API tools faq
paste
View difference between Paste ID: yQNEHpdc and H3DMWqaa
SHOW: | | - or go back to the newest paste.
1
Skype username: xotbobs
2
The skype user currently resolves to this IP: 193.109.128.190 (Source: https://www.hanzresolver.com/skype2).
3
Skype Display name: Bohdan Bardachov
4
5
Steam user: http://steamcommunity.com/id/k1llawatt

6
SK-Gaming profile: http://www.sk-gaming.com/member/k1llawatt

7
Twitch profile: http://www.twitch.tv/k1lawatt

8
Brutalcs profile: http://stats.brutalcs.nu/playerinfo/313036

9
Real Name: David Lobach (Sometimes uses false name: David Kalashnikov)

10
DOB: 15.11.1995 (19 years old)

11
Country: Slovenia

12
City: Ljubljana

13
14
General IP Information

15
IP:	193.109.128.190

16
Decimal:	3245179070

17
Hostname:	193-109-128-190.ukrcom.kherson.ua

18
ASN:	21151

19
ISP:	Ukrcom Ltd.

20
Organization:	Ukrcom Ltd.

21
Services:	None detected

22
Type:	Broadband

23
Assignment:	Static IP

24
Geolocation Information

25
26
Continent:	Europe

27
Country:	Ukraine ua flag

28
State/Region:	Khersons'ka Oblast'

29
City:	Kherson

30
Latitude:	46.6558  (46° 39′ 20.88″ N)

31
Longitude:	32.6178  (32° 37′ 4.08″ E)

32
33
ISP website: http://translate.google.no/translate?hl=no&sl=ru&u=http://ukr-com.net/&prev=search

34
ISP contact: info@ukr-com.net

35
36
37
nmap scan of IP:

38
Starting Nmap 6.00 ( http://nmap.org ) at 2015-07-24 18:14 EEST 

39
NSE: Loaded 17 scripts for scanning. 

40
Initiating Ping Scan at 18:14 

41
Scanning 193.109.128.190 [4 ports] 

42
Completed Ping Scan at 18:14, 0.10s elapsed (1 total hosts) 

43
Initiating SYN Stealth Scan at 18:14 

44
Scanning 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) [22 ports] 

45
Discovered open port 1723/tcp on 193.109.128.190 

46
Completed SYN Stealth Scan at 18:14, 1.84s elapsed (22 total ports) 

47
Initiating Service scan at 18:14 

48
Scanning 1 service on 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) 

49
Completed Service scan at 18:15, 31.34s elapsed (1 service on 1 host) 

50
Initiating OS detection (try #1) against 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) 

51
Retrying OS detection (try #2) against 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) 

52
Initiating Traceroute at 18:15 

53
Completed Traceroute at 18:15, 0.07s elapsed 

54
NSE: Script scanning 193.109.128.190. 

55
Initiating NSE at 18:15 

56
Completed NSE at 18:15, 0.13s elapsed 

57
58
Nmap scan report for 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) 

59
Host is up (0.067s latency). 

60
61
PORT STATE SERVICE VERSION 

62
21/tcp filtered ftp 

63
22/tcp filtered ssh 

64
23/tcp filtered telnet 

65
25/tcp filtered smtp 

66
80/tcp filtered http 

67
110/tcp filtered pop3 

68
143/tcp filtered imap 

69
179/tcp filtered bgp 

70
443/tcp filtered https 

71
465/tcp filtered smtps 

72
993/tcp filtered imaps 

73
995/tcp filtered pop3s 

74
1433/tcp filtered ms-sql-s 

75
1720/tcp filtered H.323/Q.931 

76
1723/tcp open pptp FreeBSD MPD (Firmware: 257) 

77
3306/tcp filtered mysql 

78
3389/tcp filtered ms-wbt-server 

79
5060/tcp filtered sip 

80
5900/tcp filtered vnc 

81
8000/tcp filtered http-alt 

82
8080/tcp filtered http-proxy 

83
8443/tcp filtered https-alt 

84
85
Device type: general purpose|PBX 

86
Running (JUST GUESSING): FreeBSD 7.X|8.X|9.X (90%), Vodavi embedded (85%) 

87
OS CPE: cpe:/o:freebsd:freebsd:7 cpe:/o:freebsd:freebsd:8 cpe:/o:freebsd:freebsd:9 

88
89
Aggressive OS guesses: FreeBSD 7.1-RELEASE - 9.0-CURRENT (90%), FreeBSD 8.1-STABLE (89%), FreeBSD 7.0-STABLE (88%), FreeBSD 8.0-RELEASE (87%), FreeBSD 7.1-PRERELEASE - 7.3-RELEASE (87%), FreeBSD 8.0-STABLE (87%), FreeBSD 8.1-RELEASE (86%), FreeBSD 7.0-BETA4 - 7.0 (86%), FreeBSD 7.0-RELEASE-p1 - 9.0-PRERELEASE (86%), FreeBSD 7.1-RELEASE (86%) 

90
No exact OS matches for host (test conditions non-ideal). 

91
Uptime guess: 0.000 days (since Fri Jul 24 18:15:20 2015) 

92
Network Distance: 9 hops 

93
TCP Sequence Prediction: Difficulty=257 (Good luck!) 

94
IP ID Sequence Generation: Incremental 

95
Service Info: Host: sat3.stronglan.net 

96
97
98
TRACEROUTE (using port 1723/tcp) 

99
HOP RTT ADDRESS 

100
1 0.53 ms router2-lon.linode.com (212.111.33.230) 

101
2 1.32 ms 212.111.33.237 

102
3 0.94 ms xe-1-3-0.lon21.ip4.gtt.net (141.136.96.245) 

103
4 14.92 ms xe-3-0-0.fra61.ip4.gtt.net (89.149.182.74) 

104
5 46.57 ms az-international-gw.ip4.gtt.net (77.67.66.34) 

105
6 42.78 ms 194.44.212.253 

106
7 59.74 ms 194.44.100.254 

107
8 60.71 ms 193.109.128.78 

108
9 62.69 ms 193-109-128-190.ukrcom.kherson.ua (193.109.128.190) 

109
110
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . 

111
112
Nmap done: 1 IP address (1 host up) scanned in 39.85 seconds 

113
Raw packets sent: 132 (9.396KB) | Rcvd: 37 (2.506KB) 

114
115
116
117
Domain: cleanvoice.net

118
Whois of cleanvoice.net:

119
Domain Name: CLEANVOICE.NET

120
Registrar: REGISTRAR OF DOMAIN NAMES REG.RU LLC

121
Sponsoring Registrar IANA ID: 1606

122
Whois Server: whois.reg.ru

123
Referral URL: http://www.reg.ru

124
Name Server: NS1.REG.RU

125
Name Server: NS2.REG.RU

126
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited

127
Updated Date: 02-jul-2015

128
Creation Date: 02-jul-2015

129
Expiration Date: 02-jul-2016

130
131
Domain name: cleanvoice.net

132
Domain idn name: cleanvoice.net

133
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited

134
Registry Domain ID:

135
Registrar WHOIS Server: whois.reg.ru

136
Registrar URL: https://www.reg.com/

137
Registrar URL: https://www.reg.ru/

138
Registrar URL: https://www.reg.ua/

139
Updated Date: 2015-07-02

140
Creation Date: 2015-07-02T18:27:38Z

141
Registrar Registration Expiration Date: 2016-07-02

142
Registrar: Domain names registrar REG.RU LLC

143
Registrar IANA ID: 1606

144
Registrar Abuse Contact Email: email@reg.ru

145
Registrar Abuse Contact Phone: +7.4955801111

146
Registry Registrant ID:

147
Registrant Name: Domain Admin

148
Registrant Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org

149
Registrant Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator

150
Registrant City: Nobby Beach

151
Registrant State/Province: Queensland

152
Registrant Postal Code: QLD 4218

153
Registrant Country: AU

154
Registrant Phone: +45.36946676

155
Registrant Phone Ext:

156
Registrant Fax:

157
Registrant Fax Ext:

158
Registrant Email: email@privacyprotect.org

159
Registry Admin ID:

160
Admin Name: Domain Admin

161
Admin Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org

162
Admin Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator

163
Admin City: Nobby Beach

164
Admin State/Province: Queensland

165
Admin Postal Code: QLD 4218

166
Admin Country: AU

167
Admin Phone: +45.36946676

168
Admin Phone Ext:

169
Admin Fax:/

170
Admin Fax Ext:

171
Admin Email: email@privacyprotect.org

172
Registry Tech ID:

173
Tech Name: Domain Admin

174
Tech Organization: Privacy Protection Service INC d/b/a PrivacyProtect.org

175
Tech Street: C/O ID#10760, PO Box 16 Note - Visit PrivacyProtect.org to contact the domain owner/operator Note - Visit PrivacyProtect.org to contact the domain owner/operator

176
Tech City: Nobby Beach

177
Tech State/Province: Queensland

178
Tech Postal Code: QLD 4218

179
Tech Country: AU

180
Tech Phone: +45.36946676

181
Tech Phone Ext:

182
Tech Fax:

183
Tech Fax Ext:

184
Tech Email: email@privacyprotect.org

185
Name Server: ns1.reg.ru 

186
Name Server: ns2.reg.ru 

187
DNSSEC: Unsigned

188
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

189
>>> Last update of WHOIS database: 2015-07-24T17:34:42Z <<<

190
191
For more information on Whois status codes, please visit

192
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.

193
194
195
% By submitting a query to REG.RU Whois Service

196
% you agree to abide by the following terms of use:

197
% http://www.reg.ru/whois/servpol (in Russian)

198
% http://www.reg.com/whois/servpol (in English)

199
200
201
202
203
*** DO NOT EXECUTE ***

204
Binary: Cleanvoice v 0.5.2b.exe (renamed from Day3.exe)

205
Binary downloaded from cleanvoice.net or from https://drive.google.com/uc?export=download&id=0B6hJLzgFkxuYQURTVENQT1hPN3c

206
*** DO NOT EXECUTE ***

207
Binary MD5: 613b2761dc4f0cfa1b1cace7faf3e42c

208
Binary SHA1: 5793ea3cf814722a8050c6a54079d5f78315e84a

209
Binary SHA256: 4124061962f103f8332fcf571fb3c42066b85e5a6177b65ae7d2ad526772d50f

210
Binary size: 2.4 MB (2543616 bytes)

211
212
Virustotal.com reports 9/56 detection rate.

213
Virustotal.com scan: https://www.virustotal.com/en/file/4124061962f103f8332fcf571fb3c42066b85e5a6177b65ae7d2ad526772d50f/analysis/
        

    


            


                                


        

            



                
    

        Public Pastes
    

    
            

    

                    

        

    





    


    
    
    
    
    
    
    
    




    


    



                

            We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.             OK, I Understand
        

    
                

            

                
                    
                
            

            

                Not a member of Pastebin yet?

                Sign Up, it unlocks many cool features!