Editing
Marcotrix.xyz Reconnaissance Report
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Executive Summary == <code>marcotrix.xyz</code> is a Namecheap-registered <code>.xyz</code> domain created on <code>2025-11-21</code>. It uses Namecheap/registrar-servers DNS and points its apex to a single OVH Italy VPS address, <code>57.131.38.220</code>. The same address is also used for <code>mail.marcotrix.xyz</code>, <code>jellyfin.marcotrix.xyz</code>, <code>drive.marcotrix.xyz</code>, and <code>money.marcotrix.xyz</code>. The public surface visible from limited checks includes: * A static Caddy-served apex website. * A Caddy reverse-proxied Jellyfin instance on <code>jellyfin.marcotrix.xyz</code>. * A Caddy reverse-proxied copyparty instance on <code>drive.marcotrix.xyz</code>. * A broken or misconfigured HTTPS service on <code>money.marcotrix.xyz</code>. * An HTTPS endpoint for <code>mail.marcotrix.xyz</code> returning <code>502</code>, while mail DNS points MX to the same host. * <code>5201/tcp</code> open as <code>iperf3</code>. * <code>123/udp</code> open as NTP v4. * Strong TLS 1.2/1.3 ciphers on the tested HTTPS names. * No HSTS on tested HTTPS names. Most notable observations: # <code>mail.marcotrix.xyz</code> is the MX target, but SMTP/IMAP/submission ports were filtered or closed in the limited targeted checks. This suggests inbound mail may not work from this vantage point. # <code>drive.marcotrix.xyz</code> exposes a copyparty service title and unauthenticated landing text. # <code>jellyfin.marcotrix.xyz</code> exposes public Jellyfin metadata, including version <code>10.11.6</code>, server name <code>marcoserver</code>, a private backend address, and an instance ID. # <code>5201/tcp</code> is open as <code>iperf3</code>; that is normally a benchmarking service and should be closed or restricted unless intentionally public. # <code>123/udp</code> is open as NTP v4. If public NTP service is not intentional, restrict it. # DNSSEC is unsigned, CAA is absent, SPF is softfail, DMARC is monitor-only, and MTA-STS/TLS-RPT were not observed.
Summary:
Please note that all contributions to Marcopedia may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Marcopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
associated-pages
Page
Discussion
English
Views
Read
Edit
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Tools
What links here
Related changes
Page information
Online users in chat