User:ClueBot IV/WPOPreports/200.155.9.75

From Wikipedia, the free encyclopedia

• IP: 200.155.9.75
• End result: Open proxy. Open proxy.
• Reverse DNS: masquerade.corp.bighost.com.br

Contents 1 Whois 2 DNSBL 3 NMap 4 Proxy Check

[edit] Whois

% Copyright (c) Nic.br
%  The use of the data below is only permitted as described in
%  full by the terms of use (http://registro.br/termo/en.html),
%  being prohibited its distribution, comercialization or
%  reproduction, in particular, to use it for advertising or
%  any similar purpose.
%  2008-05-13 07:11:01 (BRT -03:00)

inetnum:     200.155.0/20
aut-num:     AS16397
abuse-c:     ABC204
owner:       Comdominio Soluções de Tecnologia S/A.
ownerid:     003.672.254/0001-44
responsible: Area de Engenharia - comDominio
owner-c:     AEC81
tech-c:      GRC66
inetrev:     200.155.8/21
nserver:     ns1.datacenter1.com.br 
nsstat:      20080513 AA
nslastaa:    20080513
nserver:     ns3.datacenter1.com.br 
nsstat:      20080513 AA
nslastaa:    20080513
created:     20010828
changed:     20060428

nic-hdl-br:  ABC204
person:      Abuse @ comDominio
e-mail:      abuse@comdominio.com.br
created:     20030625
changed:     20030625

nic-hdl-br:  AEC81
person:      Area de Engenharia - comDominio
e-mail:      registro@alog.com.br
created:     20020909
changed:     20080223

nic-hdl-br:  GRC66
person:      Gerencia de Redes - comDominio
e-mail:      suportesp@alog.com.br
created:     20020909
changed:     20071226

% Security and mail abuse issues should also be addressed to
% cert.br, http://www.cert.br/, respectivelly to cert@cert.br
% and mail-abuse@cert.br
%
% whois.registro.br accepts only direct match queries. Types
% of queries are: domain (.br), ticket, provider, ID, CIDR
% block, IP and ASN.

[edit] DNSBL

• 75.9.155.200.dnsbl.njabl.org (NJABL) = Nothing. — more information.
• 75.9.155.200.ircbl.ahbl.org (IRCBL) = Nothing. — more information.
• 75.9.155.200.tor.dnsbl.sectoor.de (SECTOOR) = Nothing. — more information.
• 75.9.155.200.tor.ahbl.org (AHBL) = Nothing. — more information.
• 75.9.155.200.no-more-funn.moensted.dk (NoMoreFunn) = Nothing. — more information.
• 75.9.155.200.dnsbl.sorbs.net (SORBS) = Nothing. — more information.
• 75.9.155.200.list.dsbl.org (DSBL) = Nothing. — more information.
• 75.9.155.200.xbl.spamhaus.org (XBL) = Nothing. — more information.

[edit] NMap

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-05-13 06:07 EDT
Interesting ports on masquerade.corp.bighost.com.br (200.155.9.75):
PORT     STATE SERVICE         VERSION
21/tcp   open  ftp             MikroTik router ftpd 2.9.27
22/tcp   open  tcpwrapped
23/tcp   open  telnet          Linux telnetd
53/tcp   open  domain?
80/tcp   open  http            MikroTik router http config
1720/tcp open  H.323/Q.931?
1723/tcp open  pptp?
2000/tcp open  callbook?
3128/tcp open  squid-http?
3986/tcp open  mapper-ws_ethd?
8291/tcp open  unknown
3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
Service Info: Host: fwbhint; OS: Linux; Device: router

Nmap finished: 1 IP address (1 host up) scanned in 170.953 seconds

[edit] Proxy Check

200.155.9.75 open 3128,3128 HTTPGET,HTTPPOST