Originally Posted by Barry-xlovecam

Russian Mafia (Pootin Pals?)

barry@paragon-DS-7:~$ curl ipinfo.io/161.8.252.0
{
"ip": "161.8.252.0",
"hostname": "No Hostname",
"city": "Dallas",
"region": "Texas",
"country": "US",
"loc": "32.7787,-96.8217",
"org": "AS8888 LLC RU-service",
"postal": "75270"
}barry@paragon-DS-7:~$ curl ipinfo.io/196.62.126.117
{
"ip": "196.62.126.117",
"hostname": "No Hostname",
"city": "Dallas",
"region": "Texas",
"country": "US",
"loc": "32.7831,-96.8067",
"org": "AS40824 WZ Communications Inc.",
"phone": "214"
}barry@paragon-DS-7:~$ whois 161.8.252.0



NetRange: 161.8.0.0 - 161.9.255.255
CIDR: 161.8.0.0/15
NetName: RIPE-ERX-161-8-0-0
NetHandle: NET-161-8-0-0-1
Parent: NET161 (NET-161-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2004-02-18
Updated: 2004-02-18
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at Database Query ? RIPE Network Coordination Centre
Ref: https://whois.arin.net/rest/net/NET-161-8-0-0-1

ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net

OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://whois.arin.net/rest/org/RIPE

ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html

OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/RNO29-ARIN

OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE3850-ARIN

Found a referral to whois.ripe.net.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '161.8.0.0 - 161.8.255.255'

% Abuse contact for '161.8.0.0 - 161.8.255.255' is '[email protected]'

inetnum: 161.8.0.0 - 161.8.255.255
netname: MAGNITKA
org: ORG-MMK2-RIPE
descr: OOO MMK-Informservice
descr: Pushkina str. 2
descr: Mgnitogorsk, 455019
country: RU
admin-c: AIS56-RIPE
tech-c: AIS56-RIPE
status: LEGACY
remarks: For information on "status:" attribute read https://www.ripe.net/data-tools/db/f...gacy-resources
mnt-by: MMKMGN-MNT
mnt-lower: MMKMGN-MNT
mnt-routes: MMKMGN-MNT
created: 2004-01-20T10:47:24Z
last-modified: 2016-10-04T11:24:12Z
source: RIPE

organisation: ORG-MMK2-RIPE
org-name: OAO Magnitogorsk Iron and Steel Works
org-type: OTHER
address: Pushkina street, 2
address: Magnitogorsk 455019
abuse-c: RD6100-RIPE
mnt-ref: ROSNIIROS-MNT
mnt-by: MMKMGN-MNT
mnt-by: ROSNIIROS-MNT
created: 2011-01-18T18:59:15Z
last-modified: 2015-07-20T08:24:07Z
source: RIPE # Filtered

person: Alexey I Stepanenko
address: Magnitogorsk Iron and Steel Works (MMK)
address: Open Joint Stock Company
address: Pushkina st. 2 Russia
phone: +7 3519 258912
abuse-mailbox: [email protected]
nic-hdl: AIS56-RIPE
created: 2003-10-29T11:15:54Z
last-modified: 2013-12-18T06:07:28Z
source: RIPE # Filtered
mnt-by: MMKMGN-MNT

% This query was served by the RIPE Database Query Service version 1.88 (WAGYU)
======================

barry@paragon-DS-7:~$ whois 196.62.126.117
% This is the AfriNIC Whois server.

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '196.62.96.0 - 196.62.127.255'

% No abuse contact registered for 196.62.96.0 - 196.62.127.255

inetnum: 196.62.96.0 - 196.62.127.255
netname: ATT
descr: AT&T Services, Inc.
country: US
admin-c: IP9-AFRINIC
tech-c: IP9-AFRINIC
status: ASSIGNED PA
mnt-by: IP-ADMIN
mnt-lower: IP-ADMIN
mnt-domains: IP-ADMIN
mnt-routes: IP-ADMIN
source: AFRINIC # Filtered
parent: 196.62.0.0 - 196.62.255.255

person: IP Admin
address: IP Admin
phone: +2482534202
nic-hdl: IP9-AFRINIC
source: AFRINIC # Filtered



Reassigned IP ASN Blocks

The hi-tech ad industry

Nice scam and a great return -- you think they will prosecute them in Russia?

Those IPs were listed in the body of that story.