____________________________________
Information Provided By: defcon.pharaoh
____
Date Created: 2021-07-23
Time Created: 22:05:07 UTC
Elapsed Time: None

Pastebin: https://pastebin.com/1fpSrqTT
____
Reason(s) for Information being Leaked: 
- Caught Cheating on two Gentlemen..
- Lies to everyone.
- Constantly uses guys for sex.
____________________________________


______________________________
> cat basic_information.txt
______________________________
- Name: Isabell
- First Name: Isabell
- Middle Initial: null
- Last Name: null
- Sex/Gender: <F>
- Birth Month: December [12]
- Birth Year: 2000
- Birth Day: 24
- Age: 20
- Age Range: 18-24
______________________________


______________________________
> cat location_information.txt
______________________________
- Street Line #1: null
- Street Line #2: null
- City: Kernersville
- Counties: Forsyth, Guilford
- Postal Code(s): 27284–27285
- State Name: North Carolina
- State Code: NC
- ZIP4: null
- Country Name: United States of America
- Country Code: U.S.

- Area Code(s): 336
- FIPS code: 37-35600
- GNIS Feature ID: 0987932
______________________________


______________________________
> cat ip_information.txt
______________________________
- IP Address: 66.110.240.12
- Local IP Address: 192.168.20.12
- Hostname: 66-110-240-12-dynamic.northstate.net
- ISP: North State Telephone Co.
- Organization: North State Communications
- AS: AS22709 North State Telephone Co.
- AS Name/Network: NSTELCO
- AS Number: 22709

- Open Ports: 7681
- Route: 66.110.240.0/20 via AS22709
- Protocols: 7681/UNKNOWN
______________________________


_______________________________________________
> cat device_information.txt
______________________________
- Orientation: portrait-primary
- Time Zone: America/New_York (EDT)
- User Time [When Info Was Recorded]: Fri Jul 23 2021 18:05:11 GMT-0400 (Eastern Daylight Time)
- Language: en-US
- Incognito/Private Window: No
- Ad Blocker: No
- Screen Size: 377 x 753
- Local IP: 192.168.20.12
- GPU: PowerVR Rogue GE8100
- Browser: Instagram App (189.0.0.41.121)
- Operating System: Android 8.1.0
- Device: Alcatel Atel
- Touch Screen: Yes (5 touch points)
- User Agent: 'Mozilla/5.0 (Linux; Android 8.1.0; A502DL Build/OPM1.171019.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36 Instagram 189.0.0.41.121 Android (27/8.1.0; 204dpi; 480x899; Alcatel/TCL; A502DL; U50A_PLUS_TF; mt6739; en_US; 293853431)'
- Platform: Linux armv7l

- Referring URL: https://l.instagram.com/
_______________________________________________


_________________________________________________________________
> cat nmap_scan_report1.txt
_________________________________________________________________
Nmap scan report for 66-110-240-12-dynamic.northstate.net (66.110.240.12)
Host is up (0.036s latency).
Not shown: 995 closed ports
PORT    STATE    SERVICE
53/tcp  filtered domain
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6.18
OS details: Linux 2.6.18, Linux 2.6.30
Network Distance: 18 hops

OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 7.73 seconds
_________________________________________________________________


_________________________________________________________________
> cat nmap_scan_report2.txt
_________________________________________________________________
Starting Nmap 7.80 ( https://nmap.org ) at 2021-08-10 10:32 CDT
NSE: Loaded 149 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 10:33
Completed NSE at 10:33, 10.15s elapsed
Initiating NSE at 10:33
Completed NSE at 10:33, 0.00s elapsed
Initiating Ping Scan at 10:33
Scanning 66.110.240.12 [4 ports]
Completed Ping Scan at 10:33, 0.42s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 10:33
Completed Parallel DNS resolution of 1 host. at 10:33, 0.17s elapsed
Initiating SYN Stealth Scan at 10:33
Scanning 66-110-240-12-dynamic.northstate.net (66.110.240.12) [1000 ports]
Discovered open port 8080/tcp on 66.110.240.12
Increasing send delay for 66.110.240.12 from 0 to 5 due to max_successful_tryno increase to 5
Increasing send delay for 66.110.240.12 from 5 to 10 due to max_successful_tryno increase to 6
Warning: 66.110.240.12 giving up on port because retransmission cap hit (6).
Discovered open port 8100/tcp on 66.110.240.12
Discovered open port 8000/tcp on 66.110.240.12
Discovered open port 3128/tcp on 66.110.240.12
Completed SYN Stealth Scan at 10:33, 32.15s elapsed (1000 total ports)
Initiating Service scan at 10:33
Scanning 4 services on 66-110-240-12-dynamic.northstate.net (66.110.240.12)
Completed Service scan at 10:34, 11.23s elapsed (4 services on 1 host)
Initiating OS detection (try #1) against 66-110-240-12-dynamic.northstate.net (66.110.240.12)
Retrying OS detection (try #2) against 66-110-240-12-dynamic.northstate.net (66.110.240.12)
Initiating Traceroute at 10:34
Completed Traceroute at 10:34, 5.28s elapsed
Initiating Parallel DNS resolution of 5 hosts. at 10:34
Completed Parallel DNS resolution of 5 hosts. at 10:34, 13.00s elapsed
NSE: Script scanning 66.110.240.12.
Initiating NSE at 10:34
Completed NSE at 10:41, 437.81s elapsed
Initiating NSE at 10:41
Completed NSE at 10:41, 8.37s elapsed
Nmap scan report for 66-110-240-12-dynamic.northstate.net (66.110.240.12)
Host is up (0.067s latency).
Not shown: 979 closed ports
PORT      STATE    SERVICE        VERSION
25/tcp    filtered smtp
53/tcp    filtered domain
416/tcp   filtered silverplatter
1054/tcp  filtered brvread
1069/tcp  filtered cognex-insight
1147/tcp  filtered capioverlan
1186/tcp  filtered mysql-cluster
2105/tcp  filtered eklogin
3128/tcp  open     http-proxy     Squid http proxy 2.5.STABLE14
|_clamav-exec: ERROR: Script execution failed (use -d to debug)
|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
|_http-server-header: squid/2.5.STABLE14
| http-slowloris-check:
|   VULNERABLE:
|   Slowloris DOS attack
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2007-6750
|       Slowloris tries to keep many connections to the target web server open and hold
|       them open as long as possible.  It accomplishes this by opening connections to
|       the target web server and sending a partial request. By doing so, it starves
|       the http server's resources causing Denial Of Service.
|
|     Disclosure date: 2009-09-17
|     References:
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
|_      http://ha.ckers.org/slowloris/
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
| vulners:
|   cpe:/a:squid-cache:squid:2.5.stable14:
|       CVE-2014-6270   6.8     https://vulners.com/cve/CVE-2014-6270
|       CVE-2005-2917   5.0     https://vulners.com/cve/CVE-2005-2917
|_      CVE-2021-31807  4.0     https://vulners.com/cve/CVE-2021-31807
3703/tcp  filtered adobeserver-3
7627/tcp  filtered soap-http
8000/tcp  open     http-proxy     Squid http proxy 2.5.STABLE14
|_clamav-exec: ERROR: Script execution failed (use -d to debug)
|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
|_http-server-header: squid/2.5.STABLE14
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
| vulners:
|   cpe:/a:squid-cache:squid:2.5.stable14:
|       CVE-2014-6270   6.8     https://vulners.com/cve/CVE-2014-6270
|       CVE-2005-2917   5.0     https://vulners.com/cve/CVE-2005-2917
|_      CVE-2021-31807  4.0     https://vulners.com/cve/CVE-2021-31807
8021/tcp  filtered ftp-proxy
8080/tcp  open     http-proxy     Squid http proxy 2.5.STABLE14
|_clamav-exec: ERROR: Script execution failed (use -d to debug)
|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
|_http-server-header: squid/2.5.STABLE14
| http-slowloris-check:
|   VULNERABLE:
|   Slowloris DOS attack
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2007-6750
|       Slowloris tries to keep many connections to the target web server open and hold
|       them open as long as possible.  It accomplishes this by opening connections to
|       the target web server and sending a partial request. By doing so, it starves
|       the http server's resources causing Denial Of Service.
|
|     Disclosure date: 2009-09-17
|     References:
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
|_      http://ha.ckers.org/slowloris/
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
| vulners:
|   cpe:/a:squid-cache:squid:2.5.stable14:
|       CVE-2014-6270   6.8     https://vulners.com/cve/CVE-2014-6270
|       CVE-2005-2917   5.0     https://vulners.com/cve/CVE-2005-2917
|_      CVE-2021-31807  4.0     https://vulners.com/cve/CVE-2021-31807
8100/tcp  open     http-proxy     Squid http proxy 2.5.STABLE14
|_clamav-exec: ERROR: Script execution failed (use -d to debug)
|_http-server-header: squid/2.5.STABLE14
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
| vulners:
|   cpe:/a:squid-cache:squid:2.5.stable14:
|       CVE-2014-6270   6.8     https://vulners.com/cve/CVE-2014-6270
|       CVE-2005-2917   5.0     https://vulners.com/cve/CVE-2005-2917
|_      CVE-2021-31807  4.0     https://vulners.com/cve/CVE-2021-31807
9002/tcp  filtered dynamid
9943/tcp  filtered unknown
10566/tcp filtered unknown
12265/tcp filtered unknown
16993/tcp filtered amt-soap-https
27000/tcp filtered flexlm0
Aggressive OS guesses: Linux 2.6.23 - 2.6.38 (95%), Linux 2.6.26 - 2.6.35 (93%), Linux 2.6.22 - 2.6.36 (92%), Linux 2.6.31 - 2.6.35 (92%), Linux 2.6.8 - 2.6.30 (92%), Linux 2.6.32 - 2.6.39 (92%), Linux 2.6.37 (92%), Linux 2.6.22 (92%), Linux 2.6.32 (91%), Linux 2.6.17 - 2.6.36 (90%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 66.734 days (since Fri Jun  4 17:04:59 2021)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=201 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 8888/tcp)
HOP RTT       ADDRESS
1   0.51 ms   ...
2   260.59 ms ...
3   ... 5
6   221.00 ms ...
7   ... 8
9   243.09 ms dsl-83.d01.tnwabg.infoave.net (204.116.36.83)
10  ... 13
14  243.15 ms 66-110-240-12-dynamic.northstate.net (66.110.240.12)

NSE: Script Post-scanning.
Initiating NSE at 10:41
Completed NSE at 10:41, 0.00s elapsed
Initiating NSE at 10:41
Completed NSE at 10:41, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 539.58 seconds
           Raw packets sent: 2253 (101.662KB) | Rcvd: 1292 (54.020KB)
_________________________________________________________________


______________________________
> cat social_media_accounts.txt
______________________________
~ Note: "Has plenty more accounts, just keep an eye out for her..."

- Instagram Account #1: evil.bitch2021
	- id: 23083799145
	- facebook_uid: 17841423254355474
	- followers: 1,246
	- following: 5,688
- Instagram Account #2: ivyrose1909
- Instagram Account #3: peppermint_drink
- Instagram Account #4: icecreme50
- Snapchat Account #1: null
- Facebook Account #1: null
- Facebook Account #2: null
- Discord Account #1: null
______________________________


______________________________
> cat relatives.txt
______________________________
- None Found
______________________________


______________________________
> cat associated_people.txt
______________________________
- Zack Johnston
______________________________


______________________________
> cat ip_whois.txt
______________________________
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2021, American Registry for Internet Numbers, Ltd.
#


NetRange:       66.110.224.0 - 66.110.255.255
CIDR:           66.110.224.0/19
NetName:        NSTELCO
NetHandle:      NET-66-110-224-0-1
Parent:         NET66 (NET-66-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS22709
Organization:   North State Telephone Co. (NSTA)
RegDate:        2004-01-26
Updated:        2012-03-02
Ref:            https://rdap.arin.net/registry/ip/66.110.224.0


OrgName:        North State Telephone Co.
OrgId:          NSTA
Address:        111 North Main Street
Address:        P.O. Box 2326
City:           High Point
StateProv:      NC
PostalCode:     27261
Country:        US
RegDate:        1998-03-04
Updated:        2020-02-12
Comment:        http://www.northstate.net
Ref:            https://rdap.arin.net/registry/entity/NSTA

ReferralServer:  rwhois://rwhois01.nstel.com:4321

OrgTechHandle: CHAMB361-ARIN
OrgTechName:   Chambers, Gary 
OrgTechPhone:  +1-336-821-8490 
OrgTechEmail:  gary.chambers@nscom.com
OrgTechRef:    https://rdap.arin.net/registry/entity/CHAMB361-ARIN

OrgAbuseHandle: NSCAB-ARIN
OrgAbuseName:   NSC-ABUSE
OrgAbusePhone:  +1-336-821-4656 
OrgAbuseEmail:  abuse@nstel.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/NSCAB-ARIN

OrgTechHandle: NSCIP-ARIN
OrgTechName:   NSC-IPADMIN
OrgTechPhone:  +1-336-886-3922 
OrgTechEmail:  ipadmin@nstel.com
OrgTechRef:    https://rdap.arin.net/registry/entity/NSCIP-ARIN

OrgTechHandle: KORNN-ARIN
OrgTechName:   Korn, Nick 
OrgTechPhone:  +1-336-821-8625 
OrgTechEmail:  nick.korn@nscom.com
OrgTechRef:    https://rdap.arin.net/registry/entity/KORNN-ARIN

OrgNOCHandle: NSCIP-ARIN
OrgNOCName:   NSC-IPADMIN
OrgNOCPhone:  +1-336-886-3922 
OrgNOCEmail:  ipadmin@nstel.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/NSCIP-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2021, American Registry for Internet Numbers, Ltd.
#



Found a referral to rwhois01.nstel.com:4321.

%rwhois V-1.5:003eff:00 rwhois01.nstel.com (by Network Solutions, Inc. V-1.5.9.5)
%referral rwhois://rwhois.arin.net:4321/auth-area=.
%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok
______________________________
______________________________