TryHackMe’s WebOSINT Simple Writeup— Conducting Basic Open-source Intelligence Research on a Website

TryHackme’s OSINT Room Writeup with Answers by Karthikeyan Nagaraj

Task 2 Whois Registration

site: RepublicOfKoffee.com
Tool: https://lookup.icann.org/en/lookup

1. What is the name of the company the domain was registered with?

Ans: Namecheap Inc

2. What phone number is listed for the registration company? (do not include country code or special characters/spaces)

The Phone Number is in the Raw Registry RDAP Response

Ans: 6613102107

3. What is the first nameserver listed for the site?

Ans: Ns1.BRAINYDNS.com

4. What is listed for the name of the registrant?

Ans: Redacted for Privacy

5. What country is listed for the registrant?

Ans: Panama

Task 3 — Ghosts of Websites Past

1. What is the first name of the blog’s author?

Let’s use the Wayback Machine and find out the Author

Ans: Steve

2. What city and country was the author writing from?

Ans: Gwangju, South Korea

3. [Research] What is the name (in English) of the temple inside the National Park the author frequently visits?

Ans: Jeungsimsa Temple

Task 4 Digging into DNS

1. What was RepublicOfKoffee.com’s IP address as of October 2016?

Ans: 173.248.188.152

2. Based on the other domains hosted on the same IP address, what kind of hosting service can we safely assume our target uses?

Hint: What kind of hosting plan is usually used by websites on a tight budget that don’t have a lot of visitors?

Ans: Shared

3. How many times has the IP address changed in the history of the domain?

2016, 2017, 2022, 2023

Ans: 4

Task 5 — Taking Off The Training Wheels

1. What is the second nameserver listed for the domain?

Ans: NS2.HEAT.NET

2. What IP address was the domain listed on as of December 2011?

Ans: 72.52.192.240

3. Based on domains that share the same IP, what kind of hosting service is the domain owner using?

Ans: shared

4. On what date did was the site first captured by the internet archive? (MM/DD/YY format)

Ans: 06/01/97

5. What is the first sentence of the first body paragraph from the final capture of 2001?

Visiting web.archives.org ,jun 1 will give you the Answer

Ans: After years of great online gaming, it’s time to say good-bye.

6. Using your search engine skills, what was the name of the company that was responsible for the original version of the site?

Ams: SegaSoft

7. What does the first header on the site on the last capture of 2010 say?

Ans: Heat.net — Heating and Cooling

Task 6 — Taking A Peek Under The Hood Of A Website

Hover Over the Hyperlinks to find the url

1. How many internal links are in the text of the article?

Ans; 5

2. How many external links are in the text of the article?

Wordpress is that site

Ans: 1

3. Website in the article’s only external link ( that isn’t an ad)

Ans: Purchase.org

4. Try to find the Google Analytics code linked to the site

Ans: UA-251372-24

5. Is the the Google Analytics code in use on another website? Yay or nay

Ans: Nay

6. Does the link to this website have any obvious affiliate codes embedded with it? Yay or Nay

Ans: Nay

Task 7 Final Exam: Connect the Dots

1. Use the tools in Task 4 to confirm the link between the two sites. Try hard to figure it out without the hint.

Let’s Use View Dns → IP History

heat.net

purchase.org

Liquid Web is Common in both!

Ans: Liquid Web, L.L.C

A YouTube Channel for Cybersecurity Lab’s Poc and Write-ups

Cyberw1ng

Github for Resources:

Cyberw1ng — Overview

Telegram Channel for Free Ethical Hacking Dumps

Ethical Hacking Dumps — CEH, OSCP, Comptia

Thank you for Reading!

Happy Ethical Hacking ~

Author: Karthikeyan Nagaraj ~ Cyberw1ng