Into the actor's dark act.

Tracking down digital trace may be difficult. But, we can use several common key questions:

1. what we know about the domains?

The first domain is well known: ******cinta******.com
The second domain is less known: ******cinta******

******cinta******.com receives about 140 unique visitors and 154 (1.10 per visitor) page views per day. Last updated on 6 Feb 2017. Site is hosted in San Francisco, CA, 94107, Seychelles and links to network IP address
(******cinta******.com &******cinta******

2. where was it hosted?

Most probably Qhoster with an Italy/Seychelles IP.

3. is Qhoster popular in ******sia?

Not really, unless the person has read many reviews of VPS hosting services. It is in fact a mediocre provider (by rating).

3. any ******sian site that has been registered with Qhoster?

We should see something here...

4. does the registrar use similar pattern of registering the domains to a registrar that the name pops up first in the mind.

Most probably yes. Or a second tought: to cover the track, no.
The first domain (******cinta******.com) and the second domain (******cinta****** are both registered with the same hosting company.
The last recorded IP was:

5. who is from ******sia that may create a domain with Qhoster?

The person is most likely has an experience to register VPS in the same hosting company since he/she read a review that Qhoster provides better value than others.
Or that person is trying to cover track by registering to a lesser known hoster.

6. is finding the sites difficult now

Yes, since the site is down and dig program returned internet-positive PTR (as a result that the domain was blocked by Kominfo).

7. is the registrant well understood about the hosting and its procedure?

Yes. this narrowed down to some tech people that were dealing with hostname registration.

8. is has a shared domain?

No. most likely this is a VPS.

9. what type of server

Server: Apache (matched with VPS OS selection: Centos, Debian, Ubuntu)
Protocol: HTTP/1.1
Content-Type: text/html; charset=iso-8859-1

10. who is wanting to sacrifice ~$100/6mths- ~$200/yr for a VPS with a domain?

People that may have problem with the person's view or movement or want to defame the person.

11. any possible scenario of the uploader:

  • Someone that is familiar with Paypal, since the payment to Qhoster most probably via paypal than a direct credit card payment (unless he/she uses an illegal credit card/carding).
  • Someone that is from this country, since an international person may find the target less valuable for their perspective/interest.
  • Someone that was asked by a mastermid that wants to defame the person, since the latter had sacrificed more money to host the domain with VPS, not a common shared hosting.
  • Someone that is familiar with covering the track by selecting a combination of scenario: (least known hoster, protected domain, VPS, geolocation: Italy/Seychelles instead of US, Paypal).
  • Someone that is familiar with website hosting, most likely a Linux (Centos, Debian, Ubuntu) based VPS.
  • Someone that probably has a better access to the original source/image leaker that was asked by the true mastermind.
  • Someone that inclines to contra the person's view or movement during the past election.

12. is the info useful enough to trackdown the uploader

Yes, at least it can be narrowed down to less than 500 persons with that scenario-building capacity and interest.


Popular posts from this blog

Xeon LGA 771 di mobo LGA 775

LM35 Incubator with LCD 16x2 on Arduino

Writing and reading float using Arduino EEPROM