Buying Prescription Drugs Online 
May Be Dangerous
Says Drug Enforcement Administration
National Association of Boards of Pharmacy (NABP)
Warning
“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.
Behind The Online Pharmacy
Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.
Buying Medication Online Can Be Safe
There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.
Also See ThreatChaos
Header Analysis
The following IP addresses were extracted from your headers:
| IP Address | Probable Country | Additional Info | |||
| 207.115.20.181 | United States (Richardson)* | Whois | DNSStuff | Urgentmessage.org | |
| 110.172.0.198 | Japan* | Whois | DNSStuff | Urgentmessage.org | |
| * The last IP listed is usually the originating IP address | |||||
Here is the text you submitted, with the IP addresses highlighted:
From Annette Macdonald Sat Jun 6 22:07:48 2009
Return-Path:
Authentication-Results: mta129.sbc.mail.re3.yahoo.com from=holts.co.uk; domainkeys=neutral (no sig); from=holts.co.uk; dkim=neutral (no sig)
Received: from 207.115.20.181 (EHLO flpi179.prodigy.net) (207.115.20.181)
by mta129.sbc.mail.re3.yahoo.com with SMTP; Sat, 06 Jun 2009 22:07:48 -0700
Received: from vhnpx42 (0.198.net4.hinocatv.ne.jp [110.172.0.198])
by flpi179.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with SMTP id n5757h3C021495;
Sat, 6 Jun 2009 22:07:46 -0700
Message-ID: <000701c9e72d$e6bd25b0$4a37416a@holts.co.uk>
Reply-To: “Annette Macdonald” a_macdonald_hi@holts.co.uk
From: “Annette Macdonald” a_macdonald_hi@holts.co.uk
To: ScamFraudAlert
Subject: Lose weight fast Here!
Date: Sun, 07 Jun 2009 00:07:48 -0500
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset=”windows-1250″
reply-type=original
Content-Transfer-Encoding: 7bit
Content-Length: 128
An Incredible Canadian_Pharmacy is available at your_Fingertips!
NO_Doctor_Needed! Click There -> http://pathjoyful.com
Address lookup
| canonical name | pathjoyful.com. |
| aliases | |
| addresses | 58.17.3.41 60.191.239.181 203.93.208.86 |
Domain Whois record
Queried whois.internic.net with “dom pathjoyful.com“…
Domain Name: PATHJOYFUL.COM
Registrar: XIN NET TECHNOLOGY CORPORATION
Whois Server: whois.paycenter.com.cn
Referral URL: http://www.xinnet.com
Name Server: NS1.FELTTWENTY.COM
Name Server: NS2.FELTTWENTY.COM
Name Server: SP151.DELETEDNS.COM
Name Server: SP152.DELETEDNS.COM
Name Server: SP153.DELETEDNS.COM
Name Server: SP154.DELETEDNS.COM
Status: ok
Updated Date: 04-jun-2009
Creation Date: 03-jun-2009
Expiration Date: 03-jun-2010
Last update of whois database: Sun, 07 Jun 2009 22:53:18 UTC
Queried whois.paycenter.com.cn with “pathjoyful.com“…
Domain Name : pathjoyful.com
PunnyCode : pathjoyful.com
Registrant:
Organization : TIANCHUNLIN
Name : TIANCHUNLING
Address : daxuenanlu29
City : xinxiangshi
Province/State : henansheng
Country : china
Postal Code : 453039
Administrative Contact:
Name : TIANCHUNLING
Organization : TIANCHUNLIN
Address : daxuenanlu29
City : xinxiangshi
Province/State : henansheng
Country : china
Postal Code : 453039
Phone Number : 86-0373-61255412
Fax : 86-0373-61255412
Email : TIANCHUNLIN@139.COM
Technical Contact:
Name : TIANCHUNLING
Organization : TIANCHUNLIN
Address : daxuenanlu29
City : xinxiangshi
Province/State : henansheng
Country : china
Postal Code : 453039
Phone Number : 86-0373-61255412
Fax : 86-0373-61255412
Email : TIANCHUNLIN@139.COM
Billing Contact:
Name : TIANCHUNLING
Organization : TIANCHUNLIN
Address : daxuenanlu29
City : xinxiangshi
Province/State : henansheng
Country : china
Postal Code : 453039
Phone Number : 86-0373-61255412
Fax : 86-0373-61255412
Email : TIANCHUNLIN@139.COM
Network Whois record
Queried whois.apnic.net with “58.17.3.41“…
inetnum: 58.17.3.32 – 58.17.3.47
netname: CHAOREN-CAFE
country: CN
descr: Superman Internet Cafe
admin-c: CH444-AP
tech-c: CH444-AP
status: ASSIGNED NON-PORTABLE
changed: wujiawei@china-netcom.com 20070427
mnt-by: MAINT-CNCGROUP-JX
source: APNIC
route: 58.17.0.0/17
descr: CNC Group CHINA169 Jiangxi Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060728
source: APNIC
route: 58.17.0.0/17
descr: CNCGroup JiangXi province network
country: CN
origin: AS9929
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20050218
changed: hm-changed@apnic.net 20050331
source: APNIC
person: CNCGroup Hostmaster
nic-hdl: CH444-AP
e-mail: abuse@cnc-noc.net
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
phone: +86-10-82993155
fax-no: +86-10-82993144
country: CN
changed: abuse@cnc-noc.net 20041220
mnt-by: MAINT-CNCGROUP
source: APNIC
DNS records
DNS query for 41.3.17.58.in-addr.arpa returned an error from the server: NameError
| name | class | type | data | time to live | |
| pathjoyful.com | IN | A | 203.93.208.86 | 3600s | (01:00:00) |
| pathjoyful.com | IN | A | 60.191.239.181 | 3600s | (01:00:00) |
| pathjoyful.com | IN | A | 58.17.3.41 | 3600s | (01:00:00) |
scamFRAUDalert®Pharmacies Checker 
CNET 203.93.208
base record name ip reverse route as
*.8-444.com a 203.93.208.86 (none)
*.awareace.com a 203.93.208.86 (none)
*.cemlacar.cn a 203.93.208.86 (none)
*.droolplanet.com a 203.93.208.86 (none)
*.farekolite.ru a 203.93.208.86 (none)
*.hejjajab.cn a 203.93.208.86 (none)
*.holigate.ru a 203.93.208.86 (none)
*.lobqirik.cn a 203.93.208.86 (none)
*.plumbold.com a 203.93.208.86 (none)
*.proudquiet.com a 203.93.208.86 (none)
*.surecrisp.com a 203.93.208.86 (none)
*.witproud.com a 203.93.208.86 (none)
*.ziptrue.com a 203.93.208.86 (none)
1-222.net a 203.93.208.86 (none)
112911.org a 203.93.208.86 (none)
8-444.com a 203.93.208.86 (none)
amr.cemlacar.cn a 203.93.208.86 (none)
awareace.com a 203.93.208.86 (none)
cemlacar.cn a 203.93.208.86 (none)
doynewug.cn a 203.93.208.86 (none)
droolplanet.com a 203.93.208.86 (none)
enujeq.ru a 203.93.208.86 (none)
farekolite.ru a 203.93.208.86 (none)
forceyour.com a 203.93.208.86 (none)
gabfaxul.cn a 203.93.208.86 (none)
gekhuboc.cn a 203.93.208.86 (none)
hejjajab.cn a 203.93.208.86 (none)
holigate.ru a 203.93.208.86 (none)
jiqxorik.cn a 203.93.208.86 (none)
kuqxatan.cn a 203.93.208.86 (none)
lobqirik.cn a 203.93.208.86 (none)
mail.medsorder.net a 203.93.208.86 (none)
mevlunij.cn a 203.93.208.86 (none)
moralflair.com a 203.93.208.86 (none)
ns1.droolplanet.com a 203.93.208.86 (none)
ns1.witproud.com a 203.93.208.86 (none)
ns2.droolplanet.com a 203.93.208.86 (none)
ns2.plumbold.com a 203.93.208.86 (none)
ns2.witproud.com a 203.93.208.86 (none)
ns3.alertjust.com a 203.93.208.86 (none)
ns3.awareace.com a 203.93.208.86 (none)
ns3.coyjoy.com a 203.93.208.86 (none)
ns3.droolplanet.com a 203.93.208.86 (none)
ns3.fizzleads.com a 203.93.208.86 (none)
ns3.hardyzest.com a 203.93.208.86 (none)
ns3.humortan.com a 203.93.208.86 (none)
ns3.kindable.com a 203.93.208.86 (none)
ns3.loftyhappy.com a 203.93.208.86 (none)
ns3.loyalspicy.com a 203.93.208.86 (none)
ns3.moralflair.com a 203.93.208.86 (none)
ns3.piousagree.com a 203.93.208.86 (none)
ns3.pioussure.com a 203.93.208.86 (none)
ns3.purecoy.com a 203.93.208.86 (none)
ns3.rightspicy.com a 203.93.208.86 (none)
ns3.royalalive.com a 203.93.208.86 (none)
ns3.sharezeal.com a 203.93.208.86 (none)
ns3.surecrisp.com a 203.93.208.86 (none)
ns3.tansure.com a 203.93.208.86 (none)
ns3.witadore.com a 203.93.208.86 (none)
ns4.droolplanet.com a 203.93.208.86 (none)
ns4.surecrisp.com a 203.93.208.86 (none)
nukotinika.ru a 203.93.208.86 (none)
plumbold.com a 203.93.208.86 (none)
proudquiet.com a 203.93.208.86 (none)
pt1.blamelesscourteous.com a 203.93.208.86 (none)
pt1.mightylearned.com a 203.93.208.86 (none)
pt1.miraclelingering.com a 203.93.208.86 (none)
pt1.practicalsection.com a 203.93.208.86 (none)
pt3.adoresweet.com a 203.93.208.86 (none)
pt3.loyalbeats.com a 203.93.208.86 (none)
pt3.maxiultra.com a 203.93.208.86 (none)
pt3.tangytangy.com a 203.93.208.86 (none)
royyipef.cn a 203.93.208.86 (none)
sedbacut.cn a 203.93.208.86 (none)
seemlyreach.com a 203.93.208.86 (none)
surecrisp.com a 203.93.208.86 (none)
up1.fairmulti.com a 203.93.208.86 (none)
up3.adorearoma.com a 203.93.208.86 (none)
up3.agreegrand.com a 203.93.208.86 (none)
up3.bitsalive.com a 203.93.208.86 (none)
up3.bitssure.com a 203.93.208.86 (none)
up3.fairmulti.com a 203.93.208.86 (none)
up3.lucidplump.com a 203.93.208.86 (none)
up3.magicextol.com a 203.93.208.86 (none)
up3.newdrool.com a 203.93.208.86 (none)
up3.newplump.com a 203.93.208.86 (none)
up3.sharemeek.com a 203.93.208.86 (none)
up3.slickyule.com a 203.93.208.86 (none)
up3.spicylofty.com a 203.93.208.86 (none)
up3.sweetslick.com a 203.93.208.86 (none)
up3.zealfast.com a 203.93.208.86 (none)
up3.zeallucid.com a 203.93.208.86 (none)
witproud.com a 203.93.208.86 (none)
http://www.8-444.com a 203.93.208.86 (none)
http://www.farekolite.ru a 203.93.208.86 (none)
http://www.holigate.ru a 203.93.208.86 (none)
http://www.lobqirik.cn a 203.93.208.86 (none)
yestetem.cn a 203.93.208.86 (none)
yuhwetuz.cn a 203.93.208.86 (none)
ziptrue.com a 203.93.208.86 (none)
spam host and DNS:
[ whois.cymru.com ]
AS | IP | AS Name
4134 | 60.191.221.116 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 60.191.239.189 | CHINANET-BACKBONE No.31,Jin-rong Street
4837 | 58.17.3.44 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 110.52.6.252 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 220.248.167.126 | CHINA169-BACKBONE CNCGROUP China169 Backbone
9929 | 203.93.208.86 | CNCNET-CN China Netcom Corp.
Mon May 25 21:42:44 UTC 2009
Tue Apr 1 19:17:49 2008 – AS9929<-AS4751 removed
AS4751 NBIP AS AP TongLian(Ningbo)Info Port Co ,Ltd New telecommunication carrier based on IP backbone
removed
AS9929 China Netcom Corporation
Tue Apr 1 17:18:01 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 16:37:58 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 16:25:28 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 16:19:19 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 16:04:21 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 15:14:26 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 12:29:05 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 12:26:47 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Tue Apr 1 10:38:25 2008 – AS9929<-AS3561 removed
AS3561 SAVVIS Communications
removed
AS9929 China Netcom Corporation
Address lookup
canonical name trustedsitelist.com
aliases
addresses 88.214.202.129
Domain Whois record
Queried whois.internic.net with “dom trustedsitelist.com”…
Domain Name: http://www.TRUSTEDSITELIST.COM
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Name Server: NS0.HQHOST.NET
Name Server: NS1.HQHOST.NET
Status: ok
Updated Date: 04-jun-2009
Creation Date: 07-oct-2008
Expiration Date: 07-oct-2009
>>> Last update of whois database: Sun, 07 Jun 2009 23:56:28 UTC <<<
Queried whois.publicdomainregistry.com with "trustedsitelist.com"…
Registration Service Provided By: DOMAIN NAMES REGISTRAR REG.RU LTD.
Contact: +7.4955801111
Domain Name: TRUSTEDSITELIST.COM
Registrant:
Andrew V Nazhimov
Andrew Nazhimov xandr@hotmail.ru
Fedoseenko str, 80-8
N.Novgorod
Nizhegorodskaya,603127
RU
Tel. +7.79043920927
Fax. +7.79043920927
Creation Date: 07-Oct-2008
Expiration Date: 07-Oct-2009
Domain servers in listed order:
ns1.hqhost.net
ns0.hqhost.net
Administrative Contact:
Andrew V Nazhimov
Andrew Nazhimov xandr@hotmail.ru
Fedoseenko str, 80-8
N.Novgorod
Nizhegorodskaya,603127
RU
Tel. +7.79043920927
Fax. +7.79043920927
Technical Contact:
Andrew V Nazhimov
Andrew Nazhimov (xandr@hotmail.ru)
Fedoseenko str, 80-8
N.Novgorod
Nizhegorodskaya,603127
RU
Tel. +7.79043920927
Fax. +7.79043920927
Billing Contact:
Andrew V Nazhimov
Andrew Nazhimov xandr@hotmail.ru
Fedoseenko str, 80-8
N.Novgorod
Nizhegorodskaya,603127
RU
Tel. +7.79043920927
Fax. +7.79043920927
Status:ACTIVE
Network Whois record
Queried whois.ripe.net with "-B 88.214.202.129"…
% Information related to '88.214.192.0 – 88.214.255.255'
inetnum: 88.214.192.0 – 88.214.255.255
netname: UK-UAONLINE-20060118
descr: Real International Business Corp.
country: GB
org: ORG-RIBC1-RIPE
admin-c: MS9776-ripe
tech-c: MS9776-ripe
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: uaonline
mnt-domains: uaonline
mnt-routes: uaonline
notify: makc@ipipe.net
changed: hostmaster@ripe.net 20060118
source: RIPE
organisation: ORG-RIBC1-RIPE
org-name: Real International Business Corp.
org-type: LIR
address: Real International Business Corp.
145-157 St John Street
2nd Floor
EC1V 4PY LONDON
UNITED KINGDOM
phone: +16462333035
fax-no: +442032921594
e-mail: makc@center.hqhost.net
admin-c: MS9776-ripe
admin-c: VK1045-ripe
mnt-ref: uaonline
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
changed: hostmaster@ripe.net 20050225
person: Soldatov Maxim
address: Marylebone high street 78
address: W1U 5AP London
phone: +380 50 4985406
e-mail: makc@ipipe.net
org: ORG-RIBC1-RIPE
nic-hdl: MS9776-ripe
mnt-by: uaonline
changed: makc@ipipe.net 20050925
source: RIPE
DNS records
DNS query for 129.202.214.88.in-addr.arpa returned an error from the server: NameError
name class type data time to live
trustedsitelist.com IN MX
preference: 10
exchange: mx1.hqhost.net
10800s (03:00:00)
trustedsitelist.com IN MX
preference: 20
exchange: mx2.hqhost.net
10800s (03:00:00)
trustedsitelist.com IN TXT v=spf1 mx ip4:88.214.192.0/24 ip4:80.77.80.130/32 ?all 10800s (03:00:00)
trustedsitelist.com IN TYPE99 36 76 3D 73 70 66 31 20 6v=spf1
6D 78 20 69 70 34 3A 38 mx ip4:8
38 2E 32 31 34 2E 31 39 8.214.19
32 2E 30 2F 32 34 20 69 2.0/24 i
70 34 3A 38 30 2E 37 37 p4:80.77
2E 38 30 2E 31 33 30 2F .80.130/
33 32 20 3F 61 6C 6C 32 ?all
10800s (03:00:00)
trustedsitelist.com IN SOA
server: ns0.hqhost.net
email: root.hqhost.net
serial: 1244115287
refresh: 10800
retry: 3600
expire: 21600
minimum ttl: 3600
10800s (03:00:00)
trustedsitelist.com IN NS ns1.hqhost.net 10800s (03:00:00)
trustedsitelist.com IN NS ns0.hqhost.net 10800s (03:00:00)
trustedsitelist.com IN A 88.214.202.129