____ _ _ | _ \ _____ _| |__ (_)_ __ | | | |/ _ \ \/ / '_ \| | '_ \ | |_| | (_) > <| |_) | | | | | |____/ \___/_/\_\_.__/|_|_| |_|
Title:Anthrax Doxed
Created:Jun 10th, 2020
Created by: Anonymous
Views: 893
Comments: 2
Username: Anonymous - (Login)
Please note that all posted information is publicly available and must follow our TOS.
...
;::::;
;::::; :;
;:::::' :;
;:::::; ;.
,:::::' ; OOO\
::::::; ; OOOOO\
;:::::; ; OOOOOOOO
,;::::::; ;' / OOOOOOO
;:::::::::`. ,,,;. / / DOOOOOO
.';:::::::::::::::::;, / / DOOOO
,::::::;::::::;;;;::::;, / / DOOO
;`::::::`'::::::;;;::::: ,#/ / DOOO
:`:::::::`;::::::;;::: ;::# / DOOO
::`:::::::`;:::::::: ;::::# / DOO
`:`:::::::`;:::::: ;::::::#/ DOO
:::`:::::::`;; ;:::::::::## OO
::::`:::::::`;::::::::;:::# OO
`:::::`::::::::::::;'`:;::# O
`:::::`::::::::;' / / `:#
::::::`:::::;' / / `#
===================================================================================
____ ____ _ __ __________ ______ __
/ __ \/ __ \ |/ // ____/ __ \ / __ ) \/ /
/ / / / / / / // __/ / / / / / __ |\ /
/ /_/ / /_/ / |/ /___/ /_/ / / /_/ / / /
/________________/___________/________/ /_/
/ ___/_ __/ | / ____/ / / / ____/
\__ \ / / / /| |/ / / /_/ / __/
___/ // / / ___ / /___/ __ / /___
/____//_/ /_/ |_\____/_/ /_/_____/
date: 10/06/2020
contact: stache@xmpp-hosting.de [xmpp && email]
message my email for my public pgp key
===================================================================================
???? Reason:
???? Anthrax aka ScottOFS aka TheGeneral thought it was appropriate to scam me
???? and many others on ogusers with "stolen paypal accounts"
???? Be aware he sends payments as family and friends but the payments get pulled.
===================================================================================
Name: Scott Lawree
[name was attached to paypal acc scott@atlas-digital.net before removed]
DOB: March 1999 [electrical roll]
pic: https://prnt.sc/swxq1v [old cached pic from 2014]
https://prnt.sc/swxqca [old cached pic from uc date]
phone: 07*****2163 [network UC]
emails: scott@atlas-digital.net,, payments@atlas-digital.net [leaked discord messages]
VCC: mastercard: 0795 [virutal card] [attached to paypal]
mastercard: 0430 [virutal card] [attached to paypal]
VBA: account number ends in 94,, sort code; UC [guessing it could be 04-00-04 due to prepaid card]
all the cards / banks are prepaid / virtual cards
all provided by Prepaid Technologies Company, Inc.
website: https://www.in-prepaid.com/
more info on who provides him the virtual accounts:
https://beta.companieshouse.gov.uk/company/04008083
[going to be sending an email regarding his activites]
===================================================================================
accounts:
snapchat: scott_tg
email: UC
youtube: https://www.youtube.com/channel/UC5f0oDbVYhzGsD_7vxKst1Q
instagram: https://www.instagram.com/socialise/
email: scott@atlas-digital.net
Has mobile 2FA on
steam: https://steamcommunity.com/id/frightful/
He had the names ScottOFS, Anthrax, TheGeneral and also the TheGeneral™
before removing all names and going private.
Skeet: CaronaViyrus [banned due to the same reasons of dox]
Steam ID: STEAM_0:1:451276846
Steam3: [U:1:902553693]
Community ID: 76561198862819421
Custom URL: frightful
Url history: https://steamid.uk/url/frightful
SteamID URLhttps://steamid.uk/profile/76561198862819421
Community URLhttps://steamcommunity.com/profiles/76561198862819421
Used nicknames
Seen on Nickname
2020-06-10 04:40:47 ssssssssss [day of going private]
2020-04-17 20:12:36 CS:GO
discord: Deleted User 32503d1l#4157
- email on account was scott@atlas-digital.net
[we got it sus'd due to him leaking personal information about stux and publishing the old sinlyxe.cc database]
===================================================================================
Addy: 5 Tiverton St
Liverpool
L15 4LR
United Kingdom
Pic: https://prnt.sc/swx1v1
Residents Provided by uk.gov electrical roll
- Scott J Lawree [March 1999] [Last voted 2018]
- Laura Mae Lawree [June 1974] [Last voted: UC]
- Lee E Lawree [Jan 1979] [Last voted: 2018]
Random Info;
House Value: £114k [BASED ON JUNE 2020]
Bedrooms: 3 bedrooms
Bathrooms: 1 bathrooms
General: 2 reception rooms
PAST SALES:
sold on 16th Mar 2012: £99,950 [This is when the Lawree family moved in]
https://www.zoopla.co.uk/property-history/5-tiverton-street/wavertree/liverpool/l15-4lr/20806104
Marketed by Move Residential
sold on 14th Feb 2012: £85,000
https://www.zoopla.co.uk/property-history/5-tiverton-street/wavertree/liverpool/l15-4lr/21065424
Marketed by Entwistle Green - Allerton Sales
===================================================================================
IP information and Database Entries
IP: 2.219.198.76
Known Passwords; LiverpoolFC1, LiverpoolFC123!
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '2.219.0.0 - 2.219.255.255'
% Abuse contact for '2.219.0.0 - 2.219.255.255' is 'abuse@sky.uk'
inetnum: 2.219.0.0 - 2.219.255.255
netname: BSKYB-BROADBAND
descr: Sky UK Limited
country: GB
mnt-by: BSKYB-BROADBAND-MNT
admin-c: BBH-RIPE
tech-c: BBH-RIPE
status: ASSIGNED PA
remarks: Please send abuse notifications to abuse@sky.uk
created: 2011-03-29T12:19:11Z
last-modified: 2016-06-17T14:30:26Z
source: RIPE # Filtered
role: Sky UK Broadband Hostmaster
address: Sky Network Services
address: 1 Brick Lane
address: London
address: E1 6PU
address: UK
phone: +44 20 7032 7000
fax-no: +44 20 7900 7812
admin-c: NIKO7-RIPE
tech-c: MIVS1-RIPE
nic-hdl: BBH-RIPE
abuse-mailbox: abuse@sky.uk
mnt-by: BSKYB-BROADBAND-MNT
created: 2006-07-07T09:21:33Z
last-modified: 2018-12-12T16:18:33Z
source: RIPE # Filtered
% Information related to '2.216.0.0/13AS5607'
route: 2.216.0.0/13
descr: Sky Broadband
origin: AS5607
mnt-by: BSKYB-BROADBAND-MNT
created: 2010-12-03T12:25:09Z
last-modified: 2015-08-17T16:30:13Z
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.97.1 (WAGYU)
IP Address: 2.219.198.76
[IP Blacklist Check]
Reverse DNS: 76.198.219.2.in-addr.arpa
Hostname: 02dbc64c.bb.sky.com
Nameservers:
edns1.ultradns.com >> 204.74.66.1
edns1.ultradns.org >> 204.74.111.1
ns1.isp.sky.com >> 90.207.238.102
edns1.ultradns.net >> 204.74.110.1
ns0.isp.sky.com >> 90.207.238.101
edns1.ultradns.biz >> 204.74.67.1
Location For an IP: 2.219.198.76
Continent: Europe (EU)
Country: United Kingdom IP Location Find In United Kingdom (GB)
Capital: London
State: Liverpool
City Location: Liverpool
Postal: L18
ISP: Sky Broadband
Organization: Sky Broadband
AS Number: AS5607 Sky UK Limited
DATABASE ENTRIES [some maybe false]:
kingANTH,scott@atlas-digital.net,,2.219.198.76
(34, 'ROLE_USER', 'pOCUpjy8tq6J5pC7eV8YEyZ/kUrYrpnx2WU4/MdwKQsgwYBka9kw092NK9h82D7nbfOsIKUgt0JDs62Q==', 'b74c938992ami232244f32717d89', 'KingAnth', 5000, 15.1, 1, 0),
[16:14:12] [Client thread/INFO]: [CHAT] |29 |2020-05-17 08:30:46.161|SLawree |068629ba-e9a7-4e32-8287-7ad42kwj288 |2.219.198.76 |
{
"id": "48",
"username": "anthrax",
"password": "LiverpoolFC1",
"hwid": "aa9c47d3ef05ac4a614f37241239dfcbe8b6ce9a44daf3d1dbc94ff00e",
"reg_date": "2018-06-11 12:57:42"
},
{
"id": "539",
"username": "ScottOFS",
"password": "LiverpoolFC123!",
"hwid": "aa9c47d3ef05ac4a614f37241239dfcbe8b6ce9a44daf3d1dbc94ff00e",
"reg_date": "2019-12-11 12:57:42"
},
===================================================================================
Domain: https://atlas-digital.net
Used for his emails, not sure what the index is about.
His whois info is private, namecheap is the domain registrar.
MISC:
NSE: Loaded 40 scripts for scanning.
Initiating Ping Scan at 05:12
Scanning atlas-digital.net (68.65.122.157) [4 ports]
Completed Ping Scan at 05:12, 0.28s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 05:12
Scanning atlas-digital.net (68.65.122.157) [100 ports]
Discovered open port 993/tcp on 68.65.122.157
Discovered open port 53/tcp on 68.65.122.157
Discovered open port 21/tcp on 68.65.122.157
Discovered open port 995/tcp on 68.65.122.157
Discovered open port 587/tcp on 68.65.122.157
Discovered open port 443/tcp on 68.65.122.157
Discovered open port 110/tcp on 68.65.122.157
Discovered open port 80/tcp on 68.65.122.157
Discovered open port 25/tcp on 68.65.122.157
Discovered open port 143/tcp on 68.65.122.157
Discovered open port 26/tcp on 68.65.122.157
Discovered open port 465/tcp on 68.65.122.157
Completed SYN Stealth Scan at 05:12, 2.60s elapse
Port Number State Service Name Service Product Service Version Service Extra Info
21 open ftp Pure-FTPd
25 open smtp
26 open smtp Exim smtpd 4.93
53 open domain ISC BIND 9.8.2rc1
80 open http HAProxy http proxy 1.3.1 or later
110 open pop3 Dovecot pop3d
143 open imap Dovecot imapd
443 open https HAProxy http proxy 1.3.1 or later
465 open smtp Exim smtpd 4.93
587 open smtp Exim smtpd 4.93
993 open imap Dovecot imapd
995 open pop3 Dovecot pop3d
Missing HTTP security headers:
HTTP Security Header Header Role Status
X-Frame-Options Protects against Click jacking attacks Not set
X-XSS-Protection Mitigates Cross-Site Scripting (XSS) attacks Not set
Strict-Transport-Security Protects against man-in-the-middle attacks Not set
X-Content-Type-Options Prevents possible phishing or XSS attacks Not set
Server software and technology found
Software / Version Category
Apache Web Servers
WHO IS INFORMATION
whois:atlas-digital.net
Name Value
Registrar NameCheap, Inc.
Name Server DNS1.NAMECHEAPHOSTING.COM
Name Server DNS2.NAMECHEAPHOSTING.COM
Name Value
Domain Name ATLAS-DIGITAL.NET
Registry Domain ID 2482018246_DOMAIN_NET-VRSN
Registrar WHOIS Server whois.namecheap.com
Registrar URL http://www.namecheap.com
Updated Date 2020-01-19T05:45:37Z
Creation Date 2020-01-19T05:45:27Z
Registry Expiry Date 2021-01-19T05:45:27Z
Registrar NameCheap, Inc.
Registrar IANA ID 1068
Registrar Abuse Contact Email abuse@namecheap.com
Registrar Abuse Contact Phone +1.6613102107
Domain Status clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server DNS1.NAMECHEAPHOSTING.COM
Name Server DNS2.NAMECHEAPHOSTING.COM
DNSSEC unsigned
URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/
Last update of whois database 2020-06-10T02:20:35Z
[might be able to get the hosting sus'd.]
OSINT for Network Infrastructure:
https://dnsdumpster.com/static/graph/atlas-digital.net-202006100221.html
Nameserver Location ISP
dns1.namecheaphosting.com. IPv4: US
IPv6: US AS397213 397218 397231 397232 397235 397238 -
AS397213 - ULTRADNS, US
dns2.namecheaphosting.com. IPv4: US
IPv6: US AS397215 397219 397220 397224 397231 397233 397238 -
AS397220 - ULTRADNS, US
Nameserver IP address(es) Response time
dns1.namecheaphosting.com. 156.154.132.200
2610:a1:1024::200 14ms
4ms
dns2.namecheaphosting.com. 156.154.133.200
2610:a1:1025::200 13ms
12ms
cached:
https://webcache.googleusercontent.com/search?q=cache:SRgidhpN4fQJ:https://atlas-digital.net/
===================================================================================
7 months ago
4 years ago