Buying Prescription Drugs Online 
May Be Dangerous
Says Drug Enforcement Administration
Click Here
National Association of Boards of Pharmacy (NABP)
Warning
“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.
Behind The Online Pharmacy
Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.
Buying Medicines Over the Internet
FDA – Consumer Safety Guide
Buying Medication Online Can Be Safe
There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.
Department of Justice – Ryan Haight Act
Read More Health Canada
For a prescription to be valid under federal and state law, there must be a bona fide doctor patient relationship, which is defined by most state laws to require a physical examination. “Completing a questionnaire that is then reviewed by a doctor hired by the internet pharmacy could not be considered the basis for a doctor/patient relationship.” Vol. 66 Federal Register 82, PP 21181-21184 (April 27, 2001)
Moreover, if the prescription drug is a controlled substance and the drug is being imported into the U.S. from a foreign country and being shipped to anyone other than a DEA-registered importer, such transaction is a felony in violation of Sections 957 and 960 of Title 21, United States Code.
Address lookup
canonical name rxcash.biz.
aliases
addresses 91.221.222.1
Domain Whois record
Queried whois.biz with “rxcash.biz”…
Domain Name: RXCASH.BIZ
Domain ID: D17402009-BIZ
Sponsoring Registrar: TUCOWS INC.
Sponsoring Registrar IANA ID: 69
Registrar URL (registration services): whois.opensrs.org
Domain Status: ok
Registrant ID: TUSCHGHYPF4KNNHA
Registrant Name: Etech Levinski
Registrant Organization: Etech
Registrant Address1: 87 7th ave
Registrant City: New York
Registrant State/Province: NY
Registrant Postal Code: 10008
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.8888662828
Registrant Email: etech.admin1@gmail.com
Administrative Contact ID: TUX6SK95C0ROWQS1
Administrative Contact Name: Etech Levinski
Administrative Contact Organization: Etech
Administrative Contact Address1: 87 7th ave
Administrative Contact City: New York
Administrative Contact State/Province: NY
Administrative Contact Postal Code: 10008
Administrative Contact Country: United States
Administrative Contact Country Code: US
Administrative Contact Phone Number: +1.8888662828
Administrative Contact Email: etech.admin1@gmail.com
Billing Contact ID: TUMSWOQHIVN1TLFJ
Billing Contact Name: Etech Levinski
Billing Contact Organization: Etech
Billing Contact Address1: 87 7th ave
Billing Contact City: New York
Billing Contact State/Province: NY
Billing Contact Postal Code: 10008
Billing Contact Country: United States
Billing Contact Country Code: US
Billing Contact Phone Number: +1.8888662828
Billing Contact Email: etech.admin1@gmail.com
Technical Contact ID: TUOCUUMROJ0GULJO
Technical Contact Name: Etech Levinski
Technical Contact Organization: Etech
Technical Contact Address1: 87 7th ave
Technical Contact City: New York
Technical Contact State/Province: NY
Technical Contact Postal Code: 10008
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.8888662828
Technical Contact Email: etech.admin1@gmail.com
Name Server: NS1.DNSMADEEASY.COM
Name Server: NS2.DNSMADEEASY.COM
Name Server: NS3.DNSMADEEASY.COM
Name Server: NS0.DNSMADEEASY.COM
Created by Registrar: TUCOWS INC
Last Updated by Registrar: TUCOWS INC
Domain Registration Date: Tue Apr 17 10:56:12 GMT 2007
Domain Expiration Date: Sat Apr 16 23:59:59 GMT 2011
Domain Last Updated Date: Mon Apr 12 09:13:28 GMT 2010
Whois database was last updated on: Fri Mar 18 08:17:22 GMT 2011
Network Whois record
Queried whois.ripe.net with "-B 91.221.222.1"…
Information related to '91.221.222.0 – 91.221.223.255'
inetnum: 91.221.222.0 – 91.221.223.255
netname: MOEGO-NET
descr: Moego Holdings Limited
country: US
org: ORG-MH14-RIPE
admin-c: SL5631-RIPE
tech-c: SL5631-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: PUREPEAK-MNT-US
mnt-routes: PUREPEAK-MNT-US
mnt-domains: PUREPEAK-MNT
notify: hostmaster@purepeak.com
changed: hostmaster@ripe.net 20101223
source: RIPE
organisation: ORG-MH14-RIPE
org-name: Moego Holdings Limited
org-type: OTHER
address: 16 Zinas Kanther St. Nicosia, Cyprus.
e-mail: shanelevi@gmail.com
mnt-ref: PUREPEAK-MNT-US
mnt-by: PUREPEAK-MNT-US
changed: hostmaster@purepeak.com 20101111
source: RIPE
person: Shane Levi
e-mail: shanelevi@gmail.com
address: 16 Zinas Kanther st., Karantoki Building, 7th floor, P.C 1065, Nicosia, Cyprus
phone: +35718889200530
nic-hdl: SL5631-RIPE
changed: hostmaster@purepeak.com 20101201
source: RIPE
mnt-by: PUREPEAK-MNT-US
Information related to '91.221.222.0/24AS20645'
route: 91.221.222.0/24
descr: PUREPEAK
origin: AS20645
mnt-by: PUREPEAK-MNT
changed: hostmaster@purepeak.com 20101226
source: RIPE
DNS records
DNS query for 1.222.221.91.in-addr.arpa returned an error from the server: NameError
name class type data time to live
rxcash.biz IN A 91.221.222.1 1800s (00:30:00)
rxcash.biz IN NS ns0.dnsmadeeasy.com 86400s (1.00:00:00)
rxcash.biz IN NS ns2.dnsmadeeasy.com 86400s (1.00:00:00)
rxcash.biz IN NS ns1.dnsmadeeasy.com 86400s (1.00:00:00)
rxcash.biz IN NS ns4.dnsmadeeasy.com 86400s (1.00:00:00)
rxcash.biz IN NS ns3.dnsmadeeasy.com 86400s (1.00:00:00)
rxcash.biz IN MX
preference: 10
exchange: mail3.rxcash.biz
1800s (00:30:00)
rxcash.biz IN SOA
server: ns0.dnsmadeeasy.com
email: dns.dnsmadeeasy.com
serial: 2006010157
refresh: 43200
retry: 3600
expire: 1209600
minimum ttl: 180
86400s (1.00:00:00)
— end —
Displaying items 1 to 90, out of a total of 90
http://alphapheromones.com/
http://bestokusuri.com/
http://bestpharma4u.com/
http://bestpharmaonline.com/
http://bestpill4u.com/
http://bestrxdeals.com/
http://billforcash.com/
http://blog.i-kusuri.jp/
http://bonus-rx.com/
http://discountabletz.com/
http://discountpillz.com/
http://epharm4u.com/
http://ezmedz.biz/
http://ezwhitesmile.com/
http://fastmedz.com/
http://generictab.com/
http://himekusuri.jp/
http://jeremys-diet-story.com/
http://jmen-fashion.com/
http://kenkostore.net/
http://medicfarm.com/
http://nicoles-diet-story.com/
http://online-saydalia.com/
http://online-sexual-health.com/
http://passion-ignited.com/
http://pharmasuitcal.com/
http://relationship-questionnaire.info/
http://rx-epharm.com/
http://rx-feeds.com/
http://rx-tab.com/
http://rx-tab.net/
http://rxcash.biz/
http://rxtrue.com/
http://safety-pay.com/
http://sdiscountpharmacy.com/
http://seiryokudo.com/
http://shl-partners.com/
http://shop-ed.net/
http://shop-viagra.net/
http://unitedtabs.com/
http://usviagraorder.com/
http://viagrausaonline.com/
http://vipmedz.com/
http://www.alphapheromones.com/
http://www.bestokusuri.com/
http://www.bestpharma4u.com/
http://www.bestpharmacy4u.com/
http://www.bestpharmacy4u.net/
http://www.bestpharmaonline.com/
http://www.bestpill4u.com/
http://www.bestrxdeals.com/
http://www.bonus-rx.com/
http://www.discountabletz.com/
http://www.discountpillz.com/
http://www.epharm4u.com/
http://www.ezmedz.biz/
http://www.ezmedz.info/
http://www.ezwhitesmile.com/
http://www.fastmedz.com/
http://www.generictab.com/
http://www.himekusuri.jp/
http://www.jeremys-diet-story.com/
http://www.kenkoclinic.com/
http://www.kenkostore.net/
http://www.medicfarm.com/
http://www.medshop.jp/
http://www.nicoles-diet-story.com/
http://www.online-saydalia.com/
http://www.online-sexual-health.com/
http://www.passion-ignited.com/
http://www.pharmasuitcal.com/
http://www.pharmbroker.com/
http://www.pillenpharmvip.com/
http://www.relationship-questionnaire.info/
http://www.rx-epharm.com/
http://www.rx-feeds.com/
http://www.rx-tab.com/
http://www.rx-tab.net/
http://www.rxtrue.com/
http://www.sdiscountpharmacy.com/
http://www.seiryokudo.com/
http://www.shl-partners.com/
http://www.shop-ed.net/
http://www.shop-viagra.net/
http://www.unitedtabs.com/
http://www.viagracheapusa.com/
http://www.viagramarkt.com/
http://www.viagrausaonline.com/
http://www.yorutomogaido.com/
http://yorutomogaido.com/
scamFRAUDalert®Pharmacies Checker 
http://www.tl-pharmacy.com
Address lookup
canonical name http://www.tl-pharmacy.com.
aliases
addresses 78.110.50.130
Domain Whois record
Queried whois.internic.net with “dom tl-pharmacy.com”…
Domain Name: TL-PHARMACY.COM
Registrar: NAME.COM LLC
Whois Server: whois.name.com
Referral URL: http://www.name.com
Name Server: NS1.HT-SYSTEMS.RU
Name Server: NS2.HT-SYSTEMS.RU
Status: clientTransferProhibited
Updated Date: 29-jun-2010
Creation Date: 10-mar-2006
Expiration Date: 10-mar-2012
>>> Last update of whois database: Fri, 18 Mar 2011 08:33:58 UTC <<<
Queried whois.name.com with "tl-pharmacy.com"…
Visit AboutUs.org for more information about tl-pharmacy.com
AboutUs: tl-pharmacy.com
Domain Name: tl-pharmacy.com
Registrar: Name.com LLC
Protected Domain Services Customer ID: NCR-849169
Expiration Date: 2012-03-10 07:20:14
Creation Date: 2006-03-10 07:20:14
Name Servers:
ns1.ht-systems.ru
ns2.ht-systems.ru
REGISTRANT CONTACT INFO
Protected Domain Services – Customer ID: NCR-849169
P.O. Box 6197
Denver
CO
80206
US
Phone: +1.7202492374
Email Address: tl-pharmacy.com@protecteddomainservices.com
ADMINISTRATIVE CONTACT INFO
Protected Domain Services – Customer ID: NCR-849169
P.O. Box 6197
Denver
CO
80206
US
Phone: +1.7202492374
Email Address: tl-pharmacy.com@protecteddomainservices.com
TECHNICAL CONTACT INFO
Protected Domain Services – Customer ID: NCR-849169
P.O. Box 6197
Denver
CO
80206
US
Phone: +1.7202492374
Email Address: tl-pharmacy.com@protecteddomainservices.com
BILLING CONTACT INFO
Protected Domain Services – Customer ID: NCR-849169
P.O. Box 6197
Denver
CO
80206
US
Phone: +1.7202492374
Email Address: tl-pharmacy.com@protecteddomainservices.com
Timestamp: 1300437263.615
The Data in the Name.com LLC WHOIS database is provided by Name.com LLC for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. Name.com LLC does not guarantee its accuracy. By submitting a WHOIS query, you agree that you will use this Data only for lawful purposes and that, under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (2) enable high volume, automated, electronic processes that apply to Name.com LLC (or its systems). Name.com LLC reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
Cached on: 2011-03-18T02:34:23-06:00
Network Whois record
Queried whois.ripe.net with “-B 78.110.50.130″…
% Information related to ‘78.110.48.0 – 78.110.55.255’
inetnum: 78.110.48.0 – 78.110.55.255
netname: RU-HT-SYSTEMS
descr: Hosting Telesystems network
country: RU
admin-c: AN500-RIPE
admin-c: ST4096-RIPE
admin-c: NC4096-RIPE
tech-c: ST4096-RIPE
tech-c: NC4096-RIPE
status: ASSIGNED PA
mnt-by: HT-SYSTEMS-MNT-RIPE
mnt-lower: HT-SYSTEMS-MNT-RIPE
changed: cyberdyne@ht-systems.ru 20100910
source: RIPE
person: Anton Nekhoroshih
address: JSC Hosting Telesystems
address: Moscow, Pavlovskay 27/29
abuse-mailbox: abuse@ht-systems.ru
phone: +7 495 3633310
fax-no: +7 495 3633310
e-mail: anton@ht-systems.ru
nic-hdl: AN500-RIPE
mnt-by: HTS-MNT-RIPE
source: RIPE
changed: stas@FreeBSD.org 20070712
person: Stanislav Sedov
address: 925 S. Wolfe Road, #95
address: Sunnyvale, CA 94086
e-mail: stas@FreeBSD.org
e-mail: stas@ht-systems.ru
remarks: Work phone
phone: +1 408 796 9896
remarks: XMPP: ssedov@jabber.ru
remarks: IRC: stass @ EFNet, RusNet, FreeNode
remarks: WWW: http://www.SpringDaemons.com/
remarks: WWW: http://people.FreeBSD.org/~stas/
remarks: PGP: http://people.FreeBSD.org/~stas/stas.key.asc
remarks: Fingerprint: B83A B15D 929A 364A D8BC B3F9 BF25 A231 092F D9F0
nic-hdl: ST4096-RIPE
mnt-by: SPRINGDAEMONS-MNT-RIPE
changed: stas@FreeBSD.org 20100313
source: RIPE
person: Nikolay Chernyaev
address: Moscow, Pavlovskay 27/29
phone: +7 495 3633310
nic-hdl: NC4096-RIPE
changed: cyberdyne@ht-systems.ru 20100910
source: RIPE
% Information related to ‘78.110.48.0/20AS31240’
route: 78.110.48.0/20
descr: JSC Hosting Telesystems route object
origin: AS31240
mnt-by: HT-SYSTEMS-MNT-RIPE
changed: anton@ht-systems.ru 20070813
source: RIPE
DNS records
name class type data time to live
http://www.tl-pharmacy.com IN A 78.110.50.130 1800s (00:30:00)
tl-pharmacy.com IN SOA
server: ns1.ht-systems.ru
email: noc.ht-systems.ru
serial: 2009112456
refresh: 3600
retry: 300
expire: 604800
minimum ttl: 1800
1800s (00:30:00)
tl-pharmacy.com IN NS ns2.ht-systems.ru 1800s (00:30:00)
tl-pharmacy.com IN NS ns1.ht-systems.ru 1800s (00:30:00)
tl-pharmacy.com IN A 78.110.50.130 1800s (00:30:00)
130.50.110.78.in-addr.arpa IN PTR c28-w.ht-systems.ru 1800s (00:30:00)
— end —
Address lookup
canonical name http://www.pharmacysales.com.
aliases
addresses 216.1.60.18
Domain Whois record
Queried whois.internic.net with “dom pharmacysales.com”…
Domain Name: PHARMACYSALES.COM
Registrar: DOMAIN REGISTRATION SERVICES INC. DBA DOTEARTH.COM
Whois Server: whois.dotearth.com
Referral URL: http://www.dotearth.com
Name Server: NS1.IVIEWER.COM
Name Server: NS2.IVIEWER.COM
Name Server: NS3.IVIEWER.COM
Name Server: NS4.IVIEWER.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 12-mar-2010
Creation Date: 19-mar-1999
Expiration Date: 19-mar-2011
Last update of whois database: Fri, 18 Mar 2011 08:35:59 UTC
Queried whois.dotearth.com with “pharmacysales.com
whois Server Version 0.93
Registrar WHOIS: Domain Registration Services
Domain Name: PHARMACYSALES.COM
Registrant: (46118-DRSS)
GETANAME
1350 E. FLAMINGO ROAD 736
LAS VEGAS, NV 89119
US
Administrative Contact: (46119-DRSS)
Registrar hostmaster@getaname.com
1350 E. Flamingo Road 736
Las Vegas NV 89119 US
+1.888-000-0000
Technical Contact: (46119-DRSS)
Registrar hostmaster@getaname.com
1350 E. Flamingo Road 736
Las Vegas NV 89119 US
+1.888-000-0000
Record last updated on: 2011-03-15 21:35:17.0 UTC
Record created on: 1999-03-19 05:00:00.0 UTC
Record expires on: 2011-03-19 04:00:00.0 UTC
NS1.IVIEWER.COM 70.20.195.35
NS2.IVIEWER.COM 63.209.186.6
NS3.IVIEWER.COM 63.209.186.6
NS4.IVIEWER.COM 209.19.251.8
Register your next domain at http://www.dotEarth.com
Data format subject to change without prior notice.
Network Whois record
Queried rwhois.eng.xo.com with “216.1.60.18”…
whois V-1.5:003fff:00 rwhois.eng.xo.com (by Network Solutions, Inc. V-1.5.9)
error 230 No Objects Found
Queried whois.arin.net with “n 216.1.60.18″…
NetRange: 216.0.0.0 – 216.5.255.255
CIDR: 216.0.0.0/14, 216.4.0.0/15
OriginAS:
NetName: ALGX-ABI-BLK15
NetHandle: NET-216-0-0-0-1
Parent: NET-216-0-0-0-0
NetType: Direct Allocation
NameServer: NS3.XO.COM
NameServer: NS1.XO.COM
NameServer: NS2.XO.COM
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Comment: Please report spam and viruses to abuse@xo.net.
Comment: For better service, direct customers of XO may use
Comment: the web form at http://www.xo.com/contact/care/
Comment: for reverse DNS requests and other customer-specific
Comment: technical issues. Thank you for your cooperation.
RegDate: 2001-01-02
Updated: 2009-03-31
Ref: http://whois.arin.net/rest/net/NET-216-0-0-0-1
OrgName: XO Communications
OrgId: XOXO
Address: 13865 Sunrise Valley Drive
City: Herdon
StateProv: VA
PostalCode: 20171
Country: US
RegDate:
Updated: 2008-01-14
Ref: http://whois.arin.net/rest/org/XOXO
ReferralServer: rwhois://rwhois.eng.xo.com:4321/
OrgTechHandle: XCIA-ARIN
OrgTechName: XO Communications, IP Administrator
OrgTechPhone: +1-703-547-2881
OrgTechEmail: ipadmin@eng.xo.com
OrgTechRef: http://whois.arin.net/rest/poc/XCIA-ARIN
OrgAbuseHandle: XCNV-ARIN
OrgAbuseName: XO Communications, Network Violations
OrgAbusePhone: +1-866-285-6208
OrgAbuseEmail: abuse@xo.net
OrgAbuseRef: http://whois.arin.net/rest/poc/XCNV-ARIN
DNS records
DNS query for 18.60.1.216.in-addr.arpa returned an error from the server: NameError
name class type data time to live
http://www.pharmacysales.com IN A 216.1.60.18 28800s (08:00:00)
pharmacysales.com IN MX
preference: 0
exchange: mx1.iviewer.com
28800s (08:00:00)
pharmacysales.com IN MX
preference: 20
exchange: mx2.iviewer.com
28800s (08:00:00)
pharmacysales.com IN SOA
server: ns1.iviewer.com
email: hostmaster.iviewer.com
serial: 1290679137
refresh: 28800
retry: 14400
expire: 3600000
minimum ttl: 900
28800s (08:00:00)
pharmacysales.com IN NS ns2.iviewer.com 28800s (08:00:00)
pharmacysales.com IN NS ns3.iviewer.com 28800s (08:00:00)
pharmacysales.com IN NS ns4.iviewer.com 28800s (08:00:00)
pharmacysales.com IN NS ns1.iviewer.com 28800s (08:00:00)
pharmacysales.com IN A 216.1.60.18 28800s (08:00:00)
— end —
Well heads up, I guess due to the Russian Business Network, inlcuding Quick Cart Pro and Yambo, as well as the forum spamming crimeware program called Xrumer, 9it seems the name of the service now includes a .com extention, with same name, but now it switched it to “www.rxcash.com”
NDS Infomation should be slightly harder to figure out,
Domain Name: RXCASH.COM
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS10.DNSMADEEASY.COM
Name Server: NS11.DNSMADEEASY.COM
Name Server: NS12.DNSMADEEASY.COM
Name Server: NS13.DNSMADEEASY.COM
Name Server: NS14.DNSMADEEASY.COM
Name Server: NS15.DNSMADEEASY.COM
Status: ok
Updated Date: 21-apr-2011
Creation Date: 21-jun-2005
Expiration Date: 21-jun-2011
New NS name servers,
inetnum: 91.221.222.0 – 91.221.223.255
netname: MOEGO-NET
descr: Moego Holdings Limited
country: US
org: ORG-MH14-RIPE
admin-c: SL5631-RIPE
tech-c: SL5631-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: PUREPEAK-MNT-US
mnt-routes: PUREPEAK-MNT-US
mnt-domains: PUREPEAK-MNT
notify: hostmaster@purepeak.com
changed: hostmaster@ripe.net 20101223
source: RIPE
organisation: ORG-MH14-RIPE
org-name: Moego Holdings Limited
org-type: OTHER
address: 16 Zinas Kanther St. Nicosia, Cyprus.
e-mail: shanelevi@gmail.com
mnt-ref: PUREPEAK-MNT-US
mnt-by: PUREPEAK-MNT-US
changed: hostmaster@purepeak.com 20101111
source: RIPE
person: Shane Levi
e-mail: shanelevi@gmail.com
address: 16 Zinas Kanther st., Karantoki Building, 7th floor, P.C 1065, Nicosia, Cyprus
phone: +35718889200530
nic-hdl: SL5631-RIPE
changed: hostmaster@purepeak.com 20101201
source: RIPE
mnt-by: PUREPEAK-MNT-US
% Information related to ‘91.221.222.0/24AS20645’
route: 91.221.222.0/24
descr: PUREPEAK
origin: AS20645
mnt-by: PUREPEAK-MNT
changed: hostmaster@purepeak.com 20101226
source: RIPE
The DNS and server is a long affliation to Brute Forced Forum Spam Operations with allbestlinks.info, here is their DNS Infomation,
DNS servers
ns2.low-price-sites.com
ns1.low-price-sites.com
Answer records
1.allbestlinks.info A 212.117.174.175 14400s
Authority records
allbestlinks.info NS ns1.low-price-sites.com 14400s
allbestlinks.info NS ns2.low-price-sites.com 14400s
Additional records
ns1.low-price-sites.com A 212.117.174.175 14400s
ns2.low-price-sites.com A 212.117.174.176 14400s
and the host services,
Domain ID:D31294738-LRMS
Domain Name:ALLBESTLINKS.INFO
Created On:26-Jan-2010 15:32:14 UTC
Last Updated On:03-Jan-2011 12:33:56 UTC
Expiration Date:26-Jan-2012 15:32:14 UTC
Sponsoring Registrar:UK2 Group Ltd. (R212-LRMS)
Status:OK
Registrant ID:PP-SP-001
Registrant Name:Domain Admin
Registrant Organization:PrivacyProtect.org
Registrant Street1:ID#10760, PO Box 16
Registrant Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Registrant Street3:
Registrant City:Nobby Beach
Registrant State/Province:
Registrant Postal Code:QLD 4218
Registrant Country:AU
Registrant Phone:+45.36946676
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:contact@privacyprotect.org
Admin ID:PP-SP-001
Admin Name:Domain Admin
Admin Organization:PrivacyProtect.org
Admin Street1:ID#10760, PO Box 16
Admin Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Admin Street3:
Admin City:Nobby Beach
Admin State/Province:
Admin Postal Code:QLD 4218
Admin Country:AU
Admin Phone:+45.36946676
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:contact@privacyprotect.org
Billing ID:PP-SP-001
Billing Name:Domain Admin
Billing Organization:PrivacyProtect.org
Billing Street1:ID#10760, PO Box 16
Billing Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Billing Street3:
Billing City:Nobby Beach
Billing State/Province:
Billing Postal Code:QLD 4218
Billing Country:AU
Billing Phone:+45.36946676
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:contact@privacyprotect.org
Tech ID:PP-SP-001
Tech Name:Domain Admin
Tech Organization:PrivacyProtect.org
Tech Street1:ID#10760, PO Box 16
Tech Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Tech Street3:
Tech City:Nobby Beach
Tech State/Province:
Tech Postal Code:QLD 4218
Tech Country:AU
Tech Phone:+45.36946676
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:contact@privacyprotect.org
Name Server:NS1.LOW-PRICE-SITES.COM
Name Server:NS2.LOW-PRICE-SITES.COM
And ISP that refuses to respond to Abuse reports,
inetnum: 212.117.160.0 – 212.117.175.255
netname: SERVER-NETWORK
descr: root SA
country: LU
admin-c: AB99-RIPE
tech-c: RE655-RIPE
status: ASSIGNED PA
mnt-by: ROOT-MNT
changed: noc@as5577.net 20090424
source: RIPE
role: root eSolutions
address: 35, rue John F. Kennedy
address: 7327 Steinsel
address: Luxembourg
phone: +352 20.500
fax-no: +352 20.500.500
e-mail: info@root.lu
abuse-mailbox: abuse@as5577.net
remarks:
remarks: +————————————+
remarks: | Operational Issues: |
remarks: | noc@as5577.net |
remarks: +————————————+
remarks: | Abuse and Spam: |
remarks: | abuse@as5577.net |
remarks: +————————————+
remarks:
admin-c: RE655-RIPE
tech-c: AB99-RIPE
nic-hdl: RE655-RIPE
mnt-by: ROOT-MNT
changed: noc@as5577.net 20051124
source: RIPE
person: Andy BIERLAIR
address: root SA
address: 35, rue John F. Kennedy
address: 7327 Steinsel
address: Luxembourg
phone: +352 20.500
fax-no: +352 20.500.500
nic-hdl: AB99-RIPE
mnt-by: ROOT-MNT
remarks:
remarks: +————————————+
remarks: | I did *NOT* spam your mailbox! |
remarks: | I will *NOT* reply to abuse mails! |
remarks: | |
remarks: | Please contact abuse@as5577.net ! |
remarks: +————————————+
remarks:
e-mail: ab@root.lu
notify: ab@root.lu
changed: ab@root.lu 20110207
source: RIPE
% Information related to ‘212.117.160.0/19AS5577’
route: 212.117.160.0/19
descr: root SA
origin: AS5577
mnt-by: ROOT-MNT
notify: noc@as5577.net
changed: noc@as5577.net 20100519
source: RIPE
Hope this clears where this Affliation issue with rxcash may end up be more than what it is, as well as where Russian Business Network uses Xrumer to triple their spam operations.
Well heads up, I guess due to the Russian Business Network, inlcuding Quick Cart Pro and Yambo, as well as the forum spamming crimeware program called Xrumer, 9it seems the name of the service now includes a .com extention, with same name, but now it switched it to “www.rxcash.com”
NDS Infomation should be slightly harder to figure out,
Domain Name: RXCASH.COM
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS10.DNSMADEEASY.COM
Name Server: NS11.DNSMADEEASY.COM
Name Server: NS12.DNSMADEEASY.COM
Name Server: NS13.DNSMADEEASY.COM
Name Server: NS14.DNSMADEEASY.COM
Name Server: NS15.DNSMADEEASY.COM
Status: ok
Updated Date: 21-apr-2011
Creation Date: 21-jun-2005
Expiration Date: 21-jun-2011
New NS name servers,
inetnum: 91.221.222.0 – 91.221.223.255
netname: MOEGO-NET
descr: Moego Holdings Limited
country: US
org: ORG-MH14-RIPE
admin-c: SL5631-RIPE
tech-c: SL5631-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: PUREPEAK-MNT-US
mnt-routes: PUREPEAK-MNT-US
mnt-domains: PUREPEAK-MNT
notify: hostmaster@purepeak.com
changed: hostmaster@ripe.net 20101223
source: RIPE
organisation: ORG-MH14-RIPE
org-name: Moego Holdings Limited
org-type: OTHER
address: 16 Zinas Kanther St. Nicosia, Cyprus.
e-mail: shanelevi@gmail.com
mnt-ref: PUREPEAK-MNT-US
mnt-by: PUREPEAK-MNT-US
changed: hostmaster@purepeak.com 20101111
source: RIPE
person: Shane Levi
e-mail: shanelevi@gmail.com
address: 16 Zinas Kanther st., Karantoki Building, 7th floor, P.C 1065, Nicosia, Cyprus
phone: +35718889200530
nic-hdl: SL5631-RIPE
changed: hostmaster@purepeak.com 20101201
source: RIPE
mnt-by: PUREPEAK-MNT-US
% Information related to ‘91.221.222.0/24AS20645’
route: 91.221.222.0/24
descr: PUREPEAK
origin: AS20645
mnt-by: PUREPEAK-MNT
changed: hostmaster@purepeak.com 20101226
source: RIPE
The DNS and server is a long affliation to Brute Forced Forum Spam Operations with allbestlinks.info, here is their DNS Infomation,
DNS servers
ns2.low-price-sites.com
ns1.low-price-sites.com
Answer records
1.allbestlinks.info A 212.117.174.175 14400s
Authority records
allbestlinks.info NS ns1.low-price-sites.com 14400s
allbestlinks.info NS ns2.low-price-sites.com 14400s
Additional records
ns1.low-price-sites.com A 212.117.174.175 14400s
ns2.low-price-sites.com A 212.117.174.176 14400s
and the host services,
Domain ID:D31294738-LRMS
Domain Name:ALLBESTLINKS.INFO
Created On:26-Jan-2010 15:32:14 UTC
Last Updated On:03-Jan-2011 12:33:56 UTC
Expiration Date:26-Jan-2012 15:32:14 UTC
Sponsoring Registrar:UK2 Group Ltd. (R212-LRMS)
Status:OK
Registrant ID:PP-SP-001
Registrant Name:Domain Admin
Registrant Organization:PrivacyProtect.org
Registrant Street1:ID#10760, PO Box 16
Registrant Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Registrant Street3:
Registrant City:Nobby Beach
Registrant State/Province:
Registrant Postal Code:QLD 4218
Registrant Country:AU
Registrant Phone:+45.36946676
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:contact@privacyprotect.org
Admin ID:PP-SP-001
Admin Name:Domain Admin
Admin Organization:PrivacyProtect.org
Admin Street1:ID#10760, PO Box 16
Admin Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Admin Street3:
Admin City:Nobby Beach
Admin State/Province:
Admin Postal Code:QLD 4218
Admin Country:AU
Admin Phone:+45.36946676
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:contact@privacyprotect.org
Billing ID:PP-SP-001
Billing Name:Domain Admin
Billing Organization:PrivacyProtect.org
Billing Street1:ID#10760, PO Box 16
Billing Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Billing Street3:
Billing City:Nobby Beach
Billing State/Province:
Billing Postal Code:QLD 4218
Billing Country:AU
Billing Phone:+45.36946676
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:contact@privacyprotect.org
Tech ID:PP-SP-001
Tech Name:Domain Admin
Tech Organization:PrivacyProtect.org
Tech Street1:ID#10760, PO Box 16
Tech Street2:Note – All Postal Mails Rejected, visit Privacyprotect.org
Tech Street3:
Tech City:Nobby Beach
Tech State/Province:
Tech Postal Code:QLD 4218
Tech Country:AU
Tech Phone:+45.36946676
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:contact@privacyprotect.org
Name Server:NS1.LOW-PRICE-SITES.COM
Name Server:NS2.LOW-PRICE-SITES.COM
And ISP that refuses to respond to Abuse reports,
inetnum: 212.117.160.0 – 212.117.175.255
netname: SERVER-NETWORK
descr: root SA
country: LU
admin-c: AB99-RIPE
tech-c: RE655-RIPE
status: ASSIGNED PA
mnt-by: ROOT-MNT
changed: noc@as5577.net 20090424
source: RIPE
role: root eSolutions
address: 35, rue John F. Kennedy
address: 7327 Steinsel
address: Luxembourg
phone: +352 20.500
fax-no: +352 20.500.500
e-mail: info@root.lu
abuse-mailbox: abuse@as5577.net
remarks:
remarks: +————————————+
remarks: | Operational Issues: |
remarks: | noc@as5577.net |
remarks: +————————————+
remarks: | Abuse and Spam: |
remarks: | abuse@as5577.net |
remarks: +————————————+
remarks:
admin-c: RE655-RIPE
tech-c: AB99-RIPE
nic-hdl: RE655-RIPE
mnt-by: ROOT-MNT
changed: noc@as5577.net 20051124
source: RIPE
person: Andy BIERLAIR
address: root SA
address: 35, rue John F. Kennedy
address: 7327 Steinsel
address: Luxembourg
phone: +352 20.500
fax-no: +352 20.500.500
nic-hdl: AB99-RIPE
mnt-by: ROOT-MNT
remarks:
remarks: +————————————+
remarks: | I did *NOT* spam your mailbox! |
remarks: | I will *NOT* reply to abuse mails! |
remarks: | |
remarks: | Please contact abuse@as5577.net ! |
remarks: +————————————+
remarks:
e-mail: ab@root.lu
notify: ab@root.lu
changed: ab@root.lu 20110207
source: RIPE
% Information related to ‘212.117.160.0/19AS5577’
route: 212.117.160.0/19
descr: root SA
origin: AS5577
mnt-by: ROOT-MNT
notify: noc@as5577.net
changed: noc@as5577.net 20100519
source: RIPE
Hope this clears where this Affliation issue with rxcash may end up be more than what it is, as well as where Russian Business Network uses Xrumer to triple their spam operations.