User:ClueBot IV/WPOPreports/72.158.32.163

From Wikipedia, the free encyclopedia

• IP: 72.158.32.163
• End result: Open proxy. Open proxy.
• Reverse DNS: proxy.otgserv.com

Contents 1 Whois 2 DNSBL 3 NMap 4 Proxy Check

[edit] Whois

OrgName:    BellSouth.net Inc. 
OrgID:      BELL
Address:    575 Morosgo Drive
City:       Atlanta
StateProv:  GA
PostalCode: 30324
Country:    US

ReferralServer: rwhois://rwhois.eng.bellsouth.net:4321

NetRange:   72.144.0.0 - 72.159.255.255 
CIDR:       72.144.0.0/12 
NetName:    BELLSNET-BLK16
NetHandle:  NET-72-144-0-0-1
Parent:     NET-72-0-0-0-0
NetType:    Direct Allocation
NameServer: AUTH-DNS.ASM.BELLSOUTH.NET
NameServer: AUTH-DNS.MIA.BELLSOUTH.NET
NameServer: AUTH-DNS.MSY.BELLSOUTH.NET
Comment:    
Comment:    For Abuse Issues, email abuse@bellsouth.net. NO ATTACHMENTS. Include IP
Comment:    address, time/date, message header, and attack logs.
Comment:    For Subpoena Request, email ipoperations@bellsouth.net with "SUBPOENA" in
Comment:    the subject line. Law Enforcement Agencies ONLY, please.
RegDate:    2005-08-11
Updated:    2007-02-28

RAbuseHandle: ABUSE81-ARIN
RAbuseName:   Abuse Group 
RAbusePhone:  +1-404-499-5224
RAbuseEmail:  abuse@bellsouth.net 

RTechHandle: JG726-ARIN
RTechName:   Geurin, Joe 
RTechPhone:  +1-404-499-5240
RTechEmail:  ipoperations@bellsouth.net 

OrgAbuseHandle: ABUSE81-ARIN
OrgAbuseName:   Abuse Group 
OrgAbusePhone:  +1-404-499-5224
OrgAbuseEmail:  abuse@bellsouth.net

OrgTechHandle: JG726-ARIN
OrgTechName:   Geurin, Joe 
OrgTechPhone:  +1-404-499-5240
OrgTechEmail:  ipoperations@bellsouth.net

# ARIN WHOIS database, last updated 2008-06-02 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.


Found a referral to rwhois.eng.bellsouth.net:4321.

%rwhois V-1.5:003eff:00 rwhois.eng.bellsouth.net (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NET-8625.72.158.0.0/16
network:Auth-Area:72.158.0.0/16
network:Network-Name:CBL
network:IP-Network:72.158.32.160/27
network:Org-Name:Carter Brothers LLC
network:Street-Address:100 HARTSFIELD CENTER PARKWAY
network:City:ATLANTA
network:State:GA
network:Postal-Code:30354
network:Country-Code:US
network:Admin-Contact;I:USER-443.72.158.0.0/16
network:Tech-Contact;I:USER-2.bellsouth.net
network:Created:20060329093016000
network:Updated:20060329093016000
network:Updated-By:art.schwab@corp.bellsouth.net

network:Class-Name:network
network:ID:NET-1.72.158.0.0/16
network:Auth-Area:72.158.0.0/16
network:Network-Name:BELLSOUTH-NET Allocation
network:IP-Network:72.158.0.0/16
network:Org-Name:BellSouth.net
network:Street-Address:575 Morosgo Drive
network:City:Atlanta
network:State:GA
network:Postal-Code:30324
network:Country-Code:US
network:Admin-Contact;I:USER-1.bellsouth.net
network:Tech-Contact;I:USER-2.bellsouth.net
network:Created:20051115192228000
network:Updated:20060117041348000
network:Updated-By:rwhois-admin@eng.bellsouth.net
network:Utilization:99.99% assigned (255.97 class C networks out of 256)

%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok

[edit] DNSBL

• 163.32.158.72.dnsbl.njabl.org (NJABL) = Nothing. — more information.
• 163.32.158.72.ircbl.ahbl.org (IRCBL) = Nothing. — more information.
• 163.32.158.72.tor.dnsbl.sectoor.de (SECTOOR) = Nothing. — more information.
• 163.32.158.72.tor.ahbl.org (AHBL) = Nothing. — more information.
• 163.32.158.72.no-more-funn.moensted.dk (NoMoreFunn) = Nothing. — more information.
• 163.32.158.72.dnsbl.sorbs.net (SORBS) = Nothing. — more information.
• 163.32.158.72.list.dsbl.org (DSBL) = Nothing. — more information.
• 163.32.158.72.xbl.spamhaus.org (XBL) = Nothing. — more information.

[edit] NMap

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-06-03 19:39 EDT
Interesting ports on proxy.otgserv.com (72.158.32.163):
PORT     STATE SERVICE VERSION
8080/tcp open  http    Apache httpd 2.2.3 ((Unix) mod_ssl/2.2.3 OpenSSL/0.9.8d mod_perl/2.0.3 Perl/v5.8.8)

Nmap finished: 1 IP address (1 host up) scanned in 16.483 seconds

[edit] Proxy Check

72.158.32.163 open 8080,8080 HTTPPOST,HTTPGET