Autarchy of the Private Cave

One of the primary independent news websites in Ukraine is Українська Правда (The Ukrainian Truth).

There exists, however, an imposter website, which blatantly edits news reports to discredit Ukrainian people disagreement with the recent actions of the president and the government.
I call this website “imposter”, because they have the same name (but in Russian) as the above-mentioned original website, a similar domain name, and they also use exactly the same short-name (“УП”). Not a single serious news website would do so.
They, however, only post news in Russian, while the original website is published in both Ukrainian and Russian (with blogs available in the language of the blog’s author). It is clear that the idea behind the fake news website ukrpravda.ua is to influence and manipulate the opinions of the Russian-speaking people unaware of the true nature of that imposter website.

It should be of no surprise that domain name of the imposter is currently hosted by a Russian web-development company “rossiysky.net”:

$ whois ukrpravda.ua
% This is the Ukrainian Whois query server #I.
% The Whois is subject to Terms of use
% See https://hostmaster.ua/services/
%

% % .UA whois
% Domain Record:
% =============
domain: ukrpravda.ua
admin-c: IIK32-UANIC
tech-c: UARR133-UANIC
status: OK-UNTIL 20141008151510
dom-public: NO
license: 110961
nserver: ns1.rossiysky.net
nserver: ns2.rossiysky.net
mnt-by: UARR133-UANIC (ua.parkovka)
created: 0-UANIC 20121008151510
changed: UARR133-UANIC 20131107145540
source: UANIC

% Administrative Contact:
% ======================
nic-handle: IIK32-UANIC
remark: Whois privacy protection service
remark: http://hostmaster.ua/priv.html
e-mail: iik32-uanic@priv.uanic.ua
mnt-by: NONE
source: UANIC

% Technical Contact:
% =================
nic-handle: UARR133-UANIC
organization: CL “BTM GLOBAL GROUP”
organization: ТОВ “БТМ ГЛОБАЛ ГРУП”
organization: ООО “БТМ ГЛОБАЛ ГРУП”
address: Not Available
e-mail: info@parkovka.biz.ua
org-id: N/A
mnt-by: NONE
changed: UARR133-UANIC 20100705153326
source: UANIC

Administrative contact of the domain is hidden using “privacy protection service”.
Technical contact takes us to the “BTM Global Group” domain record (parkovka.biz.ua does not have a website attached to it, but has records pointing at the functional parkovka.ua, which lists exactly the same owner organization):

$ whois parkovka.ua
% This is the Ukrainian Whois query server #I.
% The Whois is subject to Terms of use
% See https://hostmaster.ua/services/
%

% % .UA whois
% Domain Record:
% =============
domain: parkovka.ua
admin-c: TBGG-UANIC
tech-c: UARR133-UANIC
status: OK-UNTIL 20140727121154
dom-public: NO
license: 141995
nserver: ns1.vhost1-ua.parkovka.ua
nserver: ns2.vhost1-ua.parkovka.ua
mnt-by: UARR133-UANIC (ua.parkovka)
created: 0-UANIC 20110727121154
changed: UARR133-UANIC 20130627103250
source: UANIC

% Glue Record:
% ===========
nserver: ns1.vhost1-ua.parkovka.ua
ip-addr: 176.111.63.115

% Glue Record:
% ===========
nserver: ns2.vhost1-ua.parkovka.ua
ip-addr: 176.111.63.115

% Administrative Contact:
% ======================
nic-handle: TBGG-UANIC
organization: ТОВ “БТМ ГЛОБАЛ ГРУП”
address: каб. 216, вул. Орджонікідзе, ,, 67/1
address: 50005 КРИВОЙ РОГ
address: UA
phone: +3 (044) -454-08-82
e-mail: yastreb@profitmark.com.ua
org-id: 37064520
mnt-by: NONE
changed: TBGG-UANIC 20110726164045
source: UANIC

% Technical Contact:
% =================
nic-handle: UARR133-UANIC
organization: CL “BTM GLOBAL GROUP”
organization: ТОВ “БТМ ГЛОБАЛ ГРУП”
organization: ООО “БТМ ГЛОБАЛ ГРУП”
address: Not Available
e-mail: info@parkovka.biz.ua
org-id: N/A
mnt-by: NONE
changed: UARR133-UANIC 20100705153326
source: UANIC

I have no idea how deeply affiliated this “technical” contact is with the fake website.

Finally, the fake news website is currently hosted through – again – a Russian virtual hosting provider “maxiplace”.
“maxiplace” hosts at least this specific server at the German dedicated servers provider Hetzner; I’ve removed Hetzner records from whois output, as they are not relevant to the case:

$ nslookup ukrpravda.ua
Name: ukrpravda.ua
Address: 78.46.152.149

$ whois 78.46.152.149
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the “-B” flag.

% Information related to ’78.46.152.144 – 78.46.152.159′

inetnum: 78.46.152.144 – 78.46.152.159
netname: XENHOMERU
descr: xenhome.ru
country: DE
admin-c: AR8160-RIPE
tech-c: AR8160-RIPE
status: ASSIGNED PA
mnt-by: HOS-GUN
source: RIPE # Filtered

person: Alexey Roshchin
address: maxiplace.ru
address: Komsomolskaya 6
address: 114256 Moscow
address: RUSSIAN FEDERATION
phone: +79169223288
nic-hdl: AR8160-RIPE
mnt-by: HOS-GUN
source: RIPE # Filtered

Do not trust “random” websites you find on the internet – they may want to misinform you on purpose.