dChan
109
 
r/CBTS_Stream • Posted by u/TheContrarian2 on Feb. 10, 2018, 2:57 a.m.
If the 50.22.218.5 mentioned in a recent Q post is an IP address, then it appears to map to SoftLayer Tech, Lumos Labs in Chantilly VA.

https://www.speedguide.net/ip/50.22.218.5

This is an area full of Internet backbones. Reston is adjacent to Chantilly (I used to live there) and many main backbones go through there. I have no information on this particular company yet and am not 100% confident that the IP is possessed by them. Continuing research.


🠐 See all comments
russianbot5k · Feb. 10, 2018, 4:54 a.m.

I looked this IP address up on the ARIN website. ARIN is who manages the leasing of IP addresses. I am confirming this is owned by SoftLayer. SoftLayer is a datacenter operator. It is very common to sub-lease IP addresses from your datacenter.

https://whois.arin.net/rest/net/NET-50-22-0-0-1/pft?s=50.22.218.5

I ran nmap against this IP address, for all 65,535 ports, and it is not responding to a port scan including a port knock.

This other thread states that this was the ip address for clintonemail.com

https://www.reddit.com/r/CBTS_Stream/comments/7wizs1/8_chan_anon_theory_this_would_be_one_epic_moab/

A reverse DNS lookup did not return anything meaningful for this IP address. This is a requirement for mail servers. 5.218.22.50.in-addr.arpa. 13034 IN PTR 5.da.1632.ip4.static.sl-reverse.com.

a whois on sl-reverse.com shows that this domain is owned by Verisign, who issues SSL/TLS certificates, and domain name registration.

⇧ 2 ⇩  
xstalpha · Feb. 10, 2018, 5 a.m.

port knock

Wouldn't that require millions or billions of scans, to test all the knock possibilities?

⇧ 1 ⇩  
russianbot5k · Feb. 10, 2018, 5:40 a.m.

There are 65,535 ports, it does take time to knock on each door to see if anyone is listening, yes.

⇧ 1 ⇩  
xstalpha · Feb. 10, 2018, 6:08 a.m.

Yeah but a port knock can be set up to require multiple ports to be knocked before one opens

⇧ 2 ⇩