On Friday, Senator Pauline Hanson said One Nation registered 46 websites as part of its campaign to oppose the Indigenous Voice to Parliament. We (@arielbogle@doctorworkman) found ~31 of them, many redacted and some owner details were suppressed at the weekend. OSINT THREAD~
About two-thirds of these sites are registered under the registrant name or registrant org as "Pauline Hanson's One Nation", "ONE NATION QUEENSLAND DIVISION INC." or under the typo "Pauline Hanson' s One Nation". Searching via conventional traditional will only a handful of sites
The first websites, confirmed by the Daily Telegraph, were voicetoparliament.com.au and ulurustatement.com.au. The owner details for these two are still visible, the other 29 were never made public or had disappeared in the past five days since they were registered.
Domain ownership is often the focus of a lot of my investigations, but it's become harder since the GDPR. Below is an example of information you can pull out from something as easy to use as viewdns.info. I've highlighted fields which are useful to me in this work:
Results from Domain Research Suite (DRS) as of 20 minutes ago using the highlighted fields, have produced limited results: tools.whoisxmlapi.com/reverse-whois-…
This morning we found 11 sites with this method. Now it's two. If a domain owner redacts its details, they're no longer searchable.
Not ideal, but manageable when someone is trying to domain squat. We started running every variation of known sites. For example, our initial search found notovoice.org under PHON. Searching notovoice.net and notovoice.net.au provided a crucial finding
Despite both of these having most of their registrant details redacted, we found commonality in their creation timestamps as well as the state/province it was registered in. Both on August 2 and both in QLD.
Once we figured out the pattern, we started tweaking the URL through .net, .com, and .org. Then we started added .au until we finally arrived at ~31 domains. None of these domains have active websites yet. All our findings available in XLS form at the end of this thread.
This is rather basic #digitalforensics work. But some caveats:
- Different services might only update their database every day or longer.
- This is all current details. Historical ownership details can be expensive to pull
- We have asked PHON directly for all their websites
Here is the final list where we've permanently archived our findings. If you spot anything interesting, please hit up @arielbogle@doctorworkman or myself. /THREAD
THREAD: Unpacking the apparent battle for a certain politician's Wikipedia history, because it's actually a really solid example about how a conspiracy theory (with or without merit) is born. Here's a quick #OSINT analysis using Maltego.
2) A significant flash point for the discussion is from reporter and media lecturer Eddy Jokovich. The claim is that the Canberra IP is "covering for their boss". My analysis didn't find this, but happy to be corrected (with evidence).
2a) I'm aware there are certain imputations/allegations tied to this conversation and page. This thread isn't going to be addressing that and is purely just a digital fact-checking exercise.
When experts talk about the mathematical modelling of social distancing for the coronavirus, this is a visualisation of what they mean.
[Re-uploaded with a higher quality video]
Note: This modelling appears to only be mapping spread, which is why the recovery rates looks skewed. It doesn't account for things like mortality rate.
When people think mathematical modelling, they often think it's someone writing formulas on a chalkboard. Experts have said social distancing is the most effective way to flatten the coronavirus curve — slowing infection spikes, reducing deaths and increasing recovery rates.