Wikipedia:Requests for checkuser/Case/Snowolfd4

[edit] Snowolfd4

• Snowolfd4 (talk • contribs • block user • block log • checkuser)
• 208.101.4.34 (talk • contribs • block user • block log • checkuser)
• 203.171.70.136 (talk • contribs • block user • block log • checkuser)
• Dutugemunu (talk • contribs • block user • block log • checkuser)

Can someone please do a checkuser on USer:Snowolfd4 and figure out if he is using the IPs as mentioned below. I presume there is a bigger problem, the user is using multiple open proxies to login and vandalize my page and also issue death threats. I see two IPs rightaway: 208.101.4.34 and also 203.171.70.136. I would like to know about the user who has left a msg in my page and his relationship with the user profile: Snowolfd4. Kindly help and prevent such profiles from issuing such warnings in Wikipedia. Thanks for your help.

This is relevant to the following open requests:

1). WP:Pain open request on the user:Snowolfd4

2). WP:AN/I open request

Kindly help. Thanks

Sudharsansn (talk • contribs) 18:04, 15 November 2006 (UTC)

• Note, death threats have been issued from the above IP addresses and involve a dispute both Sudharsansn and Snowolfd4 are involved in. At one point, IP used signature of User:Snowolfd4; we'd like to verify whether or not this account is making the threats anonymously. Shell ^babelfish 18:13, 15 November 2006 (UTC)
• A point has also been made that the user attacked was also involved in a dispute with the Snowolfd4 and this may be a joe job. Please check both editors. Naconkantari 18:38, 15 November 2006 (UTC)

Can you also please check User:Dutugemunu. This person's edit and snowolfd4 seem very simillar. I am not sure if this could be a sockpuppet account Elalan 18:41, 15 November 2006 (UTC)

• It is not clear whether Lahiru_k is innocent in all of this. These series of vandalisms occurred, after I had given a civility warning to Lahiru for having offensive user boxes [1]. In particular he had a userbox that said "This user opposes LTTE supporters on Wikipedia" and directed personal attack against me saying that I didn't have common sense on another wikipedia article [2]. Once I raised this offensive userbox and the incident, Lahiru's response was the following [3]. He had claimed to be busy after this point and refused to do anything about the complaint till Dec. 4th. Elalan 22:39, 15 November 2006 (UTC)

Noting that the image in the userbox is a copyright violation [4], I had applied for speedy removal of the template and the template was removed. User Lahiru silently removed references to this offensive userbox today I believe, after the template had been removed by the authorities [5]. At the same time Sudharsansn and Sechzehn also intervened to get this offensive userbox removed and this is when the threatening posts directed at Sudharsansn and the Neutral Coverage of the Sri Lankan Crisis wikiproject members started appearing. In particular, Sudharsan had notified me of the threatening userbox template on Lahiru's page. These appear to be the version vandalized by the IP [6],[7] . However in both cases Lahiru did do the right thing and revert to original version of template (that was not threatening). Elalan 22:39, 15 November 2006 (UTC)

None of the possible accounts are on the same ISP. Unfortunately, I can't find any established user to connect it to, though it would seem like there must be one for such directed vandalism. Dmcdevit·t 00:14, 16 November 2006 (UTC)

I am completely ready to be checked. Please go ahead. I access my system only from two IPs. One of them being this one, pretty rarely and the other one which I am willing to furnish. Please ensure that such death-threat-issuing behaviour does not continue here. I am more than willing to be checked and verified by any admin. Thanks Sudharsansn (talk • contribs) 11:21, 16 November 2006 (UTC)

Clerk note: in response to this, Dmcdevit stated above the ISP's were different, therefore the technical evidence suggests that they are Unrelated. Daniel.Bryant ^{[ T · C ]} 12:44, 17 November 2006 (UTC)

I am suspicious that the IPs are open proxies because they have invalid DNS entries, and one is hosted at an ISP that hosts other likely open proxies. I have listed them at WP:OPP but no answer yet. Unfortunately if the user is using proxies it will be impossible to confirm technically one way or the other. You can try WP:SSP; accounts with identical posting patterns can be treated as obvious socks without technical evidence, especially if the proxy checks come back positive. Thatcher131 12:55, 17 November 2006 (UTC)

Hi, I just checked from Centralops and IMHO it appears to be a clear open-proxy site as the DNS records suggest that the IP is from an arbit site names pakistanihost.com which appears more like a site to have multiple ids than hosting actually. I really would want an admin to look into the DNS records to be sure if this is not an open proxy edit. I really am not sure as to what I should be doing now actually, but eitherway thanks for your help and do help me out in this situation to make sure that such behavior does not continue. Thanks Sudharsansn (talk • contribs) 17:11, 17 November 2006 (UTC)

Considering that there is an Open request for this in WP:OPP should this stay in Completed requests or Open requests here? Kindly help and if required please do move it to Open requests. Thanks Sudharsansn (talk • contribs) 10:16, 18 November 2006 (UTC)

Checkuser's done everything it can. Stays in #Completed. Daniel.Bryant ^{[ T · C ]} 14:26, 18 November 2006 (UTC)

I understand the status as far as Checkuser is concerned. I kindly request the admins involved in this page to look into the open request in WP:OPP and update the situation so that the open requests w.r.to this issue can be completed at the earliest. Thanks Sudharsansn (talk • contribs) 15:31, 18 November 2006 (UTC)