It's an interesting question. You could switch addresses on Eligius by using a new one as your user name. However, you'd have to catch it every time you crossed the minimum payout threshold if you wanted to ensure you don't reuse an address. Not a big deal, just annoying.
I will typically create new addresses when requesting a payment or mining on a new pool; however, I don't typically change those addresses afterwards. For example, I generated an address I use here on BTC Talk for things like signature campaign payouts, tips, etc. I haven't changed it, yet I've received a number of coins at that address. Could people tie it together with some of my other addresses? Sure, if they wanted to go through the blockchain and do the research.
|
|
|
If he's reading it, he's using a different account. Nexious still hasn't logged in since his appearance yesterday about 15 minutes before I found the block. There also hasn't been any response on IRC and emails to support@nexious.com continue to bounce. Since the coins haven't moved, I'm not whipping out the scammer card just yet.
|
|
|
I pinged the IP, 104.27.190.53 pinging nexious.com gave me that IP I did not ping the stratum one so that is the base domain name not a subdomain - checked at whatismyipaddress.com and the whois showed was the IP range and provider. If you search the whois database with the IP it will give you all the details on whos it is. If he does a runner you can get the details of him from the WHOIS guard provider by contacting its abuse, that would give you the address and phone number. The forum would also have his real IP if he didn't proxy. His address details provided he was careless would be in the whoisguard and i have found it trivial in the past to have the whois protection services release details. Coins still not moved? If he has indeed run off with $10,000 + then if anyone who mined there is out enough money, I didn't feel guilty about leaving the paper trail of maybe tracking him down to report him or do whatever. This is IF he is guilty, anything can happen so I don't want to point fingers just yet until those coins move without anyone being paid or consulted.
Search any IP in WHOIS and you can get the provider etc. If you have the time the IP was assigned to that person its enough to report them to ISP, or in the case of thefts, the police or if you wish to take it further and you are able to get an address from whoisguard and validate it as the persons, they can be open to a suit if you have enough evidence, etc. If he has done a runner it sounds like he tried to get everyone to find a block for him then run with the cash, hed be quids in then. But innocent until proven guilty, as he could be ill, or whatever, but I don't get a good vibe from it.
Jacob
I had looked up the IP addresses... the one I get from pinging nexious.com is cloud flare in San Fran. The cloudapp.net IP address I get shows MS in San Fran as well. That's why I asked you how you got the details you did . And the coins still haven't moved...
|
|
|
From WHOIS on the domain name: Domain Name: NEXIOUS.COM Registry Domain ID: 1948593920_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.enom.com Registrar URL: www.enom.comUpdated Date: 2015-07-23T01:02:21.00Z Creation Date: 2015-07-23T02:55:00.00Z Registrar Registration Expiration Date: 2016-07-23T02:55:00.00Z Registrar: ENOM, INC. Registrar IANA ID: 48 Reseller: NAMECHEAP.COM Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibitedRegistry Registrant ID: Registrant Name: WHOISGUARD PROTECTED Registrant Organization: WHOISGUARD, INC. Registrant Street: P.O. BOX 0823-03411 Registrant City: PANAMA Registrant State/Province: PANAMA Registrant Postal Code: 00000 Registrant Country: PA Registrant Phone: +507.8365503 Registrant Phone Ext: Registrant Fax: +51.17057182 Registrant Fax Ext: Registrant Email: 5A5F7E81DB214E6498C2502C8327DFEB.PROTECT@WHOISGUARD.COMRegistry Admin ID: Admin Name: WHOISGUARD PROTECTED Admin Organization: WHOISGUARD, INC. Admin Street: P.O. BOX 0823-03411 Admin City: PANAMA Admin State/Province: PANAMA Admin Postal Code: 00000 Admin Country: PA Admin Phone: +507.8365503 Admin Phone Ext: Admin Fax: +51.17057182 Admin Fax Ext: Admin Email: 5A5F7E81DB214E6498C2502C8327DFEB.PROTECT@WHOISGUARD.COMRegistry Tech ID: Tech Name: WHOISGUARD PROTECTED Tech Organization: WHOISGUARD, INC. Tech Street: P.O. BOX 0823-03411 Tech City: PANAMA Tech State/Province: PANAMA Tech Postal Code: 00000 Tech Country: PA Tech Phone: +507.8365503 Tech Phone Ext: Tech Fax: +51.17057182 Tech Fax Ext: Tech Email: 5A5F7E81DB214E6498C2502C8327DFEB.PROTECT@WHOISGUARD.COMName Server: DAVE.NS.CLOUDFLARE.COM Name Server: LADY.NS.CLOUDFLARE.COM DNSSEC: unSigned Registrar Abuse Contact Email: abuse@enom.comRegistrar Abuse Contact Phone: +1.4252982646 URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/Last update of WHOIS database: 2015-07-23T01:02:21.00Z If anyone would like his details, you can contact the abuse part and they will disclose the data (those WHOIS information hiders are not effective) But it was pointed at cloudfare also. http://www.whoisguard.com/contact-us.asp if shit hits the fan and he does a runner if someone wished to persue further, if he has done a runner. If the coins move and no contact from him and someone wishes to persue him for their losses, this is how to get his actual details. Seems though that it was pointed at cloudfare nameservers. Pinging the domain name points to these IP details: General IP Information IP: 107.27.190.53 Decimal: 1796980277 Hostname: 107.27.190.53 ASN: 3651 ISP: Sprint PCS Organization: Sprint PCS Services: None detected Type: Wireless Broadband Assignment: Static IP Blacklist: Geolocation Information Continent: North America Country: United States us flag State/Region: Illinois City: Chicago Latitude: 41.8826 (41° 52′ 57.36″ N) Longitude: -87.6292 (87° 37′ 45.12″ W) Postal Code: 60602 Obviously it wont have the location fully, but time to work out what ISP it is. Searching whois, its a home IP. Sprint wireless: 107.27.190.53 NetRange: 107.24.0.0 - 107.63.255.255 CIDR: 107.32.0.0/11, 107.24.0.0/13 NetName: SPRINT-WIRELESS NetHandle: NET-107-24-0-0-1 Parent: NET107 (NET-107-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Sprint Communications, Inc. (SPRIN-86) RegDate: 2010-11-10 Updated: 2012-03-02 Comment: PLEASE REPORT ABUSE ISSUES TO mobileabuse@sprint.com. Comment: Members of Law Enforcement should contact Sprint Corporate Security Subpoena Comment: Compliance and Law Enforcement Assistance at 1-800-877-7330 and press option 1 Comment: for assistance. Ref: http://whois.arin.net/rest/net/NET-107-24-0-0-1This is his static IP as of 16:05 GMT 18/11/2015 107.27.190.53 if you wish to report to ISP also if he does a runner. But it has been hosted on a home connection, sprint wireless. this is what came up when I pinged nexious.com Jacob Pinging which domain name? when I ping nexious.com, I get a completely different IP address: jonnybravo@ubuntu:~/Mining$ ping nexious.com PING nexious.com (104.27.190.53) 56(84) bytes of data. 64 bytes from 104.27.190.53: icmp_seq=1 ttl=56 time=14.7 ms 64 bytes from 104.27.190.53: icmp_seq=2 ttl=56 time=14.8 ms 64 bytes from 104.27.190.53: icmp_seq=3 ttl=56 time=14.5 ms 64 bytes from 104.27.190.53: icmp_seq=4 ttl=56 time=15.3 ms ^C --- nexious.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 14.540/14.880/15.387/0.345 ms
If you look at the underlying details (try pinging stratum.nexious.com), you'll get the following: jonnybravo@ubuntu:~/Mining$ ping stratum.nexious.com PING nexious.cloudapp.net (40.112.147.124) 56(84) bytes of data. ^C --- nexious.cloudapp.net ping statistics --- 6 packets transmitted, 0 received, 100% packet loss, time 4999ms
That bit... nexious.cloudapp.net ... is what shows he's running on MS Azure. Pinging nexious.cloudapp.net shows you the same results as pinging stratum.nexious.com. I'd like to know how you got the IP address you did, and how you further dove into the details about finding it to be a Sprint PCS-owned ISP. Share, please EDIT: coins still haven't moved.
|
|
|
It appeared he was using Microsoft's cloud for his server and mailgun.org for his email. Either of those places should have more info on him, including his payment info, that may help track him down. Just in case anyone is interested.
The longer this goes the more likely it was a scam. Its also possible he got hacked and doesn't own the private key with that coin on it, among other possibilities. The timing of the disappearance and the simultaneous disconnection of other services suggests scam. Considering how much effort he put into the scam it is likely he's obfuscated his information on those sites as well.
I'd just like to point out that the entire premise of this pool was faulty. There are fair and trusted pools that already "help decentralize the network" including kano.is. The problem isn't that there aren't pools, the problem is that there are nearsighted people who have no patience and would rather mine at a larger pool in order to decrease their variance. I'd love to see people flock to a pool like Kano.is so it was hitting blocks more regularly. That's really all that is necessary for many people to bring their hash back from the large PPS pools. A pool like Nexious was harming rather than helping in this regard.
Yeah, I had already looked into the details. He was running on Azure. Nexious.com in reality pointed to nexious.cloudapp.net, which is MS Azure. I tend to agree that the simultaneous disconnection of all services (pool, site, email) does not look good in any way at all. At first I was wondering if he had an issue on his server... maybe something screwed up when the block was found. However, since we had started on the next block without any problem, that theory doesn't hold much weight. I don't agree with your assertion that a new pool is a problem. Let's face it, last year kano.is was a new pool. Yes, it's very well run and maintained by one of the two guys responsible for writing the code in virtually every BTC miner available. I have nothing but respect for the work kano and -ck have done and continue to do. However, people flocking to kano.is does exactly what you're stating is the problem: centralizing the hash on a single pool. Currently it's AntPool and f2pool. Take their hash and point it at kano and you've still only got a single pool. Of course, I trust kano's pool far more than either AntPool or f2pool, but that doesn't alter the fact that just pointing a ton of hash at a single pool is dangerous. Remember when ghash.io had more than 50% of the global hash rate?
|
|
|
Let's put it this way... with PPS (f2pool) you absolutely can NEVER make above expectations because of the way the payout scheme works. With PPLNS (kano.is, p2pool, etc) you have the POSSIBILITY of making more than expectations. You also have the POSSIBILITY of making less.
PPS puts all risk on the pool operator, because miners will get paid for submitted shares regardless of whether or not the pool finds a block. That's why any PPS pool charges fees - to help mitigate some of that risk.
PPLNS transfers risk to miners. You are only paid for N shares, regardless of how long it took the pool to find a block.
|
|
|
Higher rates? No. They are a PPS pool that charges 4% fee. Yes, they give you some alt coins to try and mitigate that fee, but at the end of it, you're never going to make expected values. On the other hand, if you look at kano.is, since inception he's running at over 100% luck. It's PPLNS, so there will be times when you make less than expected; however, if you look at the long term, you've made more than expected.
P2Pool has also not been mentioned. I've been running a thread for the past year showing its performance with an S3. I've got a couple weeks of data to catch up on, but as of my last update, p2pool has made over 98% of expectations since 12/26 of last year.
|
|
|
Thanks philipma1957 for the info. I'm also on f2pool and nicehash. Just created an account to try kano. Have to be very careful in our choices (lost over 1BTC on nexious) Sorry for your loss. The only entry in Phil's list I don't agree with is f2pool. Yes, they pay. That much is undeniable. However, they use crap software and SPV mining, which has led to a fork in the chain previously. Still no movement of the coins...
|
|
|
No, there is no way to block anything. Assuming that Nexious owns the private key for the pool's mining address, he can do whatever he wants with those coins. Nothing we can do to prevent it.
So far the coins haven't moved.
|
|
|
Well... 5 more confirmations and still not a peep out of Nexious. The site and pool are still dark. Emails are still bounced. It's not looking good.
|
|
|
Well, from my own perspective, I spent nearly nothing. 100TH/s rental from NH at .0075BTC/TH. I had it up and running for about an hour and a half before the block was found, so it only cost me about 0.045BTC. I feel for the other miners who have spent considerably more time and coin trying to make this pool work. I hope we're all wrong. 65 more confirmations to go.
|
|
|
That's exactly what I'm waiting for prior to screaming scam. As soon as those coins move we will know his intentions.
|
|
|
If you've got any spots left for a hero member...
Username: jonnybravo0311 Post count: 2671 Rank: Hero Member Bitcoin Address: 1DevLdogN52pHdjZnsgi4HzreFDB4ZHVre
|
|
|
I actually never had any problems with the setup... according to the site (when it was up) I was user number 11 to register. I put in my payment address and changed my profile without issue. I had previously only pointed a small bit of hash here to play around a few times and that was recorded just fine. I figured I'd gamble with 100TH/s on the hope that I found the block and got the reward. Well, I found the block very early in my rental - had only used 1.5 hours of it. Once I found the block, I canceled the order and pointed the remaining back to my own pool, where it is still happily hashing away.
EDIT: looking at Nexious' profile, his last activity on the forum was about 15 minutes prior to me finding the block... like I wrote earlier, I'm giving him the benefit of the doubt for now. Innocent until proven guilty. He could be at work. No clue. Now, if things remain dark and he doesn't show back up around here... and the coins in the pool's address get spent and nobody gets a payment... yeah, then it's time for the pitchforks and burning oil.
|
|
|
Thanks, Phil. I'll let everyone know if this works out or not. Since everything is still dark, I'm not sure it will. Nexious has sure put a lot of effort in to this thing if it does indeed turn out to be bad and he runs. I'm certainly giving him the benefit of the doubt for now. Innocent until proven guilty, and all that.
If it doesn't work out, maybe I'll open up my own pool (I already run my own p2pool node and have a private unomp BTC pool that a couple of friends point hash to).
|
|
|
I'm surprised the torches aren't already lit and the mob already running through the town screaming "Burn the witch!!!"
|
|
|
Actually most pools work like this one. The exceptions are p2pool and Eligius where the coinbase transaction is broken down into the addresses receiving the block reward.
The typical operation is for the BTC reward to go to a single address, which in this pool's case is 1GBo1f2tzVx5jScV9kJXPUP9RjvYXuNzV7. How the coins are distributed depends on the payout scheme. Here it's PPLNS, which is actually unfortunate because I found the block so quickly after starting, I didn't have many shares to pay. Those miners who have been here longer and have more shares than I did when the block was found would actually make more BTC than I will. The nice thing is that those shares are valid for however long the N value is in the pool.
When I found the block, the last time I had looked at the pool stats it showed about a 53% round - which is very nice. It means that it took about half as many shares as expected to find the block. That's the benefit of PPLNS pools - the more luck the pool has, the longer your shares continue to get paid. More blocks, means more BTC for you.
|
|
|
|