User:ClueBot IV/WPOPreports/64.214.231.141

From Wikipedia, the free encyclopedia

This page may meet Wikipedia’s criteria for speedy deletion as a user page or subpage requested to be deleted by its user. Note that in some cases such pages may need to be retained for administrative purposes. See CSD U1.User-requested deletion of page in their own userspace(CSD U1)U1 If this page does not meet the criteria for speedy deletion, please remove this notice. Administrators: check links, history (last), and logs before deletion.

• IP: 64.214.231.141
• End result: Open proxy. Open proxy.
• Reverse DNS: 64.214.231.141

Contents 1 Whois 2 DNSBL 3 NMap 4 Proxy Check

[edit] Whois

OrgName:    Global Crossing 
OrgID:      GBLX
Address:    14605 South 50th Street
City:       Phoenix
StateProv:  AZ
PostalCode: 85044-6471
Country:    US

ReferralServer: rwhois://rwhois.gblx.net:4321

NetRange:   64.212.0.0 - 64.215.255.255 
CIDR:       64.212.0.0/14 
NetName:    GBLX-11D
NetHandle:  NET-64-212-0-0-1
Parent:     NET-64-0-0-0-0
NetType:    Direct Allocation
NameServer: NAME.ROC.GBLX.NET
NameServer: NAME.PHX.GBLX.NET
NameServer: NAME.SNV.GBLX.NET
NameServer: NAME.JFK1.GBLX.NET
Comment:    rwhois.gblx.net:4321 - THESE ADDRESSES ARE
Comment:    NON-PORTABLE
RegDate:    2000-03-15
Updated:    2007-08-29

RTechHandle: IA12-ORG-ARIN
RTechName:   GBLX-IPADMIN 
RTechPhone:  +1-800-404-7714
RTechEmail:  ipadmin@gblx.net 

OrgAbuseHandle: GBLXA-ARIN
OrgAbuseName:   GBLX-Abuse 
OrgAbusePhone:  +1-800-404-7714
OrgAbuseEmail:  abuse@gblx.net

OrgNOCHandle: GBLXN-ARIN
OrgNOCName:   GBLX-NOC 
OrgNOCPhone:  +1-800-404-7714
OrgNOCEmail:  gc-noc@gblx.net

OrgTechHandle: IA12-ORG-ARIN
OrgTechName:   GBLX-IPADMIN 
OrgTechPhone:  +1-800-404-7714
OrgTechEmail:  ipadmin@gblx.net

# ARIN WHOIS database, last updated 2008-02-16 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.


Found a referral to rwhois.gblx.net:4321.

%rwhois V-1.5:003fff:00 rwhois.gblx.net (by Network Solutions, Inc. V-1.5.7.3)
network:Class-Name:network
network:ID:13726.64.214.231.128/25
network:Auth-Area:net.64.212.0.0-14
network:Network-Name:3755.3755.NA
network:IP-Network:64.214.231.128/25
network:Organization;I:3755.NA
network:Tech-Contact;I:4109.3755.NA
network:Admin-Contact;I:4109.3755.NA
network:Created:20060720
network:Updated:20060721
network:Updated-By:ipadmin@gblx.net

%ok

[edit] DNSBL

• 141.231.214.64.dnsbl.njabl.org (NJABL) = Nothing. — more information.
• 141.231.214.64.ircbl.ahbl.org (IRCBL) = Nothing. — more information.
• 141.231.214.64.tor.dnsbl.sectoor.de (SECTOOR) = Nothing. — more information.
• 141.231.214.64.tor.ahbl.org (AHBL) = Nothing. — more information.
• 141.231.214.64.no-more-funn.moensted.dk (NoMoreFunn) = Nothing. — more information.
• 141.231.214.64.dnsbl.sorbs.net (SORBS) = Nothing. — more information.
• 141.231.214.64.list.dsbl.org (DSBL) = Nothing. — more information.
• 141.231.214.64.xbl.spamhaus.org (XBL) = Nothing. — more information.

[edit] NMap

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-02-17 05:54 EST
Interesting ports on 64.214.231.141:
PORT     STATE SERVICE          VERSION
23/tcp   open  telnet?
135/tcp  open  msrpc            Microsoft Windows RPC
139/tcp  open  netbios-ssn
1025/tcp open  msrpc            Microsoft Windows RPC
1027/tcp open  msrpc            Microsoft Windows RPC
3389/tcp open  microsoft-rdp    Microsoft Terminal Service
5554/tcp open  tcpwrapped
5631/tcp open  pcanywheredata?
8081/tcp open  blackice-icecap?
8082/tcp open  blackice-alerts?
8083/tcp open  unknown
8084/tcp open  unknown
8085/tcp open  unknown
6 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
Service Info: OS: Windows

Nmap finished: 1 IP address (1 host up) scanned in 166.604 seconds

[edit] Proxy Check

64.214.231.141 open 23,23 HTTP,WINGATE