daily pastebin goal
15%
SHARE
TWEET

#OpEcatel: Teaching a bad host a lesson

TheAnon0ne Jul 29th, 2012 8,830 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Twitter: @TheAnon0ne | E: theanon0ne@hushmail.com
  2.  
  3. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  4. This is a sub-op of #OpPedoChat | http://pastebin.com/xvBaU2vd
  5. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  6.  
  7. Started: 7/29 @ 3pm GMT
  8. Last update: 7/30 12.45am GMT
  9.  
  10. Busy week, see http://bit.ly/MeA2FC for more info.
  11.  
  12. ``````````````````````````` #OpEcatel: Teaching a bad host a lesson ```````````````````````````
  13.  
  14. Greetings Netizen. Host Ecatel is an evil company that has been lightly profiled before, see
  15. bit.ly/9hj5fN & bit.ly/PQKUrm for just two examples. Recently, we discovered a cache of sites
  16. hosted by Ecatel that were targets for #OpPedoChat. When we asked Ecatel to remove the sites,
  17. they not only refused several times, they literally resorted to "go screw your mom" for reply:
  18. i.imgur.com/5WMZC.png | TL,DR: Ecatel refuses to remove kiddie porn sites.
  19.  
  20. This will not stand. Operation Ecatel: Engaged. Expect Us.
  21.  
  22. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= * ~ *Operation News & More* ~ * =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  23. ===============================================================================================
  24.  
  25. * 7/29: Some of the targets fluctuate, but billing.ecatel.net & helpdesk.ecatel.net have been
  26.         staying down most of the day. None of Ecatel's holdings have escaped Tango Down today.
  27.  
  28. * 7/29: List of all IP addresses tied to Ecatel avail @ http://bit.ly/QVOyCE
  29.  
  30. * 7/29: Ecatel sent another email, telling me to go screw my mother: i.imgur.com/5WMZC.png
  31.         In exchange, I gave them this form: http://bit.ly/Owth0Y
  32.  
  33. ~ #OpEcatel launched @ 3pm GMT in response to the egregious nature & behavior of Ecatel ~
  34.  
  35. * 7/29: Call to arms! Target is ecatel.co.uk & ecatel.net | They REFUSE to remove CP they
  36.         host. Their answer to the opportunity we let them have: i.imgur.com/wmBBH.png
  37.  
  38. 7/28 ~ 7/29: We gave Ecatel *another* chance: http://i.imgur.com/ndsQ6.png
  39.  
  40. * 7/28: ecatel.co.uk is TangoDown, been down for hours| Bad host REFUSED to remove CP sites
  41.  
  42. * 7/21 - 7/28: Several Anons contact Ecatel, nicely, and get rudely rebuffed and ridiculed.
  43.                Jimmies start getting rustled.
  44.  
  45. * 7/21: Ecatel.net, responsible for several CP targets, profiled: http://bit.ly/Psoeuw
  46.  
  47. ##############################################################################################
  48.  
  49. ################################
  50. Targets (updated 7/29 @ 4pm GMT)
  51. ################################
  52.  
  53. http://ecatel.co.uk
  54. http://www.ecatel.info
  55. http://ecatel.net (89.248.167.19)
  56. http://billing.ecatel.net
  57. http://mirror.ecatel.net
  58. http://noc.ecatel.net
  59. http://helpdesk.ecatel.net
  60. http://www.smokeping.nl
  61.  
  62. DNS servers: 89.248.167.3, 89.248.163.67, & 89.238.154.91
  63. List of all IP addresses tied to Ecatel avail @ http://bit.ly/QVOyCE
  64.  
  65. ##############################################################################################
  66.  
  67. #########
  68. Harvester
  69. #########
  70.  
  71. g.nelson@ecatel.net, r.eeden@ecatel.net, eeden@ecatel.net, sale@ecatel.net, XXXXX@ecatel.net,
  72. admin@ecatel.net, abuse@ecatel.net, sales@ecatel.net, info@ecatel.net, noc@ecatel.net
  73.  
  74. ##############################################################################################
  75.  
  76. ####
  77. Moar
  78. ####
  79.  
  80. Ecatel was rated #1 worst host in the world for serving spam, infected websites and Zeus C & C servers http://news.hostexploit.com/hosts-and-registrars-news/4566-ecatel-speaks-to-dutch-news-about-1-bad-host-position.html
  81.  
  82. Ecatel does more than just kiddie porn, they are well-known to facilitate cyber criminals, botnets, etc: http://www.secanalyst.org/2011/08/23/understanding-ecatel/
  83.  
  84. http://hphosts.blogspot.com/2010/04/as29073-ecatel-need-more-proof-of-their.html
  85.  
  86. http://badhost.info/AS29073
  87.  
  88. http://www.scamfraudalert.com/identity_theft_phishing_spam_blackmails/13773-spamhaus_project_reports_ecatel_net_network_host_most_notorious_spammers_cybe.html
  89.  
  90. http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR2007101202461.html
  91.  
  92. ##############################################################################################
  93.  
  94. ######################################################################
  95. d0x (in progress, not guaranteed accurate). Some credit to @OpPedoChat
  96. More info available @ http://bit.ly/Psoeuw
  97. ######################################################################
  98.  
  99. Owner of ECATEL LTD
  100.  
  101. Name: Ferdinand Reinier Van Eeden
  102.  
  103. http://company-director-check.co.uk/director/912188052
  104. http://www.cdrex.com/ferdinand-reinier-van-eeden/1074299.html
  105.  
  106. Short Name: Ferdinand Van Eeden
  107.  
  108. Year of Birth: 1986
  109.  
  110. Address:
  111.  
  112. Singravenstraat
  113. 42 2548SL
  114. Gravenhage
  115.  
  116. Address 2:
  117.  
  118. 235 Spui
  119. Den Haag
  120. Netherlands
  121. 2511 BP
  122.  
  123. Number: 070-3944255
  124.  
  125. 235 Spui Den Haag Netherlands 2511 BP (Registered to company)
  126.  
  127. Person ID: 17485089
  128.  
  129. Director ID : 912188052
  130.  
  131. Company's ;
  132.  
  133. Company Name          
  134. FIBER XPRESS LIMITED - 06466487 (Company registration number)  
  135. REBA ENTERPRISES LIMITED - 06265960 (Company registration number)              
  136. REBA HOLDING LIMITED -  06264749 (Company registration number)
  137. ECATEL LTD -  05562825 (Company registration number)
  138.  
  139. Company Address's ;
  140.  
  141. 80 SIDNEY STREET
  142. FOLKESTONE
  143. CT19 6HQ
  144. GB
  145.  
  146. Manger of ECATEL LTD:
  147.  
  148. Name: Bartholomeus Johannes Karreman
  149.  
  150. Short name - Bartholomeus Karreman
  151.  
  152. Year of Birth: 1946
  153.  
  154. Address
  155. 2648 Neherkade
  156. Den Haag
  157. 2521 Rv
  158. The Netherlands
  159. 2521 RV
  160.  
  161. Director ID : 912188051
  162.  
  163.  
  164. ##############################################################################################
  165.  
  166. ###############################################################################
  167. Vulnerability Information (send moar to @theanon0ne or theanon0ne@hushmail.com)
  168. ###############################################################################
  169.  
  170. Starting Nmap 6.01 ( http://nmap.org ) at 2012-07-29 11:31 EDT
  171. Nmap scan report for www.ecatel.co.uk (80.82.67.2)
  172. Host is up (0.11s latency).
  173. Not shown: closed ports
  174. PORT     STATE SERVICE              VERSION
  175. 80/tcp   open  http                 Apache httpd 2.2.9 ((Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch)
  176. 111/tcp  open  rpcbind (rpcbind V2) 2 (rpc #100000)
  177. 2049/tcp open  nfs (nfs V2-4)       2-4 (rpc #100003)
  178.  
  179. www.ecatel.co.uk/ [200]
  180. http://www.ecatel.co.uk [200] HTTPServer[Debian Linux][Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch], PHP[5.2.6-1+lenny9][Suhosin-Patch], Frame, Country[NETHERLANDS][NL], IP[80.82.67.2], Apache[2.2.9], X-Powered-By[PHP/5.2.6-1+lenny9], Title[ Ecatel - Home]
  181. URL    : http://www.ecatel.co.uk
  182. Status : 200
  183.    Apache ---------------------------------------------------------------------
  184.     Description: The Apache HTTP Server Project is an effort to develop and
  185.                  maintain an open-source HTTP server for modern operating
  186.                  systems including UNIX and Windows NT. The goal of this
  187.                  project is to provide a secure, efficient and extensible
  188.                  server that provides HTTP services in sync with the current
  189.                  HTTP standards. - homepage: http://httpd.apache.org/
  190.     Version    : 2.2.9
  191.  
  192.    Country --------------------------------------------------------------------
  193.     Description: GeoIP IP2Country lookup. To refresh DB, replace
  194.                  IpToCountry.csv and remove country-ips.dat. GeoIP database
  195.                  from http://software77.net/geo-ip/. Local IPv4 addresses
  196.                  are represented as ZZ according to an ISO convention.
  197.                  Lookup code developed by Matthias Wachter for rubyquiz.com
  198.                  and used with permission.
  199.     Module     : NL
  200.     String     : NETHERLANDS
  201.  
  202.    Frame ----------------------------------------------------------------------
  203.     Description: This plugin detects instances of frame and iframe HTML
  204.                  elements.
  205.  
  206.    HTTPServer -----------------------------------------------------------------
  207.     Description: HTTP server header string
  208.     Os         : Debian Linux
  209.     String     : Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch (from server string)
  210.  
  211.    IP -------------------------------------------------------------------------
  212.     Description: IP address of the target, if available.
  213.     String     : 80.82.67.2
  214.  
  215.    PHP ------------------------------------------------------------------------
  216.     Description: PHP is a widely-used general-purpose scripting language
  217.                  that is especially suited for Web development and can be
  218.                  embedded into HTML. - homepage: http://www.php.net/
  219.     Version    : 5.2.6-1+lenny9
  220.     Module     : Suhosin-Patch
  221.     Version    : 5.2.6-1+lenny9
  222.  
  223.    Title ----------------------------------------------------------------------
  224.     Description: The HTML page title
  225.     String     :  Ecatel - Home (from page title)
  226.  
  227.    X-Powered-By ---------------------------------------------------------------
  228.     Description: X-Powered-By HTTP header
  229.     String     : PHP/5.2.6-1+lenny9 (from x-powered-by string)
  230.  
  231. ##############################################################################################
  232.  
  233. We are Anonymous.
  234. We do not Forgive.
  235. We do not Forget.
  236. Expect Us.
  237.  
  238. @TheAnon0ne | theanon0ne@hushmail.com
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top