____________________________________ Information Provided By: defcon.pharaoh ____ Date Created: 2021-07-23 Time Created: 22:05:07 UTC Elapsed Time: None Pastebin: https://pastebin.com/1fpSrqTT ____ Reason(s) for Information being Leaked: - Caught Cheating on two Gentlemen.. - Lies to everyone. - Constantly uses guys for sex. ____________________________________ ______________________________ > cat basic_information.txt ______________________________ - Name: Isabell - First Name: Isabell - Middle Initial: null - Last Name: null - Sex/Gender: - Birth Month: December [12] - Birth Year: 2000 - Birth Day: 24 - Age: 20 - Age Range: 18-24 ______________________________ ______________________________ > cat location_information.txt ______________________________ - Street Line #1: null - Street Line #2: null - City: Kernersville - Counties: Forsyth, Guilford - Postal Code(s): 27284–27285 - State Name: North Carolina - State Code: NC - ZIP4: null - Country Name: United States of America - Country Code: U.S. - Area Code(s): 336 - FIPS code: 37-35600 - GNIS Feature ID: 0987932 ______________________________ ______________________________ > cat ip_information.txt ______________________________ - IP Address: 66.110.240.12 - Local IP Address: 192.168.20.12 - Hostname: 66-110-240-12-dynamic.northstate.net - ISP: North State Telephone Co. - Organization: North State Communications - AS: AS22709 North State Telephone Co. - AS Name/Network: NSTELCO - AS Number: 22709 - Open Ports: 7681 - Route: 66.110.240.0/20 via AS22709 - Protocols: 7681/UNKNOWN ______________________________ _______________________________________________ > cat device_information.txt ______________________________ - Orientation: portrait-primary - Time Zone: America/New_York (EDT) - User Time [When Info Was Recorded]: Fri Jul 23 2021 18:05:11 GMT-0400 (Eastern Daylight Time) - Language: en-US - Incognito/Private Window: No - Ad Blocker: No - Screen Size: 377 x 753 - Local IP: 192.168.20.12 - GPU: PowerVR Rogue GE8100 - Browser: Instagram App (189.0.0.41.121) - Operating System: Android 8.1.0 - Device: Alcatel Atel - Touch Screen: Yes (5 touch points) - User Agent: 'Mozilla/5.0 (Linux; Android 8.1.0; A502DL Build/OPM1.171019.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36 Instagram 189.0.0.41.121 Android (27/8.1.0; 204dpi; 480x899; Alcatel/TCL; A502DL; U50A_PLUS_TF; mt6739; en_US; 293853431)' - Platform: Linux armv7l - Referring URL: https://l.instagram.com/ _______________________________________________ _________________________________________________________________ > cat nmap_scan_report1.txt _________________________________________________________________ Nmap scan report for 66-110-240-12-dynamic.northstate.net (66.110.240.12) Host is up (0.036s latency). Not shown: 995 closed ports PORT STATE SERVICE 53/tcp filtered domain 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 593/tcp filtered http-rpc-epmap Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6.18 OS details: Linux 2.6.18, Linux 2.6.30 Network Distance: 18 hops OS detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 7.73 seconds _________________________________________________________________ _________________________________________________________________ > cat nmap_scan_report2.txt _________________________________________________________________ Starting Nmap 7.80 ( https://nmap.org ) at 2021-08-10 10:32 CDT NSE: Loaded 149 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 10:33 Completed NSE at 10:33, 10.15s elapsed Initiating NSE at 10:33 Completed NSE at 10:33, 0.00s elapsed Initiating Ping Scan at 10:33 Scanning 66.110.240.12 [4 ports] Completed Ping Scan at 10:33, 0.42s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 10:33 Completed Parallel DNS resolution of 1 host. at 10:33, 0.17s elapsed Initiating SYN Stealth Scan at 10:33 Scanning 66-110-240-12-dynamic.northstate.net (66.110.240.12) [1000 ports] Discovered open port 8080/tcp on 66.110.240.12 Increasing send delay for 66.110.240.12 from 0 to 5 due to max_successful_tryno increase to 5 Increasing send delay for 66.110.240.12 from 5 to 10 due to max_successful_tryno increase to 6 Warning: 66.110.240.12 giving up on port because retransmission cap hit (6). Discovered open port 8100/tcp on 66.110.240.12 Discovered open port 8000/tcp on 66.110.240.12 Discovered open port 3128/tcp on 66.110.240.12 Completed SYN Stealth Scan at 10:33, 32.15s elapsed (1000 total ports) Initiating Service scan at 10:33 Scanning 4 services on 66-110-240-12-dynamic.northstate.net (66.110.240.12) Completed Service scan at 10:34, 11.23s elapsed (4 services on 1 host) Initiating OS detection (try #1) against 66-110-240-12-dynamic.northstate.net (66.110.240.12) Retrying OS detection (try #2) against 66-110-240-12-dynamic.northstate.net (66.110.240.12) Initiating Traceroute at 10:34 Completed Traceroute at 10:34, 5.28s elapsed Initiating Parallel DNS resolution of 5 hosts. at 10:34 Completed Parallel DNS resolution of 5 hosts. at 10:34, 13.00s elapsed NSE: Script scanning 66.110.240.12. Initiating NSE at 10:34 Completed NSE at 10:41, 437.81s elapsed Initiating NSE at 10:41 Completed NSE at 10:41, 8.37s elapsed Nmap scan report for 66-110-240-12-dynamic.northstate.net (66.110.240.12) Host is up (0.067s latency). Not shown: 979 closed ports PORT STATE SERVICE VERSION 25/tcp filtered smtp 53/tcp filtered domain 416/tcp filtered silverplatter 1054/tcp filtered brvread 1069/tcp filtered cognex-insight 1147/tcp filtered capioverlan 1186/tcp filtered mysql-cluster 2105/tcp filtered eklogin 3128/tcp open http-proxy Squid http proxy 2.5.STABLE14 |_clamav-exec: ERROR: Script execution failed (use -d to debug) |_http-aspnet-debug: ERROR: Script execution failed (use -d to debug) |_http-server-header: squid/2.5.STABLE14 | http-slowloris-check: | VULNERABLE: | Slowloris DOS attack | State: LIKELY VULNERABLE | IDs: CVE:CVE-2007-6750 | Slowloris tries to keep many connections to the target web server open and hold | them open as long as possible. It accomplishes this by opening connections to | the target web server and sending a partial request. By doing so, it starves | the http server's resources causing Denial Of Service. | | Disclosure date: 2009-09-17 | References: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750 |_ http://ha.ckers.org/slowloris/ |_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug) | vulners: | cpe:/a:squid-cache:squid:2.5.stable14: | CVE-2014-6270 6.8 https://vulners.com/cve/CVE-2014-6270 | CVE-2005-2917 5.0 https://vulners.com/cve/CVE-2005-2917 |_ CVE-2021-31807 4.0 https://vulners.com/cve/CVE-2021-31807 3703/tcp filtered adobeserver-3 7627/tcp filtered soap-http 8000/tcp open http-proxy Squid http proxy 2.5.STABLE14 |_clamav-exec: ERROR: Script execution failed (use -d to debug) |_http-aspnet-debug: ERROR: Script execution failed (use -d to debug) |_http-server-header: squid/2.5.STABLE14 |_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug) | vulners: | cpe:/a:squid-cache:squid:2.5.stable14: | CVE-2014-6270 6.8 https://vulners.com/cve/CVE-2014-6270 | CVE-2005-2917 5.0 https://vulners.com/cve/CVE-2005-2917 |_ CVE-2021-31807 4.0 https://vulners.com/cve/CVE-2021-31807 8021/tcp filtered ftp-proxy 8080/tcp open http-proxy Squid http proxy 2.5.STABLE14 |_clamav-exec: ERROR: Script execution failed (use -d to debug) |_http-aspnet-debug: ERROR: Script execution failed (use -d to debug) |_http-server-header: squid/2.5.STABLE14 | http-slowloris-check: | VULNERABLE: | Slowloris DOS attack | State: LIKELY VULNERABLE | IDs: CVE:CVE-2007-6750 | Slowloris tries to keep many connections to the target web server open and hold | them open as long as possible. It accomplishes this by opening connections to | the target web server and sending a partial request. By doing so, it starves | the http server's resources causing Denial Of Service. | | Disclosure date: 2009-09-17 | References: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750 |_ http://ha.ckers.org/slowloris/ |_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug) | vulners: | cpe:/a:squid-cache:squid:2.5.stable14: | CVE-2014-6270 6.8 https://vulners.com/cve/CVE-2014-6270 | CVE-2005-2917 5.0 https://vulners.com/cve/CVE-2005-2917 |_ CVE-2021-31807 4.0 https://vulners.com/cve/CVE-2021-31807 8100/tcp open http-proxy Squid http proxy 2.5.STABLE14 |_clamav-exec: ERROR: Script execution failed (use -d to debug) |_http-server-header: squid/2.5.STABLE14 |_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug) | vulners: | cpe:/a:squid-cache:squid:2.5.stable14: | CVE-2014-6270 6.8 https://vulners.com/cve/CVE-2014-6270 | CVE-2005-2917 5.0 https://vulners.com/cve/CVE-2005-2917 |_ CVE-2021-31807 4.0 https://vulners.com/cve/CVE-2021-31807 9002/tcp filtered dynamid 9943/tcp filtered unknown 10566/tcp filtered unknown 12265/tcp filtered unknown 16993/tcp filtered amt-soap-https 27000/tcp filtered flexlm0 Aggressive OS guesses: Linux 2.6.23 - 2.6.38 (95%), Linux 2.6.26 - 2.6.35 (93%), Linux 2.6.22 - 2.6.36 (92%), Linux 2.6.31 - 2.6.35 (92%), Linux 2.6.8 - 2.6.30 (92%), Linux 2.6.32 - 2.6.39 (92%), Linux 2.6.37 (92%), Linux 2.6.22 (92%), Linux 2.6.32 (91%), Linux 2.6.17 - 2.6.36 (90%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 66.734 days (since Fri Jun 4 17:04:59 2021) Network Distance: 14 hops TCP Sequence Prediction: Difficulty=201 (Good luck!) IP ID Sequence Generation: All zeros TRACEROUTE (using port 8888/tcp) HOP RTT ADDRESS 1 0.51 ms ... 2 260.59 ms ... 3 ... 5 6 221.00 ms ... 7 ... 8 9 243.09 ms dsl-83.d01.tnwabg.infoave.net (204.116.36.83) 10 ... 13 14 243.15 ms 66-110-240-12-dynamic.northstate.net (66.110.240.12) NSE: Script Post-scanning. Initiating NSE at 10:41 Completed NSE at 10:41, 0.00s elapsed Initiating NSE at 10:41 Completed NSE at 10:41, 0.00s elapsed Read data files from: /usr/bin/../share/nmap OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 539.58 seconds Raw packets sent: 2253 (101.662KB) | Rcvd: 1292 (54.020KB) _________________________________________________________________ ______________________________ > cat social_media_accounts.txt ______________________________ ~ Note: "Has plenty more accounts, just keep an eye out for her..." - Instagram Account #1: evil.bitch2021 - id: 23083799145 - facebook_uid: 17841423254355474 - followers: 1,246 - following: 5,688 - Instagram Account #2: ivyrose1909 - Instagram Account #3: peppermint_drink - Instagram Account #4: icecreme50 - Snapchat Account #1: null - Facebook Account #1: null - Facebook Account #2: null - Discord Account #1: null ______________________________ ______________________________ > cat relatives.txt ______________________________ - None Found ______________________________ ______________________________ > cat associated_people.txt ______________________________ - Zack Johnston ______________________________ ______________________________ > cat ip_whois.txt ______________________________ # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2021, American Registry for Internet Numbers, Ltd. # NetRange: 66.110.224.0 - 66.110.255.255 CIDR: 66.110.224.0/19 NetName: NSTELCO NetHandle: NET-66-110-224-0-1 Parent: NET66 (NET-66-0-0-0-0) NetType: Direct Allocation OriginAS: AS22709 Organization: North State Telephone Co. (NSTA) RegDate: 2004-01-26 Updated: 2012-03-02 Ref: https://rdap.arin.net/registry/ip/66.110.224.0 OrgName: North State Telephone Co. OrgId: NSTA Address: 111 North Main Street Address: P.O. Box 2326 City: High Point StateProv: NC PostalCode: 27261 Country: US RegDate: 1998-03-04 Updated: 2020-02-12 Comment: http://www.northstate.net Ref: https://rdap.arin.net/registry/entity/NSTA ReferralServer: rwhois://rwhois01.nstel.com:4321 OrgTechHandle: CHAMB361-ARIN OrgTechName: Chambers, Gary OrgTechPhone: +1-336-821-8490 OrgTechEmail: gary.chambers@nscom.com OrgTechRef: https://rdap.arin.net/registry/entity/CHAMB361-ARIN OrgAbuseHandle: NSCAB-ARIN OrgAbuseName: NSC-ABUSE OrgAbusePhone: +1-336-821-4656 OrgAbuseEmail: abuse@nstel.com OrgAbuseRef: https://rdap.arin.net/registry/entity/NSCAB-ARIN OrgTechHandle: NSCIP-ARIN OrgTechName: NSC-IPADMIN OrgTechPhone: +1-336-886-3922 OrgTechEmail: ipadmin@nstel.com OrgTechRef: https://rdap.arin.net/registry/entity/NSCIP-ARIN OrgTechHandle: KORNN-ARIN OrgTechName: Korn, Nick OrgTechPhone: +1-336-821-8625 OrgTechEmail: nick.korn@nscom.com OrgTechRef: https://rdap.arin.net/registry/entity/KORNN-ARIN OrgNOCHandle: NSCIP-ARIN OrgNOCName: NSC-IPADMIN OrgNOCPhone: +1-336-886-3922 OrgNOCEmail: ipadmin@nstel.com OrgNOCRef: https://rdap.arin.net/registry/entity/NSCIP-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2021, American Registry for Internet Numbers, Ltd. # Found a referral to rwhois01.nstel.com:4321. %rwhois V-1.5:003eff:00 rwhois01.nstel.com (by Network Solutions, Inc. V-1.5.9.5) %referral rwhois://rwhois.arin.net:4321/auth-area=. %referral rwhois://root.rwhois.net:4321/auth-area=. %ok ______________________________ ______________________________