Day: June 18, 2009
Crime – Canadian Pharmacy Spam Servers
Canadian Pharmacy Spam Servers
| SmartFilter Category: | Spam URLs Make Category Suggestions |
| Namerservers on IP: | ns1.7594.org ns1.9307.org ns1.9736.org ns1.bedplain.com ns2.11121.org ns2.12332.org ns2.13231.org ns2.7594.org ns3.9736.org ns3.quietfree.ru ns4.13123.org ns4.7594.org ns4.9736.org ns4.quietfree.ru ns4.truereap.ru |
Crime – Canadian Pharmacy Spam Servers
Canadian Pharmacy Spam Servers
Crime Canadian Pharmacy Spam Servers
| SmartFilter Category: | Not Categorized Make Category Suggestions |
| IPs: | 58.17.3.41 60.191.221.123 60.191.239.166 61.191.191.241 203.93.208.86 |
Canadian Pharmacy Spam Domains
WARNING: The following links may contain malware, spyware, browser exploits, or other harmful code which can damage your system. URIBL strongly advises against clicking any links and/or accessing any of the sites included in these lists. URIBL.COM is not an ISP, web host, or domain registrar. We do not have any control over what is found on any of the sites linked from this page. This information is made available to the public so action can be taken by the responsible party. If you do not know how to properly put this information to good use, you should not be here. Complaints regarding information found on this page will go unanswered.
| # | Domain | Date/Time Added |
| #1 | holeabove.com | Thu, 18 Jun 2009 07:51:12 +0000 |
| #2 | trialtrials.com | Thu, 18 Jun 2009 06:17:30 +0000 |
| #3 | settlenoon.com | Thu, 18 Jun 2009 06:14:25 +0000 |
| #4 | nightbye.com | Thu, 18 Jun 2009 04:01:06 +0000 |
| #5 | keptuntil.com | Thu, 18 Jun 2009 03:59:17 +0000 |
| #6 | fewhair.com | Thu, 18 Jun 2009 03:21:17 +0000 |
| #7 | spacemonth.com | Thu, 18 Jun 2009 02:01:02 +0000 |
| #8 | thinggrow.com | Thu, 18 Jun 2009 01:57:52 +0000 |
| #9 | prefercoat.com | Thu, 18 Jun 2009 01:54:46 +0000 |
| #10 | rosyhat.com | Thu, 18 Jun 2009 00:02:24 +0000 |
| #11 | poemread.com | Wed, 17 Jun 2009 20:58:03 +0000 |
| #12 | toolwhere.com | Wed, 17 Jun 2009 20:48:50 +0000 |
| #13 | northunique.com | Wed, 17 Jun 2009 18:10:12 +0000 |
| #14 | eecam.com | Wed, 17 Jun 2009 16:51:42 +0000 |
| #15 | titsss.com | Wed, 17 Jun 2009 16:51:40 +0000 |
| #16 | hrnygirl.com | Wed, 17 Jun 2009 16:51:36 +0000 |
| #17 | slutyy.com | Wed, 17 Jun 2009 16:51:34 +0000 |
| #18 | basepast.com | Wed, 17 Jun 2009 15:26:09 +0000 |
| #19 | fourmighty.com | Wed, 17 Jun 2009 15:24:28 +0000 |
| #20 | casedreamy.com | Wed, 17 Jun 2009 15:21:35 +0000 |
| #21 | massideal.com | Wed, 17 Jun 2009 15:11:21 +0000 |
| #22 | slipmine.com | Wed, 17 Jun 2009 15:06:55 +0000 |
| #23 | daringbring.com | Wed, 17 Jun 2009 15:06:14 +0000 |
| #24 | ninacams.com | Wed, 17 Jun 2009 14:02:09 +0000 |
| #25 | putbits.com | Wed, 17 Jun 2009 06:09:01 +0000 |
| #26 | burntold.com | Wed, 17 Jun 2009 04:43:19 +0000 |
| #27 | leaddoes.com | Wed, 17 Jun 2009 04:11:23 +0000 |
| #28 | foundtiny.com | Wed, 17 Jun 2009 03:34:17 +0000 |
| #29 | voiceflip.com | Wed, 17 Jun 2009 03:08:42 +0000 |
| #30 | washrace.com | Wed, 17 Jun 2009 02:45:01 +0000 |
| #31 | hisfly.com | Wed, 17 Jun 2009 02:26:06 +0000 |
| #32 | extolact.com | Wed, 17 Jun 2009 02:02:16 +0000 |
| #33 | qosogcim.com | Tue, 16 Jun 2009 21:37:38 +0000 |
| #34 | zezozvaz.com | Tue, 16 Jun 2009 21:27:57 +0000 |
| #35 | triallenght.com | Tue, 16 Jun 2009 20:49:52 +0000 |
| #36 | trialextra.com | Tue, 16 Jun 2009 19:37:09 +0000 |
| #37 | keptmarket.com | Tue, 16 Jun 2009 16:39:17 +0000 |
| #38 | wokofmum.com | Tue, 16 Jun 2009 15:46:16 +0000 |
| #39 | ciluhgis.com | Tue, 16 Jun 2009 15:42:06 +0000 |
| #40 | wejezhux.com | Tue, 16 Jun 2009 15:29:26 +0000 |
| #41 | jonoklem.com | Tue, 16 Jun 2009 15:20:17 +0000 |
| #42 | supidxew.com | Tue, 16 Jun 2009 15:15:38 +0000 |
| #43 | mumuvhej.com | Tue, 16 Jun 2009 15:07:49 +0000 |
| #44 | gluekewl.com | Tue, 16 Jun 2009 14:31:00 +0000 |
| #45 | hollycams.com | Tue, 16 Jun 2009 08:03:57 +0000 |
| #46 | gigicams.com | Tue, 16 Jun 2009 08:03:49 +0000 |
| #47 | tiffcams.com | Tue, 16 Jun 2009 08:03:45 +0000 |
| #48 | summrcams.com | Tue, 16 Jun 2009 07:28:17 +0000 |
| #49 | wendicams.com | Tue, 16 Jun 2009 07:16:45 +0000 |
| #50 | h0tcams.com | Tue, 16 Jun 2009 07:16:42 +0000 |
| #51 | mandicams.com | Tue, 16 Jun 2009 07:06:10 +0000 |
| #52 | jenncams.com | Tue, 16 Jun 2009 06:57:40 +0000 |
| #53 | quarttan.com | Tue, 16 Jun 2009 06:00:55 +0000 |
| #54 | saidapple.com | Tue, 16 Jun 2009 05:23:25 +0000 |
| #55 | treatdry.com | Tue, 16 Jun 2009 04:43:14 +0000 |
| #56 | happenmelody.com | Tue, 16 Jun 2009 04:15:48 +0000 |
| #57 | groundfeel.com | Tue, 16 Jun 2009 04:10:31 +0000 |
| #58 | scoreseither.com | Tue, 16 Jun 2009 03:21:55 +0000 |
| #59 | coatbits.com | Tue, 16 Jun 2009 02:34:51 +0000 |
| #60 | abcscript5.com | Tue, 16 Jun 2009 01:36:26 +0000 |
| #61 | sidehalf.com | Mon, 15 Jun 2009 22:08:45 +0000 |
| #62 | excitefind.com | Mon, 15 Jun 2009 22:01:05 +0000 |
| #63 | grewjoin.com | Mon, 15 Jun 2009 21:43:45 +0000 |
| #64 | foundreply.com | Mon, 15 Jun 2009 21:38:04 +0000 |
| #65 | chiefpound.com | Mon, 15 Jun 2009 21:34:29 +0000 |
| #66 | humormunchy.com | Mon, 15 Jun 2009 21:06:41 +0000 |
| #67 | widerenown.com | Mon, 15 Jun 2009 20:42:11 +0000 |
| #68 | cellrest.com | Mon, 15 Jun 2009 16:30:24 +0000 |
| #69 | roundleft.com | Mon, 15 Jun 2009 16:23:10 +0000 |
| #70 | beganpretty.com | Mon, 15 Jun 2009 16:20:32 +0000 |
| #71 | livebut.com | Mon, 15 Jun 2009 16:19:05 +0000 |
| #72 | monthred.com | Mon, 15 Jun 2009 10:22:05 +0000 |
| #73 | monthawe.com | Mon, 15 Jun 2009 09:19:22 +0000 |
| #74 | monthblack.com | Mon, 15 Jun 2009 06:21:27 +0000 |
| #75 | familylevel.com | Mon, 15 Jun 2009 05:12:06 +0000 |
| #76 | singboard.com | Mon, 15 Jun 2009 05:08:19 +0000 |
| #77 | abcscript6.com | Mon, 15 Jun 2009 04:01:44 +0000 |
| #78 | speedwonder.com | Mon, 15 Jun 2009 03:56:19 +0000 |
| #79 | warmproper.com | Mon, 15 Jun 2009 02:37:46 +0000 |
| #80 | tryneck.com | Mon, 15 Jun 2009 01:42:35 +0000 |
| #81 | stribethree.com | Sun, 14 Jun 2009 19:49:26 +0000 |
| #82 | drysexy.com | Sun, 14 Jun 2009 09:57:01 +0000 |
| #83 | monthtwo.com | Sun, 14 Jun 2009 07:28:13 +0000 |
| #84 | greathumble.com | Sun, 14 Jun 2009 06:56:53 +0000 |
| #85 | tiemodel.com | Sun, 14 Jun 2009 05:58:57 +0000 |
| #86 | suffixwonder.com | Sun, 14 Jun 2009 04:34:32 +0000 |
| #87 | wemaxi.com | Sun, 14 Jun 2009 04:16:49 +0000 |
| #88 | homevaried.com | Sun, 14 Jun 2009 02:48:04 +0000 |
| #89 | swelltrue.com | Sun, 14 Jun 2009 02:27:00 +0000 |
| #90 | thinmeet.com | Sun, 14 Jun 2009 02:23:47 +0000 |
| #91 | cuddlysuffix.com | Sun, 14 Jun 2009 02:22:31 +0000 |
| #92 | monthblue.com | Sat, 13 Jun 2009 13:49:44 +0000 |
Source: http://rss.uribl.com/nic/CHINA_SPRINGBOARD_INC_.html
Canadian Pharmacy Spam – spendzap.com
Header Analysis
The following IP addresses were extracted from your headers:
| IP Address | Probable Country | Additional Info | |||
| 72.165.59.77 | United States (Denver)* | Whois | DNSStuff | Urgentmessage.org | |
| 207.115.20.125 | United States (Richardson)* | Whois | DNSStuff | Urgentmessage.org | |
| * The last IP listed is usually the originating IP address | |||||
Here is the text you submitted, with the IP addresses highlighted:
From Elsie Sheridan Wed Jun 17 09:42:42 2009
Return-Path: sheridan_ns@chuv.hospvd.ch
Authentication-Results: mta122.sbc.mail.re2.yahoo.com from=chuv.hospvd.ch; domainkeys=neutral (no sig); from=chuv.hospvd.ch; dkim=neutral (no sig)
Received: from 72.165.59.77 (EHLO flpd115.prodigy.net) (207.115.20.125)
by mta122.sbc.mail.re2.yahoo.com with SMTP; Wed, 17 Jun 2009 09:42:33 -0700
Received: from 09lgny3 (72-165-59-77.dia.static.qwest.net [72.165.59.77])
by flpd115.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with SMTP id n5HGgJ8Q013396;
Wed, 17 Jun 2009 09:42:31 -0700
Message-ID: <000701c9ef6a$a263c870$431333e2@chuv.hospvd.ch
Reply-To: “Elsie Sheridan” sheridan_ns@chuv.hospvd.ch
From: “Elsie Sheridan” sheridan_ns@chuv.hospvd.ch
To:ScamFraidAlert
Subject: The widest collection of finest medications online
Date: Wed, 17 Jun 2009 11:42:42 -0500
An Incredible Canadian Pharmacy is available at your Fingertips!
No Doctor Needed! Click Here! -> http://spendzap.com
Address lookup
| canonical name | spendzap.com. |
| aliases | |
| addresses | 203.93.208.86 58.17.3.41 60.191.221.123 60.191.239.166 61.191.191.241 |
Domain Whois record
Queried whois.internic.net with “dom spendzap.com“…
Domain Name: SPENDZAP.COM Registrar: CHINA SPRINGBOARD INC. Whois Server: whois.namerich.cn Referral URL: http://www.namerich.cn Name Server: NS1.VITALMOVER.IN Name Server: NS2.VITALMOVER.IN Name Server: NS3.CREATETAKE.COM Name Server: NS4.CREATETAKE.COM Name Server: NS5.MOTIONSEEKER.PL Name Server: NS6.MOTIONSEEKER.PL Status: ok Updated Date: 15-jun-2009 Creation Date: 15-jun-2009 Expiration Date: 15-jun-2010 Last update of whois database: Thu, 18 Jun 2009 08:05:22 UTC <<<
Queried whois.namerich.cn with “spendzap.com“…
DomainName : spendzap.com RSP: China Springboard Inc. URL: http://www.namerich.cn Name Server......................NS5.MOTIONSEEKER.PL Name Server......................NS6.MOTIONSEEKER.PL Name Server......................NS3.CREATETAKE.COM Name Server......................NS2.VITALMOVER.IN Name Server......................NS4.CREATETAKE.COM Name Server......................NS1.VITALMOVER.IN Status...........................ok Creation Date ..................2009-06-15 Expiration Date .................2010-06-15 Last Update Date ...............2009-06-15 Registrant ID ...................V-X-57513-12920 Registrant Name .................ZHAO GUANG Registrant Organization .........ZHAO GUANG Registrant Address ..............HUANHUXILU413 Registrant City..................SJZ Registrant Province/State .......HB Registrant Country Code .........CN Registrant Postal Code ..........050037 Registrant Phone Number .........+86.031158541214 Registrant Fax ..................+86.031158541214 Registrant Email ................nmaiucope@163.com Administrative ID ...............V-X-57513-12920 Administrative Name .............ZHAO GUANG Administrative Organization .....ZHAO GUANG Administrative Address ..........HUANHUXILU413 Administrative City..............SJZ Administrative Province/State ...HB Administrative Country Code .....CN Administrative Postal Code ......050037 Administrative Phone Number .....+86.031158541214 Administrative Fax ..............+86.031158541214 Administrative Email ............nmaiucope@163.com Billing ID ......................V-X-57513-12920 Billing Name ....................ZHAO GUANG Billing Organization ............ZHAO GUANG Billing Address .................HUANHUXILU413 Billing City.....................SJZ Billing Province/State ..........HB Billing Country Code ............CN Billing Postal Code .............050037 Billing Phone Number ............+86.031158541214 Billing Fax .....................+86.031158541214 Billing Email ...................nmaiucope@163.com Technical ID ....................V-X-57513-12920 Technical Name ..................ZHAO GUANG Technical Organization...........ZHAO GUANG Technical Address ...............HUANHUXILU413 Technical City...................SJZ Technical Province/State.........HB Technical Country Code ..........CN Technical Postal Code ...........050037 Technical Phone Number ..........+86.031158541214 Technical Fax ...................+86.031158541214 Technical Email .................nmaiucope@163.com ; Please register your domains at ; http://www.namerich.cn
Network Whois record
Queried whois.apnic.net with “203.93.208.86“…
inetnum: 203.93.0.0 - 203.93.255.255 netname: UNICOM-CN descr: China Unicom IP network descr: China Unicom country: CN admin-c: CH1302-AP tech-c: CH1302-AP mnt-by: APNIC-HM mnt-lower: MAINT-CNCGROUP mnt-routes: MAINT-CNCGROUP-RR status: ALLOCATED PORTABLE changed: hm-changed@apnic.net 20040116 changed: hm-changed@apnic.net 20060124 changed: hm-changed@apnic.net 20090507 changed: hm-changed@apnic.net 20090508 source: APNIC person: ChinaUnicom Hostmaster nic-hdl: CH1302-AP e-mail: abuse@chinaunicom.cn address: No.21,Jin-Rong Street address: Beijing,100140 address: P.R.China phone: +86-10-82993155 fax-no: +86-10-82993144 country: CN changed: abuse@chinaunicom.cn 20090408 mnt-by: MAINT-CNCGROUP source: APNIC
DNS records
DNS query for 86.208.93.203.in-addr.arpa returned an error from the server: NameError
| name | class | type | data | time to live | |
| spendzap.com | IN | A | 203.93.208.86 | 3600s | (01:00:00) |
| spendzap.com | IN | A | 58.17.3.41 | 3600s | (01:00:00) |
| spendzap.com | IN | A | 60.191.239.166 | 3600s | (01:00:00) |
| spendzap.com | IN | A | 60.191.221.123 | 3600s | (01:00:00) |
| spendzap.com | IN | A | 61.191.191.241 | 3600s | (01:00:00) |
Canadian Pharmacy Spam – homevaried.com
Header Analysis
The following IP addresses were extracted from your headers:
| IP Address | Probable Country | Additional Info | |||
| 66.18.238.145 | Canada (Calgary)* | Whois | DNSStuff | Urgentmessage.org | |
| 207.115.36.154 | United States (Richardson)* | Whois | DNSStuff | Urgentmessage.org | |
| * The last IP listed is usually the originating IP address | |||||
Here is the text you submitted, with the IP addresses highlighted:
From Todd Hinkle Sat Jun 13 16:47:50 2009 Return-Path: todd.hinklexs@netron.cz
Authentication-Results: mta167.sbc.mail.mud.yahoo.com from=netron.cz; domainkeys=neutral (no sig); from=netron.cz; dkim=neutral (no sig) Received: from 66.18.238.145 (EHLO nlpi140.prodigy.net) (207.115.36.154) by mta167.sbc.mail.mud.yahoo.com with SMTP;
Sat, 13 Jun 2009 16:47:48 -0700 Received: from zjl05r3 (dsl-vlan458-66-18-238-145.nucleus.com [66.18.238.145]) by nlpi140.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with SMTP id n5DNlSlm031067; Sat, 13 Jun 2009 18:47:47 -0500 Message-ID: <000701c9ec81$5c956240$4a37416a@netron.cz>
Reply-To: “Todd Hinkle” todd.hinklexs@netron.cz
From: “Todd Hinkle” todd.hinklexs@netron.cz
To: ScamFraudAlert
Subject: Get anti anxiety medications online!!
Date: Sat, 13 Jun 2009 18:47:50 -0500 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=”windows-1250″ reply-type=original Content-Transfer-Encoding: 7bit Content-Length: 136
An Incredible CanadianPharmacy is available at your Fingertips!
No Doctor Needed! Browse our SiteToday! -> http://homevaried.com
Address lookup
| canonical name | homevaried.com. |
| aliases | |
| addresses | 60.191.221.123 60.191.239.166 61.191.191.241 203.93.208.86 58.17.3.41 |
Domain Whois record
Queried whois.internic.net with “dom homevaried.com“…
Domain Name: HOMEVARIED.COM Registrar: CHINA SPRINGBOARD INC. Whois Server: whois.namerich.cn Referral URL: http://www.namerich.cn Name Server: NS1.BEDPLAIN.COM Name Server: NS2.BEDPLAIN.COM Name Server: NS3.AGAINTAIL.COM Name Server: NS4.AGAINTAIL.COM Name Server: NS5.OUTMILK.IM Name Server: NS6.OUTMILK.IM Status: ok Updated Date: 10-jun-2009 Creation Date: 10-jun-2009 Expiration Date: 10-jun-2010 Last update of whois database: Thu, 18 Jun 2009 07:58:28 UTC <<<
Queried whois.namerich.cn with “homevaried.com“…
DomainName : homevaried.com RSP: China Springboard Inc. URL: http://www.namerich.cn Name Server......................NS5.OUTMILK.IM Name Server......................NS3.AGAINTAIL.COM Name Server......................NS1.BEDPLAIN.COM Name Server......................NS6.OUTMILK.IM Name Server......................NS4.AGAINTAIL.COM Name Server......................NS2.BEDPLAIN.COM Status...........................ok Creation Date ..................2009-06-10 Expiration Date .................2010-06-10 Last Update Date ...............2009-06-10 Registrant ID ...................V-X-57187-12492 Registrant Name .................JIANG HUA Registrant Organization .........JIANG HUA Registrant Address ..............LONGSHABEILU12 Registrant City..................TianJin Registrant Province/State .......TianJin Registrant Country Code .........CN Registrant Postal Code ..........300009 Registrant Phone Number .........+86.02251251685 Registrant Fax ..................+86.02251251685 Registrant Email ................xianeldb@126.com Administrative ID ...............V-X-57187-12492 Administrative Name .............JIANG HUA Administrative Organization .....JIANG HUA Administrative Address ..........LONGSHABEILU12 Administrative City..............TianJin Administrative Province/State ...TianJin Administrative Country Code .....CN Administrative Postal Code ......300009 Administrative Phone Number .....+86.02251251685 Administrative Fax ..............+86.02251251685 Administrative Email ............xianeldb@126.com Billing ID ......................V-X-57187-12492 Billing Name ....................JIANG HUA Billing Organization ............JIANG HUA Billing Address .................LONGSHABEILU12 Billing City.....................TianJin Billing Province/State ..........TianJin Billing Country Code ............CN Billing Postal Code .............300009 Billing Phone Number ............+86.02251251685 Billing Fax .....................+86.02251251685 Billing Email ...................xianeldb@126.com Technical ID ....................V-X-57187-12492 Technical Name ..................JIANG HUA Technical Organization...........JIANG HUA Technical Address ...............LONGSHABEILU12 Technical City...................TianJin Technical Province/State.........TianJin Technical Country Code ..........CN Technical Postal Code ...........300009 Technical Phone Number ..........+86.02251251685 Technical Fax ...................+86.02251251685 Technical Email .................xianeldb@126.com ; Please register your domains at ; http://www.namerich.cn
Network Whois record
Queried whois.apnic.net with “60.191.221.123“…
inetnum: 60.191.221.0 - 60.191.221.255 netname: JINHUA-TELECOM-LTD country: CN descr: Jinhua Telecom Co.,ltd IDC Center descr: admin-c: LW1143-AP tech-c: CJ54-AP status: ASSIGNED NON-PORTABLE changed: auto-dbm@dcb.hz.zj.cn 20070618 mnt-by: MAINT-CN-CHINANET-ZJ-JH source: APNIC role: CHINANET-ZJ Jinhua address: No.155 Xishi street,Jinhua,Zhejiang.321000 country: CN phone: +86-579-2300779 fax-no: +86-579-2330035 e-mail: anti_spam@mail.jhptt.zj.cn trouble: send spam reports to anti_spam@mail.jhptt.zj.cn trouble: and abuse reports to anti_spam@mail.jhptt.zj.cn trouble: Please include detailed information and times in UTC admin-c: CH55-AP tech-c: CH55-AP nic-hdl: CJ54-AP mnt-by: MAINT-CHINANET-ZJ changed: master@dcb.hz.zj.cn 20031204 source: APNIC person: Lujiang Wang nic-hdl: LW1143-AP e-mail: anti_spam@mail.jhptt.zj.cn address: NO.155 Xishi Street,Jinhua,Zhejiang.Postcode:321000 phone: +86-579-83285460 country: CN changed: auto-dbm@dcb.hz.zj.cn 20070618 mnt-by: MAINT-CN-CHINANET-ZJ-JH source: APNIC
DNS records
DNS query for 123.221.191.60.in-addr.arpa returned an error from the server: NameError
| name | class | type | data | time to live | |
| homevaried.com | IN | A | 58.17.3.41 | 3600s | (01:00:00) |
| homevaried.com | IN | A | 60.191.239.166 | 3600s | (01:00:00) |
| homevaried.com | IN | A | 60.191.221.123 | 3600s | (01:00:00) |
| homevaried.com | IN | A | 61.191.191.241 | 3600s | (01:00:00) |
| homevaried.com | IN | A | 203.93.208.86 | 3600s | (01:00:00) |
— end —
scamFRAUDalert®Pharmacies Checker 