Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for October 9th, 2017

Trump Personal Emails for Government Business: How Many Sites Do They Have?

with 2 comments

The recent story about Javanka’s personal email server that they had used for government business made me ponder when it had been created and just how many others the Trumps may have out there. So after looking at the pastebin listing all their domains I noticed a couple things. The first thing I noticed was that after doing the WHOIS on their domain in question recently, was that it was a new acquisition. The domain had been created 12/31/16 which means it is pretty new as their domains go. Secondly, this domain is not attached to the over one thousand domains owned by Trump which kinda made me go “hmmmmm that there looks like obfuscation” and made mu Spidey sense tingle.

Ivanka and Jared’s Server: IJKFAMILY.COM

Domain Name: IJKFAMILY.COM
Registry Domain ID: 2086283293_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2017-03-06T06:55:27Z
Creation Date: 2016-12-31T01:33:34Z
Registry Expiry Date: 2017-12-31T01:33:34Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com

If you will take note that all of the other domains (see link above) are affiliated with the Trump name but this one was under the radar so to speak (IJKFAMILY.COM) being it is not overtly Trumpian in it’s name scheme. So my first question became “Did they set this up for this sole purpose? Or was it just a domain they had in the wings for something but decided to spin up port 25 and SMTP?” I am not sure on either of those reasons behind the creation of this particular domain but it did start the wheels of my mind turning toward the notion that out of all the Trump domains out there, how many could support an easy means of email under the radar for Donny and his brood? Well, the real answer here is that there are over one thousand possible domains that could immediately be set up to send email. However, upon looking into all those domains there are only 25 presently that have the ports open for email and running the services to allow for emails to be sent via them. Some of those systems have the ports filtered but many others do not and interestingly some of these also have secure protocols in place for emails using encryption which is very interesting indeed…

25 Instances on 8 Domains SMPT/POP/IMAP Already Running:

chicagotrumplimo.com
estatesattrumpnational.com
realdonaldtrump.info
theestatesattrumpnational.com
tirpromotions.com
trumpgolfscoring.com
trumppuntadeleste.com
votefordonaldtrump.com
trumpublican.org
200riversideboulevard.com
220rb.com
240rb.com
502parkavenue.com
721fifth.com
trumpparceast.com
trumpworldtower.com
votefordonaldtrump.com
chicagotrumplimo.com
estatesattrumpnational.com
realdonaldtrump.info
theestatesattrumpnational.com
tirpromotions.com
trumpgolfscoring.com
trumppuntadeleste.com
trumpwaikiki.com

So, all of these domains should be on the radar of the investigators out there in the Senate, House, FBI, IC etc and  I would hope that is the case. If I were those investigatory bodies I would be asking for some records from those domains if I were them, ya know, just to see if there were some emails going out concerning government business like Javanka’s little mishap recently. It is utterly fatuous that these people, who made a feast of Hillary’s email server are using private domains and emails to bypass the national record are doing this so flagrantly. Many of the servers also have some interesting ports open but I digress. Suffice to say that these people have patterns of behaviour so I would not be surprised if more turned up on other domains or that they may have even started new domains under the radar like Javanka there to hide the emails.

Now, on another note, I noticed something else as I was doing this little investigation. I noted a few domains that involved Russia and the Baltics. Once I did the WHOIS on them I also noted that they all were created around the same time in 2008. I have yet to really look into the timeline around 2008 for Trump but I have to ask just what was happening then that he thought to buy these domains? Were these domains bought after a possible deal had been struck or in hopes that talks would work out? I mean, if that is the case how could Trump make that claim that he had no business with Russia?

Well, yeah I know he lies like a bad toupee but really…

Domain Name: TRUMPRUSSIA.COM
Registry Domain ID: 1508991998_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2017-06-28T20:25:15Z
Creation Date: 2008-07-17T20:24:29Z
Registry Expiry Date: 2018-07-01T03:59:59Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: 480-624-2505
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS49.DOMAINCONTROL.COM
Name Server: NS50.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-10-09T13:04:03Z <<< Domain Name: TRUMPUKRAINE.COM Registry Domain ID: 1508992006_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2017-06-28T20:26:04Z Creation Date: 2008-07-17T20:24:29Z Registry Expiry Date: 2018-07-01T03:59:59Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: 480-624-2505 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS49.DOMAINCONTROL.COM Name Server: NS50.DOMAINCONTROL.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2017-10-09T13:26:27Z <<< Domain Name: TRUMPBAKIAZERBAIJAN.COM Registry Domain ID: 1679227892_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.godaddy.com Registrar URL: http://www.godaddy.com Updated Date: 2017-06-28T20:27:01Z Creation Date: 2011-09-27T14:00:19Z Registry Expiry Date: 2018-06-30T11:59:59Z Registrar: GoDaddy.com, LLC Registrar IANA ID: 146 Registrar Abuse Contact Email: abuse@godaddy.com Registrar Abuse Contact Phone: 480-624-2505 Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS49.DOMAINCONTROL.COM Name Server: NS50.DOMAINCONTROL.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2017-10-09T16:52:03Z <<<

So what made them buy all but one of these domains on July 17th 2008 I wonder? Now, one might then want to look into say Felix Sater’s domains that he might own on the internet as well right? After all Felix was the point man on all these deals with Russia that seem to keep bubbling back up. Not that I would go and do some digging like that…

Right?

Maybe next post…

Oh well, there’s a data dump for you all. Interesting stuff no?

Dr. K.

 

Written by Krypt3ia

2017/10/09 at 16:57

Posted in Turnip