Uberin (OP)
Newbie
Offline
Activity: 57
Merit: 0
|
|
July 12, 2016, 06:31:30 PM Last edit: July 12, 2016, 09:14:32 PM by Uberin |
|
If u are able to find the real ip ie server's ip address behind the website http://bayanradio.nl/ and not the cloud fare one then u get the bounty.Finding should be attached with proof. If u are successful then u get 2 more jobs Regards
|
|
|
|
socks435
Legendary
Offline
Activity: 2016
Merit: 1030
Privacy is always important
|
|
July 12, 2016, 06:44:24 PM |
|
Honestly its hard to get the real ip address of that site also its protected by cloudfare.. maybe someone can do this..
|
Solving blocks can't be solved without my rigs.
|
|
|
lolxxxx
Legendary
Offline
Activity: 2184
Merit: 1032
|
|
July 12, 2016, 06:45:22 PM |
|
Hey i am running the scan to ip address . The ip address is 104.27.146.157 Address is in my profile.
|
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 12, 2016, 06:54:54 PM |
|
Hey i am running the scan to ip address . The ip address is 104.27.146.157 Address is in my profile. I've tried to access the site directly by its IP address. I guess if it were their real IP, I wouldn't have failed since it is actually CloudFlare's IP Error 1003 Ray ID: 2c16b151e5744f08 • 2016-07-12 18:52:30 UTC Direct IP access not allowed What happened?
You've requested an IP address that is part of the CloudFlare network. A valid Host header must be supplied to reach the desired website.
|
|
|
|
Uberin (OP)
Newbie
Offline
Activity: 57
Merit: 0
|
|
July 12, 2016, 06:56:32 PM |
|
Honestly its hard to get the real ip address of that site also its protected by cloudfare.. maybe someone can do this..
I m looking for that someone
|
|
|
|
|
Uberin (OP)
Newbie
Offline
Activity: 57
Merit: 0
|
|
July 12, 2016, 07:01:37 PM |
|
I think u are getting closer
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 12, 2016, 07:35:19 PM |
|
DNS brute-force scan didn't yield any positive results
|
|
|
|
jackg
Copper Member
Legendary
Offline
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
|
|
July 12, 2016, 08:01:09 PM |
|
There isn't a way of finding it out (I don't think)! If I look at the network information from my "firefox>inspect element>network" I get 104.27.147.157:80. 104.27.147.157 - is owned by Cloudflare. Interestingly, on a who.is search, the domain is also owned by Cloudflare (though it is an irregular domain as it is not like a .com or .co.uk one where you can easily get information from it)
From the information avaliable, is it possible that the server is placed atually on cloudflare's companie's servers.
If you were trying to do a (D)DoS attack then you could always try to use 104.27.147.157:80 address to do it.
Otherwise, if you (D)DoS the address 104.27.147.157 and cloudflare have no protection against it (apart from a high bandwith) then you can then try and access the site though the DNS servers may forward you to a page that states that there is a "failed handshaking", "failed connection" or "connection timed out" error.
|
|
|
|
icanscript
|
|
July 12, 2016, 08:01:32 PM |
|
DNS brute-force scan didn't yield any positive results They are just 2 ns servers that cloudflare use. I suggest looking into this scotcoin project and seeing what you can find out (if this other site is crypto related also) Maybe see what is on the same server, check their nameservers, check that IP see what is on same hosting also. You will find a lot but it may be a bit of a jigsaw. Il have a look in about an hour when im back.
|
|
|
|
lolxxxx
Legendary
Offline
Activity: 2184
Merit: 1032
|
|
July 12, 2016, 08:05:32 PM |
|
DNS brute-force scan didn't yield any positive results They are just 2 ns servers that cloudflare use. I suggest looking into this scotcoin project and seeing what you can find out (if this other site is crypto related also) Maybe see what is on the same server, check their nameservers, check that IP see what is on same hosting also. You will find a lot but it may be a bit of a jigsaw. Il have a look in about an hour when im back. The scotcoin is also using cloudflare . This is the ip Address 104.24.111.116, trying hard but cannot find i am out.
|
|
|
|
jackg
Copper Member
Legendary
Offline
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
|
|
July 12, 2016, 08:17:06 PM |
|
DNS brute-force scan didn't yield any positive results They are just 2 ns servers that cloudflare use. I suggest looking into this scotcoin project and seeing what you can find out (if this other site is crypto related also) Maybe see what is on the same server, check their nameservers, check that IP see what is on same hosting also. You will find a lot but it may be a bit of a jigsaw. Il have a look in about an hour when im back. The scotcoin is also using cloudflare . This is the ip Address 104.24.111.116, trying hard but cannot find i am out. I found something from the scotcoin site that could be used on he other one. In the same panel that I used before there is a cloudflare.min.js file which is the first file sent which must contain the IP of the site for it to forward it? That means that if someone can crack that code then they can easily gain access to the actual site IP? (I'll see if this is on the original site in question too). EDIT: that file is not sent by cloudflare from the website in the OP?
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 12, 2016, 08:33:09 PM |
|
Here's some info regarding the registrar
|
|
|
|
Mauser
|
|
July 12, 2016, 08:49:21 PM |
|
Here's some info regarding the registrar Yeah These guys own tons of Website, all related to some form of scamming in netherlands. I would recommend to look for a different Website which is still active and might not be hosted by cloudfare or timeweb.ru (other hoster they are using). With a quick search I found 10 Websites all registered at the same PO box.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 12, 2016, 09:00:37 PM |
|
The site IP address may be in this range 67.15.47.0 - 67.15.47.255 Currently alive hosts from that range:
|
|
|
|
icanscript
|
|
July 12, 2016, 09:11:30 PM |
|
The site IP address may be in this range 67.15.47.0 - 67.15.47.255 Currently alive hosts from that range: Where this you find this /24 subnet? I think the best bet would be to speak to the registrar about the domain being used unlawfully (if it is) they will soon remove the nameservers.
|
|
|
|
lolxxxx
Legendary
Offline
Activity: 2184
Merit: 1032
|
|
July 12, 2016, 11:42:17 PM |
|
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 12:32:30 AM |
|
Just take a look. I have found some info too. name class type data time to live www.bayanradio.nl IN HINFO CPU: Please stop asking for ANY OS: See draft-ietf-dnsop-refuse-any 3789s (01:03:09) bayanradio.nl IN NS norm.ns.cloudflare.com 86400s (1.00:00:00) bayanradio.nl IN NS nicole.ns.cloudflare.com 86400s (1.00:00:00) bayanradio.nl IN HINFO CPU: Please stop asking for ANY OS: See draft-ietf-dnsop-refuse-any 3789s (01:03:09) bayanradio.nl IN NS norm.ns.cloudflare.com 69130s (19:12:10) bayanradio.nl IN NS nicole.ns.cloudflare.com 69130s (19:12:10) 157.146.27.104.in-addr.arpa IN HINFO CPU: Please stop asking for ANY OS: See draft-ietf-dnsop-refuse-any 3789s (01:03:09) Traceroute
Tracing route to www.bayanradio.nl [104.27.146.157]...
hop rtt rtt rtt ip address fully qualified domain name 1 0 0 0 208.101.16.73 49.10.65d0.ip4.static.sl-reverse.com 2 0 0 0 66.228.118.153 ae11.dar01.sr01.dal01.networklayer.com 3 0 0 0 173.192.18.210 ae6.bbr01.eq01.dal03.networklayer.com 4 0 0 0 141.101.74.253 5 0 0 0 104.27.146.157 Trace complete Congrats, you have traced route to CloudFlare and found their name servers. The site itself is an Islamic State radio broadcast
|
|
|
|
bhokor
Legendary
Offline
Activity: 966
Merit: 1000
|
|
July 13, 2016, 12:34:15 AM |
|
Port 2083 is open, it is the cpanel login screen, i am trying to get more info
|
|
|
|
lolxxxx
Legendary
Offline
Activity: 2184
Merit: 1032
|
|
July 13, 2016, 12:36:22 AM |
|
Just take a look. I have found some info too. name class type data time to live www.bayanradio.nl IN HINFO CPU: Please stop asking for ANY OS: See draft-ietf-dnsop-refuse-any 3789s (01:03:09) bayanradio.nl IN NS norm.ns.cloudflare.com 86400s (1.00:00:00) bayanradio.nl IN NS nicole.ns.cloudflare.com 86400s (1.00:00:00) bayanradio.nl IN HINFO CPU: Please stop asking for ANY OS: See draft-ietf-dnsop-refuse-any 3789s (01:03:09) bayanradio.nl IN NS norm.ns.cloudflare.com 69130s (19:12:10) bayanradio.nl IN NS nicole.ns.cloudflare.com 69130s (19:12:10) 157.146.27.104.in-addr.arpa IN HINFO CPU: Please stop asking for ANY OS: See draft-ietf-dnsop-refuse-any 3789s (01:03:09) Traceroute
Tracing route to www.bayanradio.nl [104.27.146.157]...
hop rtt rtt rtt ip address fully qualified domain name 1 0 0 0 208.101.16.73 49.10.65d0.ip4.static.sl-reverse.com 2 0 0 0 66.228.118.153 ae11.dar01.sr01.dal01.networklayer.com 3 0 0 0 173.192.18.210 ae6.bbr01.eq01.dal03.networklayer.com 4 0 0 0 141.101.74.253 5 0 0 0 104.27.146.157 Trace complete Congrats, you have traced route to CloudFlare and found their name servers Congrats why? I still don't know the real IP.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 12:36:52 AM |
|
Congrats, you have traced route to CloudFlare and found their name servers
Congrats why? I still don't know the real IP. That was sarcasm
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 08:29:17 AM Last edit: July 13, 2016, 11:10:22 AM by deisik |
|
The site IP address may be in this range 67.15.47.0 - 67.15.47.255 Currently alive hosts from that range: Where this you find this /24 subnet? From here: But nothing alive there looks like the site we're searching for. I tested the machines on these networks for open 2083 port (I did that twice to make double-sure), and nothing came up so far. So the registrar info is likely fake (or the site is only registered by that entity while it is actually located somewhere else)... If we only could find a subnet this node is on (/24 or even /16), we would trace it down
|
|
|
|
pvaspecialist
|
|
July 13, 2016, 08:34:48 AM |
|
just find this after spending my whole days.I was thinking it will really easy to find out IP address.LOL
|
|
|
|
sabotag3x
Legendary
Offline
Activity: 2548
Merit: 2175
Crypto Swap Exchange
|
|
July 13, 2016, 08:36:52 AM |
|
If u are able to find the real ip ie server's ip address behind the website http://bayanradio.nl/ and not the cloud fare one then u get the bounty.Finding should be attached with proof. If u are successful then u get 2 more jobs Regards I lost a good time trying ;DD What's the point? Why you don't send a e-mail to cloudflare?
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 08:50:31 AM |
|
yandex.com is a public Russian e-mail service
|
|
|
|
lolxxxx
Legendary
Offline
Activity: 2184
Merit: 1032
|
|
July 13, 2016, 09:23:23 AM |
|
Please do not post the shortened link we don't know where does it redirect to . Please post the complete link here without shortening .
|
|
|
|
ashour
|
|
July 13, 2016, 09:32:01 AM |
|
It's not possible to get the real IP if the server is hosted/protected by cloud flare, even if it was possible, cloud flare would instantly close that zero day exploit. Your only hope is to get a lawyer and ask him to write a letter to cloud flare and order them to give you the real IP of the server but that would be highly unlikely to happen if you aren't a law enforcement or intelligence agency.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 09:39:59 AM |
|
It's not possible to get the real IP if the server is hosted/protected by cloud flare, even if it was possible, cloud flare would instantly close that zero day exploit. Your only hope is to get a lawyer and ask him to write a letter to cloud flare and order them to give you the real IP of the server but that would be highly unlikely to happen if you aren't a law enforcement or intelligence agency.
What about a vulnerability in cPanel that would either allow access or just betray the real IP of the node?
|
|
|
|
ashour
|
|
July 13, 2016, 10:34:33 AM |
|
It's not possible to get the real IP if the server is hosted/protected by cloud flare, even if it was possible, cloud flare would instantly close that zero day exploit. Your only hope is to get a lawyer and ask him to write a letter to cloud flare and order them to give you the real IP of the server but that would be highly unlikely to happen if you aren't a law enforcement or intelligence agency.
What about a vulnerability in cPanel that would either allow access or just betray the real IP of the node? Good luck with that, if and that is a huge if, you found a vulnerability in cPanel then you would get WAY more than 0.05 btc from cPanel & WHM
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 10:47:19 AM Last edit: July 13, 2016, 11:02:09 AM by deisik |
|
It's not possible to get the real IP if the server is hosted/protected by cloud flare, even if it was possible, cloud flare would instantly close that zero day exploit. Your only hope is to get a lawyer and ask him to write a letter to cloud flare and order them to give you the real IP of the server but that would be highly unlikely to happen if you aren't a law enforcement or intelligence agency.
What about a vulnerability in cPanel that would either allow access or just betray the real IP of the node? Good luck with that, if and that is a huge if, you found a vulnerability in cPanel then you would get WAY more than 0.05 btc from cPanel & WHM I know this. My point was that the IP in question could still be traced down even if the server is protected by CloudFlare. The possibility of that primarily depends on the site admin, not on CloudFlare (CloudFlare cannot help much if, for example, the site has aliases which are bound to its real IP). And I don't know how you are going to trace an IP of a hosted server, though, or what it could look like, lol... Maybe, something like 10.10.1.121?
|
|
|
|
Uberin (OP)
Newbie
Offline
Activity: 57
Merit: 0
|
|
July 13, 2016, 11:07:16 AM |
|
If u are able to find the real ip ie server's ip address behind the website http://bayanradio.nl/ and not the cloud fare one then u get the bounty.Finding should be attached with proof. If u are successful then u get 2 more jobs Regards I lost a good time trying ;DD What's the point? Why you don't send a e-mail to cloudflare? And u think they will just give u?
|
|
|
|
Uberin (OP)
Newbie
Offline
Activity: 57
Merit: 0
|
|
July 13, 2016, 11:08:05 AM |
|
Please do not post the shortened link we don't know where does it redirect to . Please post the complete link here without shortening . What's this the pic is not hosted properly.Pls attach to other site.
|
|
|
|
Naix662
Newbie
Offline
Activity: 7
Merit: 0
|
|
July 13, 2016, 11:10:20 AM |
|
It's not possible to get the real IP if the server is hosted/protected by cloud flare, even if it was possible, cloud flare would instantly close that zero day exploit. Your only hope is to get a lawyer and ask him to write a letter to cloud flare and order them to give you the real IP of the server but that would be highly unlikely to happen if you aren't a law enforcement or intelligence agency.
It is possible. But in this case, yea it might be not possible, or extremely hard, since it seems whoever configured CF, did it correctly.
|
|
|
|
FruitsBasket
Legendary
Offline
Activity: 1232
Merit: 1017
|
|
July 13, 2016, 11:16:53 AM |
|
This is what I found: nicole norm 24rezepte.com nicole norm 44recipes.com nicole norm bayanradio.nl nicole norm bloomingphotographies.com nicole norm casaldeduas.com.br nicole norm crisederisos.com.br nicole norm filecanvas.com nicole norm hapishopping.com nicole norm iaps.co.in nicole norm li4e.ru nicole norm li4epro.com nicole norm luxecrack.com nicole norm mansfieldgaragedoors.co.uk nicole norm metacafeg.xyz nicole norm musicalflutes.net nicole norm myforextrendyreview.com nicole norm myfreeguestbook.net nicole norm myrecipedairys.com nicole norm otubooku.ru nicole norm pb-narrowboats.co.uk nicole norm pcsaudavel.com nicole norm recette2luxe.com nicole norm resortoluxury.com nicole norm scotcoin.com nicole norm scotcoin.net nicole norm scotcoinproject.com nicole norm scotcoinproject.uk nicole norm song-titles.net nicole norm thescotcoinproject.org nicole norm umoz.info nicole norm uttrakhandpestcontrol.in nicole norm uwimages.org nicole norm vaitertudo.com nicole norm videodeposu.net nicole norm videohibe.net nicole norm videolata.net nicole norm videosdemais.net nicole norm videoslike.net nicole norm voymp3.net nicole norm xposurecreative.uk nicole norm zivil-recht.org
These are all domains that are hidden behind the nicole domain from cloudflare. There must be some connection between those websites. I will update the post with some more information.
|
fck@dt-alwayzz_newbz
|
|
|
Roboabhishek
|
|
July 13, 2016, 11:25:45 AM Last edit: July 16, 2016, 05:24:46 AM by Roboabhishek |
|
Hey i am running the scan to ip address . The ip address is 104.27.146.157 Address is in my profile. ahahhaha this IP address is provided by cloud fare its not the real IP of website
|
|
|
|
Roboabhishek
|
|
July 13, 2016, 11:27:40 AM |
|
This Website seems to be of ISIS 70% chances
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 11:28:27 AM |
|
These are all domains that are hidden behind the nicole domain from cloudflare. There must be some connection between those websites. I will update the post with some more information.
There is no connection between them except they are all behind CF and share the same IP address
|
|
|
|
lolxxxx
Legendary
Offline
Activity: 2184
Merit: 1032
|
|
July 13, 2016, 11:29:24 AM |
|
Hey i am running the scan to ip address . The ip address is 104.27.146.157 Address is in my profile. ahahhaha this IP address is provided my cloud fare its not the real IP of website Yes it is protected by cloudflare and that's cloudflare ip.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 11:34:31 AM |
|
If u are able to find the real ip ie server's ip address behind the website http://bayanradio.nl/ and not the cloud fare one then u get the bounty.Finding should be attached with proof. If u are successful then u get 2 more jobs Regards I lost a good time trying ;DD What's the point? Why you don't send a e-mail to cloudflare? And u think they will just give u? By the way, what are the other 2 jobs you mentioned? Bring down that site and dox its real owner?
|
|
|
|
FruitsBasket
Legendary
Offline
Activity: 1232
Merit: 1017
|
|
July 13, 2016, 11:37:10 AM |
|
If u are able to find the real ip ie server's ip address behind the website http://bayanradio.nl/ and not the cloud fare one then u get the bounty.Finding should be attached with proof. If u are successful then u get 2 more jobs Regards I lost a good time trying ;DD What's the point? Why you don't send a e-mail to cloudflare? And u think they will just give u? By the way, what are the other 2 jobs you mentioned? Bring down that site and dox its real owner? Yeah, probably those two yes. I am sure of that 99%. It is really hard, since it will mean if someone finds the real IP, then he found a security flaw in cloudflare, which is a really small chance, that there is one. I am going to look around for some other ways to figure it out, but probably u need a blackhat hacker to find out.
|
fck@dt-alwayzz_newbz
|
|
|
Naix662
Newbie
Offline
Activity: 7
Merit: 0
|
|
July 13, 2016, 12:23:08 PM |
|
Okay I give up. Tried to make connections between many websites but couldn't. If someone has pro account on domainstools.com, it will be useful to check the whois history for this domain and other related domains, specially for old nameservers. emails which might be related: kavishrawat86@gmail.comraj••••••••••••@gmail.com the first email seems to be in few db dumps. http://eu.directi.com/about/officesif someone has Skype credits, give them a call and try to SE them to give you info about the owner, that's only if the whois info isn't fake.
|
|
|
|
mashcom
|
|
July 13, 2016, 02:58:29 PM |
|
1|8.37.235.192 2|110.227.70.151 3|110.227.70.151 4|110.227.70.151 5|51.255.211.234 6|95.91.200.69 7|95.91.200.6 8|84.42.20.145 9|84.42.20.145 10|84.42.20.145 11|103.252.227.50 12|103.252.227.50 13|163.172.135.172
|
|
|
|
Sarthak
|
|
July 13, 2016, 03:25:53 PM |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
|
|
|
|
pvaspecialist
|
|
July 13, 2016, 05:26:16 PM |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
Agree I am 100% sure website related to ISIS.I was visited the website and there have a radio station related with ISIS.I am not sure why OP need real IP address or he trying to save his ass that no one can find him but sidn and google have details of the owner the website.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 05:33:22 PM |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
Agree I am 100% sure website related to ISIS.I was visited the website and there have a radio station related with ISIS.I am not sure why OP need real IP address or he trying to save his ass that no one can find him but sidn and google have details of the owner the website. I don't really understand how he can save his ass by asking to find the real IP address of the site. If no one here is able to do that, this in no case guarantees that he saved his ass ("the absence of proof is not proof of absence"). On the other hand, if someone does find the address in the end, that might actually cost him dear and he may have his head chopped off... Thereby, it is highly unlikely that the OP is risking his ass (or head) this way
|
|
|
|
mashcom
|
|
July 13, 2016, 05:41:03 PM |
|
1|8.37.235.192 2|110.227.70.151 3|110.227.70.151 4|110.227.70.151 5|51.255.211.234 6|95.91.200.69 7|95.91.200.6 8|84.42.20.145 9|84.42.20.145 10|84.42.20.145 11|103.252.227.50 12|103.252.227.50 13|163.172.135.172
68.180.229.98 31.223.145.220
|
|
|
|
Sarthak
|
|
July 13, 2016, 05:45:13 PM |
|
I don't really understand how he can save his ass by asking to find the real IP address of the site. If no one here is able to do that, this in no case guarantees that he saved his ass ("the absence of proof is not proof of absence"). On the other hand, if someone does find the address in the end, that might actually cost him dear and he may have his head chopped off...
Thereby, it is highly unlikely that the OP is risking his ass (or head) this way
If noone finds the ip, it's settled and he's safe. If someone finds the ip, he/she tells him how he/she found it. OP pays 0.05 BTC and changes his hosting and never repeats the same mistake again. Thus, saving his butt next time. Note: This is just a speculation. I am not 100% sure that this is the case but we can't ignore the possibility.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 05:49:40 PM Last edit: July 13, 2016, 06:32:41 PM by deisik |
|
I don't really understand how he can save his ass by asking to find the real IP address of the site. If no one here is able to do that, this in no case guarantees that he saved his ass ("the absence of proof is not proof of absence"). On the other hand, if someone does find the address in the end, that might actually cost him dear and he may have his head chopped off...
Thereby, it is highly unlikely that the OP is risking his ass (or head) this way
If noone finds the ip, it's settled and he's safe. If someone finds the ip, he/she tells him how he/she found it. OP pays 0.05 BTC and changes his hosting and never repeats the same mistake again. Thus, saving his butt next time Lol, I'm not going to tell him precisely how I found the address unless he pays more (provided I find it of course). And more may mean substantially more. Or I just don't tell him anything at all... So, even if he changes hosting, this won't help him (and he may not have this next time)
|
|
|
|
FruitsBasket
Legendary
Offline
Activity: 1232
Merit: 1017
|
|
July 13, 2016, 05:52:36 PM |
|
Now I think about this, it is prety smart. He pays 0,05BTC for an exploit to bypass cloudflare.
That exploit would be worth so many more then the OP pays for it.
|
fck@dt-alwayzz_newbz
|
|
|
Joel_Jantsen
Legendary
Offline
Activity: 1876
Merit: 1308
Get your game girl
|
|
July 13, 2016, 05:53:46 PM |
|
Lol, I'm not going to tell him precisely how I found the address unless he pays more (provided I find it of course). And more may mean substantially more...
So, even if he changes hosting, this might not help him
So you're like a corrupt officer lol You don't want to break the laws but you don't mind breaking one by taking bribes.This sentence right here tells a lot about your character really.The way I look at this post is,OP is trying to make something fishy and he wants to be untraceable,he is in a way testing how hard coded the application/website is so incase people won't be able to find the details.Once you report him the IP address and tell him how'd you found it,he is gonna change the code.People should really stop wasting their time.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 05:55:59 PM Last edit: July 13, 2016, 06:11:38 PM by deisik |
|
Lol, I'm not going to tell him precisely how I found the address unless he pays more (provided I find it of course). And more may mean substantially more...
So, even if he changes hosting, this might not help him
So you're like a corrupt officer lol You don't want to break the laws but you don't mind breaking one by taking bribes.This sentence right here tells a lot about your character really.The way I look at this post is,OP is trying to make something fishy and he wants to be untraceable,he is in a way testing how hard coded the application/website is so incase people won't be able to find the details.Once you report him the IP address and tell him how'd you found it,he is gonna change the code.People should really stop wasting their time. When money talks, bullshit walks. That is how life goes, lol On the other hand, if he really is an ISIS operator and gets his head off for letting regular people as well as undercover agents that have infested this forum know where the site is actually located (as if they don't know it already, lol), will it not serve the public good?
|
|
|
|
Vikingr
|
|
July 13, 2016, 07:09:54 PM |
|
Now I think about this, it is prety smart. He pays 0,05BTC for an exploit to bypass cloudflare.
That exploit would be worth so many more then the OP pays for it.
I tried my best but did not succeeded to find any info about that,I gave a good time but it is really hard to find I thnk you are right, if any person who will find it will worth more than what OP is paying for it.
|
|
|
|
icanscript
|
|
July 13, 2016, 08:37:02 PM |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
True, I think this post sums it up.
|
|
|
|
Newcoins2020
|
|
July 13, 2016, 09:03:43 PM |
|
Now I think about this, it is prety smart. He pays 0,05BTC for an exploit to bypass cloudflare.
That exploit would be worth so many more then the OP pays for it.
I tried my best but did not succeeded to find any info about that,I gave a good time but it is really hard to find I thnk you are right, if any person who will find it will worth more than what OP is paying for it. I tried several trace routes but no to extent. Isn't it possible they actually host it with cloudflare? Every traceroute point out them?
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 13, 2016, 09:16:37 PM Last edit: July 13, 2016, 09:46:11 PM by deisik |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
True, I think this post sums it up. This post is meaningless just because the site is protected by CloudFlare, the company which is located, for a moment, in San Francisco, the United States. I'm curious if everyone is so stupid to assume that CIA don't know the site real address or in which country it is located? It may well happen that the CIA have set up this "Banan radio" themselves somewhere on the outskirts of Langley
|
|
|
|
sabotag3x
Legendary
Offline
Activity: 2548
Merit: 2175
Crypto Swap Exchange
|
|
July 13, 2016, 10:52:22 PM |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
True, I think this post sums it up. plot twist, OP = ISIS and he is testing the security of the website
|
|
|
|
vm1990
Legendary
Offline
Activity: 1540
Merit: 1002
|
|
July 13, 2016, 11:39:32 PM |
|
If u are able to find the real ip ie server's ip address behind the website http://bayanradio.nl/ and not the cloud fare one then u get the bounty.Finding should be attached with proof. If u are successful then u get 2 more jobs Regards not sure its much use but streams coming off another domain name (page elements) http://rf0ouoxm.xyz:8880might be an exploit somewhere, ill have to ping a big range of ports when i have time only 2 iv found are 80 and 443
|
|
|
|
vm1990
Legendary
Offline
Activity: 1540
Merit: 1002
|
|
July 13, 2016, 11:43:24 PM |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
True, I think this post sums it up. ddos attack and id say its not a server admin as hes not asked for proof or a guide if we fine the ip, tough stuff like this most exploiters/hackers wont give a guide just the ip like the op asked for
|
|
|
|
Dolbycocoin
Newbie
Offline
Activity: 32
Merit: 0
|
|
July 14, 2016, 02:39:43 AM |
|
If u are able to find the real ip ie server's ip address behind the website http://bayanradio.nl/ and not the cloud fare one then u get the bounty.Finding should be attached with proof. If u are successful then u get 2 more jobs Regards before i do it, for what that's IP address ?
|
|
|
|
x4
|
|
July 14, 2016, 04:14:54 AM |
|
This task seems si hard because of cloudfare. Well nice try to those who tried and failed and good luck to those who will try soon.
|
|
|
|
Valzador
|
|
July 14, 2016, 05:49:50 AM |
|
If you could find an IP address behind cloudflare then no one would use cloudflare...
The purpose of Cloudflare is to mask the server's IP address and prevent DDoS attacks.
If you could find the server's IP Address then you would be able to DDoS directly to their server, making Cloudflare's service totally useless.
|
|
|
|
icanscript
|
|
July 14, 2016, 09:17:47 AM |
|
Its not about cloudflare though..
human mistake. what if there is a cname left unattended used for mail or such. I would look for that.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 14, 2016, 09:22:35 AM Last edit: July 14, 2016, 10:01:10 AM by deisik |
|
Its not about cloudflare though..
human mistake. what if there is a cname left unattended used for mail or such. I would look for that.
I have already looked for that using a dns brute force script, nothing's been found. Indeed, it didn't test all possible combinations, so more power to those who try this method again
|
|
|
|
drwtsn32
|
|
July 14, 2016, 09:47:09 AM |
|
120.28.9.254 or 120.28.10.217
Either of them is the gateway, the other one is the direct IP.
You're welcome.
Addy: 34P9kaq1FbyBwRd7jwYBF28MsU716dkZ16
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 14, 2016, 09:57:51 AM Last edit: July 14, 2016, 10:08:57 AM by deisik |
|
120.28.9.254 or 120.28.10.217
Either of them is the gateway, the other one is the direct IP And none of them has 2083 port open. It may be filtered (for anything but CloudFlare's IP) but what are your proofs then? Someone could actually set up a clone of that site and pass it as authentic... I guess that shouldn't take much time or effort
|
|
|
|
Uberin (OP)
Newbie
Offline
Activity: 57
Merit: 0
|
|
July 15, 2016, 05:43:57 AM |
|
120.28.9.254 or 120.28.10.217
Either of them is the gateway, the other one is the direct IP.
You're welcome.
Addy: 34P9kaq1FbyBwRd7jwYBF28MsU716dkZ16
Mind attaching proof bcoz I don't see any of them getting resolved
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 15, 2016, 06:15:34 AM |
|
120.28.9.254 or 120.28.10.217
Either of them is the gateway, the other one is the direct IP.
You're welcome.
Addy: 34P9kaq1FbyBwRd7jwYBF28MsU716dkZ16
Mind attaching proof bcoz I don't see any of them getting resolved Is your offer still valid?
|
|
|
|
Uberin (OP)
Newbie
Offline
Activity: 57
Merit: 0
|
|
July 15, 2016, 05:10:24 PM |
|
120.28.9.254 or 120.28.10.217
Either of them is the gateway, the other one is the direct IP.
You're welcome.
Addy: 34P9kaq1FbyBwRd7jwYBF28MsU716dkZ16
Mind attaching proof bcoz I don't see any of them getting resolved Is your offer still valid? Yeah it is
|
|
|
|
pvaspecialist
|
|
July 15, 2016, 05:38:18 PM |
|
Is your offer still valid?
hey deisik offer still valid.I was trying to find out but at the end I don't find any clue.either I have to contract google or sidn to get real ip address.you are intelligent hope you will find real ip address.thanks
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 15, 2016, 05:48:42 PM Last edit: July 15, 2016, 06:27:52 PM by deisik |
|
Is your offer still valid?
hey deisik offer still valid.I was trying to find out but at the end I don't find any clue.either I have to contract google or sidn to get real ip address.you are intelligent hope you will find real ip address.thanks It seems that I have found out the Internet segment where the site is hosted, so if a few other conditions are fulfilled, it is only a matter of time until I get the real IP address (though it can take weeks since I have only one Internet connection and can spare it only at night). In fact, there are only two conditions (beside the obvious condition that the site should be up). The first one is that it shouldn't be hosted at CloudFlare itself... This condition appears to be met
|
|
|
|
FruitsBasket
Legendary
Offline
Activity: 1232
Merit: 1017
|
|
July 15, 2016, 07:55:06 PM |
|
Is your offer still valid?
hey deisik offer still valid.I was trying to find out but at the end I don't find any clue.either I have to contract google or sidn to get real ip address.you are intelligent hope you will find real ip address.thanks It seems that I have found out the Internet segment where the site is hosted, so if a few other conditions are fulfilled, it is only a matter of time until I get the real IP address (though it can take weeks since I have only one Internet connection and can spare it only at night). In fact, there are only two conditions (beside the obvious condition that the site should be up). The first one is that it shouldn't be hosted at CloudFlare itself... This condition appears to be met I hope you will find out then, and congratulations if you do so. I tried, but it was too hard, I have done some thing familiar before, but I forgot how to do it It seems they are more secure than I thought.
|
fck@dt-alwayzz_newbz
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 15, 2016, 09:35:38 PM |
|
The site domain name appears to have been removed from the CF name servers. Kinda seems like someone has already done the dirty job Failed to resolve "bayanradio.nl"
|
|
|
|
Roboabhishek
|
|
July 16, 2016, 05:30:59 AM |
|
Is this an ISIS related website? Because, ISIS released some radio app called Al Bayan and this app has the name 'Bayan radio'. If that's the case, the guy giving the bounty might be the admin of the website and might be making us work for him for 0.05BTC to save his butt. And besides this, why would anyone need the ip address of an ISIS related website?
quite true even I posted it above if its related to ISIS. Maybe that's why he wanted to attack the website
|
|
|
|
Mauser
|
|
July 16, 2016, 08:47:35 AM |
|
The site domain name appears to have been removed from the CF name servers. Kinda seems like someone has already done the dirty job Failed to resolve "bayanradio.nl" It won't take Long for the same guys to open another Website. There tons of Websites registered to the same P/O box in UAE.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 16, 2016, 10:05:21 AM |
|
I have devised an algorithm for fast tracking such sites with high probability (within a day or two). It would require me to code a small utility. I guess the remuneration should be raised if this offer is still valid and the site ever comes back online. What is your stance on this?
You could PM me if you don't want to make this info public
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 16, 2016, 10:49:33 AM |
|
The site domain name appears to have been removed from the CF name servers. Kinda seems like someone has already done the dirty job Failed to resolve "bayanradio.nl" It won't take Long for the same guys to open another Website. There tons of Websites registered to the same P/O box in UAE. The fact that the site is registered somewhere doesn't mean it is hosted there (though it is often the case). That was the first thing that I checked (I mean the networks that belong to that registrar), and I found nothing there... I should probably run a more thorough check again later (when the site comes back online)
|
|
|
|
Patatas
Legendary
Offline
Activity: 1750
Merit: 1115
Providing AI/ChatGpt Services - PM!
|
|
July 16, 2016, 10:56:18 AM |
|
CloudFlaire :- Supporting all the scum of the world including Hackers/ISIS/Indian Mujjahudin/Altcoin Dumpers since ages now.While everybody is taking the efforts to find the real IP,make sure OP is not trying to hide something.Neither any amount is escrowed,why is everybody even bothering to reply here anymore ?
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 16, 2016, 11:30:33 AM Last edit: July 16, 2016, 02:37:41 PM by deisik |
|
CloudFlaire :- Supporting all the scum of the world including Hackers/ISIS/Indian Mujjahudin/Altcoin Dumpers since ages now. Yeah, to keep them all in one place and at hand. What could be better if you pursue aims that in no case can be made public? Remember Snowden? While everybody is taking the efforts to find the real IP,make sure OP is not trying to hide something.Neither any amount is escrowed, why is everybody even bothering to reply here anymore ?
Maybe, because it is the right thing to bring that site down? What could the OP be trying to hide if he actually asks to find out? That is, to do something which is opposite to hiding? And what, in your opinion, he could be trying to hide?
|
|
|
|
birdmeko
|
|
July 16, 2016, 01:13:49 PM |
|
I could probably do this, but only if you up the bounty to like .2
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 16, 2016, 02:38:03 PM |
|
I could probably do this, but only if you up the bounty to like .2
You at first do that, then ask for a raise, lol
|
|
|
|
Bitcoin Explorer
|
|
July 16, 2016, 03:13:33 PM |
|
Lol nice find xD. The website says "Scotland's digital currency"
|
|
|
|
raymond541
|
|
July 16, 2016, 03:53:03 PM |
|
I could probably do this, but only if you up the bounty to like .2
You at first do that, then ask for a raise, lol LOL he might find the real IP address he had confidence.Now he trying to up bounty or probably he not interested with that amount to find real ip address.
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
July 16, 2016, 03:59:12 PM |
|
I could probably do this, but only if you up the bounty to like .2
You at first do that, then ask for a raise, lol LOL he might find the real IP address he had confidence.Now he trying to up bounty or probably he not interested with that amount to find real ip address. Talk is cheap, show us the IP!
|
|
|
|
drwtsn32
|
|
August 06, 2016, 11:37:59 AM |
|
I'm withdrawing my claim. I was wrong. Sorry. The IP is hard to trace. I have no other guesses. To all participants, good luck!
|
|
|
|
deisik
Legendary
Offline
Activity: 3444
Merit: 1280
English ⬄ Russian Translation Services
|
|
August 06, 2016, 11:43:57 AM |
|
Has the site been seen again or is it gone for good (what probably was the OP's primary aim)?
|
|
|
|
|