Our crack investigators in Congress led by Devin Nunes may be releasing the wrong info, and overlooking a much bigger reveal. It’s this: the mysterious logs of a Trump Organization email server in mid-2016 seem to show almost all of its lookups came in from the server of a private bank in Russia — as revealed 1 week before Election Day, by Franklin Foer of Slate (published Oct. 31).
During the height of the campaign season the preponderance of lookups to mail1.trump-email.com came from 2 separate IP addresses (blue line & red line frequency) from this Russian bank. Also, a smaller set of lookups (tan line) was shown from the IP address of Spectrum Health (Grand Rapids, Mich). The health firm is affiliated with the DeVos family (Betsy DeVos’ husband was elected chairman of the board of Spectrum Health System).
The dominance of apparent lookups from the Russian bank during the campaign period was discovered unexpectedly by computer scientists who were searching vigilantly to check that the Trump server would not have the same vulnerability to hacks as the DNC server. They were startled by the logs they examined. After posting their findings to a Reddit thread, a NY Times reporter inquired of the Russian bank about the server traffic in late Sept. 2016. Even though the NY Times hadn’t yet contacted the Trump organization or campaign about the server, a few days later the Trump Organization itself disappeared its trump-email.com hostname (through its server vendor for name servers, Cendyn). A replacement host name was created, this time called “trump1.contact-client.com”.
Once the old hostname disappeared and the new one created, the very first contact to the new host name came from, wonder of wonders, that very same Russian bank.
The UPI documented:
"The first point of contact for the Trump server using the new name was from an Alfa Bank server, which experts said would be impossible were it not for some external form of communication between someone in the Trump Organization and Alfa Bank.
"The equivalent, the experts said, would be someone shutting off one telephone number, getting a new one and having their first call come from a friend who was dialing randomly and correctly guessed the new number."
In 2016, when asked about the server, Hope Hicks told Slate:
“The email server, set up for marketing purposes and operated by a third-party, has not been used since 2010. The current traffic on the server from Alphabank's [sic] IP address is regular DNS server traffic—not email traffic. To be clear, The Trump Organization is not sending or receiving any communications from this email server. The Trump Organization has no communication or relationship with this entity or any Russian entity.”
CNN updated the story in March:
As noted, Alfa Bank alone represents 80% of the lookups, according to these leaked internet records.
Far back in second place, with 714 such lookups, was a company called Spectrum Health.
Spectrum is a medical facility chain led by Dick DeVos, the husband of Betsy DeVos, who was appointed by Trump as U.S. education secretary.
Together, Alfa and Spectrum accounted for 99% of the lookups.
The cybersecurity firm Mandiant was hired to investigate the server traffic, and reported that spam marketing of Trump properties may have prompted traffic between the server addresses.
The NY Times, in a July 2017 article, found that the Mandiant investigation of transmissions “was, at best, cursory. According to people familiar with Mandiant’s review, its experts were shown largely metadata, the information that travels along with a message, for the communications that took place. The contents of the messages — if there were any — were not available.”
“Without a much deeper forensic examination, the company could not determine the purpose of the communications. Its resulting report was carefully hedged, noting that without more study, it could not give the bank a clean bill of health. But the bank used that report, however limited, to make the case that it had been exonerated.”
Note, during the first half of 2017 Alfa Bank hired for counsel a lawyer who would become the next nominee to head the Criminal Division at DoJ, Brian Benczkowski. His role for his client involved supervising another, separate investigation to help deny that there were communications between its server and the Trump Organization server. (The second investigation looked at the bank server in 2017 — when any communications under scrutiny probably were not continued into the following year after the spotlight shined on it in 2016, and the inquiry concluded no such communications occurred in 2017.)
The lawyer hired by Alfa Bank in 2017 who is slated to become Assistant Attorney General now has his nomination currently pending in front of the US Senate. All Democratic members of the Judiciary Committee voted against the nomination of Benczkowski, due to his representation of the bank in question, amidst the ongoing Russia investigation by Special Counsel Mueller.
More information about the server communications here. See also Dianne Feinstein’s remarks on the nominee also. As reported,
"Benczkowski's work for Alfa Bank, moreover, 'went to the heart of the reported [FBI] investigations' into the bank's involvement in unusual computer server activity with the Trump Organization during the election, Feinstein said.
So while ranting against McCabe and Rosenstein, Trump is trying to move into place a lawyer who has already represented a bank that may be wrapped up in the Russia investigation.
It’s not a bug, it’s a feature.
#ReleasetheServerlogs
I will add, apart from the data we may be overlooking, we should note that the strenuous effort by Rep. Nunes and the House to discredit the FISA application to gather information about Carter Page may be because he — though ridiculously clownish in public appearances — may have a more central role than we can imagine.
Something that has not been discussed much is that Page returned to Moscow for meetings on December 8, 2016 — one day after the sale of a portion of Rosneft (to Glencore [commodities firm] and a Qatar sovereign wealth fund) was finessed.
I always found that timing fascinating. The Glencore and Qatar fund purchase was for 19% of Rosneft.
Page returned to Moscow one day after the Rosneft deal was signed on December 8 to "meet with some of the top managers" of Rosneft, he told reporters at the time.
One month later, in January 2017, the Steele dossier leaked on Buzzfeed had speculative intelligence that Igor Sechin had offered to Carter Page in the summer of 2016 the brokerage fee related to a 19% sale of Rosneft, in exchange for a promise to get financial sanctions on Russia lifted.
The info was collected for that dossier months before the sale was consummated, and then leaked by Buzzfeed one month after the sale.
You have to wonder if money may have changed hands to someone, with an emissary from the Trump campaign as an intermediary.
So the dossier needs to be trashed and discredited by Nunes and his supporters, because it may point to something quite important that connects a Trump campaign intermediary to an exchange of policy for a payoff, to someone. As always, follow the money.