Potential answers

General

Investigator: Patrick Neumann
Start of the investigation: 26.08.2016 - 11:00 hrs
Date of last investigation update: 26.08.2016 - 11:25 hrs

Since it is very likely that some information has changed in the meantime, the answers given here need not be one hundred percent identical to yours.

Conclusion: Act fast and also record the period of time when you do the search.

(Questions and) Answers

  1. What URI does the following hyperlink refer to: ftp://richard:stallman@ftp.gnu.org:2121?
    Answer:
    mailto:badboy@domain-investigation.net?subject=I%20do%20not%20exist!
  2. What kind of URL is the URL in the answer to question #1?
    Answer:
    Email address
  3. What is the TLD in the URI in the answer to question #1?
    Answer:
    .net
  4. What is the URL of the website where ICANN (IANA function) lists the responsibilities for all global TLDs?
    Answer:
    http://www.iana.org/domains/root/db
  5. What company/companies or organisation(s) is/are responsible for managing the TLD in the answer to question #1?
    Answer:
    VeriSign Global Registry Services
    12061 Bluemont Way
    Reston Virginia 20190
    United States
  6. What is the URL of the web-based WHOIS service of the company/organisation in the answer to question #4? -Service des Unternehmens bzw. der Organisation aus 4.?
    Answer:
    http://www.verisign.com/en_US/domain-names/whois/index.xhtml?loc=en_US
  7. What are the names of the name servers that are responsible for resolving the internet domain in the answer to question #1?
    Answer:
    ns1.first-ns.de
    robotns2.second-ns.de
    robotns3.second-ns.com
  8. What is the Domain Holder data for the internet domain in the answer to question #1?
    Answer:
    Registrant Name: Bernd Klinge
    Registrant Organization:
    Registrant Street: Gimter Str. 10
    Registrant City: Hann. Münden
    Registrant State/Province:
    Registrant Postal Code: 34346
    Registrant Country: DE
    Registrant Phone: +49.5541702513
    Registrant Email: bernd.klinge@polizei.niedersachsen.de
  9. Is this data plausible and/or is the organisation/person trustworthy?
    Answer:
    No
  10. What is the Administrative Contact data for the internet domain in the answer to question #1?
    Answer:
    Admin Name: Wolfgang Köhler
    Admin Organization:
    Admin Street: Gimter Str. 10
    Admin City: Hann. Münden
    Admin State/Province:
    Admin Postal Code: 34346
    Admin Country: DE
    Admin Phone: +49.5541702510
    Admin Email: wolfgang.koehler@polizei.niedersachsen.de
  11. Is this data plausible and/or is the organisation/person trustworthy?
    Answer:
    No
  12. When was the data at the company/organisation associated with the internet domain in the answer to question #1 last updated (date and time)?
    Answer:
    Updated Date: 2016-07-28T11:26:48.0Z
    (28.07.2016 11:26:48 Zulu Time Zone)
  13. What is the Technical Contact data for the internet domain in the answer to question #1?
    Answer:
    Tech Name: Patrick Neumann
    Tech Organization:
    Tech Street: Gimter Str. 10
    Tech City: Hann. Münden
    Tech Postal Code: 34346
    Tech State/Province:
    Tech Country: DE
    Tech Phone: +49.5541702511
    Tech Fax: +49.511969560137
    Tech Email: webmaster@domain-investigation.net
  14. Is this data plausible and/or is the organisation/person trustworthy?
    Answer:
    No
  15. What is the Billing Contact data for the internet domain in the answer to question #1?
    Answer:
    Billing Name: Patrick Neumann
    Billing Organization:
    Billing Street: Gimter Str. 10
    Billing City: Hann. Münden
    Billing State/Province:
    Billing Postal Code: 34346
    Billing Country: DE
    Billing Phone: +49.5541702511
    Billing Fax: +49.511969560137
    Billing Email: webmaster@domain-investigation.net
  16. Is this data plausible and/or is the organisation/person trustworthy?
    Answer:
    No
  17. What are the IP addresses to which the names of these name servers refer?
    Answer:
    213.239.242.238 bzw. 2a01:4f8:0:a101::a:1
    213.133.105.6 bzw. 2a01:4f8:d0a:2004::2
    193.47.99.3 bzw. 2001:67c:192c::add:a3
  18. When was the zone file of the internet domain in the answer to question #1 last modified (date)?
    Answer:
    31.07.2016
  19. What email address was filed in the SOA Resource Record for the internet domain in the answer to question #1?
    Answer:
    postmaster.robot.first-ns.de
    (postmaster@robot.first-ns.de)
  20. When do the entries in the zone file for the internet domain in the answer to question #1 expire?
    Answer:
    600 Sekunden (10 Minuten)
  21. What is the A Resource Record for the internet domain in the answer to question #1?
    Answer:
    148.251.115.132
  22. What type of Resource Record is the entry "foobar.domain-investigation.net"?
    Answer:
    CNAME (Alias)
  23. What is the AAAA Resource Record for the internet domain in the answer to question #1?
    Answer:
    2a01:4f8:201:626c::17
  24. What is the MX Resource Record for the internet domain in the answer to question #1 (name and/or IPv4 and/or IPv6 address)?
    Answer:
    mail.domain-investigation.net
    148.251.8.109
    2a01:4f8:201:626c::13
  25. What is the difference between a domain name and a hostname?
    Answer:
    The hostname is always configured by the ISP on/for the server.
    In the case of webhosting services, many customers share an IP address with a hostname with many domains. The configuration of the zone file is usually not complete after the server has been provided. For this reason, the ISP typically creates a specific rudimentary zone file in its systems as fallback.
    Subsequently, the domain name should be configured (completely, if possible) by the customer (where applicable, via ISP automatisms) in the customer's zone file.
    Keep in mind that some customers tend to forget the PTR Resource Record.
  26. What is the URL of the website where the ICANN (IANA function) lists the responsibilities for all global IPv4 subnets?
    Answer:
    http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml
  27. What is the URL of the website where the ICANN (IANA-function) lists the responsibilities for all global IPv6 subnets?
    Answer:
    http://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml
  28. What is the URL of the web-based WHOIS service of the company or organisation that is responsible for (re)assigning the IP address in the AAAA Resource Record for the internet domain in the answer to question #1?
    Answer:
    http://ripe.net/whois
  29. What is the"nic" handle for the organisation or person that reserved the IP address of the AAAA Records for the internet domain in answer #1 in its name?
    Answer:
    PN1864-RIPE
  30. What is the data related to the "nic-hdl" searched previously?
    Answer:
    person: Patrick Neumann
    address: Eichenstr. 6
    address: 34346 Hann. Münden
    address: GERMANY
    phone: +4955417788535
    fax-no: +4932221277156
    e-mail: webmaster@neumannsland.de
    nic-hdl: PN1864-RIPE
    notify: ripe-mntner@hetzner.de
    abuse-mailbox: webmaster@neumannsland.de
    mnt-by: HOS-GUN
    changed: ripe-dbm-updates@robot.first-ns.de 20080326
    changed: ripe-dbm-updates@robot.first-ns.de 20080910
    changed: ripe-dbm-updates@robot.first-ns.de 20110308
    changed: ripe-dbm-updates@robot.first-ns.de 20110522
    source: RIPE
  31. Is this data plausible and/or is the organisation/person trustworthy?
    Answer:
    No
  32. What organisation or person reserved the IPv4 addresses of the A and/or MX Records for the internet domain in answer #1 in its name?
    Answer:
    role: Hetzner Online AG - Contact Role
    address: Hetzner Online AG
    address: Stuttgarter Strasse 1
    address: D-91710 Gunzenhausen
    address: Germany
    phone: +49 9831 61 00 61
    fax-no: +49 9831 61 00 62
    e-mail: ripe@hetzner.de
    abuse-mailbox: abuse@hetzner.de
    [...]
    org: ORG-HOA1-RIPE
    admin-c: MH375-RIPE
    tech-c: GM834-RIPE
    [...]
    nic-hdl: HOAC1-RIPE
    notify: ripe-mntner@hetzner.de
    mnt-by: HOS-GUN
    source: RIPE
    changed: mf@hetzner.de 20130114
    changed: mf@hetzner.de 20130227
    changed: sebastian.krannich@hetzner.de 20130418
  33. Is this data plausible and/or is the organisation/person trustworthy?
    Answer:
    Not really
  34. What is the ASN for the IP address (MX Resource Records) looked up last?
    Answer:
    AS24940
  35. What is the data of the "org" handle for the previously searched ASN?
    Answer:
    organisation: ORG-HOA1-RIPE
    org-name: Hetzner Online AG
    org-type: LIR
    address: Hetzner Online AG
    address: Attn. Martin Hetzner
    address: Industriestrasse 25
    address: 91710
    address: Gunzenhausen
    address: GERMANY
    phone: +49 9831 610061
    fax-no: +49 9831 610062
    admin-c: TF2013-RIPE
    [...]
    mnt-ref: HOS-GUN
    mnt-ref: RIPE-NCC-HM-MNT
    mnt-by: RIPE-NCC-HM-MNT
    abuse-c: HOAC1-RIPE
    source: RIPE
    e-mail: info@hetzner.de
    changed: bitbucket@ripe.net 20140403
  36. Is this data plausible and/or is the organisation/person trustworthy?
    Answer:
    Yes!
  37. If the email server of the internet domain in answer #1 it to be seized, what are the
    • the IPv4 address
    • the IPv6 address
    • the phone number
    of the person to contact?
    Answer:
    • 148.251.8.109
    • 2a01:4f8:201:626c::13
    • +49 9831 610061