@bitcointalk.org: You forgot to block some accounts from that ancient leak.
@xchange.me:
That so-called breach is nothing but a sham. You stole from me and as a revenge, I DDOSed you with basically 1 1/2 servers. That is weak.
I gave you an offer to stop it for 3 BTC, but instead you claim that you got breached.
I checked your systems very thoroughly, they were completely safe and they still are. I admit, I couldn't hack you, so I DDOSed you instead.
My first time in thirty years to DDOS somebody instead of hacking them. I had to look it up, because my field of experience is building exploits for a living.
"slowhttptest" is a nice tool. Your systems were not breached, it was always you!
Nmap scan report for 93.115.25.139
Host is up, received user-set (0.66s latency).
Bug in bitcoinrpc-info: no string output.
PORT STATE SERVICE REASON VERSION
22/tcp open ssh syn-ack ttl 52 OpenSSH 8.4p1 Debian 5+deb11u3 (protocol 2.0)
| ssh-hostkey:
| 3072 56:a2:8d:08:0c:5a:07:7e:bb:9f:5f:69:13:1d:6e:6a (RSA)
| 256 7e:98:73:51:01:8c:01:bc:68:d9:1f:0f:15:f1:5f:3c (ECDSA)
|_ 256 46:6c:39:fc:24:ae:25:fb:6d:1f:89:4b:ef:70:26:48 (ED25519)
80/tcp open http syn-ack ttl 51 nginx 1.23.4
443/tcp open ssl/http syn-ack ttl 51 nginx 1.23.4
|_http-cors: POST OPTIONS
|_http-title: 400 The plain HTTP request was sent to HTTPS port
|_ssl-date: TLS randomness does not represent time
|_http-server-header: nginx/1.23.4
| ssl-cert: Subject: commonName=CloudFlare Origin Certificate/organizationName=CloudFlare, Inc.
| Subject Alternative Name: DNS:*.xchange.me, DNS:xchange.me
| Not valid before: 2022-08-27T08:37:00
|_Not valid after: 2037-08-23T08:37:00
3500/tcp open tcpwrapped syn-ack ttl 51
4000/tcp open grpc syn-ack ttl 51
5332/tcp open unknown syn-ack ttl 51
7771/tcp open unknown syn-ack ttl 51
| fingerprint-strings:
| GenericLines:
| HTTP/1.1 400 Bad Request
| GetRequest:
| HTTP/1.0 403 Forbidden
| Content-Type: text/html; charset=ISO-8859-1
| HTTPOptions:
| HTTP/1.1 501 Not Implemented
| Help:
| HTTP/1.1 400 Bad Request
8232/tcp open hncp-dtls-port? syn-ack ttl 51
| fingerprint-strings:
| GenericLines:
| HTTP/1.1 400 Bad Request
| GetRequest:
| HTTP/1.0 403 Forbidden
| Content-Type: text/html; charset=ISO-8859-1
| HTTPOptions:
| HTTP/1.1 501 Not Implemented
8332/tcp open unknown syn-ack ttl 51
| fingerprint-strings:
| GenericLines:
| HTTP/1.1 400 Bad Request
| GetRequest:
| HTTP/1.0 403 Forbidden
| Content-Type: text/html; charset=ISO-8859-1
| HTTPOptions:
| HTTP/1.1 501 Not Implemented
8546/tcp open daap syn-ack ttl 51 mt-daapd DAAP or geth
9332/tcp open unknown syn-ack ttl 51
| fingerprint-strings:
| GenericLines:
| HTTP/1.1 400 Bad Request
| GetRequest:
| HTTP/1.0 403 Forbidden
| Content-Type: text/html; charset=ISO-8859-1
| HTTPOptions:
| HTTP/1.1 501 Not Implemented
19090/tcp open unknown syn-ack ttl 51
| fingerprint-strings:
| NULL:
| Z3$j-J]
| j0\x0e:Y
| /P[O
| \x15
| ^DJ-
| E6v:)
| AS>o
| |,*'
| >:Dp
| SqywN
| ~&7&
| )\xf2
| S@!p
|_ G/oE
19092/tcp open unknown syn-ack ttl 51
| fingerprint-strings:
| FourOhFourRequest, GetRequest, HTTPOptions, RTSPRequest, SIPOptions:
| HTTP/1.1 401 Unauthorized
| Server: beldex-wallet-rpc/6.0.0
| WWW-Authenticate: Basic realm="beldexd rpc", charset="UTF-8"
| Content-Type: text/plain
| Content-Length: 15
|_ Login required
30303/tcp open tcpwrapped syn-ack ttl 51
6 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at
https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port7771-TCP:V=7.95SVN%I=7%D=10/13%Time=670B766C%P=x86_64-unknown-linux
SF:-gnu%r(GenericLines,DF,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-T
...
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port8232-TCP:V=7.95SVN%I=7%D=10/13%Time=670B766C%P=x86_64-unknown-linux
SF:-gnu%r(GenericLines,DF,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-T
---
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port8332-TCP:V=7.95SVN%I=7%D=10/13%Time=670B766C%P=x86_64-unknown-linux
SF:-gnu%r(GenericLines,DF,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-T
SF:ype:\x20text/html\r\nConnection:\x20close\r\nDate:\x20Sun,\x2013\x20Oct
...
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port9332-TCP:V=7.95SVN%I=7%D=10/13%Time=670B766C%P=x86_64-unknown-linux
SF:-gnu%r(GenericLines,DF,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-T
...
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port19090-TCP:V=7.95SVN%I=7%D=10/13%Time=670B766C%P=x86_64-unknown-linu
SF:x-gnu%r(NULL,79E,"\x01!\x01\x01\x01\x01\x01\x01}\x07\0\0\0\0\0\0\0\xd2\
SF:x07\0\0\0\0\0\0\x01\0\0\0\x01\0\0\0\x01\x11\x01\x01\x01\x01\x02\x01\x01
...
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port19092-TCP:V=7.95SVN%I=7%D=10/13%Time=670B7670%P=x86_64-unknown-linu
SF:x-gnu%r(GetRequest,B9,"HTTP/1\.1\x20401\x20Unauthorized\r\nServer:\x20b
SF:eldex-wallet-rpc/6\.0\.0\r\nWWW-Authenticate:\x20Basic\x20realm=\"belde
SF:xd\x20rpc\",\x20charset=\"UTF-8\"\r\nContent-Type:\x20text/plain\r\nCon
SF:tent-Length:\x2015\r\n\r\nLogin\x20required\n")%r(HTTPOptions,B9,"HTTP/
...
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
