Now hosting content for a Senate resolution proposed by CHD, Autism Action Network, Health Freedom Defense Fund, Stand For Health Freedom, and The Brownstone Institute. TLDR: itβs a lot of anti-vax advocacyβs greatest hits.
25.02.2026 05:19 β π 0 π 1 π¬ 0 π 0
The linked guide to voting page for college students was removed and currently returns a Page not found error.
Most recent available entry from early September available here:
web.archive.org/web/20250903...
Between 10 and 11 September 2025, the βKnow your voting rightsβ entry for college students was removed from vote.gov.
While not definitively related, this coincides with the timeframeβ8 September 2025 per the earliest certβwhen National Design Studio ostensibly began working on the site.
New toadie site in the works: 47compliance[.]org
Highly likely administered using the same Cloudflare account as a number of other pro Trump/GOP and anti Dem sites, including:
insidebidensbasement[.]org
kamalaskoup[.]org
protect47[.]org
New Children's Health Defense site registered on 1/9/26 and currently in development:
covidjustice[.]org
covidjustice[.]metalteam[.]dev (69.16.249[.]248, dev site)
Suspicious domain ms-driversync[.]com was registered through Njalla on 10/14/25 and resolves to 192.166.82[.]94.
15.10.2025 16:49 β π 2 π 1 π¬ 0 π 0
Suspicious domain mfa[.]directory was registered through Njalla on 10/15/25 and resolves to 149.33.2[.]67.
15.10.2025 16:47 β π 4 π 2 π¬ 0 π 0
Looking forward to finally presenting this research into Volt Typhoon in a public forum - and I can't think of a better one than @cyberwarcon.bsky.social
www.cyberwarcon.com/forecasting-...
Have you ever wanted to see two terminally online nerds really (and I mean *really*) get into the SVR deep lore while continuing the eternal goal of making 2016 last forever?
Gosh does @cyberwarcon.bsky.social have a talk for you!
We've got some good submissions flowing into the @CYBERWARCON CFP, but there's still time for more. If you have good content, and you're worried the honorarium won't cover your travel, please submit, and we'll work it out. We do this because we believe this research matters.
18.09.2025 14:18 β π 5 π 3 π¬ 0 π 0Kim John Un rolls off the tongue nicely
28.08.2025 17:55 β π 1 π 0 π¬ 0 π 0Best conference in the industry is back! cyberwarcon.com
28.08.2025 17:36 β π 10 π 2 π¬ 1 π 0
Suspicious domains micrsosft-netupdate[.]net (109.107.172[.]123) and micrsosft-netupdate[.]net (146.103.115[.]183) were co-registered through Njalla on 8/14/25.
14.08.2025 12:32 β π 0 π 0 π¬ 1 π 0
Suspicious domain adobereader[.]cc was registered through MonoVM on 8/5/25 using freewanatoly@2mail[.]co. Currently resolves to M247 IP 84.252.95[.]40.
06.08.2025 14:14 β π 2 π 0 π¬ 0 π 0
Suspicious domain sophossec[.]com was registered through MonoVM on 7/15/25 using kehmar.maung@proton[.]me and resolves to 146.70.247[.]55.
16.07.2025 16:50 β π 1 π 1 π¬ 0 π 0Of all my professional accomplishments, I think Iβm proudest of this.
24.06.2025 14:49 β π 54 π 5 π¬ 6 π 2
Likely related domains drowingaws[.]com (13.217.161[.]160) and drowingazur[.]com (20.163.58.252) were co-registered through Njalla on 6/20/25.
23.06.2025 13:25 β π 1 π 0 π¬ 0 π 0
Suspicious domains awsonlineserch[.]com and azuronlineserch[.]com were co-registered through Njalla on 6/19/25. Currently resolving to 34.204.12[.]191 and 20.83.167[.]25, respectively.
20.06.2025 17:58 β π 1 π 1 π¬ 1 π 0
Suspicious domain windowsntp[.]com was registered through Njalla on 5/22/25 and then began using Cloudflare. Domain itself does not resolve, but subdomain www.windowsntp[.]com indicates MSFT Azure use.
23.05.2025 13:16 β π 1 π 1 π¬ 0 π 0
Suspicious domain m365sessionlogin[.]com was registered through Njalla on 5/18/25. Domain itself does not resolve, but subdomains login, logon, and office365 indicate hosting at 80.78.30[.]154.
19.05.2025 13:34 β π 8 π 3 π¬ 1 π 0
Most of the latter policy positions are copied from the American Stewards of Liberty page here:
web.archive.org/web/20250516...
Highly likely Parscale / Nucleus-administered domain congressstrongaction[.]org was registered on 9/23/24 and recently began hosting content. The org's stated policy positions appear largely aimed at curtailing laws and protections related to natural resources.
16.05.2025 12:55 β π 1 π 1 π¬ 1 π 0
Set of suspicious domains co-registered through Njalla on 4/24/25:
esxiupdate[.]com
threatbook[.]cloud
Not currently resolving, but worth keeping an eye on.
Set of suspicious domains registered on 4/2/25 (unclear through which reseller) and administered using the same Cloudflare account:
googlealert[.]net
microsoft365signin[.]net
microsoftalert[.]net
outlooksecurity[.]net
outlooksignin[.]net
Suspicious domain analytics[.]airforce was registered through Njalla on 4/2/25 and resolves to BL Networks IP 64.52.80[.]61.
02.04.2025 13:55 β π 2 π 1 π¬ 0 π 0The Children's Health Defense staging site associated with realcdc[.]org indicates they are setting it up to pose as a legitmate CDC site questioning vaccine safety, complete with parent testimonials. Currently no overt indication the site is run by CHD.
21.03.2025 02:27 β π 4 π 2 π¬ 1 π 1
Suspicious domain chromeupdate[.]net was registered through Njalla on 3/11/25. Not currently resolving, but worth keeping an eye on.
11.03.2025 12:18 β π 3 π 2 π¬ 0 π 0
Suspicious domain nvidia-installer[.]com was registered through Njalla on 3/10/25 and resolves to 51.44.166[.]225.
11.03.2025 12:17 β π 4 π 2 π¬ 0 π 0Again, not saying that's what is happening here. Nor am I stating the conclusions in the SFS site are incorrect or that there is malicious intent behind it. Unfortunately, it is a concerning vulnerability to IO predicated on shortsighted reactivity that we have to consider these days. (4/4)
06.03.2025 15:49 β π 3 π 0 π¬ 1 π 0Get that site in front of DOGE and then they decide to take a chainsaw to the program due to the claimed inefficiency. That's a big, and seemingly easy, information operations (IO) win for the actor. (3/4)
06.03.2025 15:49 β π 2 π 1 π¬ 1 π 0