017:21:18:52 HEAD / HTTP/1.1 403 - http://o-ws.ru RU 37.140.192.8 37.140.192.0/24 AS197695 Mozilla/2.0 (compatible; MSIE4.00; Windows 2002)
185.154.13.6 irobert.ballard.example.com 185.154.13.0/24 AS21100 [15/Dec/2017:21:18:53 HEAD / HTTP/1.1 403 - http://expert-find.ru/mastera-po-remontu-holodilnikov RU 194.67.194.12 194.67.194.0/23 AS48666 Mozilla/2.0 (compatible; MSIE3.00; Windows 2005)
178.159.43.212 piterskiyua.example.com. 178.159.43.0/24 AS50979 [15/Dec/2017:21:18:53 HEAD / HTTP/1.1 403 - http://tekhno-remont.ru/kosmeticheskii-remont-kvartir RU 87.236.19.96 87.236.19.0/24 AS198610 Mozilla/7.0 (compatible; MSIE5.00; Windows 2003)
185.209.20.147 example.com 185.209.20.0/24 AS24875 [15/Dec/2017:21:18:53 HEAD / HTTP/1.1 403 - http://gugus.ru/catalog/velosipedy/ RU 90.156.201.42 90.156.192.0/19 AS25532 Mozilla/4.0 (compatible; MSIE6.00; Windows 2003)
178.159.39.237 kosromole1.example.com 178.159.39.0/24 AS21100 [15/Dec/2017:21:18:53 HEAD / HTTP/1.1 403 - http://xn--80aabcsc3bqirlt.xn--p1ai/live-prognoz/ DE 85.25.95.149 85.25.0.0/16 AS8972 Mozilla/6.0 (compatible; MSIE4.00; Windows 2005)














193.124.131.168 ptr.5x00.com 193.124.128.0/22 AS48347 [15/Dec/2017:21:34:04 HEAD / HTTP/1.1 403 - http://boltushkiclub.ru/vybiraem-teni-dlya-vek-pod-tsvet-glaz/ RU 193.124.179.252 193.124.176.0/20 AS48666 Mozilla/4.0 (compatible; MSIE2.00; Windows 2002)
194.87.103.12 unspecified.mtw.ru 194.87.102.0/23 AS48347 [15/Dec/2017:21:34:04 HEAD / HTTP/1.1 403 - http://fotosuvenir-spb.ru/uslugi/kalendari-nastennye/ RU 5.101.152.142 5.101.152.0/24 AS198610 Mozilla/7.0 (compatible; MSIE5.00; Windows 2009)
195.133.145.199 ptr.ruvds.com 195.133.144.0/22 AS48347 [15/Dec/2017:21:34:04 HEAD / HTTP/1.1 403 - https://it36rus.ru/opinions RU 185.5.249.36 185.5.248.0/22 AS48666 Mozilla/3.0 (compatible; MSIE7.00; Windows 2008)














185.5.249.185 ih530199.vds.myihor.ru 185.5.248.0/22 AS48666 [15/Dec/2017:21:52:23 HEAD / HTTP/1.1 403 - http://otzovikotdbix.ru/plyazhnyiy-otdyih-na-more-v-avguste-2016/ DE 94.130.91.36 94.130.0.0/16 AS24940 Mozilla/4.0 (compatible; MSIE4.00; Windows 2006)
193.124.176.156 ih710808.vds.myihor.ru 193.124.176.0/20 AS48666 [15/Dec/2017:21:52:24 HEAD / HTTP/1.1 403 - http://wren-russia.ru/shop/hydraulic_cylinders/ RU 91.219.194.33 91.219.192.0/22 AS49693 Mozilla/2.0 (compatible; MSIE7.00; Windows 2003)
194.67.210.77 ih532246.vds.myihor.ru 194.67.208.0/20 AS48666 [15/Dec/2017:21:52:24 HEAD / HTTP/1.1 403 - http://remont-smartwatch.in.ua/products/akb-smart-baby-watch UA 185.68.16.103 185.68.16.0/22 AS200000 Mozilla/2.0 (compatible; MSIE4.00; Windows 2007)
193.124.190.64 ih507910.vds.myihor.ru 193.124.176.0/20 AS48666 [15/Dec/2017:21:52:24 HEAD / HTTP/1.1 403 - https://masterskiboard.ru/fotogalereya
RU 109.120.162.1 109.120.128.0/18 AS30968 Mozilla/4.0 (compatible; MSIE2.00; Windows 2007)














More data, This time from the Recent Visitors log for December 18th: The timing is improving at AS48347 !

IPv4 Address

Canonical Name

Server CDIR

AS Number

Date Stamp 3

Error

Intermediary URL - Don't visit from a Windows operating system !

CC

Interm.IPv4

Interm.CIDR

Interm.AS No.

User Agent

                       

178.159.39.237

kosromole1.example.com

178.159.39.0/24

AS21100

12/18/17, 5:01PM 

403

http://www.rabota-biznes.com/category/kreditu-zaumu-mikrozaimu

DE

78.46.76.45

78.46.0.0/15

AS24940

... To Be Added ...

185.154.13.6

irobert.ballard.example.com

185.154.13.0/24

AS21100

12/18/17, 5:01PM

403

http://www.beton-area.com/category/postroyki

DE

78.46.76.45

78.46.0.0/15

AS24940

... To Be Added ...

185.209.20.147

example.com

185.209.20.0/24

AS24875

12/18/17, 5:01PM

403

https://flyontime.ru/tours/kupit-tur-v-tunis/

RU

92.53.114.107

92.53.114.0/24

AS9123

... To Be Added ...


                     

194.87.94.251

ptr.ruvds.com

194.87.92.0/22

AS48347

12/18/17, 5:11PM

403

https://dinki.ru/brands/janome/

RU

37.140.192.234

37.140.192.0/24

AS197695

... To Be Added ...

193.124.131.168

ptr.5x00.com

193.124.128.0/22

AS48347

12/18/17, 5:11PM 

403

http://dvervmoskvu.ru/Belie/

RU

80.87.200.224

80.87.200.0/23

AS29182

... To Be Added ...

195.133.201.163

ptr.ruvds.com

195.133.201.0/24

AS48347

12/18/17, 5:11PM 

403

http://raithai-shop.ru/catalog/pantolety/

RU

89.108.122.49

89.108.122.0/24

AS43146

... To Be Added ...

194.87.103.12

unspecified.mtw.ru

194.87.102.0/23

AS48347

12/18/17, 5:11PM 

403

https://gk-kvazar.ru/category/met/sst/

RU

31.31.203.77

31.31.203.0/24

AS39792

... To Be Added ...

195.133.145.199

ptr.ruvds.com

195.133.144.0/22

AS48347

12/18/17, 5:11PM 

403

https://nashkomp.ru/category/telegram

RU

188.225.15.206

188.225.15.0/24

AS9123

... To Be Added ...

194.87.236.223

unspecified.mtw.ru

194.87.236.0/22

AS48347

12/18/17, 5:11PM 

403

https://vseprobrak.ru/esli-muzh-pet-kazhduyu-pyatnitsu-s-druzyami-sovetyi-psihologa

RU

176.57.209.92

176.57.209.0/24

AS9123

... To Be Added ...

195.133.147.6

ptr.ruvds.com.

195.133.144.0/22

AS48347

12/18/17, 5:11PM 

403

https://24sc-plus.ru/monoblok/47-udalenie-razlichnykh-virusov-s-kompyutera.html

RU

194.67.197.50

194.67.196.0/22

AS48666

... To Be Added ...













On the next page are the histories of this form of Russian interference carried on by the
three principal malefactors who account for most of this activity on MiDomane.com
.

Topic Two - Examples of the Practice of Projection:
Webster's definition: The attribution of one's own ideas, feelings, or attitudes to other people or to objects; especially: the externalization of blame, guilt, or responsibility as a defense against anxiety. In the political arena, it's the practice of attributing to one's opponent one's own asocial behavior.