It is my professional opinion as a CISSP, HP ExpertOne, HP CSE, MCSE, and 30+ other certifications as well as 2 degrees that Jeff Wu & Jeremy Bogan (jeffwuneo & captainjez) are either the same person or acting in collaboration.
Both accounts @jeffwuneo & @captainjez used the same WAN IP within 24 hours of each other. It was @captainjez Last IP Address, 24 hours earlier @jeffwuneo Registration IP Address.
captainjez
Last Seen: Jul 2, '19
IP: 113.81.174.xxx
Location: Huizhou, Guangdong, China
Organization: No.31,Jin-rong Street
jeffwuneo
Created: Jul 1, '19
IP: 113.81.174.xxx
Location: Huizhou, Guangdong, China
Organization: No.31,Jin-rong Street
ICANN Registration defines the geographic data for this IP as Guangdong province.
Jeff Wu claims to reside in Wuhan. Guangdong is on the coast, Wuhan is central China.
There are 360 million + PUBLIC IP addresses assigned to china bu ICANN. They would have to be at the same address on the same LAN or Wireless LAN given the population density to still be on the same /14 IP block and they are likely on a larger block like a /11, I’m just being conservative.
I can categorically say that this is not obfuscation via proxy or an encapsulated VPN. It wouldn’t work behind the China Firewall and there is no VPN in play.
In theory both users could be using the same node access, but it’s unlikely unless 1 of 2 things have happened…
- It’s a mobile network which uses a NAT based proxy
- The end point gateway is shared wireless service, same situation as mobile but typically smaller footprint like wimax
Both of these have been ruled out assuming the icann registered data is correct, and in my experience it is 99.9% of the time.
Both use the same Google VPN service terminating in NYC.
From @nske: neoHUB Group Buy (Same as loaded motor but sensored)
DNS has nothing to do with it. This IP address is one of 2,097,152 in that /11 address block China Telecom has allocated for the Guangdong province. This block seems to be used for fixed-line services, since the mobile network IP addresses are allocated under the name China Mobile in the APNIC registry. As far as I can find, China Telecom operates consumer lines the same way as ISPs in the west (i.e. provides an xDSL/FTTP connection that has its own IP address). It would be unbelievable if two unrelated facilities either shared the same connection or happened to have been assigned the same IP address, within a day (let’s not forget the temporal relationship).
Also let’s not ignore the 2nd recorded pair of addresses, are allocated to Google, for Google Cloud services. I’m not sure what service could be running there (some sort of proxy or VPN). It could be the Compression Proxy service that IIRC Chrome for Android has as a feature. On its own it’s not strong evidence, but it adds up to the already extremely thin odds.
Then there is this…
jedboards.com (http://whois.domaintools.com/rideneo.co)
Name Servers MILES.NS.CLOUDFLARE.COM
rideneo.co (http://whois.domaintools.com/jedboards.com)
Name Servers MILES.NS.CLOUDFLARE.COM
Both the jedboards.com and rideneo.co domains are hosted on the same server, or at a minimum at the same site on the same server farm. When you start a new account at CloudFlare, you can easily add domains to that account, but to get different nameservers, you must start another free account.
All of these domains reside at the same name server.
- boawheels.com
- jedboards.com
- jedboards.com.au
- ridewithjed.com
- rideneo.co
The nameserver info was passed to me by another user whom prefers to remain anon, but I independently verified all of it for myself.
Lastly go look at the source for https://rideneo.co/ & https://boawheels.com/. Search for https://www.facebook.com/tr?id=1739695016280463. Both sites use the same ID. IDs are unique, assigned by account as far as I know. Also, both sites use WPBakery Page Builder, Woocommerce & Auto Optimize plugins and the same “Salient” theme.
I have show all of the info that I worked from, go verify it. All of the info is publicly available other than the WAN IP usage and those were disclosed earlier so I’m not breaking any privacy laws or moral code.
I’m out.