WsIRT^(TM)

• whois
• dig
• host
• fetch
• asn

---

whois

at 16 Dec, 2007 @ 19:17:28
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Checking server [whois.crsnic.net] Checking server [whois.planetdomain.com] Results: The data contained in the database of Primus Telecommunications Pty Ltd (PlanetDomain/PrimusDomain) is made available to assist persons in obtaining information pertaining to the domain name registration record. No guarantee of accuracy is offered or given. By submitting a search request you agree to use the data for lawful purposes, and also agree NOT to 1) use the data to allow, enable, or otherwise support any marketing activities, regardless of the medium used. Such media includes but is not limited to e-mail, telephone, facsimile, postal mail, SMS, and wireless alerts. 2) sell or redistribute the data except insofar as it has been incorporated by yourself into a value-added product or service that does not permit the extraction of a substantial portion of the bulk data from the value-added product or service for use by other parties. Primus Telecommunications Pty Ltd (PlanetDomain/PrimusDomain) reserves the right to forbid access to any party who abuses the terms and conditions herein or who is deemed to have queried the database excessively, and to change these terms and conditions at any time. Domain Name: RHINOPORTAIL.COM Reseller..............: Rivers Domains Created on............: 19 Nov 2001 09:31:19 EST Expires on............: 20 Nov 2008 01:31:19 EST Record last updated on: 20 Oct 2006 17:26:47 EST Status................: ACTIVE Owner, Administrative Contact, Technical Contact, Billing Contact: PSD Professional Software Development Sàrl Alain Doudiet (ID00145994) Ch. des Ochettes 34 Echallens, Vaud 1040 Switzerland Phone: +41.218821810 Email: adoudiet@psd.ch Domain servers in listed order: NS1.PSDSARL.NET NS2.PSDSARL.NET Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 251 times today.

---

whois

at 17 Dec, 2007 @ 01:44:24
GeekTools Whois Proxy v5.0.4 Ready. Checking access for CastleCops WsIRT... ok. Final results obtained from whois.ripe.net. Results: % This is the RIPE Whois query server #2. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/db/copyright.html % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag % Information related to '62.220.146.0 - 62.220.146.63' inetnum: 62.220.146.0 - 62.220.146.63 netname: SAITIS-VSERVERS-1 descr: Saitis Vservers network country: CH admin-c: LS4198-RIPE tech-c: LS4198-RIPE status: ASSIGNED PA mnt-by: SAITIS-MNT source: RIPE # Filtered person: Lucas Schaerer address: Saitis Network address: Mont-Bernand address: 1135 Denens address: Switzerland phone: +41 79 471 02 52 e-mail: lschaerer@saitis.net nic-hdl: LS4198-RIPE mnt-by: SAITIS-MNT source: RIPE # Filtered % Information related to '62.220.128.0/19AS6893' route: 62.220.128.0/19 descr: CH-SAITIS origin: AS6893 mnt-by: SAITIS-MNT source: RIPE # Filtered Results brought to you by the GeekTools WHOIS Proxy Server results may be copyrighted and are used with permission. Your host (CastleCops WsIRT) has visited 19 times today.

---

dig any

at 16 Dec, 2007 @ 19:17:27
;www.rhinoportail.com. IN A www.rhinoportail.com. 86400 IN CNAME rhinoportail.com. rhinoportail.com. 86400 IN A 62.220.146.16 rhinoportail.com. 86400 IN NS ns1.psdsarl.net. rhinoportail.com. 86400 IN NS ns2.psdsarl.net. ;rhinoportail.com. IN A rhinoportail.com. 86400 IN A 62.220.146.16 ;rhinoportail.com. IN MX rhinoportail.com. 86400 IN MX 10 mail.rhinoportail.com. ;rhinoportail.com. IN NS rhinoportail.com. 86400 IN NS ns1.psdsarl.net. rhinoportail.com. 86400 IN NS ns2.psdsarl.net. ;rhinoportail.com. IN SOA rhinoportail.com. 86400 IN SOA ns1.psdsarl.net. marc.doudiet.net. 1157318623 10800 3600 604800 10800 ;rhinoportail.com. IN TXT ;www.rhinoportail.com. IN CNAME www.rhinoportail.com. 86400 IN CNAME rhinoportail.com. ;www.rhinoportail.com. IN PTR www.rhinoportail.com. 86400 IN CNAME rhinoportail.com. ;rhinoportail.com. IN KEY ;www.rhinoportail.com. IN HINFO www.rhinoportail.com. 86399 IN CNAME rhinoportail.com. ;www.rhinoportail.com. IN AAAA www.rhinoportail.com. 86399 IN CNAME rhinoportail.com. ;; Query time: 179 msec ;; SERVER: 204.152.187.13#53(204.152.187.13) ;; WHEN: Sun Dec 16 19:17:27 2007 ;; MSG SIZE rcvd: 116

---

host

at 16 Dec, 2007 @ 19:17:30

---

host

at 17 Dec, 2007 @ 01:44:24

---

fetched page

at 16 Dec, 2007 @ 19:17:25
MD5 Fingerprint: 45259378888611501449d236cdb4d193
SHA1 Fingerprint: 3d0f3daf617e44f302e0fc320d75a57b53a72776
HTTP/1.1 200 OK Date: Sun, 16 Dec 2007 19:17:28 GMT Server: Apache/2.0.54 (Debian GNU/Linux) PHP/4.3.10-16 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_perl/1.999.21 Perl/v5.8.4 Last-Modified: Sun, 16 Dec 2007 02:01:25 GMT ETag: "624136-1890c-ac47e740" Accept-Ranges: bytes Content-Length: 100620 Content-Type: text/plain <?php /******************************************************************************************************/ /* /* irc.ascnet.biz /* /******************************************************************************************************/ // ????? ????? | Language // $language='ru' - ??????? (russian) / TRUNCATED BY CASTLECOPS FOR PUBLIC DISPLAY -- CONTACT STAFF FOR DETAILS

---

Corresponding BGP Origin ASN

at 17 Dec, 2007 @ 01:44:24
AS | BGP Prefix | CC | Registry | Allocated
"6893 | 62.220.128.0/19 | CH | ripencc | 2000-06-27"

---

Possible BGP peer ASNs one AS hop away from BGP Origin ASN

at 17 Dec, 2007 @ 01:44:24
AS Peers | BGP Prefix | CC | Registry | Allocated
"8327 | 62.220.128.0/19 | CH | ripencc | 2000-06-27"

---

AS Description of a given BGP ASN

at 17 Dec, 2007 @ 01:44:52
AS | CC | Registry | Allocated | AS Name
"6893 | CH | ripencc | 1997-01-07 | SAITIS-NETWORK Saitis Network"