Month: June 2009

Canadian Pharmacy – safe-supplier.com

2 Comments

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you endanger you health by taking those dangerous counterfeit drugs.

safe-supplier

Address lookup

canonical name safe-supplier.com.
aliases http://www.safe-supplier.com
addresses 72.167.131.144

Domain Whois record

Queried whois.internic.net with “dom safe-supplier.com“…

   Domain Name: SAFE-SUPPLIER.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: NS51.DOMAINCONTROL.COM
   Name Server: NS52.DOMAINCONTROL.COM
   Status: clientTransferProhibited
   Updated Date: 29-may-2009
   Creation Date: 15-mar-2007
   Expiration Date: 15-mar-2011

>>> Last update of whois database: Tue, 30 Jun 2009 04:16:27 UTC <<<

Queried whois.enom.com with “safe-supplier.com“…

Visit AboutUs.org for more information about safe-supplier.com
<a href="http://www.aboutus.org/safe-supplier.com">AboutUs: safe-supplier.com</a>

Registration Service Provided By: NameCheap.com
Contact: support@NameCheap.com
Visit: http://www.namecheap.com/

Domain name: safe-supplier.com

Registrant Contact:
   Amin Mansoor Ali
   Amin Mansoor Ali ()

   Fax:
   256 Amynabad P.I.B Colony Karachi.
   Karachi, Sindh 74800
   PK

Administrative Contact:
   Amin Mansoor Ali
   Amin Mansoor Ali (visionofpassion@hotmail.com)
   +92.4946824
   Fax: +1.5555555555
   256 Amynabad P.I.B Colony Karachi.
   Karachi, Sindh 74800
   PK

Technical Contact:
   Amin Mansoor Ali
   Amin Mansoor Ali (visionofpassion@hotmail.com)
   +92.4946824
   Fax: +1.5555555555
   256 Amynabad P.I.B Colony Karachi.
   Karachi, Sindh 74800
   PK

Status: Locked

Name Servers:
   ns51.domaincontrol.com
   ns52.domaincontrol.com

Creation date: 15 Mar 2007 10:44:00
Expiration date: 15 Mar 2011 10:44:00

Get Noticed on the Internet!  Increase visibility for this domain name by listing it at www.whoisbusinesslistings.com

Network Whois record

Queried whois.arin.net with “72.167.131.144“…

OrgName:    GoDaddy.com, Inc.
OrgID:      GODAD
Address:    14455 N Hayden Road
Address:    Suite 226
City:       Scottsdale
StateProv:  AZ
PostalCode: 85260
Country:    US

NetRange:   72.167.0.0 - 72.167.255.255
CIDR:       72.167.0.0/16
OriginAS:   AS26496
NetName:    GO-DADDY-SOFTWARE-INC
NetHandle:  NET-72-167-0-0-1
Parent:     NET-72-0-0-0-0
NetType:    Direct Allocation
NameServer: CNS1.SECURESERVER.NET
NameServer: CNS2.SECURESERVER.NET
NameServer: CNS3.SECURESERVER.NET
Comment:
RegDate:    2007-07-05
Updated:    2008-01-18

RAbuseHandle: ABUSE51-ARIN
RAbuseName:   Abuse Department
RAbusePhone:  +1-480-624-2505
RAbuseEmail:  abuse@godaddy.com 

RNOCHandle: NOC124-ARIN
RNOCName:   Network Operations Center
RNOCPhone:  +1-480-505-8809
RNOCEmail:  noc@godaddy.com 

RTechHandle: NOC124-ARIN
RTechName:   Network Operations Center
RTechPhone:  +1-480-505-8809
RTechEmail:  noc@godaddy.com 

OrgAbuseHandle: ABUSE51-ARIN
OrgAbuseName:   Abuse Department
OrgAbusePhone:  +1-480-624-2505
OrgAbuseEmail:  abuse@godaddy.com

OrgNOCHandle: NOC124-ARIN
OrgNOCName:   Network Operations Center
OrgNOCPhone:  +1-480-505-8809
OrgNOCEmail:  noc@godaddy.com

OrgTechHandle: NOC124-ARIN
OrgTechName:   Network Operations Center
OrgTechPhone:  +1-480-505-8809
OrgTechEmail:  noc@godaddy.com

# ARIN WHOIS database, last updated 2009-06-29 20:00

DNS records

name class type data time to live
http://www.safe-supplier.com IN CNAME safe-supplier.com 3599s (00:59:59)
safe-supplier.com IN SOA
server: ns51.domaincontrol.com
email: dns.jomax.net
serial: 2009052800
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 86400
86400s (1.00:00:00)
safe-supplier.com IN A 72.167.131.144 3600s (01:00:00)
safe-supplier.com IN NS ns51.domaincontrol.com 3600s (01:00:00)
safe-supplier.com IN NS ns52.domaincontrol.com 3600s (01:00:00)
safe-supplier.com IN MX
preference: 0
exchange: smtp.secureserver.net
3600s (01:00:00)
safe-supplier.com IN MX
preference: 10
exchange: mailstore1.secureserver.net
3600s (01:00:00)
144.131.167.72.in-addr.arpa IN PTR p3slh180.shr.phx3.secureserver.net 3600s (01:00:00)

Canadian Pharmacy – www.flattry.com – www.tendereach.com

Leave a comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Address lookup

canonical name www.flattry.com.
aliases
addresses 203.93.208.86
218.75.144.6
60.191.239.153
61.191.191.241
119.39.238.2

flattery

Domain Whois record

Queried whois.internic.net with “dom flattry.com“…

   Domain Name: FLATTRY.COM
   Registrar: ONLINENIC, INC.
   Whois Server: whois.onlinenic.com
   Referral URL: http://www.OnlineNIC.com
   Name Server: NS1.FLATTRY.COM
   Name Server: NS2.FLATTRY.COM
   Name Server: NS3.FLATTRY.COM
   Name Server: NS4.FLATTRY.COM
   Status: clientTransferProhibited
   Updated Date: 23-jun-2009
   Creation Date: 10-jun-2009
   Expiration Date: 10-jun-2010

>>> Last update of whois database: Mon, 29 Jun 2009 13:36:22 UTC <<<

Queried whois.onlinenic.com with “flattry.com“…

Registrant:
	 Merido Vallici ad667@safe-mail.net +1.2128843301
	 Merido Vallici
	 4033 po box
	 New York,NY,US 10137

Domain Name:flattry.com
Record last updated at 2009-06-23 07:38:35
Record created on 2009/6/10
Record expired on 2010/6/10

Domain servers in listed order:
	 ns1.flattry.com 	 ns2.flattry.com 

Administrator:
	 name: Merido Vallici
 mail: ad667@safe-mail.net tel: +1.2128843301
	 org: Merido Vallici

address: 4033 po box
	 city: New York
,province: NY
,country: US
 postcode: 10137

Technical Contactor:
	 name: Merido Vallici
 mail: ad667@safe-mail.net tel: +1.2128843301
	 org: Merido Vallici

address: 4033 po box
	 city: New York
,province: NY
,country: US
 postcode: 10137

Billing Contactor:
	 name: Merido Vallici
 mail: ad667@safe-mail.net tel: +1.2128843301
	 org: Merido Vallici

address: 4033 po box
	 city: New York
,province: NY
,country: US
 postcode: 10137

Registration Service Provider:
	name: Serpino Berbeto
	tel: +1.2128848801
 	fax: +1.2128848801
 	web:

Network Whois record

Queried whois.apnic.net with “203.93.208.86“…

inetnum:      203.93.0.0 - 203.93.255.255
netname:      UNICOM-CN
descr:        China Unicom IP network
descr:        China Unicom
country:      CN
admin-c:      CH1302-AP
tech-c:       CH1302-AP
mnt-by:       APNIC-HM
mnt-lower:    MAINT-CNCGROUP
mnt-routes:   MAINT-CNCGROUP-RR
status:       ALLOCATED PORTABLE
changed:      hm-changed@apnic.net 20040116
changed:      hm-changed@apnic.net 20060124
changed:      hm-changed@apnic.net 20090507
changed:      hm-changed@apnic.net 20090508
source:       APNIC

person:       ChinaUnicom Hostmaster
nic-hdl:      CH1302-AP
e-mail:       abuse@chinaunicom.cn
address:      No.21,Jin-Rong Street
address:      Beijing,100140
address:      P.R.China
phone:        +86-10-82993155
fax-no:       +86-10-82993144
country:      CN
changed:      abuse@chinaunicom.cn 20090408
mnt-by:       MAINT-CNCGROUP
source:       APNIC

DNS records

DNS query for 86.208.93.203.in-addr.arpa returned an error from the server: NameError

name class type data time to live
http://www.flattry.com IN A 60.191.239.153 10800s (03:00:00)
http://www.flattry.com IN A 61.191.191.241 10800s (03:00:00)
http://www.flattry.com IN A 119.39.238.2 10800s (03:00:00)
http://www.flattry.com IN A 203.93.208.86 10800s (03:00:00)
http://www.flattry.com IN A 218.75.144.6 10800s (03:00:00)
flattry.com IN A 218.75.144.6 10800s (03:00:00)
flattry.com IN A 119.39.238.2 10800s (03:00:00)
flattry.com IN A 203.93.208.86 10800s (03:00:00)
flattry.com IN A 60.191.239.153 10800s (03:00:00)
flattry.com IN A 61.191.191.241 10800s (03:00:00)

— end —

Address lookup

canonical name www.tendereach.com.
aliases
addresses 119.39.238.2
203.93.208.86
218.75.144.6
60.191.239.153
61.191.191.241

Domain Whois record

Queried whois.internic.net with “dom tendereach.com“…

   Domain Name: TENDEREACH.COM
   Registrar: ONLINENIC, INC.
   Whois Server: whois.onlinenic.com
   Referral URL: http://www.OnlineNIC.com
   Name Server: NS1.TENDEREACH.COM
   Name Server: NS2.TENDEREACH.COM
   Name Server: NS3.TENDEREACH.COM
   Name Server: NS4.TENDEREACH.COM
   Status: clientTransferProhibited
   Updated Date: 24-jun-2009
   Creation Date: 23-jun-2009
   Expiration Date: 23-jun-2010

>>> Last update of whois database: Mon, 29 Jun 2009 13:43:47 UTC <<<

Queried whois.onlinenic.com with “tendereach.com“…

Registrant:
	 Lorenv Cerre ad0@safe-mail.net +1.2138848801
	 Lorenv Cerre
	 4033 po box
	 New York,NY,US 10337

Domain Name:tendereach.com
Record last updated at 2009-06-24 08:21:43
Record created on 2009/6/23
Record expired on 2010/6/23

Domain servers in listed order:
	 ns1.tendereach.com 	 ns2.tendereach.com 

Administrator:
	 4033 po box
	 New York
NY,
US
 10337

	 name:(Lorenv Cerre)
mail:(ad0@safe-mail.net) +1.2138848801
	 Lorenv Cerre
Technical Contactor:
	 4033 po box
	 New York
NY,
US
 10337

	 name:(Lorenv Cerre)
mail:(ad0@safe-mail.net) +1.2138848801
	 Lorenv Cerre
Billing Contactor:
	 4033 po box
	 New York
NY,
US
 10337

	 name:(Lorenv Cerre)
mail:(ad0@safe-mail.net) +1.2138848801
	 Lorenv Cerre

Registration Service Provider:
	name: Serpino Berbeto
	tel: +1.2128848801
 	fax: +1.2128848801
 	web:

Network Whois record

Queried whois.apnic.net with “119.39.238.2“…

inetnum:      119.39.232.0 - 119.39.239.255
netname:      yueyang
country:      CN
descr:        CNC Group HuNan YueYang network
descr:        SanHui building ,WuLiPai Street,
descr:        YueYang 411104
admin-c:      CH444-AP
tech-c:       CH444-AP
status:       ASSIGNED NON-PORTABLE
changed:      zoulei@chinaunicom.cn 20081215
mnt-by:       MAINT-CNCGROUP-HN
source:       APNIC

route:        119.39.0.0/16
descr:        CNC Group CHINA169 Hunan Province Network
country:      CN
origin:       AS4837
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20080102
source:       APNIC

person:       CNCGroup Hostmaster
nic-hdl:      CH444-AP
e-mail:       abuse@cnc-noc.net
address:      No.156,Fu-Xing-Men-Nei Street,
address:      Beijing,100031,P.R.China
phone:        +86-10-82993155
fax-no:       +86-10-82993144
country:      CN
changed:      abuse@cnc-noc.net 20041220
mnt-by:       MAINT-CNCGROUP
source:       APNIC

DNS records

DNS query for 2.238.39.119.in-addr.arpa returned an error from the server: NameError

name class type data time to live
http://www.tendereach.com IN A 218.75.144.6 10800s (03:00:00)
http://www.tendereach.com IN A 60.191.239.153 10800s (03:00:00)
http://www.tendereach.com IN A 61.191.191.241 10800s (03:00:00)
http://www.tendereach.com IN A 119.39.238.2 10800s (03:00:00)
http://www.tendereach.com IN A 203.93.208.86 10800s (03:00:00)
tendereach.com IN A 119.39.238.2 10800s (03:00:00)
tendereach.com IN A 203.93.208.86 10800s (03:00:00)
tendereach.com IN A 60.191.239.153 10800s (03:00:00)
tendereach.com IN A 61.191.191.241 10800s (03:00:00)
tendereach.com IN A 218.75.144.6 10800s (03:00:00)

Canadian Pharmacy – canadiannetmall.com

Leave a comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you endanger you health by taking those dangerous counterfeit drugs.

Canadiannetmall

Address lookup

canonical name canadiannetmall.com.
aliases
addresses 94.76.196.49

Domain Whois record

Queried whois.internic.net with “dom canadiannetmall.com“…

   Domain Name: CANADIANNETMALL.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: NS1.CANADIANNETMALL.COM
   Name Server: NS2.CANADIANNETMALL.COM
   Status: clientTransferProhibited
   Updated Date: 23-dec-2008
   Creation Date: 03-mar-2008
   Expiration Date: 03-mar-2010

>>> Last update of whois database:
Mon, 29 Jun 2009 12:10:38 UTC <<<

Queried whois.enom.com with “canadiannetmall.com“…

Visit AboutUs.org for more information about canadiannetmall.com
<a href="http://www.aboutus.org/canadiannetmall.com">AboutUs: canadiannetmall.com</a>

Registration Service Provided By: NameCheap.com
Contact: support@NameCheap.com
Visit: http://www.namecheap.com/

Domain name: canadiannetmall.com

Registrant Contact:
   WhoisGuard
   WhoisGuard Protected ()

   Fax:
   8939 S. Sepulveda Blvd. #110 - 732
   Westchester, CA 90045
   US

Administrative Contact:
   WhoisGuard
   WhoisGuard Protected (2cff3071e8e6460a9344b23d586d00e8.protect@whoisguard.com)
   +1.6613102107
   Fax: +1.6613102107
   8939 S. Sepulveda Blvd. #110 - 732
   Westchester, CA 90045
   US

Technical Contact:
   WhoisGuard
   WhoisGuard Protected (2cff3071e8e6460a9344b23d586d00e8.protect@whoisguard.com)
   +1.6613102107
   Fax: +1.6613102107
   8939 S. Sepulveda Blvd. #110 - 732
   Westchester, CA 90045
   US

Status: Locked

Name Servers:
   ns1.canadiannetmall.com
   ns2.canadiannetmall.com

Creation date: 03 Mar 2008 14:53:00
Expiration date: 03 Mar 2010 14:53:00

Get Noticed on the Internet!  Increase visibility for this domain name by listing it at www.whoisbusinesslistings.com

Network Whois record

Queried whois.ripe.net with “-B 94.76.196.49“…

% Information related to '94.76.196.48 - 94.76.196.55'

inetnum:        94.76.196.48 - 94.76.196.55
netname:        Poundhost-3253
descr:          Poundhost customer server
remarks: ##############################################################
remarks:        Please report abuse incidents to abuse@poundhost.com.
remarks:        Messages sent to other contact addresses may not be acted upon.
remarks: ##############################################################
country:        GB
admin-c:        BLO2-RIPE
tech-c:         BLO2-RIPE
status:         ASSIGNED PA
mnt-by:         blueconnex-mnt
mnt-routes:     blueconnex-mnt
source:         RIPE
changed:        pete.bristow@bluesquaredata.com 20090114

role:           BlueConnex Ltd Operators
address:        BlueConnex Ltd
address:        BlueSquare House
address:        Priors Way
address:        Maidenhead
address:        Berkshire
address:        SL62HP
remarks:        For abuse please contact abuse@blueconnex.net
phone:          +44 (0)1628 673131
admin-c:        PETE3-RIPE
admin-c:        MM5420-RIPE
admin-c:        ROB153-RIPE
tech-c:         MM5420-RIPE
tech-c:         ROB153-RIPE
mnt-by:         blueconnex-mnt
tech-c:         PETE3-RIPE
nic-hdl:        BLO2-RIPE
changed:        support@pcs-net.com 20081012
source:         RIPE
e-mail:         abuse@blueconnex.net

% Information related to '94.76.192.0/18AS29550'

route:          94.76.192.0/18
descr:          Blueconnex Networks Ltd
origin:         AS29550
remarks:        ***********************************
remarks:        *                                 *
remarks:        * Abuse: abuse@blueconnex.net     *
remarks:        *                                 *
remarks:        * Peering: peering@blueconnex.net *
remarks:        *                                 *
remarks:        ***********************************
mnt-by:         blueconnex-mnt
source:         RIPE
changed:        pete.bristow@bluesquaredata.com 20080814

DNS records

name class type data time to live
canadiannetmall.com IN MX
preference: 10
exchange: mail.canadiannetmall.com
14400s (04:00:00)
canadiannetmall.com IN TXT v=spf1 a mx ip4:92.48.119.157 ~all 14400s (04:00:00)
canadiannetmall.com IN SOA
server: ns1.canadiannetmall.com
email: root.canadiannetmall.com
serial: 2008122300
refresh: 14400
retry: 3600
expire: 1209600
minimum ttl: 86400
14400s (04:00:00)
canadiannetmall.com IN NS ns2.canadiannetmall.com 14400s (04:00:00)
canadiannetmall.com IN NS ns1.canadiannetmall.com 14400s (04:00:00)
canadiannetmall.com IN A 94.76.196.49 14400s (04:00:00)
49.196.76.94.in-addr.arpa IN PTR 94-76-196-49.static.as29550.net 86400s (1.00:00:00)

— end —

Spam – Canadian Pharmacy 29.6.2009 80% 0FF on Pfizer

Leave a comment

Header Analysis

The following IP addresses were extracted from your headers:

IP Address Probable Country Additional Info
80.244.229.67 Russian Federation (Moscow)* Whois Google DNSStuff Urgentmessage.org
6.5.4.3 United States* Whois Google DNSStuff Urgentmessage.org
* The last IP listed is usually the originating IP address

Here is the text you submitted, with the IP addresses highlighted:

Delivered-To: scamfraudalert@gmail.com
Received: by 10.90.65.6 with SMTP id n6cs392298aga;
Mon, 29 Jun 2009 02:16:21 -0700 (PDT)
Received: by 10.204.116.69 with SMTP id l5mr6938906bkq.102.1246266978895;
Mon, 29 Jun 2009 02:16:18 -0700 (PDT)
Return-Path:
Received: from 229.67.artcoms.ru ([80.244.229.67])
by mx.google.com with SMTP id 12si10825252fks.51.2009.06.29.02.15.48;
Mon, 29 Jun 2009 02:16:18 -0700 (PDT)
Received-SPF: neutral (google.com: 80.244.229.67 is neither permitted nor denied by domain of ScamFraudAlert@gmail.com) client-ip=80.244.229.67;
Authentication-Results: mx.google.com; spf=neutral (google.com: 80.244.229.67 is neither permitted nor denied by domain of ScamFraudAlert@gmail.com) smtp.mail=ScamFraudAlert@gmail.com
Date: Mon, 29 Jun 2009 02:16:18 -0700 (PDT)
Content-Return: allowed
X-Mailer: CME-V6.5.4.3; MSN
Return-Path: communications_msn_cs_enus@cimail15.msn.com
Message-ID: <22be01c9f8bb$c2253180$43e5f450@user2>
To: ScamFraudAlert@gmail.com
Subject: Dear ScamFraudAlert@gmail.com 29.6.2009 80% 0FF on Pfizer.
From: Pfizer Inc 1916-2009.
MIME-Version: 1.0
Content-Type: text/html; charset=”ISO-8859-1″
Content-Transfer-Encoding: 7bit

rom Pfizer Inc 1916-2009.<ScamFraudAlert@gmail.com>
to ScamFraudAlert@gmail.com
date Mon, Jun 29, 2009 at 2:16 AM
subject Dear ScamFraudAlert@gmail.com 29.6.2009 80% 0FF on Pfizer.
hide details 2:16 AM (2 hours ago)

Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more

About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

SFA

Best Life RX – www.bestliferx.com

1 Comment

Best Life RX ,Owned By SureQuarantee Investments Ltd sent fake medication…contents completely inert Internet – Delhi, India

Best Life RX
bestliferx.com/cart/ssm_login.php
Internet,
U.S.A.

I ordered I00 tramadol tablets from best life as their prices seemed very reasonable @ $140 for 100 200mg tablets.

The order went through easily and the medication was delived promptly about 9 days later.

However I was suspicious when I saw the tablets were loose, unmarked capsules.

As I feared the tablets did not work for mychronic back pain.

I undid a capsule and tasted the substance…it tasted inert, with a slight edge of bitterness.

I compared this test with a capsule from my doctor that I knew to best genuine – the powder inside was very bitter indeed.

It was obvious that the capsules are not what they were advertised to be.

please black list the company and share info with others.

Clancy
Reading
United Kingdom

BestLife Rx

Domain
hushtech.net
edmedtruth.info
shoprxtoday.com
bestliferx.com
supersavermeds.com
securesafecart.com
myrxsupport.com
cheapherbalsource.com
myezsupport.com

Address lookup

canonical name bestliferx.com.
aliases http://www.bestliferx.com
addresses 74.213.177.13

Domain Whois record

Queried whois.internic.net with “dom bestliferx.com“…

   Domain Name: BESTLIFERX.COM
   Registrar: COMPUTER SERVICES LANGENBACH GMBH DBA JOKER.COM
   Whois Server: whois.joker.com
   Referral URL: http://www.joker.com
   Name Server: NS1.HUSHTECH.NET
   Name Server: NS2.HUSHTECH.NET
   Status: clientTransferProhibited
   Updated Date: 28-mar-2009
   Creation Date: 13-apr-2006
   Expiration Date: 13-apr-2011

Last update of whois database: Sun, 28 Jun 2009 17:54:23 UTC <<<

Queried whois.joker.com with “bestliferx.com“…

domain:       bestliferx.com
owner:        Thomas Windfeld
organization: Cardiff Domain Privacy Trust
email:        webadminrx@gmail.com
address:      9 Tanbark Circuit
address:      Mabella Court
city:         Werrington Downs
state:        NSW
postal-code:  2747
country:      AU
phone:        +1.4403486369
fax:          +1.4403486369
admin-c:      CCOM-1252385 webadminrx@gmail.com
tech-c:       CCOM-1252385 webadminrx@gmail.com
billing-c:    CCOM-1252385 webadminrx@gmail.com
nserver:      ns1.hushtech.net
nserver:      ns2.hushtech.net
status:       lock
created:      2006-04-13 07:34:38 UTC
modified:     2009-04-10 08:14:19 UTC
expires:      2011-04-13 07:34:38 UTC

contact-hdl:  CCOM-1252385
person:       Thomas Windfeld
organization: Cardiff Domain Privacy Trust
email:        webadminrx@gmail.com
address:      9 Tanbark Circuit
city:         Werrington Downs
state:        NSW
postal-code:  2747
country:      AU
phone:        +1.4403486369

source:       joker.com live whois service
query-time:   0.013981
db-updated:   2009-06-28 19:17:37ork Whois record

Queried whois.arin.net with “!NET-74-213-176-0-1“…

CustName:   Momentum Advanced Solution
Address:    155 Commerce Valley Drive East
City:       Thornhill
StateProv:  ON
PostalCode: L3T-7T2
Country:    CA
RegDate:    2009-01-13
Updated:    2009-01-13

NetRange:   74.213.176.0 - 74.213.177.255
CIDR:       74.213.176.0/23
OriginAS:   AS23498
NetName:    CDSI-MOMENTUMADVANCEDSOLUTION
NetHandle:  NET-74-213-176-0-1
Parent:     NET-74-213-160-0-1
NetType:    Reassigned
Comment:
RegDate:    2009-01-13
Updated:    2009-01-13

OrgAbuseHandle: ATP1-ARIN
OrgAbuseName:   ARIN Tech POC
OrgAbusePhone:  +1-416-840-5978
OrgAbuseEmail:  arintech@cogecodata.com

OrgNOCHandle: CDSIN-ARIN
OrgNOCName:   CDSI NOC
OrgNOCPhone:  +1-416-542-2525
OrgNOCEmail:  arintech@cogecodata.com

OrgTechHandle: ATP1-ARIN
OrgTechName:   ARIN Tech POC
OrgTechPhone:  +1-416-840-5978
OrgTechEmail:  arintech@cogecodata.com

# ARIN WHOIS database, last updated 2009-06-27 20:00

DNS records

name class type data time to live
http://www.bestliferx.com IN CNAME bestliferx.com 3600s (01:00:00)
bestliferx.com IN MX
preference: 0
exchange: server305.hushtech.net
3600s (01:00:00)
bestliferx.com IN SOA
server: ns1.hushtech.net
email: webadminrx.gmail.com
serial: 2009061907
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s (1.00:00:00)
bestliferx.com IN NS ns1.hushtech.net 86400s (1.00:00:00)
bestliferx.com IN NS ns2.hushtech.net 86400s (1.00:00:00)
bestliferx.com IN A 74.213.177.13 3600s (01:00:00)
13.177.213.74.in-addr.arpa IN CNAME 13.0-24.177.213.74.in-addr.arpa 86400s (1.00:00:00)
13.0-24.177.213.74.in-addr.arpa IN PTR 74-213-177-13.ultrahosting.com 3600s (01:00:00)

— end —

Canadian Pharmacy Spam – grewsix.com

1 Comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you endanger you health by taking those dangerous counterfeit drugs.

Header Analysis

The following IP addresses were extracted from your headers:

IP Address Probable Country Additional Info
129.10.63.40 United States (Boston)* Whois Google DNSStuff Urgentmessage.org
207.115.36.121 United States (Richardson)* Whois Google DNSStuff Urgentmessage.org
* The last IP listed is usually the originating IP address

Here is the text you submitted, with the IP addresses highlighted:

From Terry G. Parks Fri Jun 26 10:09:27 2009
Return-Path:
Authentication-Results: mta107.sbc.mail.re3.yahoo.com from=vdc.lv; domainkeys=neutral (no sig); from=vdc.lv; dkim=neutral (no sig)
Received: from 129.10.63.40 (EHLO nlpi107.prodigy.net) (207.115.36.121)
by mta107.sbc.mail.re3.yahoo.com with SMTP; Fri, 26 Jun 2009 10:09:22 -0700
Received: from 329a0d2 ([129.10.63.40])
by nlpi107.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with SMTP id n5QH9Euq004296;
Fri, 26 Jun 2009 12:09:21 -0500
Message-ID:  <000701c9f680$dcd89cc0$4a37416a@vdc.lv>
Reply-To: “Terry G. Parks”  <tg_parkszh@vdc.lv>
From: “Terry G. Parks”
To:
Subject: eye opening
Date: Fri, 26 Jun 2009 12:09:27 -0500
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset=”windows-1250″
reply-type=original
Content-Transfer-Encoding: 7bit
Content-Length: 135

An Incredible Canadian Pharmacy is available at your Fingertips!
N0~Doctor~Needed! Browse our site Today! -> http://grewsix.com

Address lookup

An Incredible Canadian Pharmacy is available at your Fingertips!
NO `Doctor `Needed! Browse our site Today! -> http://camebear.com

canonical name grewsix.com. aliases
addresses 218.75.144.6
60.191.221.117
60.191.239.153
61.191.191.241
119.39.238.2
203.93.208.86

Domain Whois record

Queried whois.internic.net with “dom grewsix.com“…

   Domain Name: GREWSIX.COM
   Registrar: CHINA SPRINGBOARD INC.
   Whois Server: whois.namerich.cn
   Referral URL: http://www.namerich.cn
   Name Server: NS1.RUNMOTHER.IN
   Name Server: NS2.RUNMOTHER.IN
   Name Server: NS3.LISTENFACE.RU
   Name Server: NS4.LISTENFACE.RU
   Name Server: NS5.WESUCH.PL
   Name Server: NS6.WESUCH.PL
   Status: ok
   Updated Date: 22-jun-2009
   Creation Date: 22-jun-2009
   Expiration Date: 22-jun-2010

>>> Last update of whois database: Sun, 28 Jun 2009 15:51:35 UTC <<<

Queried whois.namerich.cn with “grewsix.com“…

; This data is provided by China Springboard Inc.
; for information purposes, and to assist persons obtaining information
; about or related to domain name registration records.
; China Springboard Inc. does not guarantee its accuracy.
; By submitting a WHOIS query, you agree that you will use this data
; only for lawful purposes and that, under no circumstances, you will
; use this data to
; 1) allow, enable, or otherwise support the transmission of mass
; unsolicited, commercial advertising or solicitations via E-mail
; (spam); or
; 2) enable high volume, automated, electronic processes that apply
; to this WHOIS server.
; These terms may be changed without prior notice.
; By submitting this query, you agree to abide by this policy.

 DomainName : grewsix.com

RSP: China Springboard Inc.
URL: http://www.namerich.cn      

Name Server......................NS4.LISTENFACE.RU
Name Server......................NS2.RUNMOTHER.IN
Name Server......................NS6.WESUCH.PL
Name Server......................NS1.RUNMOTHER.IN
Name Server......................NS5.WESUCH.PL
Name Server......................NS3.LISTENFACE.RU
Status...........................ok
Creation  Date ..................2009-06-22
Expiration Date .................2010-06-22
Last Update  Date ...............2009-06-22

Registrant ID ...................V-X-57955-13465
Registrant Name .................ZHAO LET
Registrant Organization .........ZHAO LEI
Registrant Address ..............JIEFANGLU19
Registrant City..................DL
Registrant Province/State .......LN
Registrant Country Code .........CN
Registrant Postal Code ..........116019
Registrant Phone Number .........+86.04112880527
Registrant Fax ..................+86.04112880527
Registrant Email ................mklao9he@126.com

Administrative ID ...............V-X-57955-13465
Administrative Name .............ZHAO LET
Administrative Organization .....ZHAO LEI
Administrative Address ..........JIEFANGLU19
Administrative City..............DL
Administrative Province/State ...LN
Administrative Country Code .....CN
Administrative Postal Code ......116019
Administrative Phone Number .....+86.04112880527
Administrative Fax ..............+86.04112880527
Administrative Email ............mklao9he@126.com

Billing ID ......................V-X-57955-13465
Billing Name ....................ZHAO LET
Billing Organization ............ZHAO LEI
Billing Address .................JIEFANGLU19
Billing City.....................DL
Billing Province/State ..........LN
Billing Country Code ............CN
Billing Postal Code .............116019
Billing Phone Number ............+86.04112880527
Billing Fax .....................+86.04112880527
Billing Email ...................mklao9he@126.com

Technical ID ....................V-X-57955-13465
Technical Name ..................ZHAO LET
Technical Organization...........ZHAO LEI
Technical Address ...............JIEFANGLU19
Technical City...................DL
Technical Province/State.........LN
Technical Country Code ..........CN
Technical Postal Code ...........116019
Technical Phone Number ..........+86.04112880527
Technical Fax ...................+86.04112880527
Technical Email .................mklao9he@126.com

; Please register your domains at
; http://www.namerich.cn

Network Whois record

Queried whois.apnic.net with “218.75.144.6“…

inetnum:      218.75.128.0 - 218.75.159.255
netname:      CHINANET-HN-CD
country:      CN
descr:        CHINANET-HN changde node network
descr:        hunan Telecom
admin-c:      CHC8-AP
tech-c:       CH636-AP
status:       ALLOCATED NON-PORTABLE
changed:      ipaddress@hntelecom.net.cn 20050823
mnt-by:       MAINT-CHINANET-HN
mnt-lower:    MAINT-CHINANET-HN-CD
source:       APNIC

role:         CHINANET HuNan ChangDe
address:      The middle of Wuling Street,Changde 415000
country:      CN
phone:        +86 736 7229427
fax-no:       +86 736 7267027
e-mail:       abuse.cd@2118.com.cn
trouble:      send spam reports to spam.cd@2118.com.cn
trouble:      and abuse reports to abuse.cd@2118.com.cn
trouble:      Please include detailed information and
trouble:      times in UTC
admin-c:      CM1092-AP
tech-c:       CM1092-AP
nic-hdl:      CHC8-AP
notify:       abuse.cd@2118.com.cn
mnt-by:       MAINT-CHINANET-HN-CD
changed:      ipaddress@hntelecom.net.cn 20050818
source:       APNIC

role:         CHINANET HUNAN
address:      No.1 TuanJie road,ChangSha,Hunan 410005
country:      CN
phone:        +86 731 4792092
fax-no:       +86 731 4792007
e-mail:       abuse.szx@2118.com.cn
trouble:      send spam reports to spam.szx@2118.com.cn
trouble:      and abuse reports to abuse.szx@2118.com.cn
trouble:      Please include detailed information and
trouble:      times in UTC
admin-c:      CH632-AP
tech-c:       CS499-AP
nic-hdl:      CH636-AP
mnt-by:       MAINT-CHINANET-HN
changed:      ipaddress@hntelecom.net.cn 20050816
source:       APNIC

DNS records

DNS query for 6.144.75.218.in-addr.arpa returned an error from the server: NameError

name class type data time to live
grewsix.com IN A 203.93.208.86 10800s (03:00:00)
grewsix.com IN A 60.191.221.117 10800s (03:00:00)
grewsix.com IN A 60.191.239.153 10800s (03:00:00)
grewsix.com IN A 61.191.191.241 10800s (03:00:00)
grewsix.com IN A 218.75.144.6 10800s (03:00:00)
grewsix.com IN A 119.39.238.2 10800s (03:00:00)

xxxxxxxxxx

sharepolite.com
luckyown.com
raincool.com
pathtotal.com
shareproper.com
rightthin.com
zapblack.com
verycuddly.com
offront.com
railactive.com
seekersmiles.com
windowdouble.com
bottomvanish.com
twentyparent.com
sailnotice.com
airproper.com
howheld.com
talkown.com
againnoon.com
minutewood.com
thatcost.com
onthick.com
allthough.com
grewsix.com
heardzest.com
lovingbehind.com
shellyou.com
amtreat.com
wouldground.com
gardenguess.com
wrotemotion.com
legacyshall.com
stateequate.com
beatsshe.com
humanemy.com
camebear.com
rainthree.com
chieftype.com
abovegray.com
deluxeparent.com
centerthen.com
cowzip.com
plumlegend.com
heartlong.com
expectjust.com
causejewel.com
cowwhose.com
simpleinvent.com
streamput.com
pamperthree.com
legendvisit.com
blue-admin.com
via-grashop.com
99-22.com
luckyyour.com
prizefor.com
objectlead.com
awardfelt.com
workenough.com
motiontasty.com
caringwow.com
eagerthin.com
degreeproper.com
recordweight.com
eagerbuild.com
jewelspread.com
shellsmiles.com
caringhigh.com
nosewife.com
serveseemly.com
stoodeight.com
fizzdry.com
99-33.com
80-30.com

Canadian Pharmacy Spam – www.shop29.net aka www.shop75.net

2 Comments

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

shop75dotnet

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation.  Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you endanger your health by taking those counterfeit drugs.

  1. Bestdrugs.net.cn
  2. Cheap-meds.cn
  3. Cheap-pill.cn
  4. Cheapdrugs.com.cn
  5. Coolagree.cn
  6. Discountpills.cn
  7. Drugsdirectmoral.com
  8. Lovecanadianpower.com
  9. Lowpricepills.cn
  10. Medsbestone.com.cn
  11. Medstoresome.com.cn
  12. Newmedslofty.com
  13. Newpharmthe.com.cn
  14. Pharmacyonlinefound.com
  15. Pharmssitefarm.com.cn
  16. Pillsiteadd.com.cn
  17. Placepharmacygentle.com
  18. Ridestone.com
  19. Siterxmoral.com
  20. Smartdrugtell.com.cn
  21. Storemedburn.com.cn
  22. Thosefuns.com
  23. Topdrugalive.com
  24. Topmedsraise.com
  25. Toppharmlike.com.cn
  26. Toppilldrink.com.cn
  27. Wholesaledrugsand.com.cn
  28. Wholesalepharmsfirst.com
SmartFilter Category: Malicious Sites
Make Category Suggestions
Namerservers on IP: dns1.carryfit.com
dns1.deepworthy.com
dns1.drivefabled.com
dns1.duckspruce.com
dns1.fireideal.com
dns1.flipdollar.com
dns1.fullrail.com
dns1.grewmile.com
dns1.leadspitch.com
dns1.littletrue.com
dns1.luckyoxygen.com
dns1.nationreap.com
dns1.nightmodest.com
dns1.noseaglow.com
dns1.orclock.com
dns1.pamperextra.com
dns1.personsuffix.com
dns1.pleaseself.com
dns1.relaxrange.com
dns1.replyvoice.com
dns1.ropebird.com
dns1.saidplan.com
dns1.thingspend.com
dns1.towardhardy.com
dns1.trendylost.com
dns1.trendysit.com
dns1.varystart.com
dns1.vippast.com
dns1.wentcrisp.com
dns1.wheelfinish.com
dns1.whiteaware.com
dns1.winnertrue.com
dns1.wishlate.com
dns2.aftermulti.com
dns2.agreecrop.com
dns2.angerboat.com
dns2.boughtcreate.com
dns2.carryfit.com
dns2.createwere.com
dns2.dadfour.com
dns2.deepworthy.com
dns2.dreamylot.com
dns2.drivefabled.com
dns2.fireideal.com
dns2.greatyule.com
dns2.hasfeet.com
dns2.headraise.com
dns2.huntbring.com
dns2.leadspitch.com
dns2.littletrue.com
dns2.nationdimple.com
dns2.nationreap.com
dns2.noseaglow.com
dns2.orclock.com
dns2.pleaseself.com
dns2.pridenature.com
dns2.replyvoice.com
dns2.ropebird.com
dns2.saidplan.com
dns2.shallcoat.com
dns2.spotseason.com
dns2.tangyprime.com
dns2.towardhardy.com
dns2.trendysit.com
dns2.varystart.com
dns2.vippast.com
dns2.weekplease.com
dns3.aftermulti.com
dns3.agreecrop.com
dns3.andside.com
dns3.angerboat.com
dns3.aromaeager.com
dns3.beginwisdom.com
dns3.birdwinner.com
dns3.buyvalued.com
dns3.caringmodest.com
dns3.coldfull.com
dns3.createwere.com
dns3.dadwrote.com
dns3.dealusual.com
dns3.decenton.com
dns3.decidesmile.com
dns3.deepworthy.com
dns3.dependchoice.com
dns3.dressadd.com
dns3.drivefabled.com
dns3.duckspruce.com
dns3.eachmean.com
dns3.elsehear.com
dns3.enginemost.com
dns3.fireideal.com
dns3.flipdollar.com
dns3.fullrail.com
dns3.geniusyet.com
dns3.getensure.com
dns3.giftedproper.com
dns3.growverb.com
dns3.hasfeet.com
dns3.headraise.com
dns3.healthspeech.com

Address lookup

canonical name www.shop29.net.
aliases
addresses 119.39.238.2
203.93.208.86
218.75.144.6
60.191.221.117
60.191.239.153
61.191.191.241

Domain Whois record

Queried whois.internic.net with “dom shop29.net“…

   Domain Name: SHOP29.NET
   Registrar: ONLINENIC, INC.
   Whois Server: whois.onlinenic.com
   Referral URL: http://www.OnlineNIC.com
   Name Server: NS3.BOTHSTART.RU
   Name Server: NS4.BOTHSTART.RU
   Name Server: NS5.CREASEON.PL
   Name Server: NS6.CREASEON.PL
   Status: clientTransferProhibited
   Updated Date: 22-jun-2009
   Creation Date: 20-jun-2009
   Expiration Date: 20-jun-2010

>>> Last update of whois database: Sun, 28 Jun 2009 13:16:16 UTC <<<

Queried whois.onlinenic.com with “shop29.net“…

Registrant:
	 Shad P Calnan fake_84262a12be10a771387c9fa12be66eda@smartdesign.by +7.4294967295
	 N/A
	 ul. Lenina, d. 18, kv. 6
	 Moskva,Moskovskaya obl.,RUSSIAN FEDERATION 101000

Domain Name:shop29.net
Record last updated at 2009-06-22 10:50:33
Record created on 2009/6/20
Record expired on 2010/6/20

Domain servers in listed order:
	 ns3.bothstart.ru 	 ns4.bothstart.ru 

Administrator:
	 name:(Shad P Calnan)
	Email:(fake_84262a12be10a771387c9fa12be66eda@smartdesign.by) tel-- +7.4294967295
	 N/A
	 ul. Lenina, d. 18, kv. 6
r
t Moskva
Moskovskaya obl.,
RUSSIAN FEDERATION

 zipcode:101000

Technical Contactor:
	 name:(Shad P Calnan)
	Email:(fake_84262a12be10a771387c9fa12be66eda@smartdesign.by) tel-- +7.4294967295
	 N/A
	 ul. Lenina, d. 18, kv. 6
r
t Moskva
Moskovskaya obl.,
RUSSIAN FEDERATION

 zipcode:101000

Billing Contactor:
	 name:(Shad P Calnan)
	Email:(fake_84262a12be10a771387c9fa12be66eda@smartdesign.by) tel-- +7.4294967295
	 N/A
	 ul. Lenina, d. 18, kv. 6
r
t Moskva
Moskovskaya obl.,
RUSSIAN FEDERATION

 zipcode:101000

Registration Service Provider:
	name: Serpino Berbeto
	tel: +1.2128848801
 	fax: +1.2128848801
 	web:

Network Whois record

Queried whois.apnic.net with “119.39.238.2“…

inetnum:      119.39.232.0 - 119.39.239.255
netname:      yueyang
country:      CN
descr:        CNC Group HuNan YueYang network
descr:        SanHui building ,WuLiPai Street,
descr:        YueYang 411104
admin-c:      CH444-AP
tech-c:       CH444-AP
status:       ASSIGNED NON-PORTABLE
changed:      zoulei@chinaunicom.cn 20081215
mnt-by:       MAINT-CNCGROUP-HN
source:       APNIC

route:        119.39.0.0/16
descr:        CNC Group CHINA169 Hunan Province Network
country:      CN
origin:       AS4837
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20080102
source:       APNIC

person:       CNCGroup Hostmaster
nic-hdl:      CH444-AP
e-mail:       abuse@cnc-noc.net
address:      No.156,Fu-Xing-Men-Nei Street,
address:      Beijing,100031,P.R.China
phone:        +86-10-82993155
fax-no:       +86-10-82993144
country:      CN
changed:      abuse@cnc-noc.net 20041220
mnt-by:       MAINT-CNCGROUP
source:       APNIC

DNS records

DNS query for shop29.net failed: WouldBlock

DNS query for 2.238.39.119.in-addr.arpa returned an error from the server: NameError

name class type data time to live
http://www.shop29.net IN A 61.191.191.241 10799s (02:59:59)
http://www.shop29.net IN A 119.39.238.2 10799s (02:59:59)
http://www.shop29.net IN A 203.93.208.86 10799s (02:59:59)
http://www.shop29.net IN A 218.75.144.6 10799s (02:59:59)
http://www.shop29.net IN A 60.191.221.117 10799s (02:59:59)
http://www.shop29.net IN A 60.191.239.153 10799s (02:59:59)
shop29.net IN NS ns6.creaseon.pl 172800s (2.00:00:00)
shop29.net IN NS ns4.bothstart.ru 172800s (2.00:00:00)
shop29.net IN NS ns3.bothstart.ru 172800s (2.00:00:00)
shop29.net IN NS ns5.creaseon.pl 172800s (2.00:00:00)

— end —

Address lookup

canonical name www.shop75.net.
aliases
addresses 61.191.191.241
119.39.238.2
203.93.208.86
218.75.144.6
60.191.221.117
60.191.239.153

Domain Whois record

Queried whois.internic.net with “dom shop75.net“…

   Domain Name: SHOP75.NET
   Registrar: ONLINENIC, INC.
   Whois Server: whois.onlinenic.com
   Referral URL: http://www.OnlineNIC.com
   Name Server: NS3.BOTHSTART.RU
   Name Server: NS4.BOTHSTART.RU
   Name Server: NS5.CREASEON.PL
   Name Server: NS6.CREASEON.PL
   Status: clientTransferProhibited
   Updated Date: 22-jun-2009
   Creation Date: 20-jun-2009
   Expiration Date: 20-jun-2010

>>> Last update of whois database: Sun, 28 Jun 2009 13:18:49 UTC <<<

Queried whois.onlinenic.com with “shop75.net“…

Registrant:
	 Shad P Calnan fake_84262a12be10a771387c9fa12be66eda@smartdesign.by +7.4294967295
	 N/A
	 ul. Lenina, d. 18, kv. 6
	 Moskva,Moskovskaya obl.,RUSSIAN FEDERATION 101000

Domain Name:shop75.net
Record last updated at 2009-06-22 10:50:38
Record created on 2009/6/20
Record expired on 2010/6/20

Domain servers in listed order:
	 ns3.bothstart.ru 	 ns4.bothstart.ru 

Administrator:
	 name: Shad P Calnan
 mail: fake_84262a12be10a771387c9fa12be66eda@smartdesign.by tel: +7.4294967295
	 org: N/A

address: ul. Lenina, d. 18, kv. 6
	 city: Moskva
,province: Moskovskaya obl.
,country: RUSSIAN FEDERATION
 postcode: 101000

Technical Contactor:
	 name: Shad P Calnan
 mail: fake_84262a12be10a771387c9fa12be66eda@smartdesign.by tel: +7.4294967295
	 org: N/A

address: ul. Lenina, d. 18, kv. 6
	 city: Moskva
,province: Moskovskaya obl.
,country: RUSSIAN FEDERATION
 postcode: 101000

Billing Contactor:
	 name: Shad P Calnan
 mail: fake_84262a12be10a771387c9fa12be66eda@smartdesign.by tel: +7.4294967295
	 org: N/A

address: ul. Lenina, d. 18, kv. 6
	 city: Moskva
,province: Moskovskaya obl.
,country: RUSSIAN FEDERATION
 postcode: 101000

Registration Service Provider:
	name: Serpino Berbeto
	tel: +1.2128848801
 	fax: +1.2128848801
 	web:

Network Whois record

Queried whois.apnic.net with “61.191.191.241“…

inetnum:      61.191.0.0 - 61.191.255.255
netname:      CHINANET-AH
descr:        CHINANET Anhui province network
descr:        China Telecom
descr:        A12,Xin-Jie-Kou-Wai Street
descr:        Beijing 100088
country:      CN
admin-c:      CH93-AP
tech-c:       AT318-AP
mnt-by:       MAINT-CHINANET
mnt-lower:    MAINT-CHINANET-AH
status:       ALLOCATED NON-PORTABLE
changed:      hm-changed@apnic.net 20060314
source:       APNIC

role:         ANHUI TELECOM
address:      305 Changjiang West Road
address:      Hefei Anhui China
country:      CN
phone:        +86 0551 5185089
fax-no:       +86 0551 5185500
e-mail:       wanglinlin2@anhuitelecom.com
trouble:      send spam reports to abuse@ah163.com
trouble:      and abuse reports to abuse@ah163.com
trouble:      Please include detailed information and
trouble:      times in GMT+8:00
admin-c:      LW604-AP
tech-c:       LW604-AP
nic-hdl:      AT318-AP
remarks:      http://www.ah163.net
notify:       wanglinlin2@anhuitelecom.com
mnt-by:       MAINT-CHINANET-AH
changed:      wanglinlin2@anhuitelecom.com 20060323
source:       APNIC

person:       Chinanet Hostmaster
nic-hdl:      CH93-AP
e-mail:       anti-spam@ns.chinanet.cn.net
address:      No.31 ,jingrong street,beijing
address:      100032
phone:        +86-10-58501724
fax-no:       +86-10-58501724
country:      CN
changed:      dingsy@cndata.com 20070416
mnt-by:       MAINT-CHINANET
source:       APNIC

DNS records

DNS query for 241.191.191.61.in-addr.arpa returned an error from the server: NameError

name class type data time to live
http://www.shop75.net IN A 60.191.239.153 10800s (03:00:00)
http://www.shop75.net IN A 61.191.191.241 10800s (03:00:00)
http://www.shop75.net IN A 119.39.238.2 10800s (03:00:00)
http://www.shop75.net IN A 203.93.208.86 10800s (03:00:00)
http://www.shop75.net IN A 218.75.144.6 10800s (03:00:00)
http://www.shop75.net IN A 60.191.221.117 10800s (03:00:00)
shop75.net IN A 61.191.191.241 10800s (03:00:00)
shop75.net IN A 218.75.144.6 10800s (03:00:00)
shop75.net IN A 119.39.238.2 10800s (03:00:00)
shop75.net IN A 203.93.208.86 10800s (03:00:00)
shop75.net IN A 60.191.221.117 10800s (03:00:00)
shop75.net IN A 60.191.239.153 10800s (03:00:00)

Canadian Pharmacy – canadianpharmacy-shop.com

1 Comment

Buying Prescription Drugs Online Scam Alert 1
May Be Dangerous
Says Drug Enforcement Administration

DEA Logo - Buying Proscription Drugs

National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Behind The Online Pharmacy

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.

Also See ThreatChaos

canadian pharmacy shop

Address lookup

canonical name canadian-medshop.com.
aliases
addresses 195.95.155.22

Domain Whois record

Queried whois.internic.net with “dom canadian-medshop.com“…

Now, don’t you think giving your personal or credit card information to such ruthless criminals would be sheer madness? You would possibly get some fake product (which in case of pharmaceuticals can endanger your health). But most probably you’d get nothing at all, and they would just rip you off. They couldn’t care less about you
Domain Name: CANADIAN-MEDSHOP.COM
Registrar: EURODNS S.A
Whois Server: whois.eurodns.com
Referral URL: http://www.eurodns.com
Name Server: NS1.EURODNS.COM
Name Server: NS2.EURODNS.COM
Status: clientTransferProhibited
Updated Date: 04-feb-2009
Creation Date: 04-feb-2009
Expiration Date: 04-feb-2010

Last update of whois database: Sat, 27 Jun 2009 23:31:12 UTC
Queried whois.eurodns.com with “canadian-medshop.com

By submitting this query, you agree to abide by the above policy.

Domain: canadian-medshop.com
Registrar: Eurodns S.A.

Registrant:
Company:
Name: Sokholov Sergey
Address: 176 Whalley Range
City: Blackburn
Country: UNITED KINGDOM
Postal Code: BB1 6NL

Administrative Contact:
Company:
Name: Sokholov Sergey
Address: 176 Whalley Range
City: Blackburn
Country: UNITED KINGDOM
Postal Code: BB1 6NL
Phone: +18882817722
Fax:
Email: cadmium.hrz@gmail.com

Technical Contact:
Company:
Name: Sokholov Sergey
Address: 176 Whalley Range
City: Blackburn
Country: UNITED KINGDOM
Postal Code: BB1 6NL
Phone: +18882817722
Fax:
Email: cadmium.hrz@gmail.com

Original Creation Date: 2009-02-04
Expiration Date: 2010-02-03

Status:
clientTransferProhibited

Nameserver Information:
Nameserver: ns1.eurodns.com
Nameserver: ns2.eurodns.com

Network Whois record

Queried whois.ripe.net with “-B 195.95.155.22

Information related to ‘195.95.155.0 – 195.95.155.255’

inetnum: 195.95.155.0 – 195.95.155.255
netname: MSKCOM-NET
descr: MoskvaCom Ltd
country: RU
org: ORG-ML114-RIPE
admin-c: PG5690-RIPE
tech-c: PG5690-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-by: MSKCOM-MNT
mnt-routes: MSKCOM-MNT
mnt-routes: AS2118-MNT
mnt-domains: MSKCOM-MNT
changed: dilotto@gmail.com 20090224
source: RIPE

organisation: ORG-ML114-RIPE
org-name: MoskvaCom Ltd
org-type: OTHER
address: Parusnyj pr. 49/2
address: Moscow, Russia
phone: +7 910 4311272
e-mail: dilotto@gmail.com
mnt-ref: MSKCOM-MNT
mnt-by: MSKCOM-MNT
changed: hostmaster@ripe.net 20090224
source: RIPE

person: Pavel Gorbunov
address: Parusnyj pr. 49/2
address: Moscow, Russia
phone: +7 910 4311272
e-mail: dilotto@gmail.com
nic-hdl: PG5690-RIPE
mnt-by: MSKCOM-MNT
changed: hostmaster@ripe.net 20090224
source: RIPE

Information related to ‘195.95.155.0/24AS2118’

route: 195.95.155.0/24
descr: RusDesign Autonomous System
origin: AS2118
notify: noc@relcom.net
mnt-by: AS2118-MNT
changed: andreyss@relcom.net 20090303
source: RIPE

DNS records

DNS query for 22.155.95.195.in-addr.arpa returned an error from the server: NameError

name class type data time to live
canadian-medshop.com IN A 195.95.155.22 700s (00:11:40)
canadian-medshop.com IN MX
preference: 10
exchange: mail.canadian-medshop.com
3600s (01:00:00)
canadian-medshop.com IN SOA
server: ns1.eurodns.com
email: hostmaster.eurodns.com
serial: 2009062000
refresh: 86400
retry: 7200
expire: 604800
minimum ttl: 86400
86400s (1.00:00:00)
canadian-medshop.com IN NS ns1.eurodns.com 86400s (1.00:00:00)
canadian-medshop.com IN NS ns2.eurodns.com 86400s (1.00:00:00)

afsfsd

Address lookup

canonical name canadianpharmacy-shop.com.
aliases http://www.canadianpharmacy-shop.com
addresses 195.95.155.3

Domain Whois record

Queried whois.internic.net with “dom canadianpharmacy-shop.com“…

   Domain Name: CANADIANPHARMACY-SHOP.COM
   Registrar: EVERYONES INTERNET, LTD. DBA RESELLONE.NET
   Whois Server: whois.resellone.net
   Referral URL: http://www.resellone.net
   Name Server: NS1.SUSPENDED-DOMAINS.NET
   Name Server: NS2.SUSPENDED-DOMAINS.NET
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 21-jun-2009
   Creation Date: 22-apr-2009
   Expiration Date: 22-apr-2010

Last update of whois database: Sat, 27 Jun 2009 23:39:39 UTC <<<

Queried whois.resellone.net with “canadianpharmacy-shop.com“…

Registrant:
 n/a
 p.o. box 1928
 CHERNIGOV, UA 14000
 UA

 Domain name: CANADIANPHARMACY-SHOP.COM

 Administrative Contact:
    Kuts, Valery  domain-abuse@it-spec.com
    p.o. box 1928
    CHERNIGOV, UA 14000
    UA
    +3.80913018614
 Technical Contact:
    Kuts, Valery  domain-abuse@it-spec.com
    p.o. box 1928
    CHERNIGOV, UA 14000
    UA
    +3.80913018614

 Registration Service Provider:
    IT-SPEC.COM, info@it-spec.com
    +3.80913018614
    http://it-spec.com
    IT-SPEC.COM - PROFESSIONAL DOMAIN REGISTRATION
    SEND FOR ABUSE: domain-abuse@it-spec.com

 Registrar of Record: Everyones Internet, LLC dba Resellone.net
 Record last updated on 21-Jun-2009.
 Record expires on 22-Apr-2010.
 Record created on 22-Apr-2009.

 Domain servers in listed order:
    NS1.SUSPENDED-DOMAINS.NET
    NS2.SUSPENDED-DOMAINS.NET   

 Domain status: clientTransferProhibited
                clientUpdateProhibited
Network Whois record

Queried whois.ripe.net with “-B 195.95.155.3“…

Information related to ‘195.95.155.0 – 195.95.155.255’

inetnum: 195.95.155.0 – 195.95.155.255
netname: MSKCOM-NET
descr: MoskvaCom Ltd
country: RU
org: ORG-ML114-RIPE
admin-c: PG5690-RIPE
tech-c: PG5690-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-by: MSKCOM-MNT
mnt-routes: MSKCOM-MNT
mnt-routes: AS2118-MNT
mnt-domains: MSKCOM-MNT
changed: dilotto@gmail.com 20090224
source: RIPE

organisation: ORG-ML114-RIPE
org-name: MoskvaCom Ltd
org-type: OTHER
address: Parusnyj pr. 49/2
address: Moscow, Russia
phone: +7 910 4311272
e-mail: dilotto@gmail.com
mnt-ref: MSKCOM-MNT
mnt-by: MSKCOM-MNT
changed: hostmaster@ripe.net 20090224
source: RIPE

person: Pavel Gorbunov
address: Parusnyj pr. 49/2
address: Moscow, Russia
phone: +7 910 4311272
e-mail: dilotto@gmail.com
nic-hdl: PG5690-RIPE
mnt-by: MSKCOM-MNT
changed: hostmaster@ripe.net 20090224
source: RIPE

% Information related to ‘195.95.155.0/24AS2118’

route: 195.95.155.0/24
descr: RusDesign Autonomous System
origin: AS2118
notify: noc@relcom.net
mnt-by: AS2118-MNT
changed: andreyss@relcom.net 20090303
source: RIPE

DNS records

DNS query for 3.155.95.195.in-addr.arpa returned an error from the server: NameError

name class type data time to live
http://www.canadianpharmacy-shop.com IN CNAME canadianpharmacy-shop.com 60s (00:01:00)
canadianpharmacy-shop.com IN SOA
server: ns1.nscontrol.com
email: root.canadianpharmacy-shop.com
serial: 2007100805
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 30
60s (00:01:00)
canadianpharmacy-shop.com IN NS ns4.nscontrol.com 60s (00:01:00)
canadianpharmacy-shop.com IN NS ns5.nscontrol.com 60s (00:01:00)
canadianpharmacy-shop.com IN NS ns2.nscontrol.com 60s (00:01:00)
canadianpharmacy-shop.com IN NS ns1.nscontrol.com 60s (00:01:00)
canadianpharmacy-shop.com IN NS ns3.nscontrol.com 60s (00:01:00)
canadianpharmacy-shop.com IN A 195.95.155.3 60s (00:01:00)

— end —

Canadian Pharmacy Scam – thepharmacydiscount.com – internetserviceteam.com

2 Comments

Buying Prescription Drugs Online May Be Dangerous Says
Drug Enforcement Administration
Scam Alert 1

DEA Logo - Buying Proscription Drugs

National Association of Boards of Pharmacy (NABP)
Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Who's Behind Online Pharmacy 

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.

Address lookup

canonical name thepharmacydiscount.com.
aliases
addresses 95.168.177.116 – internetserviceteam.com

Internetserviceteam is a known content scraper bot operator, they are known to crawl the web to steal images (photos), they also run spam harvesting bots (scanning for email addresses) and scrape web page content to produce spam pages.

Domain Whois record

Queried whois.internic.net with “dom thepharmacydiscount.com“…

Domain Name: THEPHARMACYDISCOUNT.COM
Registrar: TODAYNIC.COM, INC.
Whois Server: whois.todaynic.com
Referral URL: http://www.NOW.CN
Name Server: NS1.EVERYDNS.NET
Name Server: NS2.EVERYDNS.NET
Name Server: NS3.EVERYDNS.NET
Name Server: NS4.EVERYDNS.NET
Status: clientTransferProhibited
Updated Date: 20-may-2009
Creation Date: 02-dec-2008
Expiration Date: 02-dec-2009

Last update of whois database: Sat, 27 Jun 2009 22:59:29 UTC

Queried whois.todaynic.com with “thepharmacydiscount.com“…Network Whois record

Queried whois.ripe.net with “-B 95.168.177.116“…

Information related to ‘95.168.177.0 – 95.168.177.255’

inetnum: 95.168.177.0 – 95.168.177.255
netname: V3SERVERS-NET-967806
descr: v3servers.net VPS&VDS customer server
country: BY
admin-c: SA4597-RIPE
tech-c: SR614-RIPE
status: ASSIGNED PA
mnt-by: NETDIRECT-MNT
mnt-lower: NETDIRECT-MNT
mnt-routes: NETDIRECT-MNT
changed: technik@netdirekt.de 20090417
source: RIPE

person: Sogreev Anton
address: 12 Knez Mihailova
address: apt. 18
address: Belgrade
address: 11000
address: Serbia
phone: +1 619 684 2664
e-mail: mail@v3servers.net
abuse-mailbox: abuse@v3servers.net
nic-hdl: SA4597-RIPE
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20081010
source: RIPE

person: Simon Roehl
address: netdirekt e. K.
address: Kleyer Strasse 79 /Tor 14
address: 60326 Frankfurt
address: DE
phone: +49 69 90556880
fax-no: +49 69 905568822
e-mail: technik@netdirekt.de
nic-hdl: SR614-RIPE
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20040224
source: RIPE

% Information related to ‘95.168.160.0/19AS28753’

route: 95.168.160.0/19
descr: ORG-nA8-RIPE
origin: AS28753
org: ORG-nA8-RIPE
mnt-lower: NETDIRECT-MNT
mnt-routes: NETDIRECT-MNT
mnt-by: NETDIRECT-MNT
changed: technik@netdirekt.de 20090126
source: RIPE

organisation: ORG-nA8-RIPE
org-name: netdirect
org-type: LIR
address: netdirekt e. K.
Kleyer Strasse 79 / Tor 14
60326 Frankfurt
Germany
phone: +49 69 90556880
fax-no: +49 69 905568822
e-mail: ripe@netdirekt.de
admin-c: SR614-RIPE
admin-c: WW200-RIPE
mnt-ref: NETDIRECT-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
changed: hostmaster@ripe.net 20040415
changed: bitbucket@ripe.net 20050329
changed: bitbucket@ripe.net 20060223
changed: bitbucket@ripe.net 20060223
changed: bitbucket@ripe.net 20060815
changed: bitbucket@ripe.net 20070108
changed: bitbucket@ripe.net 20070509
changed: bitbucket@ripe.net 20070813
changed: bitbucket@ripe.net 20080516
changed: bitbucket@ripe.net 20080527
changed: bitbucket@ripe.net 20081014
changed: bitbucket@ripe.net 20090102
changed: bitbucket@ripe.net 20090227
source: RIPE

DNS records

name class type data time to live
thepharmacydiscount.com IN SOA
server: ns1.everydns.net
email: hostmaster.thepharmacydiscount.com
serial: 1246143007
refresh: 3600
retry: 900
expire: 1209600
minimum ttl: 3600
360s (00:06:00)
thepharmacydiscount.com IN NS ns1.everydns.net 86400s (1.00:00:00)
thepharmacydiscount.com IN NS ns2.everydns.net 86400s (1.00:00:00)
thepharmacydiscount.com IN NS ns3.everydns.net 86400s (1.00:00:00)
thepharmacydiscount.com IN NS ns4.everydns.net 86400s (1.00:00:00)
thepharmacydiscount.com IN A 95.168.177.116 3600s (01:00:00)
116.177.168.95.in-addr.arpa IN SOA
server: ns9.dnspro.de
email: ns.netdirekt.de
serial: 9042600
refresh: 10800
retry: 3600
expire: 1209700
minimum ttl: 100000
100000s (1.03:46:40)
116.177.168.95.in-addr.arpa IN NS ns9.dnspro.de 100000s (1.03:46:40)
116.177.168.95.in-addr.arpa IN NS tert.dnspro.de 100000s (1.03:46:40)
116.177.168.95.in-addr.arpa IN NS ns10.dnspro.de 100000s (1.03:46:40)
116.177.168.95.in-addr.arpa IN NS quart.dnspro.de 100000s (1.03:46:40)
116.177.168.95.in-addr.arpa IN PTR 95.168.177.116.internetserviceteam.com 100000s (1.03:46:40)

Canadian Pharmacy – best-drug.com

Leave a comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)


us drugstore

Address lookup

canonical name best-drug.com
aliases
addresses 195.95.155.3

Domain Whois record

Queried whois.internic.net with dom best-drug.com

   Domain Name: BEST-DRUG.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: NS1.NSCONTROL.COM
   Name Server: NS2.NSCONTROL.COM
   Name Server: NS3.NSCONTROL.COM
   Name Server: NS4.NSCONTROL.COM
   Name Server: NS5.NSCONTROL.COM
   Status: clientTransferProhibited
   Updated Date: 25-jun-2009
   Creation Date: 24-jun-2009
   Expiration Date: 24-jun-2010

Last update of whois database: Sat, 27 Jun 2009 20:46:56 UTC <<<

Queried whois.enom.com with “best-drug.com“…

Registration Service Provided By: -
Contact: director@climbing-games.com
Visit: http://www.ruler-domains.com

Domain name: best-drug.com
Registrant Contact:
   slay slayer
   Fax:
   grosse strasse 32,31
   erfurt,  2123
   DE

Administrative Contact:
   slay slayer (sslaayeerr@googlemail.com
   +310212121212
   Fax:
   grosse strasse 32,31
   erfurt,  2123
   DE

Technical Contact:
   slay slayer  sslaayeerr@googlemail.com
   +310212121212
   Fax:
   grosse strasse 32,31
   erfurt,  2123
   DE

Status: Locked
Name Servers:
   ns1.nscontrol.com
   ns2.nscontrol.com
   ns3.nscontrol.com
   ns4.nscontrol.com
   ns5.nscontrol.com

Creation date: 24 Jun 2009 18:34:09
Expiration date: 24 Jun 2010 18:34:09

Get Noticed on the Internet!  Increase visibility for this domain name by listing it at www.whoisbusinesslistings.com

Network Whois record

Queried whois.ripe.net with “-B 195.95.155.3“…

% Information related to '195.95.155.0 - 195.95.155.255'

inetnum:        195.95.155.0 - 195.95.155.255
netname:        MSKCOM-NET
descr:          MoskvaCom Ltd
country:        RU
org:            ORG-ML114-RIPE
admin-c:        PG5690-RIPE
tech-c:         PG5690-RIPE
status:         ASSIGNED PI
mnt-by:         RIPE-NCC-HM-PI-MNT
mnt-lower:      RIPE-NCC-HM-PI-MNT
mnt-by:         MSKCOM-MNT
mnt-routes:     MSKCOM-MNT
mnt-routes:     AS2118-MNT
mnt-domains:    MSKCOM-MNT
changed:        dilotto@gmail.com 20090224
source:         RIPE

organisation:   ORG-ML114-RIPE
org-name:       MoskvaCom Ltd
org-type:       OTHER
address:        Parusnyj pr. 49/2
address:        Moscow, Russia
phone:          +7 910 4311272
e-mail:         dilotto@gmail.com
mnt-ref:        MSKCOM-MNT
mnt-by:         MSKCOM-MNT
changed:        hostmaster@ripe.net 20090224
source:         RIPE

person:         Pavel Gorbunov
address:        Parusnyj pr. 49/2
address:        Moscow, Russia
phone:          +7 910 4311272
e-mail:         dilotto@gmail.com
nic-hdl:        PG5690-RIPE
mnt-by:         MSKCOM-MNT
changed:        hostmaster@ripe.net 20090224
source:         RIPE

% Information related to '195.95.155.0/24AS2118'

route:          195.95.155.0/24
descr:          RusDesign Autonomous System
origin:         AS2118
notify:         noc@relcom.net
mnt-by:         AS2118-MNT
changed:        andreyss@relcom.net 20090303
source:         RIPE

DNS records

DNS query for 3.155.95.195.in-addr.arpa returned an error from the server: NameError

name class type data time to live
best-drug.com IN SOA
server: ns1.nscontrol.com
email: root.best-drug.com
serial: 2007100801
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 30
60s (00:01:00)
best-drug.com IN A 195.95.155.3 60s (00:01:00)
best-drug.com IN NS ns4.nscontrol.com 60s (00:01:00)
best-drug.com IN NS ns3.nscontrol.com 60s (00:01:00)
best-drug.com IN NS ns5.nscontrol.com 60s (00:01:00)
best-drug.com IN NS ns1.nscontrol.com 60s (00:01:00)
best-drug.com IN NS ns2.nscontrol.com 60s (00:01:00)

WhoIs ns1.ispvds.com

Leave a comment

Buying Prescription Drugs Online May Be Dangerous Says
Drug Enforcement Administration
Scam Alert 1

DEA Logo - Buying Proscription Drugs

National Association of Boards of Pharmacy (NABP)
Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Who's Behind Online Pharmacy 

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.

used as nameserver but missing in zone
0uk.net
5070.info
5z0.net
absolute-portal.com
alternatenet.net
bakomatex.com
banstock.com
birdtower.com
blueiontech.com
blueorange.be
bluepills-rx.net
brandpills.net
cafeschlag.com
carlvdupre.com
casino-consul.com
ced-wb.org
clearcutsemblance.com
club-ip.net
cvswebclient.net
dikoepole.org
diversionmedia.net
dooopa.net
ediz.ru
egreenrx.net
eis-ru.net
entec-systems.com
esposende.com
etherealrealm.org
facechange.com
findadive.com
finncrosse.com
forexdvd.net
foustok.net
gabrielaschutz.com
garden-office.net
generationplus.net
geniev.net
get43.net
go34.net
goodweeks.biz
gozetle.net
gozetleme.net
graszoden.be
hard-exotique.com
hard-lesbienne.com
hard-mature.com
hard-pipe.com
hard-sodo.com
imagesalon.net
indylink.net
inmedicines.net
islandofmusic.com
isp-server.com
job-hunts.net
kitetelecom.net
koschalk.com
kyotogames.com
l0a.net
lansman.org
loftd.com
matota.com
max-price.net
maxicus.com
mbcbe.com
mdcheap.net
mdski.net
mdsrx.net
meds-cheap.net
medsbuy.net
mgastudios.net
mobilia-online.com
mobipic.net
mosgu.net
motorhomesscotland.net
mouvementreformateur.net
mymultitracker.net
myspot.info
nedved.net
nervenne.com
new-pharm.net
nydragoes.com
onlinerxmeds.net
orangeblack.org
pandaetu.info
paradis-fiscaux.com
paris-rent-apartment.com
pmds.org
promotion-theatre.org
rxviagra.net
salatmix.com
samiasmahi.net
selseg.com
seo2you.com
seohacker.net
silvacabinetry.com
slavmobile.com
smartdietcenter.com
sochiguide.net
spectraimaging.net
supereach.net
svjatoshino.com
svyatoshino.com
sztdr.net
telecharger-video-x.com
telfordhouse.com
thedreamstore.com
ttsmaster.com
ua-beckhoff.com
umkabooks.com
umpkb.com
urozhay.com
vitaminize.net
webteriors.com
welieverchevrolet.com
wmplanet.net
yourshopper.net
zaboysultra.com
znai.net
domains using this as nameserver
3foisrien.com
4senses.ispvds.com
5070.info
activebiometrix.com
actualfree.com
aksmarket.ru
akvadar.ru
al-multimix.ispvds.com
allpets.ru
amakan.ru
amsu.ru
apdsystem.com
aries-hosting.com
artec-group.com
aska-shop.com.ua
astropolis.net
at-hosting.com
avto-sait.ru
bakomatex.com
banstock.isp-server.com
beffective.ca
belgasite.be
belsite.com
betsee.com
bossavit.com
bruhost-2.ispvds.com
bruhost.ispvds.com
carrefourmedical.net
cell-tissuetransplantation.com
centreindigo.org
chemport.ru
chemy.ru
chronorace.be
cogendi.com
cotejardins.ch
cracnet.com
cyberdepot.biz
daniel.ispvds.com
de-troyer.be
deine-freunde.net
drnd.be
drvrn.com
e-ticket.ru
ediz.ru
efireice.com
elbase.ispvds.com
esales.ru
etobolsk.ru
euroconsultants.be
evm.ru
fastorder.net
foratel.com
format21.com
freekerrybook.org
g9e.ru
george.ispvds.com
geot.ispvds.com
gooddays.ru
gouralnik.com
graphic-lettering.be
hote.net
houebe.com
idsbd.net
intermedia-communication.biz
ishango.ispvds.com
isobel.be
ispserver.com
ispsystem.com
ispvds.com
itcomplex.ru
jbsoares.net
kgora.ru
kinologia.ru
labstyle.com
ls.ispvds.com
luxuryparlor.ispvds.com
mail.amsu.ru
markopizza.ru
matota.com
mdbt.be
megaded.info
merlin-worlds.ru
merscomdocs.com
mirronix.com
momotaro.biz
moving-storage.net
mskhost-2.ispvds.com
mskhost.ispvds.com
multiactivist.com
mykorzina.com
norsite.net
novgorod.su
nyhost-2.ispvds.com
nyk-backup.ispvds.com
openforall.net
pavel.ispvds.com
planbweb.com
progsight.be
reanimator.ispvds.com
redin.info
rental-apartment-paris.com
rolissisp.ispvds.com
rus.aero
rusaero.aero
sdv2.antipode.info
seli01.be
sferaweb.ru
sidora.net
societe-internationale.com
stagingarea3.com
staquet.net
synergir.com
taxpolicy.ru
tlnh.ru
totogolo.com
transmaster177.ru
triniforce.ispvds.com
vdelo.ru
webcoop.org
wildboarmusic.co

WhoIs GlavMed.com aka Canadian Pharmacy

1 Comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

Glavmed is the public-facing affiliate program which sponsors spammers to promote what are generally known to be illegal pharmacy websites. It appears to be a cover for the real sponsor organization behind all of these sites: Spamit. These include [Canadian Pharmacy], one of the most-spammed properties during 2006-2008. Glavmed is alternately known in the spammer community as the “Spamit” program, making it clear that this operation endorses and condones illegal spamming in the promotion of their properties.

This was learned from postings on bulkerforum.biz by username “kref”, who would invite users to promote for their properties. kref is also known as “fakir f” (his Skype username.)

Glavmed (Spamit) is believed to be based out of Moscow, and thought to be very closely related to the “Russian Business Network”, or “RBN.


Spamtracker.eu

GlavMed2

Address lookup

canonical name www.glavmed.com.
aliases
addresses 74.86.34.144

Domain Whois record

Queried whois.internic.net with “dom glavmed.com“…

   Domain Name: GLAVMED.COM
   Registrar: REGTIME LTD.
   Whois Server: whois.regtime.net
   Referral URL: http://www.webnames.ru
   Name Server: NS1.GLAVMED.COM
   Name Server: NS2.GLAVMED.COM
   Status: ok
   Updated Date: 23-jan-2009
   Creation Date: 14-mar-2006
   Expiration Date: 14-mar-2013

>>> Last update of whois database: Sat, 27 Jun 2009 02:40:08 UTC <<<

Queried whois.regtime.net with “glavmed.com“…

% Regtime Ltd. WHOIS server

Domain name: glavmed.com

Name servers:
    ns1.glavmed.com
    ns2.glavmed.com

Registrar: Regtime Ltd.
Creation date: 2009-01-15
Expiration date: 2013-03-14
Status: active

Registrant:
    PHARMOS LIMITED
    Email: info@glavmed.com
    Organization: PHARMOS LIMITED
    Address: 177 WHALLEY RANGE
    City: BLACKBURN
    State: LANCS
    ZIP: BB1 6NL
    Country: GB
    Phone: +1.8778062747
    Fax: +1.8778062747
Administrative Contact:
    PHARMOS LIMITED
    Email: info@glavmed.com
    Organization: PHARMOS LIMITED
    Address: 177 WHALLEY RANGE
    City: BLACKBURN
    State: LANCS
    ZIP: BB1 6NL
    Country: GB
    Phone: +1.8778062747
    Fax: +1.8778062747
Technical Contact:
    PHARMOS LIMITED
    Email: info@glavmed.com
    Organization: PHARMOS LIMITED
    Address: 177 WHALLEY RANGE
    City: BLACKBURN
    State: LANCS
    ZIP: BB1 6NL
    Country: GB
    Phone: +1.8778062747
    Fax: +1.8778062747
Billing Contact:
    PHARMOS LIMITED
    Email: info@glavmed.com
    Organization: PHARMOS LIMITED
    Address: 177 WHALLEY RANGE
    City: BLACKBURN
    State: LANCS
    ZIP: BB1 6NL
    Country: GB
    Phone: +1.8778062747
    Fax: +1.8778062747

Network Whois record

Queried whois.arin.net with “!NET-74-86-34-144-1“…

CustName:   Dmitry Fedorov
Address:    Ivanov st 31
City:       Moscow
StateProv:
PostalCode: 125725
Country:    RU
RegDate:    2009-03-19
Updated:    2009-03-19

NetRange:   74.86.34.144 - 74.86.34.151
CIDR:       74.86.34.144/29
NetName:    NET-74-86-34-144
NetHandle:  NET-74-86-34-144-1
Parent:     NET-74-86-0-0-1
NetType:    Reassigned
Comment:    Send abuse issues to abuse@softlayer.com
RegDate:    2009-03-19
Updated:    2009-03-19

RAbuseHandle: ABUSE1025-ARIN
RAbuseName:   Abuse
RAbusePhone:  +1-214-442-0605
RAbuseEmail:  abuse@softlayer.com 

RNOCHandle: IPADM258-ARIN
RNOCName:   IP Admin
RNOCPhone:  +1-214-442-0600
RNOCEmail:  ipadmin@softlayer.com 

RTechHandle: IPADM258-ARIN
RTechName:   IP Admin
RTechPhone:  +1-214-442-0600
RTechEmail:  ipadmin@softlayer.com 

OrgAbuseHandle: ABUSE1025-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-214-442-0605
OrgAbuseEmail:  abuse@softlayer.com

OrgTechHandle: IPADM258-ARIN
OrgTechName:   IP Admin
OrgTechPhone:  +1-214-442-0600
OrgTechEmail:  ipadmin@softlayer.com

# ARIN WHOIS database, last updated 2009-06-26 19:10

DNS records

name class type data time to live
http://www.glavmed.com IN A 74.86.34.144 60s (00:01:00)
glavmed.com IN SOA
server: ns1.glavmed.com
email: root.glavmed.com
serial: 2009041832
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 30
60s (00:01:00)
glavmed.com IN NS ns1.glavmed.com 60s (00:01:00)
glavmed.com IN NS ns2.glavmed.com 60s (00:01:00)
glavmed.com IN MX
preference: 10
exchange: mail.glavmed.com
60s (00:01:00)
glavmed.com IN A 74.86.34.144 60s (00:01:00)
144.34.86.74.in-addr.arpa IN PTR 74.86.34.144-static.reverse.softlayer.com 3600s (01:00:00)

— end —

Legal Rx Drugs – www.legalrxdrugs.com

Leave a comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

Legalrxdrugs

Address lookup

canonical name www.legalrxdrugs.com.
aliases
addresses 85.17.189.163

Domain Whois record

Queried whois.internic.net with “dom legalrxdrugs.com“…

   Domain Name: LEGALRXDRUGS.COM
   Registrar: MONIKER ONLINE SERVICES, INC.
   Whois Server: whois.moniker.com
   Referral URL: http://www.moniker.com/whois.html
   Name Server: NS1.SPECIALHOSTING.INFO
   Name Server: NS2.SPECIALHOSTING.INFO
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 26-dec-2008
   Creation Date: 27-nov-2006
   Expiration Date: 27-nov-2009

>>> Last update of whois database: Thu, 25 Jun 2009 13:57:35 UTC <<<

Queried whois.moniker.com with “legalrxdrugs.com“…

Domain Name: LEGALRXDRUGS.COM

Registrant [1666466]:
        Moniker, Privacy Services LEGALRXDRUGS.COM@domainservice.com
        Moniker Privacy Services
        20 SW 27th Ave.
        Suite 201
        Pompano Beach
        FL
        33069
        US

Administrative Contact [1666466]:
        Moniker, Privacy Services LEGALRXDRUGS.COM@domainservice.com
        Moniker Privacy Services
        20 SW 27th Ave.
        Suite 201
        Pompano Beach
        FL
        33069
        US
        Phone: +1.9549848445
        Fax:   +1.9549699155

Billing Contact [1666466]:
        Moniker, Privacy Services LEGALRXDRUGS.COM@domainservice.com
        Moniker Privacy Services
        20 SW 27th Ave.
        Suite 201
        Pompano Beach
        FL
        33069
        US
        Phone: +1.9549848445
        Fax:   +1.9549699155

Technical Contact [1666466]:
        Moniker, Privacy Services LEGALRXDRUGS.COM@domainservice.com
        Moniker Privacy Services
        20 SW 27th Ave.
        Suite 201
        Pompano Beach
        FL
        33069
        US
        Phone: +1.9549848445
        Fax:   +1.9549699155

Domain servers in listed order:

        NS1.SPECIALHOSTING.INFO
        NS2.SPECIALHOSTING.INFO

        Record created on:        2006-11-27 18:22:00.0
        Database last updated on: 2008-12-26 06:35:00.293
        Domain Expires on:        2009-11-27 18:22:00.0

Network Whois record

Queried whois.ripe.net with “-B 85.17.189.163“…

% Information related to '85.17.189.0 - 85.17.189.255'

inetnum:        85.17.189.0 - 85.17.189.255
netname:        LEASEWEB
descr:          LeaseWeb
descr:          P.O. Box 93054
descr:          1090BB AMSTERDAM
descr:          Netherlands
descr:          www.leaseweb.com
remarks:        Please send email to "abuse@leaseweb.com" for complaints
remarks:        regarding portscans, DoS attacks and spam.
remarks:        INFRA-AW
country:        NL
admin-c:        LSW1-RIPE
tech-c:         LSW1-RIPE
status:         ASSIGNED PA
mnt-by:         OCOM-MNT
changed:        ripe@leaseweb.com 20070809
source:         RIPE

person:         RIP Mean
address:        P.O. Box 93054
address:        1090BB AMSTERDAM
address:        Netherlands
phone:          +31 20 3162880
fax-no:         +31 20 3162890
abuse-mailbox:  abuse@leaseweb.com
e-mail:         ripe@leaseweb.com
nic-hdl:        LSW1-RIPE
notify:         ripe@leaseweb.com
mnt-by:         OCOM-MNT
changed:        ripe@ocom.com 20050607
changed:        ripe@ocom.com 20060215
changed:        ripe@ocom.com 20060608
changed:        ripe@ocom.com 20080603
source:         RIPE

% Information related to '85.17.0.0/16AS16265'

route:          85.17.0.0/16
descr:          LEASEWEB
origin:         AS16265
remarks:        LeaseWeb
mnt-by:         OCOM-MNT
changed:        ripe@ocom.com 20050311
changed:        ripe@ocom.com 20070610
source:         RIPE

DNS records

name class type data time to live
http://www.legalrxdrugs.com IN A 85.17.189.163 14400s (04:00:00)
legalrxdrugs.com IN MX
preference: 10
exchange: mail.legalrxdrugs.com
14400s (04:00:00)
legalrxdrugs.com IN TXT v=spf1 a mx ip4:85.17.189.163 ?all 14400s (04:00:00)
legalrxdrugs.com IN A 85.17.189.163 14400s (04:00:00)
legalrxdrugs.com IN SOA
server: ns1.specialhosting.info
email: root.legalrxdrugs.com
serial: 2008040600
refresh: 14400
retry: 3600
expire: 1209600
minimum ttl: 86400
14400s (04:00:00)
legalrxdrugs.com IN NS ns2.specialhosting.info 14400s (04:00:00)
legalrxdrugs.com IN NS ns1.specialhosting.info 14400s (04:00:00)
163.189.17.85.in-addr.arpa IN PTR hosted-by.leaseweb.com 86400s (1.00:00:00)
Domain
mobitube.org
phoneporn.org
dietdeals.net
gmgint.net
hotdrugs.net
myphentermine.net
paintabs.net
sleeptabs.net
yourphentermine.net
masterfibre.net
meds-easy.net
specialhosting.info
drugslive.com
germanycars-direct.com
legalrxdrugs.com
medicationstocks.com
trustpharm.com
unfairclients.com
veritypharma.com
replok.com
online-meds-order.com
acompliaweb.com
medical-and-pharmacy.com
webxanax.com
viagradirectonline.com
medmarketer.com
alpram.com
ruagra.com
meds-trade.com
meds-easy.com
buywmz.com
acompliageneric.com
ozernoe.com
meds-buy.com
sfordela.com

Canadian Pharmacy – www.firmvictor.com

Leave a comment

Header Analysis

The following IP addresses were extracted from your headers:

IP Address Probable Country Additional Info
151.95.186.133 Italy (Pignone)* Whois Google DNSStuff Urgentmessage.org
207.115.20.195 United States (Richardson)* Whois Google DNSStuff Urgentmessage.org
* The last IP listed is usually the originating IP address

Here is the text you submitted, with the IP addresses highlighted:

From Lorena N. Livingston Mon Jun 22 17:26:07 2009
Return-Path: <llivingston_wt@avantgarde.de>
Authentication-Results: mta112.sbc.mail.gq1.yahoo.com from=avantgarde.de; domainkeys=neutral (no sig); from=avantgarde.de; dkim=neutral (no sig)
Received: from 151.95.186.133 (EHLO flpi193.prodigy.net) (207.115.20.195)
by mta112.sbc.mail.gq1.yahoo.com with SMTP; Tue, 23 Jun 2009 04:14:27 -0700
Received: from lqdbnh2 ([151.95.186.133])
by flpi193.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with SMTP id n5NBDbs2029631;
Tue, 23 Jun 2009 04:14:25 -0700
Message-ID: <000701c9f399$334e5fd0$627e2c7a@avantgarde.de>
Reply-To: “Lorena N. Livingston”
From: “Lorena N. Livingston” <llivingston_wt@avantgarde.de>
To: ScamFraudAlert
Subject: Stay Hard and Last Longer in Bed!
Date: Mon, 22 Jun 2009 17:26:07 -0700
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset=”windows-1250″
reply-type=original
Content-Transfer-Encoding: 7bit
Content-Length: 126

From: Lorena N. Livingston <llivingston_wt@avantgarde.de>
To: ScamFraudAlert.com
Sent: Monday, June 22, 2009 5:26:07 PM
Subject: Stay Hard and Last Longer in Bed!

An Incredible Canadian Pharmacy is available at your Fingertips!
No_Doctor_Needed! Click Here -> http://firmvictor.com

This spam brand has the dubious distinction of being the most heavily spammed domain our staff receives.

The “Canadian Pharmacy” titled sites are the most common. They may also be labeled “European Pharmacy” for visitors from IP addresses located outside North America.

Other sites include “PharmSite” and “best online PHARMACY.” They are riddled with identical fraudulent claims.

For simplicity, this entry refers by default to Canadian Pharmacy, but the false claims apply equally to all of these.

The copyright statement in the trailers for “PharmSite” and “best online PHARMACY” actually contains the words Copyright Canadian Pharmacy.

Visitors to these sites are cautioned against placing an unsecure order for any of the products advertised. With so much obvious fraud in the set up of the web site, any reasonable person would be justified in having doubts about passing identity and credit card details to such blatant criminals.

See Spamtracker.eu – Canadian Pharmacy

firmvictor

Address lookup

canonical name firmvictor.com.
aliases
addresses 119.39.238.2
203.93.208.86
218.75.144.6
60.191.221.117
60.191.239.153
61.191.191.241

Domain Whois record

Queried whois.internic.net with “dom firmvictor.com“…

   Domain Name: FIRMVICTOR.COM
   Registrar: CHINA SPRINGBOARD INC.
   Whois Server: whois.namerich.cn
   Referral URL: http://www.namerich.cn
   Name Server: NS1.SOUNDPRIZE.IN
   Name Server: NS2.SOUNDPRIZE.IN
   Name Server: NS3.GROUNDBED.COM
   Name Server: NS4.GROUNDBED.COM
   Name Server: NS5.CHANGESTORY.PL
   Name Server: NS6.CHANGESTORY.PL
   Status: ok
   Updated Date: 18-jun-2009
   Creation Date: 18-jun-2009
   Expiration Date: 18-jun-2010

>>> Last update of whois database: Thu, 25 Jun 2009 07:36:37 UTC <<<

Queried whois.namerich.cn with “firmvictor.com“…

; This data is provided by China Springboard Inc.
; for information purposes, and to assist persons obtaining information
; about or related to domain name registration records.
; China Springboard Inc. does not guarantee its accuracy.
; By submitting a WHOIS query, you agree that you will use this data
; only for lawful purposes and that, under no circumstances, you will
; use this data to
; 1) allow, enable, or otherwise support the transmission of mass
; unsolicited, commercial advertising or solicitations via E-mail
; (spam); or
; 2) enable high volume, automated, electronic processes that apply
; to this WHOIS server.
; These terms may be changed without prior notice.
; By submitting this query, you agree to abide by this policy.

 DomainName : firmvictor.com

RSP: China Springboard Inc.
URL: http://www.namerich.cn      

Name Server......................NS2.SOUNDPRIZE.IN
Name Server......................NS6.CHANGESTORY.PL
Name Server......................NS4.GROUNDBED.COM
Name Server......................NS5.CHANGESTORY.PL
Name Server......................NS1.SOUNDPRIZE.IN
Name Server......................NS3.GROUNDBED.COM
Status...........................ok
Creation  Date ..................2009-06-18
Expiration Date .................2010-06-18
Last Update  Date ...............2009-06-18

Registrant ID ...................V-X-57697-13132
Registrant Name .................GU FEI
Registrant Organization .........GU FEI
Registrant Address ..............FUZHOUGUANGCHANG29
Registrant City..................FZ
Registrant Province/State .......FJ
Registrant Country Code .........CN
Registrant Postal Code ..........350019
Registrant Phone Number .........+86.059175695124
Registrant Fax ..................+86.059175695124
Registrant Email ................baijakdfe@yeah.net

Administrative ID ...............V-X-57697-13132
Administrative Name .............GU FEI
Administrative Organization .....GU FEI
Administrative Address ..........FUZHOUGUANGCHANG29
Administrative City..............FZ
Administrative Province/State ...FJ
Administrative Country Code .....CN
Administrative Postal Code ......350019
Administrative Phone Number .....+86.059175695124
Administrative Fax ..............+86.059175695124
Administrative Email ............baijakdfe@yeah.net

Billing ID ......................V-X-57697-13132
Billing Name ....................GU FEI
Billing Organization ............GU FEI
Billing Address .................FUZHOUGUANGCHANG29
Billing City.....................FZ
Billing Province/State ..........FJ
Billing Country Code ............CN
Billing Postal Code .............350019
Billing Phone Number ............+86.059175695124
Billing Fax .....................+86.059175695124
Billing Email ...................baijakdfe@yeah.net

Technical ID ....................V-X-57697-13132
Technical Name ..................GU FEI
Technical Organization...........GU FEI
Technical Address ...............FUZHOUGUANGCHANG29
Technical City...................FZ
Technical Province/State.........FJ
Technical Country Code ..........CN
Technical Postal Code ...........350019
Technical Phone Number ..........+86.059175695124
Technical Fax ...................+86.059175695124
Technical Email .................baijakdfe@yeah.net

; Please register your domains at
; http://www.namerich.cn

Network Whois record

Queried whois.apnic.net with “119.39.238.2“…

inetnum:      119.39.232.0 - 119.39.239.255
netname:      yueyang
country:      CN
descr:        CNC Group HuNan YueYang network
descr:        SanHui building ,WuLiPai Street,
descr:        YueYang 411104
admin-c:      CH444-AP
tech-c:       CH444-AP
status:       ASSIGNED NON-PORTABLE
changed:      zoulei@chinaunicom.cn 20081215
mnt-by:       MAINT-CNCGROUP-HN
source:       APNIC

route:        119.39.0.0/16
descr:        CNC Group CHINA169 Hunan Province Network
country:      CN
origin:       AS4837
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20080102
source:       APNIC

person:       CNCGroup Hostmaster
nic-hdl:      CH444-AP
e-mail:       abuse@cnc-noc.net
address:      No.156,Fu-Xing-Men-Nei Street,
address:      Beijing,100031,P.R.China
phone:        +86-10-82993155
fax-no:       +86-10-82993144
country:      CN
changed:      abuse@cnc-noc.net 20041220
mnt-by:       MAINT-CNCGROUP
source:       APNIC

DNS records

DNS query for 2.238.39.119.in-addr.arpa returned an error from the server: NameError

name class type data time to live
firmvictor.com IN A 218.75.144.6 10800s (03:00:00)
firmvictor.com IN A 119.39.238.2 10800s (03:00:00)
firmvictor.com IN A 203.93.208.86 10800s (03:00:00)
firmvictor.com IN A 60.191.221.117 10800s (03:00:00)
firmvictor.com IN A 60.191.239.153 10800s (03:00:00)
firmvictor.com IN A 61.191.191.241 10800s (03:00:00)

Canadian Pharmacy – Rx Partners – www.rx-partner.biz

Leave a comment

Buying Prescription Drugs Online May Be Dangerous Says
Drug Enforcement Administration
Scam Alert 1

DEA Logo - Buying Proscription Drugs

National Association of Boards of Pharmacy (NABP)
Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Who's Behind Online Pharmacy 

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.

rx-partners

rxpartner-sign in

Canadian Pharmacy Spamming Operation

Address lookup

canonical name rx-partners.biz.
aliases
addresses 91.199.112.18
Domain Whois record

Queried whois.biz with “rx-partners.biz”…

Domain Name: RX-PARTNERS.BIZ
Domain ID: D11438087-BIZ
Sponsoring Registrar: NETBENEFIT D/B/A NETNAMES
Sponsoring Registrar IANA ID: 70
Domain Status: ok

Registrant ID: 550770560-NBTO
Registrant Name: Jessica Eagloff
Registrant Organization: Jessica Eagloff
Registrant Address1: 145-157 St John Street
Registrant City: 2nd Floor
Registrant State/Province: London
Registrant Postal Code: EC1V 4PY
Registrant Country: UNITED KINGDOM
Registrant Country Code: GB
Registrant Phone Number: +44.7005968172
Registrant Facsimile Number: +44.7005968172
Registrant Email: jessicaeagloff@yahoo.co.uk

Administrative Contact ID: 549542887-NBTA
Administrative Contact Name: Technical Support
Administrative Contact Organization: Easily Limited
Administrative Contact Address1: 3rd Floor Prospero House, 241 Borough High St.
Administrative Contact City: London
Administrative Contact Postal Code: SE1 1GB
Administrative Contact Country: UNITED KINGDOM
Administrative Contact Country Code: GB
Administrative Contact Phone Number: +44.448701624824
Administrative Contact Facsimile Number: +44.44078417460
Administrative Contact Email: domain-admin@easily.co.uk

Billing Contact ID: 549543395-NBTB
Billing Contact Name: Easily Limited
Billing Contact Organization: Easily Limited
Billing Contact Address1: 3rd Floor Prospero House, 241 Borough High St.
Billing Contact Address2: 241 Borough High St.
Billing Contact City: London
Billing Contact Postal Code: SE1 1GB
Billing Contact Country: UNITED KINGDOM
Billing Contact Country Code: GB
Billing Contact Phone Number: +44.448701624824
Billing Contact Facsimile Number: +44.448704589458
Billing Contact Email: helpdesk@easily.co.uk

Technical Contact ID: 549543972-NBTT
Technical Contact Name: Technical Support
Technical Contact Organization: Easily Limited
Technical Contact Address1: 3rd Floor Prospero House, 241 Borough High St.
Technical Contact Address2: 241 Borough High St.
Technical Contact City: London
Technical Contact Postal Code: SE1 1GB
Technical Contact Country: UNITED KINGDOM
Technical Contact Country Code: GB
Technical Contact Phone Number: +44.448701624824
Technical Contact Facsimile Number: +44.44078417460
Technical Contact Email: helpdesk@easily.co.uk

Name Server: NS0.PARTNERS-DNS.COM
Name Server: NS1.PARTNERS-DNS.COM

Created by Registrar: NETBENEFIT D/B/A NETNAMES
Last Updated by Registrar: NETBENEFIT D/B/A NETNAMES
Domain Registration Date: Wed Nov 09 15:19:05 GMT 2005
Domain Expiration Date: Sun Nov 08 23:59:59 GMT 2009
Domain Last Updated Date: Wed Jan 21 15:12:51 GMT 2009
Registrar Fields
—————-
IDNLang: de

Whois database was last updated on: Sat May 02 15:29:14 GMT 2009
Network Whois record

Queried whois.ripe.net with “-B 91.199.112.18″…
Information related to ‘91.199.112.0 – 91.199.112.255’

inetnum: 91.199.112.0 – 91.199.112.255
netname: CENTRALUX
descr: Centralux Ltd
country: CY
org: ORG-CLUX1-RIPE
admin-c: JE782-RIPE
tech-c: JE782-RIPE
status: ASSIGNED PI
notify: lexa@wahome.ru
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-by: MNT-CENTRALUX
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-routes: MNT-CENTRALUX
mnt-domains: MNT-CENTRALUX
changed: hostmaster@ripe.net 20080111
source: RIPE

organisation: ORG-CLUX1-RIPE
org-name: Centralux Limited
org-type: OTHER
address: Kolokotroni, 6
1-st floor, Office 6
P.C. 1101, Nicosia, Cyprus
e-mail: admin@cluxltd.com
mnt-ref: RU-WEBALTA-MNT
mnt-by: MNT-CENTRALUX
changed: lexa@wahome.ru 20080110
source: RIPE

person: Jessica Eagloff
address: Kolokotroni, 6
1-st floor, Office 6
P.C. 1101, Nicosia, Cyprus
mnt-by: MNT-CENTRALUX
phone: +44 0121 288 8651
nic-hdl: JE782-RIPE
changed: lexa@wahome.ru 20080110
source: RIPE

% Information related to ‘91.199.112.0/24AS43816’

route: 91.199.112.0/24
descr: Centralux
origin: AS43816
mnt-by: MNT-CENTRALUX
changed: lexa@wahome.ru 20080112
source: RIPE
DNS records

DNS query for rx-partners.biz failed: MessageTruncated

DNS query for 18.112.199.91.in-addr.arpa returned an error from the server: NameError

name class type data time to live
rx-partners.biz IN TXT v=spf1 +ip4:91.199.112.0/24 +ip4:82.103.130.174/32 +ip4:82.103.129.188/32 +ip4:82.103.130.171 +ip4:82.103.135.35 -all 1200s (00:20:00)
rx-partners.biz IN TXT spf2.0/pra +ip4:91.199.112.0/24 +ip4:82.103.130.174/32 +ip4:82.103.129.188/32 +ip4:82.103.130.171 +ip4:82.103.135.35 -all 1200s (00:20:00)
rx-partners.biz IN SOA
server: ns1.partners-dns.com
email: root.partners-dns.com
serial: 2006617085
refresh: 3600
retry: 900
expire: 604800
minimum ttl: 1200
1200s (00:20:00)
rx-partners.biz IN NS ns1.partners-dns.com 1200s (00:20:00)
rx-partners.biz IN NS ns0.partners-dns.com 1200s (00:20:00)
rx-partners.biz IN NS vip3.partners-dns.com 1200s (00:20:00)
rx-partners.biz IN NS vip2.partners-dns.com 1200s (00:20:00)
rx-partners.biz IN NS vip1.partners-dns.com 1200s (00:20:00)
rx-partners.biz IN A 91.199.112.18 1200s (00:20:00)
rx-partners.biz IN MX
preference: 10
exchange: mail.rx-partners.biz 1200s

Domain

  1. ed-solution.com
  2. ed-sup.com
  3. edselection.com
  4. manfriendly.com
  5. partners-dns.com
  6. perfectgenerics.com
  7. propeciahair.com
  8. rxtrusted.com
  9. secureccpay.com
  10. somaextreme.com
  11. trustedtablets.com
  12. trustedtabs.com
  13. ultimatepillstore.com
  14. viagracomparison.com
  15. 4drugs.com
  16. paid4meds.com
  17. paid4med.com
  18. paid4pill.com
  19. paid4pills.com
  20. paid4tabs.com
  21. rx-partners.biz
  22. rxpbill.biz
  23. rxpcash.biz
  24. rxpcheck.biz
  25. rxppay.biz
  26. tabzcash.biz
  27. pillzcash.biz
  28. pillzcheck.biz
  29. pillzmeds.biz
  30. tabpaid.biz
  31. pay4meds.biz
  32. pay4medz.biz
  33. pay4pill.biz
  34. pay4tabs.biz
  35. pay4tabz.biz
  36. pay4med.biz
  37. pay4medc.biz
  38. pay4pillz.biz
  39. paid4meds.biz
  40. ed-sup.com
    edselection.com
    manfriendly.com
    omhca.com
    partners-dns.com
    perfectgenerics.com
    prescriptionspoint.com
    propeciahair.com
    rxtrusted.com
    secureccpay.com
  • 83.149.69.46
  • 83.149.69.47
  • 83.149.82.186
  • 91.199.112.7
  • 91.199.112.8

ww.stimul-cash.com Stimul-media.com Centralux Limited

13/02/2009 Go to comments Comment
http://www.stimul-cash.com Stimul-media.com Centralux Limited

Affiliate System for selling drugs
Many types of Viagra spams appear to be linked to these sites

http://www.stimul-cash.com 91.199.112.5

STIMUL-MEDIA.COM
Marysheva, Asiyat marysheva@yahoo.com
Petrozavodskaya st, apt 16. 123 Moscow, Moscow 125414 RU +7.9160248086

Skype: inika. Support@stimul-cash.com
Mark ICQ 340293353 ICQ 439136275 Irene
Emergency Contact: 428930501

hosted in Cyprus in Centralux Limited
Centralux Limited
Kolokotroni, 6 1-st floor, Office 6
PC 1101, Nicosia, Cyprus admin@cluxltd.com
Jessica Eagloff Kolokotroni, 6 1-st floor, Office 6 PC 1101, Nicosia, Cyprus

4rx.com – Fraudulent Internet Pharmacy Website

11 Comments

Buying Prescription Drugs Online May Be Dangerous Says
Drug Enforcement Administration
Scam Alert 1

DEA Logo - Buying Proscription Drugs

National Association of Boards of Pharmacy (NABP)
Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Who's Behind Online Pharmacy 

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.

4rx.com4rx.com fraudulent website Internet

4rx.com
Phone:
secure.4rx.com/index.html
Internet,
India

RX is selling ed drugs with a cut down amount of the actual advertised ingredients.They advertise sidenafil citrate 100mg pills however they supply about 5mg.

I believe they buy name brand sidenafil citrate 100mg and cut it down and make their own pills in India and ship from Hong Kong. They also do this with Tadalafil and Vardenafil HCL.

The reason I know this is I have a true ED and have tried the name brand drugs at different doses and can gage through experience.

These fraudulent pills do not do the trick….. speaking from experience.

Just would like to warn others.

a short cut to the website http://secure.4rx.com/index.html

Kind Regards,
Ric
city
Australia

Source: Ripoffreport

Related Domains

  1. 4Rx.com http://piils.com
  2. 4Rx.com http://4rxpharm.com
  3. 4Rx.com http://www.4rx.name
  4. 4Rx.com www-4rx.com
  5. 4Rx.com http://buysildenafilcitrate.info
  6. 4Rx.com http://viagrasexdrug.com
  7. 4Rx.com http://www.worldexpressrx.com
  8. 4Rx.com http://www.4rx.com
  9. 4Rx.net http://www.4rx.net

4Rx

Address lookup

canonical name www.4rx.com.
aliases
addresses 174.142.47.58

Domain Whois record

Queried whois.internic.net with “dom 4rx.com“…

   Domain Name: 4RX.COM
   Registrar: NAMESCOUT CORP
   Whois Server: whois.namescout.com
   Referral URL: http://www.namescout.com
   Name Server: NS2.BLOCKDOS.NET
   Name Server: NS3.BLOCKDOS.NET
   Name Server: NS5.BLOCKDOS.NET
   Status: ok
   Updated Date: 28-oct-2008
   Creation Date: 25-nov-2003
   Expiration Date: 25-nov-2009

>>> Last update of whois database: Mon, 22 Jun 2009 09:46:16 UTC <<<

Queried whois.namescout.com with “4rx.com“…

The results below are provided by Namescout.com.
(whois.Namescout.com)

Domain: 4rx.com

  Date Registered: 10/28/08
    Date Modified: 10/29/08
      Expiry Date: 11/25/09
      	     DNS1: NS2.BLOCKDOS.NET
      	     DNS2: NS3.BLOCKDOS.NET

  Registrant

                   4RX
                   Victor Gonzalez
                   451 Calle Herrera Toro. Qta. Bubu
                   Caracas, -- (BS)
                   00000

  Administrative Contact

                   4RX
                   Victor Gonzalez
                   451 Calle Herrera Toro. Qta. Bubu
                   Caracas,  (VE)
                   00000
                   webmaster@4rx.com
                   (877)728-9479

  Technical Contact

                   4RX
                   Victor Gonzalez
                   451 Calle Herrera Toro. Qta. Bubu
                   Caracas,  (VE)
                   00000
                   webmaster@4rx.com
                   (877)728-9479

        Registrar: Namescout.com

Register your domain now at www.Namescout.com

Network Whois record

Queried whois.arin.net with “174.142.47.58“…

OrgName:    iWeb Technologies Inc.
OrgID:      GIT-20
Address:    20, place du Commerce
City:       Montreal
StateProv:  QC
PostalCode: H3E-1Z6
Country:    CA

NetRange:   174.142.0.0 - 174.142.255.255
CIDR:       174.142.0.0/16
OriginAS:   AS32613
NetName:    IWEB-BLK-06
NetHandle:  NET-174-142-0-0-1
Parent:     NET-174-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.IWEB-HOSTING.COM
NameServer: NS2.IWEB-HOSTING.COM
Comment:
RegDate:    2008-12-19
Updated:    2008-12-19

OrgAbuseHandle: ABUSE1906-ARIN
OrgAbuseName:   Abuse Coordinator
OrgAbusePhone:  +1-514-286-4242
OrgAbuseEmail:  abuse@noc.privatedns.com

OrgNOCHandle: NETWO2356-ARIN
OrgNOCName:   Network Administrator
OrgNOCPhone:  +1-514-286-4242
OrgNOCEmail:  net-admin@noc.privatedns.com

OrgTechHandle: NETWO2356-ARIN
OrgTechName:   Network Administrator
OrgTechPhone:  +1-514-286-4242
OrgTechEmail:  net-admin@noc.privatedns.com

# ARIN WHOIS database, last updated 2009-06-21 20:00

DNS records

name class type data time to live
http://www.4rx.com IN A 174.142.47.58 120s (00:02:00)
4rx.com IN SOA
server: ns2.blockdos.net
email: support.server4sale.com
serial: 2008100601
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s (1.00:00:00)
4rx.com IN NS ns2.blockdos.net 86400s (1.00:00:00)
4rx.com IN NS ns3.blockdos.net 86400s (1.00:00:00)
4rx.com IN NS ns5.blockdos.net 86400s (1.00:00:00)
4rx.com IN MX
preference: 5
exchange: mail.4rx.com
120s (00:02:00)
4rx.com IN MX
preference: 10
exchange: 4rx.com
120s (00:02:00)
4rx.com IN A 174.142.47.58 120s (00:02:00)
58.47.142.174.in-addr.arpa IN PTR ip-174-142-47-58.static.privatedns.com 3600s (01:00:00)

— end —

WHOIS www.ruler-domains.com

Leave a comment

WHOIS informations for ruler-domains.com

AboutUs: ruler-domains.com

Registration Service Provided By:
Contact: director@climbing-games.com
Visit: http://www.ruler-domains.com

Domain name: ruler-domains.com

Administrative Contact:

Sergey Ryabov director@climbing-games.com
+7.9219270961
Fax: +7.9219270961
Scherbakova st., 6-38
Saint-Petersburg, 197375
RU

Technical Contact:

Sergey Ryabov  director@climbing-games.com
+7.9219270961
Fax: +7.9219270961
Scherbakova st., 6-38
Saint-Petersburg, 197375
RU

Registrant Contact:

Sergey Ryabov ()

Fax:
Scherbakova st., 6-38
Saint-Petersburg, 197375
RU

Status: Locked

Name Servers:
ns1.ruler-domains.com
ns2.ruler-domains.com

Creation date: 18 Nov 2008 00:58:03
Expiration date: 18 Nov 2010 00:58:00

Get Noticed on the Internet! Increase visibility for this domain name by listing it atwww.whoisbusinesslistings.com

We reserve the right to modify these terms at any time. By submitting
this query, you agree to abide by these terms.
Version 6.3 4/3/2002

Websites linked from ruler-domains.com:

WHOIS informations for megastock.ru

% By submitting a query to RIPN’s Whois Service
% you agree to abide by the following terms of use:
http://www.ripn.net/about/servpol.html#3.2 (in Russian)
http://www.ripn.net/about/en/servpol.html#3.2 (in English).

domain: MEGASTOCK.RU
type: CORPORATE
nserver: ns.molot.ru.
nserver: ns.relsoft.ru.
nserver: ns.relsoftcom.ru.
state: REGISTERED, DELEGATED
org: Joint Stock Company “Computing Forces”
phone: +7 495 7274333
fax-no: +7 495 7274333
e-mail: shalopin@webmoney.ru
registrar: RUCENTER-REG-RIPN
created: 2001.03.24
paid-till: 2010.03.27
source: TC-RIPN

Last updated on 2009.07.26 18:01:10 MSK/MSD

Websites linked from megastock.ru:

Domain
ruler-domains.com
richisoftware2.com
castoholder.com

Address lookup

canonical name ruler-domains.com.
aliases
addresses 213.174.139.29

Domain Whois record

Queried whois.internic.net with “dom ruler-domains.com“…

   Domain Name: RULER-DOMAINS.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: NS1.RULER-DOMAINS.COM
   Name Server: NS2.RULER-DOMAINS.COM
   Status: clientTransferProhibited
   Updated Date: 17-may-2009
   Creation Date: 17-nov-2008
   Expiration Date: 17-nov-2010

>>> Last update of whois database: Sun, 26 Jul 2009 14:04:26 UTC <<<

Queried whois.enom.com with “ruler-domains.com“…

Visit AboutUs.org for more information about ruler-domains.com
<a href="http://www.aboutus.org/ruler-domains.com">AboutUs: ruler-domains.com</a>

Registration Service Provided By: -
Contact: director@climbing-games.com
Visit: http://www.ruler-domains.com

Domain name: ruler-domains.com

Administrative Contact:
   -
   Sergey Ryabov (director@climbing-games.com)
   +7.9219270961
   Fax: +7.9219270961
   Scherbakova st., 6-38
   Saint-Petersburg,  197375
   RU

Technical Contact:
   -
   Sergey Ryabov (director@climbing-games.com)
   +7.9219270961
   Fax: +7.9219270961
   Scherbakova st., 6-38
   Saint-Petersburg,  197375
   RU

Registrant Contact:
   -
   Sergey Ryabov ()

   Fax:
   Scherbakova st., 6-38
   Saint-Petersburg,  197375
   RU

Status: Locked

Name Servers:
   ns1.ruler-domains.com
   ns2.ruler-domains.com

Creation date: 18 Nov 2008 00:58:03
Expiration date: 18 Nov 2010 00:58:00

Get Noticed on the Internet!  Increase visibility for this domain name by listing it at www.whoisbusinesslistings.com

Network Whois record

Queried whois.ripe.net with “-B 213.174.139.29“…

% Information related to '213.174.136.0 - 213.174.139.255'

inetnum:        213.174.136.0 - 213.174.139.255
netname:        ADVANCEDHOSTERS-NET
descr:          Advanced Hosters
country:        US
admin-c:        AH36-RIPE
tech-c:         AH36-RIPE
status:         ASSIGNED PA
remarks:        INFRA-AW
remarks:        Send abuse reports to abuse@advancedhosters.com
mnt-by:         ADVANCEDHOSTERS-MNT
mnt-lower:      ADVANCEDHOSTERS-MNT
mnt-routes:     ADVANCEDHOSTERS-MNT
changed:        ripe@advancedhosters.com 20090402
source:         RIPE

role:           ADVANCEDHOSTERS LIMITED
address:        THE MERIDIAN 4 COPTHALL HOUSE, STATION SQUARE, COVENTRY,
address:        WEST MIDLANDS, CV1 2FL, United Kingdom
org:            ORG-AH11-RIPE
e-mail:         ripe@advancedhosters.com
admin-c:        OAVO1-RIPE
tech-c:         OAVO1-RIPE
nic-hdl:        AH36-RIPE
changed:        ripe@advancedhosters.com 20090331
source:         RIPE

% Information related to '213.174.128.0/19AS39572'

route:          213.174.128.0/19
descr:          Hosting segment
origin:         AS39572
mnt-by:         ADVANCEDHOSTERS-MNT
changed:        ripe@advancedhosters.com 20090403
source:         RIPE

% Information related to '213.174.136.0/22AS39572'

route:          213.174.136.0/22
descr:          Hosting segment
origin:         AS39572
mnt-by:         ADVANCEDHOSTERS-MNT
changed:        ripe@advancedhosters.com 20090403
source:         RIPE

DNS records

DNS query for 29.139.174.213.in-addr.arpa returned an error from the server: NameError

name class type data time to live
ruler-domains.com IN A 213.174.139.29 86400s (1.00:00:00)
ruler-domains.com IN MX
preference: 10
exchange: mail.ruler-domains.com
86400s (1.00:00:00)
ruler-domains.com IN SOA
server: localhost.ruler-domains.com
email: root.ruler-domains.com
serial: 4
refresh: 10800
retry: 900
expire: 604800
minimum ttl: 86400
86400s (1.00:00:00)
ruler-domains.com IN NS ns1.ruler-domains.com 86400s (1.00:00:00)
ruler-domains.com IN NS ns2.ruler-domains.com 86400s (1.00:00:00)

Traceroute

Tracing route to ruler-domains.com [213.174.139.29]

hop rtt rtt rtt ip address fully qualified domain name
1 2 4 10 70.84.211.97 61.d3.5446.static.theplanet.com
2 0 0 0 70.87.254.1 po101.dsr01.dllstx5.theplanet.com
3 1 0 0 70.85.127.105 po51.dsr01.dllstx3.theplanet.com
4 0 0 0 70.87.253.1 et3-1.ibr03.dllstx3.theplanet.com
5 32 32 32 70.87.253.190 be.fd.5746.static.theplanet.com
6 32 33 32 206.223.115.120 10g.r0.eqix.ash.va.us.iptp.net
7 32 33 32 87.239.188.250
8 32 32 32 213.174.139.29

Trace complete

Service scan

FTP – 21 220 (vsFTPd 2.0.5)
500 OOPS: vsf_sysutil_recv_peek: no data
500 OOPS: child died
SMTP – 25 220 localhost.localdomain ESMTP Sendmail 8.13.8/8.13.8; Sun, 26 Jul 2009 10:02:28 -0400
HTTP – 80
POP3 – 110 +OK Dovecot ready.
IMAP – 143 * OK Dovecot ready.

— end —

Canadian Pharmacy – noprescriptiontablets.com

Leave a comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

noprescriptiontablets

Address lookup

canonical name noprescriptiontablets.com.
aliases
addresses 66.45.254.228

Domain Whois record

Queried whois.internic.net with “dom noprescriptiontablets.com“…

   Domain Name: NOPRESCRIPTIONTABLETS.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: NS1.NOPRESCRIPTIONTABLETS.COM
   Name Server: NS2.NOPRESCRIPTIONTABLETS.COM
   Status: clientTransferProhibited
   Updated Date: 18-may-2009
   Creation Date: 18-may-2009
   Expiration Date: 18-may-2010

Last update of whois database: Sat, 20 Jun 2009 20:55:52 UTC <<<

Queried whois.enom.com with “noprescriptiontablets.com“…

Domain name: noprescriptiontablets.com

Registrant Contact:
   -
   Sergey Ryabov

   Fax:
   Scherbakova st., 6-38
   Saint-Petersburg,  197375
   RU

Administrative Contact:

   Norman Madison nn.softforsale@gmail.com
   +1.3232381923
   Fax:
   223 1/4 E 53rd St
   Los Angeles, CA 90011
   US

Technical Contact:

   Norman Madison nn.softforsale@gmail.com
   +1.3232381923
   Fax:
   223 1/4 E 53rd St
   Los Angeles, CA 90011
   US

Status: Locked

Name Servers:
   ns1.noprescriptiontablets.com
   ns2.noprescriptiontablets.com

Creation date: 18 May 2009 12:24:07
Expiration date: 18 May 2010 12:24:07

Get Noticed on the Internet!  Increase visibility for this domain name by listing it at www.whoisbusinesslistings.com

Network Whois record

Queried whois.arin.net with “66.45.254.228“…

OrgName:    Interserver, Inc
OrgID:      INTER-83
Address:    110 Meadowlands Pkwy
Address:    1st Floor
City:       Secaucus
StateProv:  NJ
PostalCode: 07094
Country:    US

ReferralServer: rwhois://rwhois.trouble-free.net:4321

NetRange:   66.45.224.0 - 66.45.255.255
CIDR:       66.45.224.0/19
NetName:    INTERSERVER
NetHandle:  NET-66-45-224-0-1
Parent:     NET-66-0-0-0-0
NetType:    Direct Allocation
NameServer: DNS4.INTERSERVER.NET
NameServer: DNS5.INTERSERVER.NET
Comment:
RegDate:    2003-09-23
Updated:    2004-05-14

RTechHandle: MLA13-ARIN
RTechName:   Lavrik, Michael
RTechPhone:  +1-877-566-8398
RTechEmail:  abuse@trouble-free.net 

OrgAbuseHandle: NOC1390-ARIN
OrgAbuseName:   Network Operations Center
OrgAbusePhone:  +1-201-605-1440
OrgAbuseEmail:  network@interserver.net

OrgNOCHandle: NOC1390-ARIN
OrgNOCName:   Network Operations Center
OrgNOCPhone:  +1-201-605-1440
OrgNOCEmail:  network@interserver.net

OrgTechHandle: NOC1390-ARIN
OrgTechName:   Network Operations Center
OrgTechPhone:  +1-201-605-1440
OrgTechEmail:  network@interserver.net

# ARIN WHOIS database, last updated 2009-06-19 19:10

DNS records

name class type data time to live
noprescriptiontablets.com IN MX
preference: 10
exchange: mail.noprescriptiontablets.com
14400s (04:00:00)
noprescriptiontablets.com IN TXT v=spf1 a mx ip4:66.45.254.226 ~all 14400s (04:00:00)
noprescriptiontablets.com IN A 66.45.254.228 14400s (04:00:00)
noprescriptiontablets.com IN SOA
server: ns1.noprescriptiontablets.com
email: hostmaster.noprescriptiontablets.com
serial: 2009051805
refresh: 14400
retry: 3600
expire: 1209600
minimum ttl: 86400
14400s (04:00:00)
noprescriptiontablets.com IN NS ns2.noprescriptiontablets.com 14400s (04:00:00)
noprescriptiontablets.com IN NS ns1.noprescriptiontablets.com 14400s (04:00:00)
228.254.45.66.in-addr.arpa IN PTR reverse226-230.hostlex.ru
http://www.theeclecticpagancircle.com
supportforcourtney.com
http://www.blackfamilytree.info
http://www.brucealanmusic.com
http://www.gregandkarendesanto.com
http://www.kangaroopartyrentals.com
wmpharmacy.com
http://www.crowleyfamilyfarm.com
http://www.h2oserenitysalon.com
http://www.balivillasguide.com
http://www.graceoverpressure.com
http://www.gtahotels.com
http://www.glitzydiva.com
http://www.coloradoshakes.org
http://www.luvchat.com
modmyiphone.ru
http://www.newsrx.com
http://www.jiexi265.cn
http://www.dosepack.net
drugspurchase.com
http://www.24pharm.net
http://www.bestdrugsworld.com
phosphosodalawyers.com
horkai.com
pharmaorder.com
http://www.helpchloe.com
spst.edu
http://www.lbu.edu
genericspharm.org
genericspharm.org
pillsforweight.com
notesintime.com
drugopen.com
lamisil-store.com
lamisil-store.com
http://www.cavecellular.com
npa.co.uk
http://www.dmke.sk
http://www.vpxlshop.com
family-drugs.com
buy–propecia.org
modmyiphone.ru
http://www.bestdrugsworld.com
supportforcourtney.com
wmpharmacy.com
modmyiphone.ru
drugspurchase.com
phosphosodalawyers.com
horkai.com
pharmaorder.com
spst.edu
genericspharm.org
genericspharm.org
pillsforweight.com
notesintime.com
drugopen.com
lamisil-store.com
lamisil-store.com
npa.co.uk
family-drugs.com
buy–propecia.org
modmyiphone.ru

Canadian Pharmacy aka Official Medicines – ca-drugstore.com/

Leave a comment

Buying Precription Drugs Online May Be Dangerous
– Consumer Alert –
Drug Enforcement Administration Says

warning1

National Association of Boards of Pharmacy (NABP)

official pharmacy

Address lookup

canonical name ca-drugstore.com.
aliases
addresses 97.74.176.79

Domain Whois record

Queried whois.internic.net with “dom ca-drugstore.com“…

   Domain Name: CA-DRUGSTORE.COM
   Registrar: REGTIME LTD.
   Whois Server: whois.regtime.net
   Referral URL: http://www.webnames.ru
   Name Server: NS51.DOMAINCONTROL.COM
   Name Server: NS52.DOMAINCONTROL.COM
   Status: ok
   Updated Date: 07-may-2009
   Creation Date: 26-feb-2008
   Expiration Date: 26-feb-2010

>>> Last update of whois database: Sat, 20 Jun 2009 15:34:37 UTC <<<

Queried whois.regtime.net with “ca-drugstore.com“…

% Regtime Ltd. WHOIS server

Domain name: ca-drugstore.com

Name servers:
    ns51.domaincontrol.com
    ns52.domaincontrol.com

Registrar: Regtime Ltd.
Creation date: 2008-11-23
Expiration date: 2010-02-26
Status: active

Registrant:
    Private person
    Private person

    For complete domain details go to:
    http://www.webnames.ru/scripts/who.pl?domain=ca-drugstore.com

Network Whois record

Queried whois.arin.net with “97.74.176.79“…

OrgName:    GoDaddy.com, Inc.
OrgID:      GODAD
Address:    14455 N Hayden Road
Address:    Suite 226
City:       Scottsdale
StateProv:  AZ
PostalCode: 85260
Country:    US

NetRange:   97.74.0.0 - 97.74.255.255
CIDR:       97.74.0.0/16
OriginAS:   AS26496
NetName:    GO-DADDY-SOFTWARE-INC
NetHandle:  NET-97-74-0-0-1
Parent:     NET-97-0-0-0-0
NetType:    Direct Allocation
NameServer: CNS1.SECURESERVER.NET
NameServer: CNS2.SECURESERVER.NET
NameServer: CNS3.SECURESERVER.NET
Comment:    Please send abuse complaints to abuse@godaddy.com
RegDate:    2008-08-14
Updated:    2008-08-14

RAbuseHandle: ABUSE51-ARIN
RAbuseName:   Abuse Department
RAbusePhone:  +1-480-624-2505
RAbuseEmail:  abuse@godaddy.com 

RNOCHandle: NOC124-ARIN
RNOCName:   Network Operations Center
RNOCPhone:  +1-480-505-8809
RNOCEmail:  noc@godaddy.com 

RTechHandle: NOC124-ARIN
RTechName:   Network Operations Center
RTechPhone:  +1-480-505-8809
RTechEmail:  noc@godaddy.com 

OrgAbuseHandle: ABUSE51-ARIN
OrgAbuseName:   Abuse Department
OrgAbusePhone:  +1-480-624-2505
OrgAbuseEmail:  abuse@godaddy.com

OrgNOCHandle: NOC124-ARIN
OrgNOCName:   Network Operations Center
OrgNOCPhone:  +1-480-505-8809
OrgNOCEmail:  noc@godaddy.com

OrgTechHandle: NOC124-ARIN
OrgTechName:   Network Operations Center
OrgTechPhone:  +1-480-505-8809
OrgTechEmail:  noc@godaddy.com

# ARIN WHOIS database, last updated 2009-06-19 19:10

DNS records

name class type data time to live
ca-drugstore.com IN SOA
server: ns51.domaincontrol.com
email: dns.jomax.net
serial: 2009050700
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 86400
86400s (1.00:00:00)
ca-drugstore.com IN A 97.74.176.79 3600s (01:00:00)
ca-drugstore.com IN NS ns51.domaincontrol.com 3600s (01:00:00)
ca-drugstore.com IN NS ns52.domaincontrol.com 3600s (01:00:00)
ca-drugstore.com IN MX
preference: 0
exchange: smtp.secureserver.net
3600s (01:00:00)
ca-drugstore.com IN MX
preference: 10
exchange: mailstore1.secureserver.net
3600s (01:00:00)
79.176.74.97.in-addr.arpa IN PTR ip-97-74-176-79.ip.secureserver.net 3600s (01:00:00)

Canadian Pharmacy – genericspharm.org

1 Comment

Buying Prescription Drugs Online Scam Alert 1
May Be Dangerous
Says Drug Enforcement Administration

DEA Logo - Buying Proscription Drugs

National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Behind The Online Pharmacy

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.

Also See ThreatChaos

  1. happy-pills.net
  2. noprecriptiontablets.net
  3. pharmascop.com
  4. buyneurontin.com
  5. educationequipment.net
  6. genericspharm.org
  7. yourdose.net
  8. lamisil-store.com
  9. luvchat.com
  10. sitewisellc.com
  11. allpharmacyonline.com
  12. drugpurchase.com
  13. aciphex-drugstore.com
  14. www.pharmaorder.com
  15. original-doctor.com
  16. edsupport.info
  17. meds-without-prescription.com
  18. pillsforweight.com
  19. clomid-medication.com
  20. viagra-levitra.com
  21. rxplls.com
  22. generic-allegra.net
  23. zithromax-without-prescription.com
  24. canadian-medstore.com
  25. amerismart.org
  26. vigra.rx-ed.info
  27. cialis-buy.info
  28. viagra-100mg.net
  29. allpharmacyonline.net
  30. aciphex-drugstore.com
  31. buyneurontin.com
  32. pharmaorder.com
  33. drugspurchase.com
  34. genericspharm.org
  35. yourdose.net
  36. original-doctor.com
  37. viagra-100mg.net
  38. anxietyzoloft.com
  39. orccug.com
  40. ca-drugstore.com
  41. largestonlinepharmacy.com
  42. drugsdelivery.net
  43. amazing-drugs.com
  44. amoxicillinnoprescription.com
  45. officialpharmacy.com

happy-pills.net
noprecriptiontablets.net
pharmascop.com
buyneurontin.com
educationequipment.net
genericspharm.org
yourdose.net
lamisil-store.com
luvchat.com
sitewisellc.com
allpharmacyonline.com
drugpurchase.com
aciphex-drugstore.com
http://www.pharmaorder.com
original-doctor.com
edsupport.info
meds-without-prescription.com
pillsforweight.com
clomid-medication.com
viagra-levitra.com
rxplls.com
generic-allegra.net
zithromax-without-prescription.com
canadian-medstore.com
amerismart.org
vigra.rx-ed.info
cialis-buy.info
viagra-100mg.net
allpharmacyonline.net
aciphex-drugstore.com
buyneurontin.com
pharmaorder.com
drugspurchase.com
genericspharm.org
yourdose.net
original-doctor.com
viagra-100mg.net
anxietyzoloft.com
orccug.com
ca-drugstore.com
largestonlinepharmacy.com
drugsdelivery.net
amazing-drugs.com
amoxicillinnoprescription.com
officialpharmacy.com

Address lookup

canonical name genericspharm.org.
aliases
addresses 85.17.177.196

Domain Whois record

Queried whois.publicinterestregistry.net with “genericspharm.org“…

Domain ID:D155629905-LROR
Domain Name:GENERICSPHARM.ORG
Created On:16-Mar-2009 17:52:09 UTC
Last Updated On:16-May-2009 03:52:27 UTC
Expiration Date:16-Mar-2010 17:52:09 UTC
Sponsoring Registrar:eNom, Inc. (R39-LROR)
Status:CLIENT TRANSFER PROHIBITED

Registrant ID:cb61fa3d409
Registrant Name:Whois Agent
Registrant Organization:Nexton Limited
Registrant Street1:Irpinskaya 69
Registrant City:Kiev
Registrant State/Province:
Registrant Postal Code:03142
Registrant Country:UA
Registrant Phone:+380.993161649
Registrant Email:support@ruler-domains.com

Admin ID:cb61fa3d409
Admin Name:Whois Agent
Admin Organization:Nexton Limited
Admin Street1:Irpinskaya 69
Admin City:Kiev
Admin State/Province:
Admin Postal Code:03142
Admin Country:UA
Admin Phone:+380.993161649
Admin Email:support@ruler-domains.com

Tech ID:cb61fa3d409
Tech Name:Whois Agent
Tech Organization:Nexton Limited
Tech Street1:Irpinskaya 69
Tech City:Kiev
Tech State/Province:
Tech Postal Code:03142
Tech Country:UA
Tech Phone:+380.993161649
Tech Email:support@ruler-domains.com

Name Server:NS1.MEDICATIONS-ONLINE.CO.UK
Name Server:NS2.MEDICATIONS-ONLINE.CO.UK
Name Server:

Network Whois record

Queried whois.ripe.net with “-B 85.17.177.196“…

Information related to ‘85.17.177.0 – 85.17.177.255’

inetnum: 85.17.177.0 – 85.17.177.255
netname: LEASEWEB
descr: LeaseWeb
descr: P.O. Box 93054
descr: 1090BB AMSTERDAM
descr: Netherlands
descr: http://www.leaseweb.com
remarks: Please send email to “abuse@leaseweb.com” for complaints
remarks: regarding portscans, DoS attacks and spam.
remarks: INFRA-AW
country: NL
admin-c: LSW1-RIPE
tech-c: LSW1-RIPE
status: ASSIGNED PA
mnt-by: OCOM-MNT
changed: ripe@leaseweb.com 20070710
source: RIPE

person: RIP Mean
address: P.O. Box 93054
address: 1090BB AMSTERDAM
address: Netherlands
phone: +31 20 3162880
fax-no: +31 20 3162890
abuse-mailbox: abuse@leaseweb.com
e-mail: ripe@leaseweb.com
nic-hdl: LSW1-RIPE
notify: ripe@leaseweb.com
mnt-by: OCOM-MNT
changed: ripe@ocom.com 20050607
changed: ripe@ocom.com 20060215
changed: ripe@ocom.com 20060608
changed: ripe@ocom.com 20080603
source: RIPE

% Information related to ‘85.17.0.0/16AS16265’

route: 85.17.0.0/16
descr: LEASEWEB
origin: AS16265
remarks: LeaseWeb
mnt-by: OCOM-MNT
changed: ripe@ocom.com 20050311
changed: ripe@ocom.com 20070610
source: RIPE

DNS records

DNS query for genericspharm.org failed: WouldBlock

name class type data time to live
196.177.17.85.in-addr.arpa IN PTR belhost.biz 86400s (1.00:00:00)
SmartFilter Category: Not Categorized
Make Category Suggestions
IP: 85.17.177.196
Nameservers: ns1.kpv007.local
ns2.kpv007.local