±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 35755
New Yesterday: 5 Visitors: 130

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Help Our Homeland

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page 1, 2  Next 
  

TinyBrain
Senior Member
 

Help Our Homeland

Post Posted: Dec 06, 18 13:41

 
  

pbobby
Senior Member
 

Re: Help Our Homeland

Post Posted: Dec 06, 18 14:26

Resolves to http[:]//israelneedsu.com/ if you wish to click.
_________________
Don't get baited. 
 
  

jaclaz
Senior Member
 

Re: Help Our Homeland

Post Posted: Dec 06, 18 16:09

- pbobby
Resolves to http[:]//israelneedsu.com/ if you wish to click.


Which might clear a bit who are the "we" for which it is "our homeland".

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

watcher
Senior Member
 

Re: Help Our Homeland

Post Posted: Dec 06, 18 23:23

Couldn't resist poking at it a bit, with suitable protections.

The web page has javascript that appears to be designed to be unreadable. I've never seen an 800 thousand column line before. I didn't even know you could do that.

While the IP address (185.230.60.161) is registered as Tel Aviv, a traceroute from New Jersey goes to Ashburn Virgina with no other information before the final destination. That isn't unusual, as that's an East Coast Hub for transatlantic traffic. What is odd is that there is no significant jump in time delay between Ashburn and 185... Even more interesting is tracing from a node in Dubai comes back to Ashburn Virginia as well. Same from Madrid. I seriously doubt the server is physically in Israel.  
 
  

TinyBrain
Senior Member
 

Re: Help Our Homeland

Post Posted: Dec 07, 18 09:26

Correct, the server is physically in Italy. Can you also proof?  
 
  

watcher
Senior Member
 

Re: Help Our Homeland

Post Posted: Dec 07, 18 18:02

For reasons that may be obvious to some ....... I'm Out!  
 
  

passcodeunlock
Senior Member
 

Re: Help Our Homeland

Post Posted: Dec 09, 18 12:52

The server isn't in Italy, in Italy there is only a reverse proxy server running. The server might be in .ch, on the same clusters where protonmail runs up in the mountains Smile

The whole "project" looks like a test bed leaked (on purpose) for "volunteer crackers" to see if the real origin can be figured or not, probably for running some important things in the future. Security based on obscurity, redirection, proxy and other gimmicks isn't real security, so if it is important, you better don't run things on a public cluster.

I'm also out from this conversation for obvious reasons.
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 

Page 1 of 2
Page 1, 2  Next