GoFuckYourself.com - Adult Webmaster Forum - View Single Post - News Report: $3-5M in Ad Fraud Daily from ?Methbot?

Barry-xlovecam · 12-22-2016, 08:49 AM

Russian Mafia (Pootin Pals?)

barry@paragon-DS-7:~$ curl ipinfo.io/161.8.252.0
{
"ip": "161.8.252.0",
"hostname": "No Hostname",
"city": "Dallas",
"region": "Texas",
"country": "US",
"loc": "32.7787,-96.8217",
"org": "AS8888 LLC RU-service",
"postal": "75270"
}barry@paragon-DS-7:~$ curl ipinfo.io/196.62.126.117
{
"ip": "196.62.126.117",
"hostname": "No Hostname",
"city": "Dallas",
"region": "Texas",
"country": "US",
"loc": "32.7831,-96.8067",
"org": "AS40824 WZ Communications Inc.",
"phone": "214"
}barry@paragon-DS-7:~$ whois 161.8.252.0

NetRange: 161.8.0.0 - 161.9.255.255
CIDR: 161.8.0.0/15
NetName: RIPE-ERX-161-8-0-0
NetHandle: NET-161-8-0-0-1
Parent: NET161 (NET-161-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2004-02-18
Updated: 2004-02-18
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at Database Query ? RIPE Network Coordination Centre
Ref: https://whois.arin.net/rest/net/NET-161-8-0-0-1

ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net

OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://whois.arin.net/rest/org/RIPE

ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html

OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/RNO29-ARIN

OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE3850-ARIN

Found a referral to whois.ripe.net.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '161.8.0.0 - 161.8.255.255'

% Abuse contact for '161.8.0.0 - 161.8.255.255' is '[email protected]'

inetnum: 161.8.0.0 - 161.8.255.255
netname: MAGNITKA
org: ORG-MMK2-RIPE
descr: OOO MMK-Informservice
descr: Pushkina str. 2
descr: Mgnitogorsk, 455019
country: RU
admin-c: AIS56-RIPE
tech-c: AIS56-RIPE
status: LEGACY
remarks: For information on "status:" attribute read https://www.ripe.net/data-tools/db/f...gacy-resources
mnt-by: MMKMGN-MNT
mnt-lower: MMKMGN-MNT
mnt-routes: MMKMGN-MNT
created: 2004-01-20T10:47:24Z
last-modified: 2016-10-04T11:24:12Z
source: RIPE

organisation: ORG-MMK2-RIPE
org-name: OAO Magnitogorsk Iron and Steel Works
org-type: OTHER
address: Pushkina street, 2
address: Magnitogorsk 455019
abuse-c: RD6100-RIPE
mnt-ref: ROSNIIROS-MNT
mnt-by: MMKMGN-MNT
mnt-by: ROSNIIROS-MNT
created: 2011-01-18T18:59:15Z
last-modified: 2015-07-20T08:24:07Z
source: RIPE # Filtered

person: Alexey I Stepanenko
address: Magnitogorsk Iron and Steel Works (MMK)
address: Open Joint Stock Company
address: Pushkina st. 2 Russia
phone: +7 3519 258912
abuse-mailbox: [email protected]
nic-hdl: AIS56-RIPE
created: 2003-10-29T11:15:54Z
last-modified: 2013-12-18T06:07:28Z
source: RIPE # Filtered
mnt-by: MMKMGN-MNT

% This query was served by the RIPE Database Query Service version 1.88 (WAGYU)
======================

barry@paragon-DS-7:~$ whois 196.62.126.117
% This is the AfriNIC Whois server.

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '196.62.96.0 - 196.62.127.255'

% No abuse contact registered for 196.62.96.0 - 196.62.127.255

inetnum: 196.62.96.0 - 196.62.127.255
netname: ATT
descr: AT&T Services, Inc.
country: US
admin-c: IP9-AFRINIC
tech-c: IP9-AFRINIC
status: ASSIGNED PA
mnt-by: IP-ADMIN
mnt-lower: IP-ADMIN
mnt-domains: IP-ADMIN
mnt-routes: IP-ADMIN
source: AFRINIC # Filtered
parent: 196.62.0.0 - 196.62.255.255

person: IP Admin
address: IP Admin
phone: +2482534202
nic-hdl: IP9-AFRINIC
source: AFRINIC # Filtered

Reassigned IP ASN Blocks

The hi-tech ad industry

Nice scam and a great return -- you think they will prosecute them in Russia?

Those IPs were listed in the body of that story.

12-22-2016, 08:49 AM
Barry-xlovecam It's 42 Industry Role: Join Date: Jun 2010 Location: Global Posts: 18,083	Russian Mafia (Pootin Pals?) barry@paragon-DS-7:~$ curl ipinfo.io/161.8.252.0 { "ip": "161.8.252.0", "hostname": "No Hostname", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7787,-96.8217", "org": "AS8888 LLC RU-service", "postal": "75270" }barry@paragon-DS-7:~$ curl ipinfo.io/196.62.126.117 { "ip": "196.62.126.117", "hostname": "No Hostname", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS40824 WZ Communications Inc.", "phone": "214" }barry@paragon-DS-7:~$ whois 161.8.252.0 NetRange: 161.8.0.0 - 161.9.255.255 CIDR: 161.8.0.0/15 NetName: RIPE-ERX-161-8-0-0 NetHandle: NET-161-8-0-0-1 Parent: NET161 (NET-161-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2004-02-18 Updated: 2004-02-18 Comment: These addresses have been further assigned to users in Comment: the RIPE NCC region. Contact information can be found in Comment: the RIPE database at Database Query ? RIPE Network Coordination Centre Ref: https://whois.arin.net/rest/net/NET-161-8-0-0-1 ResourceLink: https://apps.db.ripe.net/search/query.html ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://whois.arin.net/rest/org/RIPE ReferralServer: whois://whois.ripe.net ResourceLink: https://apps.db.ripe.net/search/query.html OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://whois.arin.net/rest/poc/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE3850-ARIN Found a referral to whois.ripe.net. % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '161.8.0.0 - 161.8.255.255' % Abuse contact for '161.8.0.0 - 161.8.255.255' is '[email protected]' inetnum: 161.8.0.0 - 161.8.255.255 netname: MAGNITKA org: ORG-MMK2-RIPE descr: OOO MMK-Informservice descr: Pushkina str. 2 descr: Mgnitogorsk, 455019 country: RU admin-c: AIS56-RIPE tech-c: AIS56-RIPE status: LEGACY remarks: For information on "status:" attribute read https://www.ripe.net/data-tools/db/f...gacy-resources mnt-by: MMKMGN-MNT mnt-lower: MMKMGN-MNT mnt-routes: MMKMGN-MNT created: 2004-01-20T10:47:24Z last-modified: 2016-10-04T11:24:12Z source: RIPE organisation: ORG-MMK2-RIPE org-name: OAO Magnitogorsk Iron and Steel Works org-type: OTHER address: Pushkina street, 2 address: Magnitogorsk 455019 abuse-c: RD6100-RIPE mnt-ref: ROSNIIROS-MNT mnt-by: MMKMGN-MNT mnt-by: ROSNIIROS-MNT created: 2011-01-18T18:59:15Z last-modified: 2015-07-20T08:24:07Z source: RIPE # Filtered person: Alexey I Stepanenko address: Magnitogorsk Iron and Steel Works (MMK) address: Open Joint Stock Company address: Pushkina st. 2 Russia phone: +7 3519 258912 abuse-mailbox: [email protected] nic-hdl: AIS56-RIPE created: 2003-10-29T11:15:54Z last-modified: 2013-12-18T06:07:28Z source: RIPE # Filtered mnt-by: MMKMGN-MNT % This query was served by the RIPE Database Query Service version 1.88 (WAGYU) ====================== barry@paragon-DS-7:~$ whois 196.62.126.117 % This is the AfriNIC Whois server. % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '196.62.96.0 - 196.62.127.255' % No abuse contact registered for 196.62.96.0 - 196.62.127.255 inetnum: 196.62.96.0 - 196.62.127.255 netname: ATT descr: AT&T Services, Inc. country: US admin-c: IP9-AFRINIC tech-c: IP9-AFRINIC status: ASSIGNED PA mnt-by: IP-ADMIN mnt-lower: IP-ADMIN mnt-domains: IP-ADMIN mnt-routes: IP-ADMIN source: AFRINIC # Filtered parent: 196.62.0.0 - 196.62.255.255 person: IP Admin address: IP Admin phone: +2482534202 nic-hdl: IP9-AFRINIC source: AFRINIC # Filtered Reassigned IP ASN Blocks The hi-tech ad industry Nice scam and a great return -- you think they will prosecute them in Russia? Those IPs were listed in the body of that story.