SHOW:
|
|
- or go back to the newest paste.
1 | Skype username: xotbobs | |
2 | The skype user currently resolves to this IP: 193.109.128.190 (Source: https://www.hanzresolver.com/skype2). | |
3 | Skype Display name: Bohdan Bardachov | |
4 | ||
5 | Steam user: http://steamcommunity.com/id/k1llawatt | |
6 | SK-Gaming profile: http://www.sk-gaming.com/member/k1llawatt | |
7 | Twitch profile: http://www.twitch.tv/k1lawatt | |
8 | Brutalcs profile: http://stats.brutalcs.nu/playerinfo/313036 | |
9 | Real Name: David Lobach (Sometimes uses false name: David Kalashnikov) | |
10 | DOB: 15.11.1995 (19 years old) | |
11 | Country: Slovenia | |
12 | City: Ljubljana | |
13 | ||
14 | General IP Information | |
15 | IP: 193.109.128.190 | |
16 | Decimal: 3245179070 | |
17 | Hostname: 193-109-128-190.ukrcom.kherson.ua | |
18 | ASN: 21151 | |
19 | ISP: Ukrcom Ltd. | |
20 | Organization: Ukrcom Ltd. | |
21 | Services: None detected | |
22 | Type: Broadband | |
23 | Assignment: Static IP | |
24 | Geolocation Information | |
25 | ||
26 | Continent: Europe | |
27 | Country: Ukraine ua flag | |
28 | State/Region: Khersons'ka Oblast' | |
29 | City: Kherson | |
30 | Latitude: 46.6558 (46° 39′ 20.88″ N) | |
31 | Longitude: 32.6178 (32° 37′ 4.08″ E) | |
32 | ||
33 | ISP website: http://translate.google.no/translate?hl=no&sl=ru&u=http://ukr-com.net/&prev=search | |
34 | ISP contact: info@ukr-com.net | |
35 | ||
36 | ||
37 | nmap scan of IP: | |
38 | Starting Nmap 6.00 ( http://nmap.org ) at 2015-07-24 18:14 EEST | |
39 | NSE: Loaded 17 scripts for scanning. | |
40 | Initiating Ping Scan at 18:14 | |
41 | Scanning 193.109.128.190 [4 ports] | |
42 | Completed Ping Scan at 18:14, 0.10s elapsed (1 total hosts) | |
43 | Initiating SYN Stealth Scan at 18:14 | |
44 | Scanning 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) [22 ports] | |
45 | Discovered open port 1723/tcp on 193.109.128.190 | |
46 | Completed SYN Stealth Scan at 18:14, 1.84s elapsed (22 total ports) | |
47 | Initiating Service scan at 18:14 | |
48 | Scanning 1 service on 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) | |
49 | Completed Service scan at 18:15, 31.34s elapsed (1 service on 1 host) | |
50 | Initiating OS detection (try #1) against 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) | |
51 | Retrying OS detection (try #2) against 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) | |
52 | Initiating Traceroute at 18:15 | |
53 | Completed Traceroute at 18:15, 0.07s elapsed | |
54 | NSE: Script scanning 193.109.128.190. | |
55 | Initiating NSE at 18:15 | |
56 | Completed NSE at 18:15, 0.13s elapsed | |
57 | ||
58 | Nmap scan report for 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) | |
59 | Host is up (0.067s latency). | |
60 | ||
61 | PORT STATE SERVICE VERSION | |
62 | 21/tcp filtered ftp | |
63 | 22/tcp filtered ssh | |
64 | 23/tcp filtered telnet | |
65 | 25/tcp filtered smtp | |
66 | 80/tcp filtered http | |
67 | 110/tcp filtered pop3 | |
68 | 143/tcp filtered imap | |
69 | 179/tcp filtered bgp | |
70 | 443/tcp filtered https | |
71 | 465/tcp filtered smtps | |
72 | 993/tcp filtered imaps | |
73 | 995/tcp filtered pop3s | |
74 | 1433/tcp filtered ms-sql-s | |
75 | 1720/tcp filtered H.323/Q.931 | |
76 | 1723/tcp open pptp FreeBSD MPD (Firmware: 257) | |
77 | 3306/tcp filtered mysql | |
78 | 3389/tcp filtered ms-wbt-server | |
79 | 5060/tcp filtered sip | |
80 | 5900/tcp filtered vnc | |
81 | 8000/tcp filtered http-alt | |
82 | 8080/tcp filtered http-proxy | |
83 | 8443/tcp filtered https-alt | |
84 | ||
85 | Device type: general purpose|PBX | |
86 | Running (JUST GUESSING): FreeBSD 7.X|8.X|9.X (90%), Vodavi embedded (85%) | |
87 | OS CPE: cpe:/o:freebsd:freebsd:7 cpe:/o:freebsd:freebsd:8 cpe:/o:freebsd:freebsd:9 | |
88 | ||
89 | Aggressive OS guesses: FreeBSD 7.1-RELEASE - 9.0-CURRENT (90%), FreeBSD 8.1-STABLE (89%), FreeBSD 7.0-STABLE (88%), FreeBSD 8.0-RELEASE (87%), FreeBSD 7.1-PRERELEASE - 7.3-RELEASE (87%), FreeBSD 8.0-STABLE (87%), FreeBSD 8.1-RELEASE (86%), FreeBSD 7.0-BETA4 - 7.0 (86%), FreeBSD 7.0-RELEASE-p1 - 9.0-PRERELEASE (86%), FreeBSD 7.1-RELEASE (86%) | |
90 | No exact OS matches for host (test conditions non-ideal). | |
91 | Uptime guess: 0.000 days (since Fri Jul 24 18:15:20 2015) | |
92 | Network Distance: 9 hops | |
93 | TCP Sequence Prediction: Difficulty=257 (Good luck!) | |
94 | IP ID Sequence Generation: Incremental | |
95 | Service Info: Host: sat3.stronglan.net | |
96 | ||
97 | ||
98 | TRACEROUTE (using port 1723/tcp) | |
99 | HOP RTT ADDRESS | |
100 | 1 0.53 ms router2-lon.linode.com (212.111.33.230) | |
101 | 2 1.32 ms 212.111.33.237 | |
102 | 3 0.94 ms xe-1-3-0.lon21.ip4.gtt.net (141.136.96.245) | |
103 | 4 14.92 ms xe-3-0-0.fra61.ip4.gtt.net (89.149.182.74) | |
104 | 5 46.57 ms az-international-gw.ip4.gtt.net (77.67.66.34) | |
105 | 6 42.78 ms 194.44.212.253 | |
106 | 7 59.74 ms 194.44.100.254 | |
107 | 8 60.71 ms 193.109.128.78 | |
108 | 9 62.69 ms 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) | |
109 | ||
110 | OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . | |
111 | ||
112 | Nmap done: 1 IP address (1 host up) scanned in 39.85 seconds | |
113 | Raw packets sent: 132 (9.396KB) | Rcvd: 37 (2.506KB) | |
114 | ||
115 | ||
116 | ||
117 | Domain: cleanvoice.net | |
118 | Whois of cleanvoice.net: | |
119 | Domain Name: CLEANVOICE.NET | |
120 | Registrar: REGISTRAR OF DOMAIN NAMES REG.RU LLC | |
121 | Sponsoring Registrar IANA ID: 1606 | |
122 | Whois Server: whois.reg.ru | |
123 | Referral URL: http://www.reg.ru | |
124 | Name Server: NS1.REG.RU | |
125 | Name Server: NS2.REG.RU | |
126 | Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited | |
127 | Updated Date: 02-jul-2015 | |
128 | Creation Date: 02-jul-2015 | |
129 | Expiration Date: 02-jul-2016 | |
130 | ||
131 | Domain name: cleanvoice.net | |
132 | Domain idn name: cleanvoice.net | |
133 | Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited | |
134 | Registry Domain ID: | |
135 | Registrar WHOIS Server: whois.reg.ru | |
136 | Registrar URL: https://www.reg.com/ | |
137 | Registrar URL: https://www.reg.ru/ | |
138 | Registrar URL: https://www.reg.ua/ | |
139 | Updated Date: 2015-07-02 | |
140 | Creation Date: 2015-07-02T18:27:38Z | |
141 | Registrar Registration Expiration Date: 2016-07-02 | |
142 | Registrar: Domain names registrar REG.RU LLC | |
143 | Registrar IANA ID: 1606 | |
144 | Registrar Abuse Contact Email: email@reg.ru | |
145 | Registrar Abuse Contact Phone: +7.4955801111 | |
146 | Registry Registrant ID: | |
147 | Registrant Name: Domain Admin | |
148 | Registrant Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org | |
149 | Registrant Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator | |
150 | Registrant City: Nobby Beach | |
151 | Registrant State/Province: Queensland | |
152 | Registrant Postal Code: QLD 4218 | |
153 | Registrant Country: AU | |
154 | Registrant Phone: +45.36946676 | |
155 | Registrant Phone Ext: | |
156 | Registrant Fax: | |
157 | Registrant Fax Ext: | |
158 | Registrant Email: email@privacyprotect.org | |
159 | Registry Admin ID: | |
160 | Admin Name: Domain Admin | |
161 | Admin Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org | |
162 | Admin Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator | |
163 | Admin City: Nobby Beach | |
164 | Admin State/Province: Queensland | |
165 | Admin Postal Code: QLD 4218 | |
166 | Admin Country: AU | |
167 | Admin Phone: +45.36946676 | |
168 | Admin Phone Ext: | |
169 | Admin Fax:/ | |
170 | Admin Fax Ext: | |
171 | Admin Email: email@privacyprotect.org | |
172 | Registry Tech ID: | |
173 | Tech Name: Domain Admin | |
174 | Tech Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org | |
175 | Tech Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator | |
176 | Tech City: Nobby Beach | |
177 | Tech State/Province: Queensland | |
178 | Tech Postal Code: QLD 4218 | |
179 | Tech Country: AU | |
180 | Tech Phone: +45.36946676 | |
181 | Tech Phone Ext: | |
182 | Tech Fax: | |
183 | Tech Fax Ext: | |
184 | Tech Email: email@privacyprotect.org | |
185 | Name Server: ns1.reg.ru | |
186 | Name Server: ns2.reg.ru | |
187 | DNSSEC: Unsigned | |
188 | URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ | |
189 | >>> Last update of WHOIS database: 2015-07-24T17:34:42Z <<< | |
190 | ||
191 | For more information on Whois status codes, please visit | |
192 | https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en. | |
193 | ||
194 | ||
195 | % By submitting a query to REG.RU Whois Service | |
196 | % you agree to abide by the following terms of use: | |
197 | % http://www.reg.ru/whois/servpol (in Russian) | |
198 | % http://www.reg.com/whois/servpol (in English) | |
199 | ||
200 | ||
201 | ||
202 | ||
203 | *** DO NOT EXECUTE *** | |
204 | Binary: Cleanvoice v 0.5.2b.exe (renamed from Day3.exe) | |
205 | Binary downloaded from cleanvoice.net or from https://drive.google.com/uc?export=download&id=0B6hJLzgFkxuYQURTVENQT1hPN3c | |
206 | *** DO NOT EXECUTE *** | |
207 | Binary MD5: 613b2761dc4f0cfa1b1cace7faf3e42c | |
208 | Binary SHA1: 5793ea3cf814722a8050c6a54079d5f78315e84a | |
209 | Binary SHA256: 4124061962f103f8332fcf571fb3c42066b85e5a6177b65ae7d2ad526772d50f | |
210 | Binary size: 2.4 MB (2543616 bytes) | |
211 | ||
212 | Virustotal.com reports 9/56 detection rate. | |
213 | Virustotal.com scan: https://www.virustotal.com/en/file/4124061962f103f8332fcf571fb3c42066b85e5a6177b65ae7d2ad526772d50f/analysis/ |