A new group ??

I found it on Facebook and was kind of surprised. I know some of you guys are good at digging. better than me. so far interesting results. so who owns the website???

 

silentmajoritypatriots.com

Is this your domain name? Renew it now.


Domain Name: SILENTMAJORITYPATRIOTS.COM
Registry Domain ID: 2045473536_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2016-07-22T14:15:31.00Z
Creation Date: 2016-07-22T21:15:00.00Z
Registrar Registration Expiration Date: 2017-07-22T21:15:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Reseller: NAMECHEAP.COM
Domain Status: clientTransferProhibited EPP Status Codes | What Do They Mean, and Why Should I Know? - ICANN
Registry Registrant ID:
Registrant Name: WHOISGUARD PROTECTED
Registrant Organization: WHOISGUARD, INC.
Registrant Street: P.O. BOX 0823-03411
Registrant City: PANAMA
Registrant State/Province: PANAMA
Registrant Postal Code: 00000
Registrant Country: PA
Registrant Phone: +507.8365503
Registrant Phone Ext:
Registrant Fax: +51.17057182
Registrant Fax Ext:
Registrant Email: 51776F7ECE634380A99DD0A4C776AE95.PROTECT@WHOISGUARD.COM
Registry Admin ID:
Admin Name: WHOISGUARD PROTECTED
Admin Organization: WHOISGUARD, INC.
Admin Street: P.O. BOX 0823-03411
Admin City: PANAMA
Admin State/Province: PANAMA
Admin Postal Code: 00000
Admin Country: PA
Admin Phone: +507.8365503
Admin Phone Ext:
Admin Fax: +51.17057182
Admin Fax Ext:
Admin Email: 51776F7ECE634380A99DD0A4C776AE95.PROTECT@WHOISGUARD.COM
Registry Tech ID:
Tech Name: WHOISGUARD PROTECTED
Tech Organization: WHOISGUARD, INC.
Tech Street: P.O. BOX 0823-03411
Tech City: PANAMA
Tech State/Province: PANAMA
Tech Postal Code: 00000
Tech Country: PA
Tech Phone: +507.8365503
Tech Phone Ext:
Tech Fax: +51.17057182
Tech Fax Ext:
Tech Email: 51776F7ECE634380A99DD0A4C776AE95.PROTECT@WHOISGUARD.COM
Name Server: DAVE.NS.CLOUDFLARE.COM
Name Server: KARA.NS.CLOUDFLARE.COM
DNSSEC: unSigned
Registrar Abuse Contact Email: abuse@enom.com
Registrar Abuse Contact Phone: +1.4252982646
URL of the ICANN WHOIS Data Problem Reporting System: Whois Inaccuracy Complaint Form | ICANN
>>> Last update of WHOIS database: 2016-07-22T14:15:31.00Z <<<

For more information on Whois status codes, please visit EPP Status Codes | What Do They Mean, and Why Should I Know? - ICANN


The data in this whois database is provided to you for information
purposes only, that is, to assist you in obtaining information about or
related to a domain name registration record. We make this information
available "as is," and do not guarantee its accuracy. By submitting a
whois query, you agree that you will use this data only for lawful
purposes and that, under no circumstances will you use this data to: (1)
enable high volume, automated, electronic processes that stress or load
this whois database system providing you this information; or (2) allow,
enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via direct mail, electronic
mail, or by telephone. The compilation, repackaging, dissemination or
other use of this data is expressly prohibited without prior written
consent from us.

We reserve the right to modify these terms at any time. By submitting
this query, you agree to abide by these terms.
Version 6.3 4/3/2002

The previous information has been obtained either directly from the registrant or a registrar of the domain name other than Network Solutions. Network Solutions, therefore, does not guarantee its accuracy or completeness.

Show underlying registry data for this record

Make an instant, anonymous offer to the current domain registrant. Learn More



Search Again

Search by either

Domain Name e.g. networksolutions.com
IP Address e.g. 205.178.187.13

 

I looked at a domain search and got that. I dont really know what it means but there are telephone numbers etc.

 

Actually it doesn't mean the name is for sale, it means that the registrar used to do the whois is willing to help you "make an offer" that is unsolicited but might still be accepted. The name was registered, as some one else mentioned earlier, on July 22, 2016 and expires on July 22, 2017.

Creation Date: 2016-07-22T21:15:00.00Z
Registrar Registration Expiration Date: 2017-07-22T21:15:00.00Z

Only a single year registration through a cheap domain name registrar (which in and of itself isn't a bad thing, but moving it later may be tough).

All of the rest indicates that the domain name owner is "private" and all contact goes through the protection company.

Registrant Name: WHOISGUARD PROTECTED
Registrant Organization: WHOISGUARD, INC.
Registrant Street: P.O. BOX 0823-03411
Registrant City: PANAMA
Registrant State/Province: PANAMA
Registrant Postal Code: 00000
Registrant Country: PA
Registrant Phone: +507.8365503
Registrant Phone Ext:
Registrant Fax: +51.17057182
Registrant Fax Ext:
Registrant Email: 51776F7ECE634380A99DD0A4C776AE95.PROTECT@WHOISGUARD.COM
Registry Admin ID:

The phone numbers above are to the WHOISGUARD, INC offices, not the owner. The email is an alias that receives and then sends a new email with your contents to the actual owner. That way, if the domain owner is smart enough to click protect but potentially dumb enough to just reply to your email, they don't necessarily out themselves (you can still eff this up though).

The WHOISGUARD (privacy) company is based in Panama and technically outside of the jurisdiction of the US, but if push comes to shove (and we wouldn't have to push or shove very hard) they will cave and give the US government whatever they ask for. It's like the TSA in that regard, OPSEC Theater.

Next is DNS. The servers that resolve the name to an IP are part of cloudflare which is designed to, among other things, prevent Denial Of Service attacks on their customers.

Name Server: DAVE.NS.CLOUDFLARE.COM
Name Server: KARA.NS.CLOUDFLARE.COM

They can still be queried, and that comes up with two IP addresses, which is typical of a site expecting to be beaten up:
104.27.160.112
104.27.161.112

Both of these IP addresses belong to Cloudflare (again, part of their deal). So, what is cloudflare (I mentioned DDoS above)? They are a website experience optimization provider that leverages a distributed content deliver network (they cache all or part of your site on their servers) that acts as a partial proxy for your website. They will pass through things like logins, etc, but graphics and static content don't get pulled from your server, they get pulled from their cache, so the website owner saves money on bandwidth...potentially.

At this point, short of digging further than I have the time to do, we can't get much more about where the site is located or who owns it. A couple of hours performing network packet traces and we could probably find out where it's actually hosted (I don't believe that cloudflare does hosting but I could be mistaken). Once you have that, it may or may not be easy to socially engineer your way into the system and find out who is who and what is what.

If it's hosted anywhere between the Mason-Dixon line and New York, my money is on it being a .gov honeypot. I've seen it a number of times, in person, and know for a fact that they think it's hidden well enough and use the same 3 or 4 hosting providers and one that's actually owned by the .gov (through 3 or 4 cutouts, don't remember).

The reason for the output that @techsar posted being so, well, awful, is most likely part of the deal with cloudflare. I can't imagine why they would deliberately screw up the DNS record serial number but I've seen dumber things done in the name of "security" than I care to try and count.

Lastly you asked about TLS. TLS stands for "Transport Layer Security" and is the non-repudiation flip side of the SSL coin. SSL encrypts your data (won't go into it here and now) and TLS uses SSL Public Private Key Cryptography to do two things:
1) Provide a mechanism to prove that the data has not been tampered with in transit, and;
2) Provide a mechanism to prove who sent the data in the first place.

TLS is used by DNS servers to negotiate a transfer of data. Not moving the ownership of the record, for example, but making a local copy of the entire file. A DNS file can be quite large in comparison to what gets returned to you by asking "what's the IP address of www.survivalmonkey.com". The result of that question is actually contained (most likely) in just a single line that looks like this:

www IN A 206.123.114.178

The rest of the file includes other identifiers, a serial number that is incremented (or should be) every time there is a change to the file, something called a start of authority, other aliases (mail, ftp, chat, whatever). In order to prevent a random and unauthorized entity requesting a transfer by spoofing the name and IP address of a valid peer, TLS is used as an additional method of verification of the identity of the requester.

The output from @techsar's post shows poor security around the DNS file for the domain name but again, that could be for any of a number of reasons.

Hope that helped and wasn't too long winded.

 

Thanks @DarkLight. I understood most of what you said.

 

Well of course they were not Nazis, neo or otherwise, wrapping yourself in a Nazi flag and having your picture taken would have nothing to do with Nazis, that seems pretty obvious.

 

Interesting stuff there and thank you Darklight for the explanation. So who ever built the site has it protected to some degree from anyone finding out who owns it. I would think Government would be much higher tech. I have an Idea on who built it and why. W e shall see.

 

While I see your point, unless you are the one who put this up and you are playing coy, don't give too much credit to the .gov and/or their shills. Just because they can do something at a higher level of tech doesn't mean they always will. For every slick, well done, professionally designed, high-tech honeypot there are dozens of "mom and pop" type sites that basically purport or do the same thing. It needs to run the gamut if they want the net to get as many people as possible.

It used to be you could tell a police sting by the clothes the dealer was wearing. They were just too right. Watch it long enough and it became obvious. If you needed a hit you didn't look too close and you got nabbed. Same thing with sites like this.

I've also worked with (no, no letters, I'm not under a gag order) the FBI and I know what kind of time and money they have to devote to things like this. You'd be surprised how little they have of both when it gets stretched as thin as it is.

@Kingfish - no, I'm not calling you out, was just making a point.

 

Not mine I just knew there were several guys here who know this stuff. It was on facebook. I shared it here and asked questions. I am or was part of a very large group who could claim those same numbers and more. United States Militia. My opinion? this page appears overnight and claims to have 100,000 members across the south. Only one real group I know of with those numbers. United States Militias. Every year it seems we get another group. 3% ers, Oathkeepers, Minutemen , etc. etc. etc.

And it may be a Government site to suck people in? Im not joining.

 

Yea, this got my Radar spun up! Why would any group that claims what this does be so blatant about the "mission" Just smells rotten. Same thing with the Oath Keepers when they came calling, didn't sit right with me, didn't agree with the policies or the leadership! Don't really know if they are legit, but I have better things to do then getting involved with a "fringe" group that paints a great big red circle on it's back!