Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Site http://exsecret.com
- Netblock Owner Cyber Cast International, S.A.
- Domain exsecret.com
- Nameserver ns1.cybercastco.com
- IP address 190.97.166.197
- DNS admin root@ccipanama.com
- Reverse DNS host-190-97-166-197.ccipanama.com
- Nameserver organisation whois.register.com
- Hosting company cybercastco.com
- Top Level Domain Commercial entities (.com)
- Hosting country PA (Panama)
- Linux
- Apache 2.4.16 OpenSSL/1.0.1e-fips mod_bwlimited
- Has MAJOR DNS issues hence the fucker keeps going down
- TRACE method is enabled
- TRACE /1P1FajA7Hb HTTP/1.1 Cookie: wfvt_1125249679=5682ea0774bf1 Host: exsecret.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */*
- All run off the same ip 190.97.166.197 So if this ip is ddosed all these other services go down as well!!!
- mysql.exsecret.com
- www.exsecret.com
- webmail.exsecret.com
- server.exsecret.com
- ftp.exsecret.com
- mail.exsecret.com
- lists.exsecret.com
- exsecret.com
- Admin Name: Santos Roberto (I think this is a smoke screen)
- Admin Street: De heer Jan Voogt Overtoom 74 (Here I think is a mix of his name & address)
- Admin City: Drachten
- Admin State/Province: Holland
- Admin Postal Code: 9203 PA
- Admin Country: PH (This is bullshit)
- Admin Phone: +639278243910 (I Think this is bullshit)
- Admin Fax:
- Admin Email: ex.secret@yahoo.com (Unverified)
- These below are assuming his real name is Jan Voogt
- Possible social media accounts
- https://twitter.com/Jvoogt
- https://twitter.com/JanVoogt
- https://nl.linkedin.com/in/jan-voogt-37b93488/en
- Possible email accounts
- jan.voogt@gmail.com
- janvoogt@gmail.com
- List of open TCP ports
- Open Port 21 / ftp
- Port Banner:
- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
- 220-You are user number 1 of 50 allowed.
- 220-Local time is now 15:15. Server port: 21.
- 220-This is a private system - No anonymous login
- 220-IPv6 connections are also welcome on this s ...
- --------------------------------------------------------------------------------
- Open Port 25 / smtp No port banner available.
- --------------------------------------------------------------------------------
- Open Port 53 / domain No port banner available.
- --------------------------------------------------------------------------------
- Open Port 80 / http
- Port Banner:
- HTTP/1.1 200 OK
- Date: Tue, 29 Dec 2015 20:15:48 GMT
- Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
- Last-Modified: Sat, 22 Nov 2014 10:34:08 GMT
- ETag: "12e18e1-d1-5087019eee800"
- Accept-Ranges: bytes
- Content-Length: 209
- Conne ...
- --------------------------------------------------------------------------------
- Open Port 110 / pop3
- Port Banner:
- +OK Dovecot ready.
- --------------------------------------------------------------------------------
- Open Port 119 / nntp
- Port Banner:
- 400 Cannot connect to NNTP server 190.97.166.197 (190.97.166.197:119), connect error 10061
- --------------------------------------------------------------------------------
- Open Port 143 / imap
- Port Banner:
- * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
- --------------------------------------------------------------------------------
- Open Port 443 / https
- Port Banner:
- HTTP/1.1 400 Bad Request
- Date: Tue, 29 Dec 2015 20:16:38 GMT
- Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
- Accept-Ranges: bytes
- Connection: close
- Content-Type: text/html
- <!DOCTYPE html>
- <html>
- <head>
- <meta http ...
- --------------------------------------------------------------------------------
- Open Port 465 / smtps No port banner available.
- --------------------------------------------------------------------------------
- Open Port 563 / snews No port banner available.
- --------------------------------------------------------------------------------
- Open Port 587 / submission
- Port Banner:
- 220-shared-30.ccihosting.com ESMTP Exim 4.86 #2 Tue, 29 Dec 2015 15:17:01 -0500
- 220-We do not authorize the use of this system to transport unsolicited,
- 220 and/or bulk e-mail.
- EHLO returns:
- 250-shared-30.ccihosting.com Hello mtg95-h04-195-36-173-62.dsl.sta.abo.bbox.fr [195.36.173.62]
- 250-SIZE 52428800
- 250-8BITMIME
- 250-PIPELINING
- 250-AUTH PLAIN LOGIN
- 250-STARTTLS
- 250 HELP
- HELP returns:
- 214-Commands supported:
- 214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
- --------------------------------------------------------------------------------
- Open Port 993 / imaps No port banner available.
- --------------------------------------------------------------------------------
- Open Port 995 / pop3s No port banner available.
- --------------------------------------------------------------------------------
- Open Port 3306 / mysql
- Port Banner:
- N###
- 5.5.46-cll##4##dSU15T*q###################}Aky<]@fc?PT#mysql_native_password#
- Server version: 5.5.46-cll
- Protocol version: 10
- Server capabilities: LONG_PASSWORD, FOUND_ROWS, LONG_FLAG, CONNECT_WITH_DB, NO_SCHEMA, COMPRESS, ODBC, LOCAL_FILES, IGNORE_SPACE, PROTOCOL_41, INTERACTIVE, IGNORE_SIGPIPE, TRANSACTIONS, SECURE_CONNECTION, MULTI_STATEMENTS
- Language code: 8
- Thread ID: 0xf3525
- Status: AUTOCOMMIT
- --------------------------------------------------------------------------------
- Open Port 10000 / snet-sensor-mgmt No port banner available.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement