Used Maltego CE to run an investigation on findingassange.com domain. Here's the topology it spit back out to me:
Part 1 -
https://sli.mg/Z1bHvz.png
Part 2 -
https://sli.mg/Ujaxwy.png
This is where I need some help and opinions : wildcard-in-use.findingassange.com
Weird looking website really, and the IP block is originating from somewhere else than the original URL findingassange.com.
Also weird privacy statement with no contact info and product reference : http://wildcard-in-use.findingassange.com/privacy
The IP for wildcard-in-use.findingassange.com linked to these two entities:
Bodis : https://bodis.com/ --> domain parking
Prolexic Technologies : https://en.wikipedia.org/wiki/Prolexic_Technologies --> DDoS mitigation and IT security services
The IP for findingassange.com linked to these two different entities:
WILDCARD-AS --> cant find shit on this
I Fast Net LTD : https://ifastnet.com/ --> hosting
Also, ftp.findingassange.com prompts for username password, if anyone wants to try to work their way in.
I'll keep digging, but to me, it looks weird, and I need opinions about this! Upvoat for visibility!!!
view the rest of the comments →
dafacts ago
what it comes down to is if they deliver anything, the content needs to be heavily scrutinised and somehow authenticated before we can believe it. The release of manipulated content will be so incredibly damaging if it is first thought to be legit.
Fateswebb ago
All of the podesta emails have hashes on them that legitimate them, those are from the source not added by wikileaks, if they are real it will be easy to prove.