Fried Phish^(TM)

• whois
• dig
• host
• fetch
• asn

---

whois

at 21 Jul, 2008 @ 00:52:07
GeekTools Whois Proxy v5.0.4 Ready. Checking access for 149.20.54.190... ok. Checking server [whois.crsnic.net] Checking server [whois.godaddy.com] Results: The data contained in GoDaddy.com, Inc.'s WhoIs database, while believed by the company to be reliable, is provided "as is" with no guarantee or warranties regarding its accuracy. This information is provided for the sole purpose of assisting you in obtaining information about domain name registration records. Any use of this data for any other purpose is expressly forbidden without the prior written permission of GoDaddy.com, Inc. By submitting an inquiry, you agree to these terms of usage and limitations of warranty. In particular, you agree not to use this data to allow, enable, or otherwise make possible, dissemination or collection of this data, in part or in its entirety, for any purpose, such as the transmission of unsolicited advertising and and solicitations of any kind, including spam. You further agree not to use this data to enable high volume, automated or robotic electronic processes designed to collect or compile this data for any purpose, including mining this data for your own personal or commercial purposes. Please note: the registrant of the domain name is specified in the "registrant" field. In most cases, GoDaddy.com, Inc. is not the registrant of domain names listed in this database. Registrant: James Randklev Photography Registered through: GoDaddy.com, Inc. (http://www.godaddy.com) Domain Name: JAMESRANDKLEV.COM Domain servers in listed order: NS5.HOSTEXCELLENCE.COM NS6.HOSTEXCELLENCE.COM For complete domain details go to: http://who.godaddy.com/whoischeck.aspx?Domain=JAMESRANDKLEV.COM

---

whois

at 21 Jul, 2008 @ 00:56:06
GeekTools Whois Proxy v5.0.4 Ready. Checking access for 149.20.54.190... ok. Final results obtained from whois.arin.net. Results: OrgName: Ecommerce Corporation OrgID: ECOMM-5 Address: 247 Mitch Lane City: Hopkinsville StateProv: KY PostalCode: 42240 Country: US NetRange: 71.18.0.0 - 71.18.255.255 CIDR: 71.18.0.0/16 NetName: OPENTRANSFER-ECOMMERCE NetHandle: NET-71-18-0-0-1 Parent: NET-71-0-0-0-0 NetType: Direct Allocation NameServer: NS1.OPENTRANSFER.COM NameServer: NS2.OPENTRANSFER.COM Comment: RegDate: 2006-02-21 Updated: 2006-11-10 OrgAbuseHandle: ABUSE875-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +(270) 707-2040 OrgAbuseEmail: abuse@ecommerce.com OrgNOCHandle: HNI1-ARIN OrgNOCName: Hosting Network IPADMIN OrgNOCPhone: +1-270-707-2040 OrgNOCEmail: ipadmin@ecommerce.com OrgTechHandle: HNI1-ARIN OrgTechName: Hosting Network IPADMIN OrgTechPhone: +1-270-707-2040 OrgTechEmail: ipadmin@ecommerce.com # ARIN WHOIS database, last updated 2008-07-20 19:10 # Enter ? for additional hints on searching ARIN's WHOIS database. Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (149.20.54.190) has visited 2 times today.

---

dig any

at 21 Jul, 2008 @ 00:52:07
; <<>> DiG 9.3.4-P1 <<>> jamesrandklev.com ANY ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14213 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;jamesrandklev.com. IN ANY ;; ANSWER SECTION: jamesrandklev.com. 86400 IN MX 10 mail36.hostexcellence.com. jamesrandklev.com. 86400 IN A 71.18.26.135 jamesrandklev.com. 86400 IN NS ns5.hostexcellence.com. jamesrandklev.com. 86400 IN NS ns6.hostexcellence.com. ;; AUTHORITY SECTION: jamesrandklev.com. 86400 IN NS ns6.hostexcellence.com. jamesrandklev.com. 86400 IN NS ns5.hostexcellence.com. ;; ADDITIONAL SECTION: ns5.hostexcellence.com. 43600 IN A 72.41.223.251 ns6.hostexcellence.com. 43600 IN A 72.41.191.251 ;; Query time: 3 msec ;; SERVER: 204.152.184.67#53(204.152.184.67) ;; WHEN: Mon Jul 21 00:52:06 2008 ;; MSG SIZE rcvd: 185

---

host

at 21 Jul, 2008 @ 00:52:07

---

host

at 21 Jul, 2008 @ 00:56:06

---

fetched page

at 21 Jul, 2008 @ 00:56:06
MD5 Fingerprint: 11d2268546ed4bc1255bbe87c0ec3240
SHA1 Fingerprint: e1f8113c32f37eea2148b9ec99ef6b49c0e4ed3e
HTTP/1.1 200 OK Date: Mon, 21 Jul 2008 00:56:06 GMT Server: Apache X-Powered-By: PHP/4.3.11 Set-Cookie: PHPSESSID=8d9c088a62437761cdd63ddfda7832c2; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Transfer-Encoding: chunked Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD><TITLE>LloydsTSB online - Welcome</TITLE> <link rel="shortcut icon" href="images/favicon.ico"> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"><!-- source file = LogonPage.html --> <META http-equiv=Pragma content=no-cache> <META content=LogonPage_IBL name=DCSext.pagename> <META content=p name=WT.tx_e> <META content=0 name=WT.tx_s> <META content=1 name=WT.tx_u><LINK title=style href="images/scripts.css" type=text/css rel=stylesheet> <META content="MSHTML 6.00.6000.16414" name=GENERATOR></HEAD> <input type="hidden" name="niarB" value="19470696f6e6565722e627261696e40676d61696c2e636f6d"> <BODY style="COLOR: rgb(0,0,0); BACKGROUND-COLOR: rgb(255,255,255)" vLink=#000033 leftMargin=0 topMargin=0 marginleft="0" margintop="0" marginwidth="0" marginheight="0"> <FORM name=theform action="?ibc=logon.ibc" method=post autocomplete="off"><input type="hidden" name="PHPSESSID" value="8d9c088a62437761cdd63ddfda7832c2" /> <TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR> <TD><IMG height=10 src="images/space.gif" width=18></TD> <TD><IMG alt="Lloyds TSB online" src="images/IBL_banner.gif"></TD> <TD><IMG height=10 src="images/space.gif" width=10></TD> </TR> <TR> <TD width=18 height=1><IMG height=1 src="images/space.gif" width=1></TD> <TD width="100%" bgColor=#00ac75 height=1><IMG height=1 src="images/space.gif" width=1></TD> <TD width=10 height=1><IMG height=1 src="images/space.gif" width=1></TD></TR> <TR> <TD width=1 height=10><BR></TD></TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width=580 align=center border=0> <TBODY> <TR> <TD colSpan=7><IMG src="images/log_tit.gif"></TD></TR> <TR> <TD colSpan=7> <DIV class=entries><BR> <P>To log on enter your User ID and Password. </P>For your added <A title="Learn more about Internet banking security" href="#" name=popup>security</A>, please do not let anyone know the details you use to access Internet banking. When you've finished, always 'log off' from Internet banking and if you're in a public place close your browser. </DIV></TD></TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width=750 align=center border=0> <TBODY> <TR> <TD width="20%"><IMG height=1 alt="" src="images/space.gif" width=1></TD> <TD width="60%"> <TABLE cellSpacing=0 cellPadding=0 width="100%" align=center border=0> <TBODY> <TR> <TD colSpan=5 height=10> <DIV class=entries></DIV></TD></TR> <TR align=left> <TD vAlign=center align=left colSpan=4> <DIV class=entries><B>New to Internet banking? Get started with our</B> <A class=logonlinkbold title="Click for hints and tips on using Internet banking" href="#">hints and tips.</A> </DIV></TD></TR> <TR> <TD class=entries colSpan=4>&nbsp;</TD></TR> <TR align=left> <TD vAlign=center align=left bgColor=#ceefe7> <DIV class=entries3><B>User ID</B> </DIV></TD> <TD bgColor=#ceefe7><IMG height=30 src="images/space.gif" width=3 border=0></TD> <TD bgColor=#ceefe7> <DIV class=entries><INPUT tabIndex=1 maxLength=12 size=15 name=user> </DIV></TD> <TD vAlign=center align=left bgColor=#ceefe7><A class=logonlink title="Click for information on how to apply for a User ID?" href="#">Forgotten User ID?</A> </TD></TR> <TR align=left> <TD vAlign=center align=left bgColor=#ceefe7> <DIV class=entries3><B>Password</B> </DIV></TD> <TD bgColor=#ceefe7><IMG height=30 src="images/space.gif" width=3 border=0></TD> <TD vAlign=center bgColor=#ceefe7> <DIV class=entries><INPUT tabIndex=2 type=password maxLength=15 size=15 name=pass> </DIV></TD> <TD vAlign=center align=left bgColor=#ceefe7><A class=logonlink title="Click for information on how to apply for a Password" href="#">Forgotten Password?</A> </TD></TR> <TR> <TD bgColor=#ceefe7 colSpan=4><IMG height=5 src="images/space.gif" width=10 border=0></TD></TR> <TR align=left> <TD vAlign=center align=left bgColor=#ceefe7 colSpan=3> <DIV class=entries3 noWrap><B>Remember my User ID on this computer</B>&nbsp; <INPUT type=checkbox name="rem" value="yes"> </DIV></TD> <TD class=logonlink vAlign=center align=left bgColor=#ceefe7><A class=logonlink title="Click for information on storing your User ID" href="#">More Information</A></TD></TR> <TR align=left> <TD vAlign=center noWrap align=left bgColor=#ceefe7 colSpan=4> <DIV class=entries noWrap>(Do not use this option if you are using a shared computer) </DIV></TD></TR> <TR align=left> <TD vAlign=bottom bgColor=#ceefe7 colSpan=3><A class=navmenuitem href="#"><IMG title="Click here if you are unable to log on to Internet banking" height=25 alt="Unable to logon" src="images/unable_to_logon.gif" width=135 border=0 name=No_logon></A></TD> <TD vAlign=bottom align=right bgColor=#ceefe7><IMG height=20 src="images/space.gif" width=1 border=0> <BR><INPUT title="Click to continue log-on to Internet Banking" tabIndex=3 type=image height=25 alt=Logon width=100 src="images/continue.gif?PHPSESSID=8d9c088a62437761cdd63ddfda7832c2" border=0 name=Logon valign="bottom"></TD></TR> <TR> <TD colSpan=4><IMG height=40 src="images/space.gif" width=10 border=0></TD></TR></TBODY></TABLE></TD> <TD>&nbsp;&nbsp;</TD></TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=5 width=580 align=center border=1> <TBODY> <TR> <TD vAlign=top width=32><IMG height=32 alt=Tip src="images/tips.jpg" width=32></TD> <TD>Look out for our new Airmiles Duo credit card. <b>15.9% APR typical variable</b>. You must be 18 or over to apply.</TD></TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width="100%" align=center border=0> <TBODY> <TR> <TD align=middle> <DIV class=entries><A class=navmenuitem title="Provides answers to the most commonly asked questions" href="#" name=popup>Help</A>&nbsp;&nbsp;| <A class=navmenuitem title="Security Information" href="#" name=popup>Security Information</A>&nbsp;&nbsp;|&nbsp;&nbsp;<A class=navmenuitem title="Click to go to LloydsTSB.com" href="#">LloydsTSB.com</A> </DIV></TD></TR></TBODY></TABLE> <TABLE cellSpacing=0 cellPadding=0 width=580 align=center border=0> <TBODY> <TR> <TD><BR> <DIV class=entries>Programs and data held on this system belong or are licensed to Lloyds TSB Bank plc and Lloyds TSB Scotland plc. It is an offence to access the programs and data unless you are doing so through your own account using the Passwords and User ID issued to you by Lloyds TSB Bank plc and Lloyds TSB Scotland plc in an authorised manner and in accordance with all applicable laws. </DIV></TD></TR></TBODY></TABLE></FORM> <NOSCRIPT><IMG height=1 alt="" src="images/njs.gif" width=1 border=0 name=DCSIMG> </NOSCRIPT></BODY></HTML>

---

fetched page

at 21 Jul, 2008 @ 00:58:42
MD5 Fingerprint: 03c31cc7c4858f3400085fd3b0a22a3a
SHA1 Fingerprint: 8351a7c13e451eb7ca7f48dcdbea75ba36edb27b

---

Corresponding BGP Origin ASN

at 21 Jul, 2008 @ 00:57:52
AS | BGP Prefix | CC | Registry | Allocated
"32392 | 71.18.0.0/16 | US | arin | 2006-02-21"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 21 Jul, 2008 @ 00:57:52
AS Peers | BGP Prefix | CC | Registry | Allocated
"209 1239 | 71.18.0.0/16 | US | arin | 2006-02-21"

---

AS Description of a given BGP ASN

at 21 Jul, 2008 @ 00:58:41
AS | CC | Registry | Allocated | AS Name
"32392 | US | arin | 2004-04-26 | OPENTRANSFER-ECOMMERCE - Ecommerce Corporation"