All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Examar Networks nulled WHMCS, threats to anyone who notices
Full disclosure of recent event to inform LET members and establish a clear message to a host that is harassing us. We do not take kindly to threats or harassment.
Recently we had a thread where we found a company pop up named Examar Networks:
https://www.lowendtalk.com/discussion/105498/kvm-in-west-us-that-is-not-la
They were banned and their post removed, so as to not allow them to advertise here due to their unlicensed WHMCS. Upon noticing that they were banned, they proceeded to evade the ban to post this:
https://www.lowendtalk.com/discussion/comment/2072928/#Comment_2072928
They were again banned and told why. Anyone who reads the rules here knows that is stated multiple times how to reach us to discuss matters. Ban evasion is not the way to continue the conversation. However, they proceeded again to evade the ban, this time a bit more angry:
https://www.lowendtalk.com/discussion/comment/2077812/#Comment_2077812
Where "Adam" proceeded to explain that his WHMCS installation is displayed via iframe, for security, and therefore would not pass a license check at the URL. This is not true.
Of course, I banned again and had to close the thread and tell him to "shut the fuck up" (because that's what I do when you won't stop posting in a thread despite multiple bans) to put a stop to it:
https://www.lowendtalk.com/discussion/comment/2078817/#Comment_2078817
After this, it became a fun conversation via our LET support ticket system. Note that tickets go from bottom to top, newest goes to top.
https://s.jar.land/GIrXHiOLPv/
https://s.jar.land/jslbeq8bt4/
Should anyone find themselves looking at this host, it would be my recommendation that you not.
There was a recent thread asking where all of the drama is. Here's your fill for February.
Comments
What did I do without LET in my life?
Oh, right- I was a hell of a lot more productive.
If I knew about this earlier, I wouldn't have wasted my popcorn on that movie...
Out of curiosity tho, what's the said domain he keeps saying it's licensed to use whmcs?
https://www.examar.com/clients-area/
Never gave a URL that it should actually be licensed at, it's clear it doesn't exist. Just kept making excuses. Clearly said it's an iframe thinking he was talking to idiots.
That manner of speaking and "professionalism" shown in discussion reminds me of another recently banned LET provider. But if I won't mention his name, no one would guess who, right?..
Holy shit
. Are you that's the same guy, through IP checks etc.? It's impressive either way.
Yup. Whois on domain used for email matches up too.
You're welcome.
(only @jarland would get this)
I've saved their current root WHMCS page to pastebin for posterity: http://pastebin.com/9mXR1Q0m
Doing a domain search shows that there is no framing done after the entry page, either: http://pastebin.com/QWCisaFW
I think the last time I heard some seriously use the term "fuck face" was circa 8th grade.
Report to WHMCS
I didn't see any frame but thought maybe they were claiming to proxy the page contents from another server, which would surely be bullshit, but hard to verify or disprove.
MODS HAVE AN IGNORE FEATURE!!!!11!
Yeah I thought about that too. I decided that I would treat any cases as normal and if someone opted to prove otherwise, well before making threats and harassing, I'd happily make it right. But I don't want the claim of it to be an instant loophole.
Wonder if WHMCS allows it. It would defeat the point of their domain check page.
He sounds young. I imagine the average teen LETer's idea of harassing is shitting on your lawn, at worst.
Regardless I will be hunting for his information to be prepared to make a police report if necessary. These things have a way of escalating, and I've been victim before. There's a reason a member here from a while back is in jail.
What did he do?
https://krebsonsecurity.com/2014/05/teen-arrested-for-30-swattings-bomb-threats/comment-page-1/
Oh thanks for linking me and for the quick reply
I think this is the WHMCS site: https://secure.examar.com/index.php
Even if so, it's not authorized, either - https://www.whmcs.com/members/verifydomain.php
Even more popcorn
Yes, I saw that.
This guy needs to get language skills (I can actually only understand him partly) and also needs to stop flying a bunch of drones with "fuck" written on them. 20 fucks, and also may not be right.
Well, let me go grab a few bags of popcorn. I'll be right back.
Also, you have a good domain.
I'll show myself out.
Where is our DDOS gang ???
Prison.
None of that please.
It doesn't really looked nulled to be honest. It has the default files in it like https://secure.examar.com/lang/README.txt so I think he's just reverse proxying the content of secure. from somewhere else as well. But meh.
Possibly. Would be a shame if he mentioned the real URL up front, then we'd have no drama.
I tried the one that's in use- and secure- and secure wouldn't work for me- the captcha refused to work. I didn't bother doing a header dump, because I don't care enough..