Profile picture
David Jonathon Blake @HisBlakeness
, 25 tweets, 14 min read Read on Twitter
1/ A thread on the curious tale of dcleaks.com. To which I have no firm answers, just some anomalies and leads I'd like to share.
2/ The spooks are sure about dcleaks in 2017:

dcleaks.com and Guccifer2.0 were named with "High Confidence" as key outlets for stolen DNC data in the 6th January 2017 Intelligence Community reports on Russian interference.

FBI's Priestep testified a direct link
3/ But by 2018 the DNC forgets all about them:

In the recent *DNC Vs Everybody* lawfare suit dcleaks.com is curiously absent. Why is that?

G2.0. is helped along by a conveniently timed article in the Daily Beast. Their parent company is directed by Ms C Clinton
4/ So. The intelligence community has "High Confidence" that dcleaks.com is the recipient of hacked emails from the DNC and others, yet the DNC omits them from their suit.

Why would they do that?

Why miss such an obvious target?
5/ Origins of dcleaks.com.

dcleaks.com (and electionleaks.com) can be traced back to October 2012, an election year. It never went live but at that time Romney was battling stories about his tax returns (familiar?).

F-GPS were working for the Dems
6/ The registration of dcleaks.com and electionleaks.com were registered to Ronald Vanyur of Huntington Beach, California.

To be clear; that's California, USA, not California, Russia.
7/ After having battled the issue for all of 2012, Romney, eventually, releases some details about his tax returns in September.
dcleaks never goes live in 2012. Perhaps Vanyur (& friends?) sense they've missed their opportunity and the registration appears to lapse.
8/ In November 2015 it's now legal to hide the registered name of a website, and dcleaks.com's registration moves to a privacy service "Registrations by Proxy LLC". The registrar is still Go Daddy as Vanyur has used previously.
9/ Then on 19th April 2016, dcleaks is re-registered to another privacy service; privacyprotect via publicdomainregistry.com.

The address is a PO box in a sleepy beachside town in Queensland, Australia, called Nobby Beach. It is an actual PO box.
10/ THC Servers in Romania provide the service, and are paid via bitcoins. The original Guccifer was Romanian, so I imagine we are meant to infur a link. (Fessing-up: I was guilty of doing that at first).

To the AP they say no law-enforcement service has bothered to contact them
11/ Incidentally, privacyprotect are pretty private. But not totally private. In another, unrelated, case they were sued by Tata Inc, as one of their sites infringed a trademark.

**They gave up the name of the registrant**.

But Mueller's team hasn't done the same. Why?
12/ In a strange "Russian Doll" type twist, even though Publicdomainregistry, and privacyprotect are owned by the Endurance Group - a large multinational they register the publicdomainregistry site with a small one-man-band service provider in Romania called ...

...

THC Servers
13/ The "A" records for dcleaks start on 17th December 2010 at
67.23.129.87 (the Endurance Group), then move to
66.96.160.141 (the Endurance Group),
then to Confluence Networks (owned by the Endurance Group),

then finally ... in 2016 ...
12/ A few days after THC Servers re-register dcleaks (via the Endurance Group's order-boxdns), on 29th April 2016 the IP address is moved to flokinet.is

They claim to be a home for whistleblower sites.

The identity of the site's owner is being laundered.
12/ Also registered by THC servers, to this service, and this PO box, are several related sites. Of particular interest is: actblues.com which was implicated in the DCCC "hack". Its SOA (Start of Authority) record shows a registrant name of fisterboks@gmail.com and VPN
13/ Possibly unrelated but several sites linked to the Microsoft Strontium trademark dispute are also registered to Nobby Beach

As are a dozen or so muslim botherhood sites, like ikhwanweb.com (the official English site of the Muslim Brotherhood)
14/ Also in the same "Strontium" suit are several sites registered to value-domain.com in japan.

It also happens that misdepatrment.com, that was also implicated, like actblues.com in the DCCC "hack is also registered by value-domain.com.
15/ misdepartment.com (note spelling) were the IT company in charge of the DCCC's IT. In related news their twitter account is dead, and their website is now eviscerated.

Like Stefan Halper, Joseph Misfud, George Nader, and Rob Goldstone, they have **just disappeared**.
16/ The SOA for dcleaks changes sometime in early 2017 to admin@piradius.net. The nameservers still point to THC Servers, but a mailserver has been added: server13.yettamail.com.

Sometime after that I catch the site with it's knickers down. See here: loadedforguccifer.wordpress.com/2018/02/10/dcl…
17/ Why the change?

There's no Russian settings listed in a NMAP scan I did at the time. The language settings on it: iso-8859-1 is for Latin (Inc English, not Cyrillic). There's also some internet relay chat ports to chat on, and yettamail mail servers are front and centre.
18/ Yettamail seems a random choice for a mailserver. The whois gives Vertron corporation as the owner.

Interesting. Vertron is owned by Darrell Hubbard, and is registered in California. That's California USA, not California Russia.

Ronald Vanyur - CA. Darrell Hubbard - CA
19/ Where is Darrell Hubbard now? Has anyone been asking?

Wasn't Daniel Jones of Penn Quarter Group said to get his funding from "wealthy Californians"? Vertron's clients include Sony Pictures (California), Time Warner Home Video (California) and Fannie Mae (Washington).
20/ Looking closer at the final dcleaks IP addresses we see that the "A" record - where the site is directed to - is 111.90.158.105. This is owned by Shinjiru in Malaysia. Who? Well to cut a long story short, their "A" record points to Belcloud Hosting corporation in Bulgaria.
21/ In probably unrelated news Jeff Sessions is visiting Bulgaria. Among the topics he will discuss is deportation from Bulgaria. Just saying.

Also just saying I've never before seen a whois record like for belcloud.com that has all the names "Redacted for Privacy".
22/ What does it all mean? I was hoping you weren't going to ask. I don't know.

Only that dcleaks.com has been left off the DNC lawsuit for a reason. They want us to forget all about it. Could it be that it loops back to some important people. Who could they be?

FIN
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to David Jonathon Blake
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @HisBlakeness see all

Profile picture
1/ Another Skripal thread.

From the ludicrous to the impossible.
2/ I've been busy so forgive me if these points have been made better elsewhere. This is crazy.

The Police have provided us with some CCTV images and claimed timings for the #doorknobdesperados, just as they previously did with Sergei Skripal's movements.

There's a problem.
3/ The problem is fairly fundamental:

It doesn't appear that Sergei, or Julia, even had an opportunity to touch their own doorknob!

From the original Police timeline here: news.met.police.uk/news/renewed-a… we see that Skripal was headed out of town in his BMW at 09:15

Here's the route
Read 33 tweets
Profile picture
THREAD on Mueller & Guccifer2.0

1/ Mueller has gone on a Phishing trip, and like most anglers likes to boast about the size of the big one. But there's no evidence of the catch, not even how he reeled them in. We are expected to take his word that "It was *this* big".
2/ I have a *long* standing project in the works looking at Guccifer2.0's documents which is proving to be more than interesting. It should settle it once and for all.

But in the meantime I'd like to look at a few aspects of the new indictment that do not compute.
3/ What Mueller appears to have done is to pick some names that he claims are hackers from "Unit 26165" and "Unit 74455" and claim they hacked the DNC & DCCC. We have no way of knowing if they did, he presents no evidence of *how* they claim to *know* it was these people.
Read 21 tweets
Profile picture
Another #Amesbury / #Skripal thread

1/ You must read the superb series of articles on Amesbury and Skripal written by Rob Slane at the Blogmire. He leaves no doubt that the government has got it wrong



I want to look at one possibility that's not covered
2/ In part 3 Rob draws on a Daily Mail report about the Skripal's visit to an Italian restaurant.

theblogmire.com/joining-some-d…

After a 20 min wait for his meal Skripal becomes agitated and wants to leave. Rob speculates that it's because he has to go and meet someone. But who?
3/ Now let's look back at The Sun's report about Amesbury. Particularly about where drug dealers leave stashes.

It's done in the local parks. Where did Skripal go, agitated, after his lunch? The park.

Soon after he's suffering all the signs of Fentanyl overdose.
Read 11 tweets

Related threads

Profile picture
#THREAD

Yesterday's indictment is a major signal that we're nearing the end of the #TrumpRussia prologue.

I interviewed @Mimirocah1 about the story which she said indicates that "prosecutors are putting the pieces together."

I agree.

Here's my $0.02.

washingtonpress.com/2019/01/08/a-m…
Why is Natalia Veselnitskaya's link to the Kremlin so important?

1 - SDNY provides Mueller with apolitical evidence sent from the target that predates all investigations.
2 - Proves Don Jr. met a Kremlin Agent
3 - Burns the Russian prosecution against @Billbrowder

2/
Natalia Veselnitskaya had been working on the Prevezon case for years, but in 2014 she involved herself drafting of the official response to the DoJ's invocation of a treaty for legal assistance.

She sent the evidence that she worked with the Kremlin to SDNY prosecutors.

3/
Read 15 tweets
Profile picture
1. #Thread

🔥This week's episode of @BullCBS was a gaslighter to the max (pun intended)

- Marissa's husband cheated on her yrs ago
- Yrs later, when they remarried, he made certain promises to earn her trust again.

#RT - #Gaslighting - @Go_Carr_Go
2. @BullCBS - Gaslighter #Thread -

- He did not keep the promises he made
- He also lied about money & debt

But, when events of the story unfolded, she threw every moment of her time & reputation behind him & TAC threw their weight behind him too.

#Gaslighting - @Go_Carr_Go
3. @BullCBS - Gaslighter #thread

She shared important information with her boss, which could affect the case. -- She had the obligation to inform her friends and her job what might be happening so they knew what might be found by the prosecution. She was honest!

@Go_Carr_Go
Read 15 tweets
Profile picture
#THREAD
Gemalto has apologised for publishing erroneous report on Aadhaar data breach. But why would a world class firm mislead the people of India? What has Gemalto to gain from it? Does Gemalto has stakes in #Aadhaar? Lets see which journalist has the courage to report this.
To understand whats really going on you must first know the background of Gemalto and where it comes from, that would bring things into clear perspective. Then we would address the Aadhaar issue and how the People of India is being mislead by UIDAI.

Neville Pattinson Vice President, Government affairs at Gemalto is board member of Smart Card Alliance a RFID industry group, also serving US Department of Homeland Security's Data Privacy & Integrity Advisory Committee - inchanrge of various Govts biometric programs like Aadhaar
Read 20 tweets
Profile picture
"WHY VIVEK TIWARI KILLING IS COLD-BLOODED MURDER!"

#Thread by #AmareshMishra !!

#VivekTiwari !! #VivekTiwariKilling !!

1/1
"WHY VIVEK TIWARI KILLING IS COLD-BLOODED MURDER!"

#Thread by #AmareshMishra !!

#VivekTiwari !! #VivekTiwariKilling !!

2/n
"WHY VIVEK TIWARI KILLING IS COLD-BLOODED MURDER!"

#Thread by #AmareshMishra !!

#VivekTiwari !! #VivekTiwariKilling !!

3/n
Read 14 tweets
Profile picture
#Thread on new features and updates announced in release notes of #MSDyn365 Oct'18: docs.microsoft.com/en-au/business…. This is an excellent longread. Thread is just #TLDR for #CE specific/related features

#PowerApps #CDS #Flow #USD #Sales #FieldService #USD #Portals #AzureML
Starting with #MSDyn365 #Sales updates:
1. Playbooks: Think of it as Barney Stinson's playbook. Basically set of "automated repeatable sales activities" that help in winning opportunities. Looks like it'll be a set of activities which could be assigned to users
2. #MSDyn365 #Sales will feature deeper integration with LinkedIn, including capability to send InMail and adding LinkedIn related step in Business Process Flows

3. Out of the box @MicrosoftTeams integration
Read 31 tweets
Profile picture
#Guccifer 2.0’s American Fingerprints Reveal An Operation Made In The USA

disobedientmedia.com/2018/05/guccif…
#Forensicator has found some incredible evidence in his final segment of findings

theforensicator.wordpress.com/guccifer-2s-we…
The Forensicator’s earlier findings stated that Guccifer 2.0’s NGP-VAN files were accessed locally on the East Coast, and in another analysis they suggested that a file published by Guccifer 2.0 was created in the Central time zone of the United States.

theforensicator.wordpress.com/cf-files-metad…
Read 23 tweets

Trending hashtags

#russia #whiteness #CommonDataModel #FieldService #CDS #someonecomeandgetstan #PowerApps #RSO #FBI #Brands #hackers #Prakrta #Russia #Sabarimala #brandfinancing #Bannon #SmartCities #Portals #life #SocialMessaging #AmarukaShataka #blogging #Georgia #London #UKIP

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!