Jeeves
Geeks look at the Trump organization IP network and find
Wed Nov 1, 2017 9:30am
2601:405:4480:3263:80da:8cc6:34ea:3dfa

Russia??? WTF???

This could explain in part why the CIA/NSA were certain that there were Trump-Russia connections even before the campaign.

Excerpts from: https://www.unhackthevote.com/our-research/trumps-connections-to-russia-they-are-just-a-ping-away/
The Trump Organization, like most large entities, has numerous domains registered for various purposes. It is not at all unusual for large organizations to use subdomains to make server management easier. For instance, the Apple, Inc support site is support.apple.com. This allows the Apple support website to be administered completely independently of its main website and even to be hosted on a different server. Domains and subdomains, using a protocol known as DNS, are translated into IP addresses, which allow your traffic to arrive at the correct destination.

In the case of the Trump Organization, expected subdomains might include reservations.trumphotels.com or jobs.donaldtrumpexecutiveoffice.com.

But when we took a closer look at Trump Organization subdomains, we found something unusual and alarming.

More than 250 subdomains of domains registered to the Trump Organization redirect traffic to computers in St. Petersburg, Russia.

It seems highly unusual that an organization, and now Presidential administration, while under investigation for colluding with a foreign adversary in a concerted effort to undermine American democracy, would allow even a semblance of impropriety like this to happen. Yet that appears to be exactly what the Trump organization has decided to do.

All known Trump domains are registered through GoDaddy, and many of the primary domains are hosted on GoDaddy shared servers. Nonetheless, there are multiple subdomains whose traffic is routed to servers in St. Petersburg, Russia. Traffic to these subdomains goes through a backbone in Italy, proceeds to Moscow, goes to a server located hundreds of miles away to the east, then finally arrives at a server in St. Petersburg.

With few exceptions, these subdomains were set up in August 2013. Alienvault’s OTX service contains records of some of these subdomains being in use as recently as March, 2017. Many, but not all, are still active and the DNS records are still set to allow these subdomains to route to the Russian servers.

[Jeeves: 2013... Isn't THAT interesting. Trump was in Russia in 2013 holding the Miss Universe pageant.
http://www.npr.org/2017/07/17/537277074/at-the-2013-miss-universe-contest-trump-met-some-of-russias-rich-and-powerful ]


Our team has conducted both ping tests and traceroutes that show that these servers are still up and operational, and that these subdomains are still directed to these Russian servers. Each subdomain is named with a seemingly random string of letters, presumably to prevent a ordinary users from stumbling on them by mistake.

If it weren’t for the fact that these have been in use for over four years at this point, and still reachable today, this would look like someone had hacked these domains and left the files as a form of defacement, or possibly used them for a spam or malware campaign. But certainly with an organization of this size, and with the added security concerns and scrutiny that a presidential campaign and victory would entail, it would be inexcusable for this to not have been discovered by their IT department. Any basic security audit would show the existence of these subdomains, and what servers they’re leading to. This is sloppy at best, and potentially criminally negligent at worst, depending on the traffic that is being run through these servers.

So the question is: why is the Trump Organization continuing to allow hidden subdomains to run to servers hosted in Russia?

I highly recommend that you read the entire article at the site.

You can also see the Twitter chain at: https://twitter.com/mikefarb1?ref_src=twsrc%5Etfw

    • What does this even mean?SES, Thu Nov 2 12:01pm
      "...while under investigation for colluding with a foreign adversary in a concerted effort to undermine American democracy...." What were they supposedly doing with the intent of "undermining... more
      • Methods matterJeeves, Thu Nov 2 12:09pm
        The Russians hacked into private email accounts and stole information. That's cyber crime. Knowingly participating in a criminal activity is usually called conspiracy. And you keep making the claim:... more
    • explosive information !! tRUMP and his family all seem to be so arrogant in their belief that they are somehow special & untouchable that they are grossly incompetent at covering their tracks or... more