Jump to content

Wikipedia:Open proxies noticeboard

From Wikipedia, the free encyclopedia
    Open proxies noticeboard

    The Open proxies noticeboard seeks to identify, verify and block open proxies and anonymity network exit nodes. To prevent abuse or vandalism, only proxy checks by verified users will be accepted. All users are welcome to discuss on the talk page, report possible proxies, or request that a blocked IP be rechecked.

    • If you've been blocked as an open proxy, please see: Help:blocked.
    • To report a proxy check or an incorrect block, see the #Reporting section.


    Reporting

    [edit]

    Please report IP addresses you suspect are open proxies below. A project member will scan or attempt to connect to the proxy, and if confirmed will block the address.

    File a new report here
    I.
    For block requests:

    Verify that the following criterion has been met:

    • The IP has made abusive contributions within the past week
    For unblock requests:

    Verify that the following criteria has been met:

    • No current criteria
    II.

    For block requests Replace "IP" below with the IP address you are reporting.


    For unblock requests Replace "IP" below with the IP address you are reporting.


    III. Fill out the resulting page and fill-in the requested information.
    IV. Save the page.
    Verified Users/Sysops Templates
    • IP is an open proxy {{Proxycheck|confirmed}} for confirmed open proxies and Tor exit nodes.
    •  Likely IP is an open proxy {{Proxycheck|likely}} for likely open proxies and Tor exit nodes.
    •  Possible IP is an open proxy {{Proxycheck|possible}} for possible open proxies and Tor exit nodes.
    •  Unlikely IP is an open proxy {{Proxycheck|unlikely}} for unlikely open proxies and Tor exit nodes.
    • Not currently an open proxy {{Proxycheck|unrelated}} for IP's confirmed not to be an open proxy or Tor exit node.
    • Inconclusive {{Proxycheck|inconclusive}} for IP's that are inconclusive.
    • no Declined to run a check {{Proxycheck|decline}} to decline a check.
    • Open proxy blocked {{Proxycheck|blocked}} for open proxies and Tor nodes that have been blocked. Please add this if you block the IP.

    Requests

    [edit]


    180.74.70.57

    [edit]

    – This proxy check request is closed and will soon be archived by a bot.

    Reason: Recent vandalism. IPQualityScore and SPUR say it could be a proxy. Nobody (talk) 05:31, 14 April 2025 (UTC)[reply]

    Scanned at 2025-04-14 06:43:17 UTC for 13149s
    All 65536 scanned ports on 180.74.70.57 are in ignored states.
    Not shown: 65536 filtered tcp ports (no-response)
    Too many fingerprints match this host to give specific OS details
    TCP/IP fingerprint:
    SCAN(V=7.94SVN%E=4%D=4/14%OT=%CT=%CU=%PV=N%G=N%TM=67FCE1E2%P=x86_64-pc-linux-gnu)
    SEQ()
    U1(R=N)
    IE(R=N)
    
    
    TRACEROUTE (using proto 1/icmp)
    HOP RTT       ADDRESS
    1   0.96 ms   _gateway (10.199.22.3)
    2   0.36 ms   rtr-ge-dmarc.tblflp.net (10.199.1.1)
    3   ...
    4   5.29 ms   rcmt-agw1.inet.qwest.net (71.32.31.17)
    5   13.45 ms  4.68.144.73
    6   13.69 ms  port-channel2.core3.ash1.he.net (216.66.14.185)
    7   18.97 ms  100ge0-17.core2.orf2.he.net (184.105.64.122)
    8   97.14 ms  100ge0-34.core1.bio1.he.net (184.104.196.162)
    9   ...
    10  235.83 ms telekom-malaysia-inc.e0-33.switch1.mrs1.he.net (216.66.89.226)
    11  ... 30
    
     Unlikely IP is an open proxy -- seems to be a residential range for a Malaysian ISP. Naomi Amethyst 18:56, 14 April 2025 (UTC)[reply]

    95.174.69.6

    [edit]

    – This proxy check request is closed and will soon be archived by a bot.

    Reason: Block evasion via proxy. Tule-hog (talk) 16:11, 19 April 2025 (UTC)[reply]

     Likely IP is an open proxy
    Nmap scan report for 95.174.69.6
    Host is up, received user-set (0.20s latency).
    Scanned at 2025-04-20 00:28:23 UTC for 65s
    
    PORT      STATE    SERVICE          REASON         VERSION
    21/tcp    filtered ftp              no-response
    22/tcp    filtered ssh              no-response
    80/tcp    open     http             syn-ack ttl 54
    |_http-title: ERROR: The requested URL could not be retrieved
    | fingerprint-strings:
    |   GetRequest, HTTPOptions:
    |     HTTP/1.1 400 Bad Request
    |     mime-version: 1.0
    |     date: Sun, 20 Apr 2025 00:28:32 GMT
    |     content-type: text/html;charset=utf-8
    |     content-length: 3541
    |     vary: Accept-Language
    |     content-language: en
    |     connection: close
    |     <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    |     <html><head>
    |     <meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors">
    |     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    |     <title>ERROR: The requested URL could not be retrieved</title>
    |     <style type="text/css"><!--
    |     Copyright (C) 1996-2023 The Squid Software Foundation and contributors
    |     Squid software is distributed under GPLv2+ license and includes
    |     contributions from numerous individuals and organizations.
    |     Please see the COPYING and CONTRIBUTORS files for details.
    |     Stylesheet for Squid Error pages
    |_    Adapted
    443/tcp   open     openvpn          syn-ack ttl 54 OpenVPN
    1080/tcp  filtered socks            no-response
    3182/tcp  filtered bmcpatrolrnvu    no-response
    5000/tcp  filtered upnp             no-response
    8000/tcp  filtered http-alt         no-response
    8080/tcp  filtered http-proxy       no-response
    8443/tcp  open     https-alt?       syn-ack ttl 54
    8888/tcp  filtered sun-answerbook   no-response
    9050/tcp  filtered tor-socks        no-response
    9150/tcp  filtered unknown          no-response
    10000/tcp filtered snet-sensor-mgmt no-response
    20000/tcp filtered dnp              no-response
    1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
    SF-Port80-TCP:V=7.94SVN%I=7%D=4/20%Time=68043FB0%P=x86_64-pc-linux-gnu%r(G
    SF:etRequest,EA6,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nmime-version:\x201
    SF:\.0\r\ndate:\x20Sun,\x2020\x20Apr\x202025\x2000:28:32\x20GMT\r\ncontent
    SF:-type:\x20text/html;charset=utf-8\r\ncontent-length:\x203541\r\nvary:\x
    SF:20Accept-Language\r\ncontent-language:\x20en\r\nconnection:\x20close\r\
    SF:n\r\n<!DOCTYPE\x20html\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01//EN\
    SF:"\x20\"http://www\.w3\.org/TR/html4/strict\.dtd\">\n<html><head>\n<meta
    SF:\x20type=\"copyright\"\x20content=\"Copyright\x20\(C\)\x201996-2020\x20
    SF:The\x20Squid\x20Software\x20Foundation\x20and\x20contributors\">\n<meta
    SF:\x20http-equiv=\"Content-Type\"\x20content=\"text/html;\x20charset=utf-
    SF:8\">\n<title>ERROR:\x20The\x20requested\x20URL\x20could\x20not\x20be\x2
    SF:0retrieved</title>\n<style\x20type=\"text/css\"><!--\x20\n\x20/\*\n\x20
    SF:\*\x20Copyright\x20\(C\)\x201996-2023\x20The\x20Squid\x20Software\x20Fo
    SF:undation\x20and\x20contributors\n\x20\*\n\x20\*\x20Squid\x20software\x2
    SF:0is\x20distributed\x20under\x20GPLv2\+\x20license\x20and\x20includes\n\
    SF:x20\*\x20contributions\x20from\x20numerous\x20individuals\x20and\x20org
    SF:anizations\.\n\x20\*\x20Please\x20see\x20the\x20COPYING\x20and\x20CONTR
    SF:IBUTORS\x20files\x20for\x20details\.\n\x20\*/\n\n/\*\n\x20Stylesheet\x2
    SF:0for\x20Squid\x20Error\x20pages\n\x20Adapted")%r(HTTPOptions,EA6,"HTTP/
    SF:1\.1\x20400\x20Bad\x20Request\r\nmime-version:\x201\.0\r\ndate:\x20Sun,
    SF:\x2020\x20Apr\x202025\x2000:28:32\x20GMT\r\ncontent-type:\x20text/html;
    SF:charset=utf-8\r\ncontent-length:\x203541\r\nvary:\x20Accept-Language\r\
    SF:ncontent-language:\x20en\r\nconnection:\x20close\r\n\r\n<!DOCTYPE\x20ht
    SF:ml\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01//EN\"\x20\"http://www\.w
    SF:3\.org/TR/html4/strict\.dtd\">\n<html><head>\n<meta\x20type=\"copyright
    SF:\"\x20content=\"Copyright\x20\(C\)\x201996-2020\x20The\x20Squid\x20Soft
    SF:ware\x20Foundation\x20and\x20contributors\">\n<meta\x20http-equiv=\"Con
    SF:tent-Type\"\x20content=\"text/html;\x20charset=utf-8\">\n<title>ERROR:\
    SF:x20The\x20requested\x20URL\x20could\x20not\x20be\x20retrieved</title>\n
    SF:<style\x20type=\"text/css\"><!--\x20\n\x20/\*\n\x20\*\x20Copyright\x20\
    SF:(C\)\x201996-2023\x20The\x20Squid\x20Software\x20Foundation\x20and\x20c
    SF:ontributors\n\x20\*\n\x20\*\x20Squid\x20software\x20is\x20distributed\x
    SF:20under\x20GPLv2\+\x20license\x20and\x20includes\n\x20\*\x20contributio
    SF:ns\x20from\x20numerous\x20individuals\x20and\x20organizations\.\n\x20\*
    SF:\x20Please\x20see\x20the\x20COPYING\x20and\x20CONTRIBUTORS\x20files\x20
    SF:for\x20details\.\n\x20\*/\n\n/\*\n\x20Stylesheet\x20for\x20Squid\x20Err
    SF:or\x20pages\n\x20Adapted");
    Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
    Device type: general purpose
    Running (JUST GUESSING): Linux 4.X|5.X|2.6.X|3.X (91%)
    OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10
    OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
    Aggressive OS guesses: Linux 4.15 - 5.8 (91%), Linux 5.0 - 5.4 (91%), Linux 2.6.32 (90%), Linux 2.6.32 or 3.10 (90%), Linux 5.0 - 5.5 (89%), Linux 4.4 (89%), Linux 2.6.32 - 2.6.35 (87%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.32 - 3.0 (85%), Linux 5.4 (85%)
    No exact OS matches for host (test conditions non-ideal).
    TCP/IP fingerprint:
    SCAN(V=7.94SVN%E=4%D=4/20%OT=80%CT=%CU=%PV=N%DS=10%DC=T%G=N%TM=68043FE8%P=x86_64-pc-linux-gnu)
    SEQ(SP=FC%GCD=1%ISR=10B%TI=Z%II=I%TS=A)
    OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST11NW7%O6=M5B4ST11)
    WIN(W1=FE88%W2=FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88)
    ECN(R=Y%DF=Y%TG=40%W=FAF0%O=M5B4NNSNW7%CC=Y%Q=)
    T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
    T2(R=N)
    T3(R=N)
    T4(R=N)
    U1(R=N)
    IE(R=Y%DFI=N%TG=40%CD=S)
    
    Uptime guess: 14.153 days (since Sat Apr  5 20:49:26 2025)
    Network Distance: 10 hops
    TCP Sequence Prediction: Difficulty=252 (Good luck!)
    IP ID Sequence Generation: All zeros
    
    TRACEROUTE (using port 443/tcp)
    HOP RTT       ADDRESS
    1   0.84 ms   _gateway (10.199.22.3)
    2   0.33 ms   rtr-ge-dmarc.tblflp.net (10.199.1.1)
    3   ...
    4   6.01 ms   rcmt-agw1.inet.qwest.net (71.32.31.17)
    5   13.58 ms  4.68.144.73
    6   ... 7
    8   197.18 ms 5.195.70.161
    9   197.22 ms 195.229.27.2
    10  197.31 ms 95.174.69.6
    
    Open proxy blocked Naomi Amethyst 00:31, 20 April 2025 (UTC)[reply]

    38.165.230.0/24

    [edit]

    – This proxy check request is closed and will soon be archived by a bot.

    Reason: Block evasion via proxy. (See previous report.) Tule-hog (talk) 06:32, 20 April 2025 (UTC)[reply]

     Likely IP is an open proxy
    Open proxy blocked Naomi Amethyst 01:40, 21 April 2025 (UTC)[reply]

    194.135.119.59

    [edit]

    – This proxy check request is closed and will soon be archived by a bot.

    Reason: Block evasion via proxy. (See reports above.) Tule-hog (talk) 06:06, 22 April 2025 (UTC)[reply]

     Likely IP is an open proxy
    Nmap scan report for 194.135.119.59
    Host is up, received user-set (0.16s latency).
    Scanned at 2025-04-22 06:10:13 UTC for 73s
    
    PORT      STATE    SERVICE          REASON         VERSION
    21/tcp    filtered ftp              no-response
    22/tcp    filtered ssh              no-response
    80/tcp    open     http             syn-ack ttl 51
    |_http-title: ERROR: The requested URL could not be retrieved
    | fingerprint-strings:
    |   GetRequest:
    |     HTTP/1.1 400 Bad Request
    |     mime-version: 1.0
    |     date: Tue, 22 Apr 2025 06:10:21 GMT
    |     content-type: text/html;charset=utf-8
    |     content-length: 3541
    |     vary: Accept-Language
    |     content-language: en
    |     connection: close
    |     <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    |     <html><head>
    |     <meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors">
    |     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    |     <title>ERROR: The requested URL could not be retrieved</title>
    |     <style type="text/css"><!--
    |     Copyright (C) 1996-2023 The Squid Software Foundation and contributors
    |     Squid software is distributed under GPLv2+ license and includes
    |     contributions from numerous individuals and organizations.
    |     Please see the COPYING and CONTRIBUTORS files for details.
    |     Stylesheet for Squid Error pages
    |     Adapted
    |   HTTPOptions:
    |     HTTP/1.1 400 Bad Request
    |     mime-version: 1.0
    |     date: Tue, 22 Apr 2025 06:10:22 GMT
    |     content-type: text/html;charset=utf-8
    |     content-length: 3541
    |     vary: Accept-Language
    |     content-language: en
    |     connection: close
    |     <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    |     <html><head>
    |     <meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors">
    |     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    |     <title>ERROR: The requested URL could not be retrieved</title>
    |     <style type="text/css"><!--
    |     Copyright (C) 1996-2023 The Squid Software Foundation and contributors
    |     Squid software is distributed under GPLv2+ license and includes
    |     contributions from numerous individuals and organizations.
    |     Please see the COPYING and CONTRIBUTORS files for details.
    |     Stylesheet for Squid Error pages
    |_    Adapted
    443/tcp   open     openvpn          syn-ack ttl 51 OpenVPN
    1080/tcp  filtered socks            no-response
    3182/tcp  filtered bmcpatrolrnvu    no-response
    5000/tcp  filtered upnp             no-response
    8000/tcp  filtered http-alt         no-response
    8080/tcp  open     http-proxy?      syn-ack ttl 51
    8443/tcp  open     https-alt?       syn-ack ttl 51
    8888/tcp  filtered sun-answerbook   no-response
    9050/tcp  filtered tor-socks        no-response
    9150/tcp  filtered unknown          no-response
    10000/tcp filtered snet-sensor-mgmt no-response
    20000/tcp filtered dnp              no-response
    1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
    SF-Port80-TCP:V=7.94SVN%I=7%D=4/22%Time=680732CE%P=x86_64-pc-linux-gnu%r(G
    SF:etRequest,EA6,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nmime-version:\x201
    SF:\.0\r\ndate:\x20Tue,\x2022\x20Apr\x202025\x2006:10:21\x20GMT\r\ncontent
    SF:-type:\x20text/html;charset=utf-8\r\ncontent-length:\x203541\r\nvary:\x
    SF:20Accept-Language\r\ncontent-language:\x20en\r\nconnection:\x20close\r\
    SF:n\r\n<!DOCTYPE\x20html\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01//EN\
    SF:"\x20\"http://www\.w3\.org/TR/html4/strict\.dtd\">\n<html><head>\n<meta
    SF:\x20type=\"copyright\"\x20content=\"Copyright\x20\(C\)\x201996-2020\x20
    SF:The\x20Squid\x20Software\x20Foundation\x20and\x20contributors\">\n<meta
    SF:\x20http-equiv=\"Content-Type\"\x20content=\"text/html;\x20charset=utf-
    SF:8\">\n<title>ERROR:\x20The\x20requested\x20URL\x20could\x20not\x20be\x2
    SF:0retrieved</title>\n<style\x20type=\"text/css\"><!--\x20\n\x20/\*\n\x20
    SF:\*\x20Copyright\x20\(C\)\x201996-2023\x20The\x20Squid\x20Software\x20Fo
    SF:undation\x20and\x20contributors\n\x20\*\n\x20\*\x20Squid\x20software\x2
    SF:0is\x20distributed\x20under\x20GPLv2\+\x20license\x20and\x20includes\n\
    SF:x20\*\x20contributions\x20from\x20numerous\x20individuals\x20and\x20org
    SF:anizations\.\n\x20\*\x20Please\x20see\x20the\x20COPYING\x20and\x20CONTR
    SF:IBUTORS\x20files\x20for\x20details\.\n\x20\*/\n\n/\*\n\x20Stylesheet\x2
    SF:0for\x20Squid\x20Error\x20pages\n\x20Adapted")%r(HTTPOptions,EA6,"HTTP/
    SF:1\.1\x20400\x20Bad\x20Request\r\nmime-version:\x201\.0\r\ndate:\x20Tue,
    SF:\x2022\x20Apr\x202025\x2006:10:22\x20GMT\r\ncontent-type:\x20text/html;
    SF:charset=utf-8\r\ncontent-length:\x203541\r\nvary:\x20Accept-Language\r\
    SF:ncontent-language:\x20en\r\nconnection:\x20close\r\n\r\n<!DOCTYPE\x20ht
    SF:ml\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01//EN\"\x20\"http://www\.w
    SF:3\.org/TR/html4/strict\.dtd\">\n<html><head>\n<meta\x20type=\"copyright
    SF:\"\x20content=\"Copyright\x20\(C\)\x201996-2020\x20The\x20Squid\x20Soft
    SF:ware\x20Foundation\x20and\x20contributors\">\n<meta\x20http-equiv=\"Con
    SF:tent-Type\"\x20content=\"text/html;\x20charset=utf-8\">\n<title>ERROR:\
    SF:x20The\x20requested\x20URL\x20could\x20not\x20be\x20retrieved</title>\n
    SF:<style\x20type=\"text/css\"><!--\x20\n\x20/\*\n\x20\*\x20Copyright\x20\
    SF:(C\)\x201996-2023\x20The\x20Squid\x20Software\x20Foundation\x20and\x20c
    SF:ontributors\n\x20\*\n\x20\*\x20Squid\x20software\x20is\x20distributed\x
    SF:20under\x20GPLv2\+\x20license\x20and\x20includes\n\x20\*\x20contributio
    SF:ns\x20from\x20numerous\x20individuals\x20and\x20organizations\.\n\x20\*
    SF:\x20Please\x20see\x20the\x20COPYING\x20and\x20CONTRIBUTORS\x20files\x20
    SF:for\x20details\.\n\x20\*/\n\n/\*\n\x20Stylesheet\x20for\x20Squid\x20Err
    SF:or\x20pages\n\x20Adapted");
    Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
    Device type: general purpose
    Running (JUST GUESSING): Linux 4.X|5.X|2.6.X|3.X (91%)
    OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10
    OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
    Aggressive OS guesses: Linux 4.15 - 5.8 (91%), Linux 5.0 - 5.4 (91%), Linux 2.6.32 (90%), Linux 4.4 (90%), Linux 5.0 - 5.5 (89%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.35 (87%), Linux 2.6.32 - 2.6.39 (87%)
    No exact OS matches for host (test conditions non-ideal).
    TCP/IP fingerprint:
    SCAN(V=7.94SVN%E=4%D=4/22%OT=80%CT=%CU=%PV=N%DS=13%DC=T%G=N%TM=6807330E%P=x86_64-pc-linux-gnu)
    SEQ(SP=106%GCD=1%ISR=10C%TI=Z%II=I%TS=A)
    OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST11NW7%O6=M5B4ST11)
    WIN(W1=FE88%W2=FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88)
    ECN(R=Y%DF=Y%TG=40%W=FAF0%O=M5B4NNSNW7%CC=Y%Q=)
    T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
    T2(R=N)
    T3(R=N)
    T4(R=N)
    U1(R=N)
    IE(R=Y%DFI=N%TG=40%CD=S)
    
    Uptime guess: 4.698 days (since Thu Apr 17 13:26:18 2025)
    Network Distance: 13 hops
    TCP Sequence Prediction: Difficulty=262 (Good luck!)
    IP ID Sequence Generation: All zeros
    
    TRACEROUTE (using port 8080/tcp)
    HOP RTT       ADDRESS
    1   1.18 ms   _gateway (10.199.22.3)
    2   0.30 ms   rtr-ge-dmarc.tblflp.net (10.199.1.1)
    3   ...
    4   3.75 ms   rcmt-agw1.inet.qwest.net (71.32.31.17)
    5   31.28 ms  4.68.144.73
    6   128.24 ms ae1.10.edge1.ist2.neo.colt.net (171.75.9.47)
    7   163.56 ms 213.249.104.190
    8   163.55 ms 188-123-128-99.dsl.utg.ge (188.123.128.99)
    9   157.05 ms 178-134-198-41.dsl.utg.ge (178.134.198.41)
    10  156.50 ms 178-134-198-42.dsl.utg.ge (178.134.198.42)
    11  ...
    12  163.07 ms 91.208.144.217
    13  169.51 ms 194.135.119.59
    
    Open proxy blocked Naomi Amethyst 06:13, 22 April 2025 (UTC)[reply]

    112.199.95.188

    [edit]

    – This proxy check request is closed and will soon be archived by a bot.

    Reason: Block evasion via proxy. (See above reports.) Tule-hog (talk) 01:54, 23 April 2025 (UTC)[reply]

     Likely IP is an open proxy
    Nmap scan report for 188.95.199.112.clbrz.static.inet.eastern-tele.com (112.199.95.188)
    Host is up, received user-set (0.22s latency).
    Scanned at 2025-04-24 19:52:21 UTC for 78s
    
    PORT      STATE    SERVICE          REASON         VERSION
    21/tcp    filtered ftp              no-response
    22/tcp    filtered ssh              no-response
    80/tcp    open     http             syn-ack ttl 54
    |_http-title: ERROR: The requested URL could not be retrieved
    | fingerprint-strings:
    |   GetRequest:
    |     HTTP/1.1 400 Bad Request
    |     mime-version: 1.0
    |     date: Thu, 24 Apr 2025 19:52:32 GMT
    |     content-type: text/html;charset=utf-8
    |     content-length: 3541
    |     vary: Accept-Language
    |     content-language: en
    |     connection: close
    |     <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    |     <html><head>
    |     <meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors">
    |     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    |     <title>ERROR: The requested URL could not be retrieved</title>
    |     <style type="text/css"><!--
    |     Copyright (C) 1996-2023 The Squid Software Foundation and contributors
    |     Squid software is distributed under GPLv2+ license and includes
    |     contributions from numerous individuals and organizations.
    |     Please see the COPYING and CONTRIBUTORS files for details.
    |     Stylesheet for Squid Error pages
    |     Adapted
    |   HTTPOptions:
    |     HTTP/1.1 400 Bad Request
    |     mime-version: 1.0
    |     date: Thu, 24 Apr 2025 19:52:33 GMT
    |     content-type: text/html;charset=utf-8
    |     content-length: 3541
    |     vary: Accept-Language
    |     content-language: en
    |     connection: close
    |     <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    |     <html><head>
    |     <meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors">
    |     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    |     <title>ERROR: The requested URL could not be retrieved</title>
    |     <style type="text/css"><!--
    |     Copyright (C) 1996-2023 The Squid Software Foundation and contributors
    |     Squid software is distributed under GPLv2+ license and includes
    |     contributions from numerous individuals and organizations.
    |     Please see the COPYING and CONTRIBUTORS files for details.
    |     Stylesheet for Squid Error pages
    |_    Adapted
    443/tcp   filtered https            no-response
    1080/tcp  filtered socks            no-response
    3182/tcp  filtered bmcpatrolrnvu    no-response
    5000/tcp  filtered upnp             no-response
    8000/tcp  filtered http-alt         no-response
    8080/tcp  open     http-proxy?      syn-ack ttl 54
    8443/tcp  filtered https-alt        no-response
    8888/tcp  filtered sun-answerbook   no-response
    9050/tcp  filtered tor-socks        no-response
    9150/tcp  filtered unknown          no-response
    10000/tcp filtered snet-sensor-mgmt no-response
    20000/tcp filtered dnp              no-response
    1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
    SF-Port80-TCP:V=7.94SVN%I=7%D=4/24%Time=680A9680%P=x86_64-pc-linux-gnu%r(G
    SF:etRequest,EA6,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nmime-version:\x201
    SF:\.0\r\ndate:\x20Thu,\x2024\x20Apr\x202025\x2019:52:32\x20GMT\r\ncontent
    SF:-type:\x20text/html;charset=utf-8\r\ncontent-length:\x203541\r\nvary:\x
    SF:20Accept-Language\r\ncontent-language:\x20en\r\nconnection:\x20close\r\
    SF:n\r\n<!DOCTYPE\x20html\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01//EN\
    SF:"\x20\"http://www\.w3\.org/TR/html4/strict\.dtd\">\n<html><head>\n<meta
    SF:\x20type=\"copyright\"\x20content=\"Copyright\x20\(C\)\x201996-2020\x20
    SF:The\x20Squid\x20Software\x20Foundation\x20and\x20contributors\">\n<meta
    SF:\x20http-equiv=\"Content-Type\"\x20content=\"text/html;\x20charset=utf-
    SF:8\">\n<title>ERROR:\x20The\x20requested\x20URL\x20could\x20not\x20be\x2
    SF:0retrieved</title>\n<style\x20type=\"text/css\"><!--\x20\n\x20/\*\n\x20
    SF:\*\x20Copyright\x20\(C\)\x201996-2023\x20The\x20Squid\x20Software\x20Fo
    SF:undation\x20and\x20contributors\n\x20\*\n\x20\*\x20Squid\x20software\x2
    SF:0is\x20distributed\x20under\x20GPLv2\+\x20license\x20and\x20includes\n\
    SF:x20\*\x20contributions\x20from\x20numerous\x20individuals\x20and\x20org
    SF:anizations\.\n\x20\*\x20Please\x20see\x20the\x20COPYING\x20and\x20CONTR
    SF:IBUTORS\x20files\x20for\x20details\.\n\x20\*/\n\n/\*\n\x20Stylesheet\x2
    SF:0for\x20Squid\x20Error\x20pages\n\x20Adapted")%r(HTTPOptions,EA6,"HTTP/
    SF:1\.1\x20400\x20Bad\x20Request\r\nmime-version:\x201\.0\r\ndate:\x20Thu,
    SF:\x2024\x20Apr\x202025\x2019:52:33\x20GMT\r\ncontent-type:\x20text/html;
    SF:charset=utf-8\r\ncontent-length:\x203541\r\nvary:\x20Accept-Language\r\
    SF:ncontent-language:\x20en\r\nconnection:\x20close\r\n\r\n<!DOCTYPE\x20ht
    SF:ml\x20PUBLIC\x20\"-//W3C//DTD\x20HTML\x204\.01//EN\"\x20\"http://www\.w
    SF:3\.org/TR/html4/strict\.dtd\">\n<html><head>\n<meta\x20type=\"copyright
    SF:\"\x20content=\"Copyright\x20\(C\)\x201996-2020\x20The\x20Squid\x20Soft
    SF:ware\x20Foundation\x20and\x20contributors\">\n<meta\x20http-equiv=\"Con
    SF:tent-Type\"\x20content=\"text/html;\x20charset=utf-8\">\n<title>ERROR:\
    SF:x20The\x20requested\x20URL\x20could\x20not\x20be\x20retrieved</title>\n
    SF:<style\x20type=\"text/css\"><!--\x20\n\x20/\*\n\x20\*\x20Copyright\x20\
    SF:(C\)\x201996-2023\x20The\x20Squid\x20Software\x20Foundation\x20and\x20c
    SF:ontributors\n\x20\*\n\x20\*\x20Squid\x20software\x20is\x20distributed\x
    SF:20under\x20GPLv2\+\x20license\x20and\x20includes\n\x20\*\x20contributio
    SF:ns\x20from\x20numerous\x20individuals\x20and\x20organizations\.\n\x20\*
    SF:\x20Please\x20see\x20the\x20COPYING\x20and\x20CONTRIBUTORS\x20files\x20
    SF:for\x20details\.\n\x20\*/\n\n/\*\n\x20Stylesheet\x20for\x20Squid\x20Err
    SF:or\x20pages\n\x20Adapted");
    Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
    Device type: general purpose
    Running (JUST GUESSING): Linux 4.X|5.X|2.6.X|3.X (91%)
    OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10
    OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
    Aggressive OS guesses: Linux 4.15 - 5.8 (91%), Linux 5.0 - 5.4 (91%), Linux 2.6.32 (90%), Linux 4.4 (90%), Linux 5.0 - 5.5 (89%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.35 (87%), Linux 2.6.32 - 2.6.39 (87%)
    No exact OS matches for host (test conditions non-ideal).
    TCP/IP fingerprint:
    SCAN(V=7.94SVN%E=4%D=4/24%OT=80%CT=%CU=%PV=N%DS=12%DC=T%G=N%TM=680A96C3%P=x86_64-pc-linux-gnu)
    SEQ(SP=107%GCD=1%ISR=10D%TI=Z%II=I%TS=A)
    OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST11NW7%O6=M5B4ST11)
    WIN(W1=FE88%W2=FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88)
    ECN(R=Y%DF=Y%TG=40%W=FAF0%O=M5B4NNSNW7%CC=Y%Q=)
    T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
    T2(R=N)
    T3(R=N)
    T4(R=N)
    U1(R=N)
    IE(R=Y%DFI=N%TG=40%CD=S)
    
    Uptime guess: 4.961 days (since Sat Apr 19 20:49:29 2025)
    Network Distance: 12 hops
    TCP Sequence Prediction: Difficulty=263 (Good luck!)
    IP ID Sequence Generation: All zeros
    
    TRACEROUTE (using port 8080/tcp)
    HOP RTT       ADDRESS
    1   0.87 ms   _gateway (10.199.22.3)
    2   0.27 ms   rtr-ge-dmarc.tblflp.net (10.199.1.1)
    3   ...
    4   3.47 ms   71-32-31-17.rcmt.qwest.net (71.32.31.17)
    5   26.89 ms  4.68.144.73
    6   ...
    7   12.69 ms  ae3.cr1-was1.ip4.gtt.net (199.229.230.97)
    8   205.26 ms et-4-1-0.cr1-hkg1.ip4.gtt.net (89.149.131.66)
    9   228.40 ms ip4.gtt.net (103.232.18.30)
    10  225.42 ms 162.1.89.120.core-net.static.eastern-tele.com (120.89.1.162)
    11  217.01 ms 124.6.180.10
    12  217.77 ms 188.95.199.112.clbrz.static.inet.eastern-tele.com (112.199.95.188)
    
    Open proxy blocked Naomi Amethyst 19:57, 24 April 2025 (UTC)[reply]

    Automated lists and tools

    [edit]
    • User:AntiCompositeBot/ASNBlock maintained by User:AntiCompositeBot is a list of hosting provider ranges that need assessment for blocks that is updated daily. Admins are encouraged to review the list and assess for blocks as needed. All administrators are individually responsible for any blocks they make based on that list.
    • ISP Rangefinder is a tool that allows administrators to easily identify and hard block all ranges for an entire ISP. It should be used with extreme caution, but is useful for blocking known open proxy providers. All administrators are individually responsible for any blocks they make based on the results from this tool.
    • IPCheck is a tool that can help provide clues about potential open proxies.
    • Bullseye provides information about IPS, including clues about potential open proxies.
    • whois-referral is a generic WHOIS tool.
    • Range block finder finds present and past range blocks.

    See also

    [edit]
    Subpages
    Related pages
    Sister projects (defunct)