Buying Prescription Drugs Online 
May Be Dangerous
Says Drug Enforcement Administration
Click Here
National Association of Boards of Pharmacy (NABP)
Warning
“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.
Behind The Online Pharmacy
Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.
Buying Medicines Over the Internet
FDA – Consumer Safety Guide
Buying Medication Online Can Be Safe
There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.
Department of Justice – Ryan Haight Act
Read More Health Canada
For a prescription to be valid under federal and state law, there must be a bona fide doctor patient relationship, which is defined by most state laws to require a physical examination. “Completing a questionnaire that is then reviewed by a doctor hired by the internet pharmacy could not be considered the basis for a doctor/patient relationship.” Vol. 66 Federal Register 82, PP 21181-21184 (April 27, 2001)
Moreover, if the prescription drug is a controlled substance and the drug is being imported into the U.S. from a foreign country and being shipped to anyone other than a DEA-registered importer, such transaction is a felony in violation of Sections 957 and 960 of Title 21, United States Code.
Unapproved Internet Pharmacies
- http://2clickmeds.com/
- http://aciphex-online.com/
- http://acmeds.com/
- http://acyclovir-online.com/
- http://advancedpharmacy.net/
- http://affordable-pills.com/
- http://affordable-rx-meds.com/
- http://affordable-rxmeds.com/
- http://aldara-online.com/
- http://allegra-d-online.com/
- http://allnewdrugs.com/
- http://alphapharmacy.net/
- http://americanpill.net/
- http://basicmeds.net/
- http://bestcarepharmacy.net/
- http://bestfioricet.com/
- http://bestsoma.com/
- http://buspar-online.com/
- http://buy-acyclovir.net/
- http://buy-allegra-d.com/
- http://buy-allegra-online.com/
- http://buy-buspar.com/
- http://buy-celexa-online.net/
- http://buy-claritin-d.com/
- http://buy-cyclobenzaprine.com/
- http://buy-denavir.com/
- http://buy-elavil-online.com/
- http://buy-estradiol.com/
- http://buy-famvir.com/
- http://buy-flexeril.com/
- http://buy-flextra-ds.com/
- http://buy-flonase.com/
- http://buy-fluoxetine-online.com/
- http://buy-fosamax.com/
- http://buy-lamisil.net/
- http://buy-lexapro.net/
- http://buy-mircette.com/
- http://buy-nasonex.com/
- http://buy-norvasc.net/
- http://buy-paxil-online.com/
- http://buy-prevacid.net/
- http://buy-prilosec-online.com/
- http://buy-prozac-online.com/
- http://buy-remeron.net/
- http://buy-renova.net/
- http://buy-soma-rx.com/
- http://buy-triphasil.com/
- http://buy-valtrex-online.net/
- http://buy-yasmin.net/
- http://buy-zithromax-online.net/
- http://buy-zovirax.com/
- http://buy-zyrtec.com/
- http://buyelavilonline.com/
- http://buymedicationnow.com/
- http://buyritepharmacy.com/
- http://buysafedrugs.net/
- http://buysomanow.net/
- http://cedardrugs.com/
- http://celexa-online.com/
- http://cheap-aciphex.com/
- http://cheap-allegra-d.com/
- http://cheap-celexa.com/
- http://cheap-cyclobenzaprine.com/
- http://cheap-diflucan.com/
- http://cheap-famvir.com/
- http://cheap-flonase.com/
- http://cheap-fosamax.com/
- http://cheap-lamisil.com/
- http://cheap-lexapro.com/
- http://cheap-norvasc.com/
- http://cheap-ortho-evra.com/
- http://cheap-ortho-tricyclen.com/
- http://cheap-renova.net/
- http://cheap-seasonale.com/
- http://cheap-valtrex.net/
- http://cheap-wellbutrin.com/
- http://cheap-zanaflex.com/
- http://cheap-zoloft.net/
- http://cheap-zovirax.com/
- http://cheap-zyban.com/
- http://cheapbranddrugs.com/
- http://cheapest-allegra.com/
- http://cheapest-famvir.com/
- http://cheapest-paxil.com/
- http://cheapest-tramadol-online.net/
- http://cheapest-valtrex.com/
- http://cheapest-zyban.net/
- http://cheapest-zyrtec.com/
- http://cheapestlevitra.net/
- http://cheaplipitor.net/
- http://cheapnoprescriptiondrugstore.net/
- http://cheapultram.net/
- http://cherrys-pharmacy.com/
- http://clarinex-online.com/
- http://claritin-d-online.com/
- http://condylox-online.com/
- http://corner-drug-store.net/
- http://cornerstone-pharmacy.net/
- http://cvsmedication.com/
- http://cvspills.com/
- http://cyclobenzaprine-online.com/
- http://diamondpharmacy.net/
- http://dirtcheapmeds.com/
- http://discount-aciphex.com/
- http://discount-aldactone.com/
- http://discount-allegra-d.com/
- http://discount-antivert.com/
- http://discount-celexa.com/
- http://discount-clarinex.com/
- http://discount-claritin-d.com/
- http://discount-cyclobenzaprine.com/
- http://discount-elavil.com/
- http://discount-evista.com/
- http://discount-flexeril.com/
- http://discount-flextra-ds.com/
- http://discount-fluoxetine.com/
- http://discount-fosamax.com/
- http://discount-imitrex.com/
- http://discount-lamisil.com/
- http://discount-mircette.com/
- http://discount-naprosyn.com/
- http://discount-nexium.com/
- http://discount-norvasc.com/
- http://discount-paxil.net/
- http://discount-phentermine-dietpills.com/
- http://discount-prevacid.com/
- http://discount-prilosec.com/
- http://discount-propecia.net/
- http://discount-prozac.net/
- http://discount-remeron.com/
- http://discount-renova.net/
- http://discount-retin-a.com/
- http://discount-valtrex.com/
- http://discount-vaniqa.com/
- http://discount-wellbutrin.com/
- http://discount-zanaflex.com/
- http://discount-zoloft.com/
- http://discount-zyban.com/
- http://discount-zyloprim.com/
- http://discount-zyrtec.net/
- http://discountcialisonline.net/
- http://discountmedsovernight.com/
- http://eagle-pharmacy.com/
- http://eastsidepharmacy.net/
- http://elavil-online.com/
- http://evista-online.com/
- http://fairview-pharmacy.com/
- http://fioricetpainrelief.net/
- http://fioricetweb.com/
- http://flonase-online.com/
- http://fosamax-online.com/
- http://free-online-prescription-drugs.com/
- http://getallmeds.com/
- http://getallpills.com/
- http://harvardpharmacy.com/
- http://herpesmedications.net/
- http://hillcroftpharmacy.com/
- http://honolulupharmacy.net/
- http://husammneimneh.com/
- http://jorgepharmacy.com/
- http://kansascitypharmacy.net/
- http://lawndalepharmacy.com/
- http://leaderdrugstore.com/
- http://lexapro-online.net/
- http://losangelesdrugs.net/
- http://losangelespharmacy.net/
- http://madisonpharmacy.net/
- http://med-pharmacy.net/
- http://medicalstoreonline.net/
- http://medicationpharmacydirect.com/
- http://medrxcheap.com/
- http://medrxone.net/
- http://medssolutionrx.com/
- http://mesapharmacy.net/
- http://metrodrugs.net/
- http://myprescriptionmedsonline.com/
- http://nasonex-online.com/
- http://newyorkrx.net/
- http://norvasc-online.com/
- http://norxviagra.net/
- http://online-prescription-drug-store.com/
- http://onlinedrugstoresite.com/
- http://onlinedrugstoreworld.com/
- http://onlinemedicalhealth.net/
- http://onlinemedscheap.com/
- http://onlinemedscheap.net/
- http://onlineprescriptionsfast.com/
- http://onlineprescriptionsfast.net/
- http://order-tramadol–online.com/
- http://ortho-evra-online.com/
- http://ortho-tricyclen-online.net/
- http://pain-relief-online.com/
- http://pain-relief-rx.com/
- http://paindoctornow.com/
- http://painrelief-pharmacy.com/
- http://parkviewpharmacy.net/
- http://pharmaceuticals-online.net/
- http://phoenixpharmacy.net/
- http://pillsolution.net/
- http://prescriptionmasters.com/
- http://prescriptionsforweightloss.com/
- http://prevacid-online.com/
- http://prilosec-online.net/
- http://prozac-online.net/
- http://reallyfastmeds.com/
- http://retin-a-online.net/
- http://riverside-pharmacy.com/
- http://rxmedspharmacy.com/
- http://rxmedspharmacy.net/
- http://rxtoyourdoor.com/
- http://safeprescription.com/
- http://save-ondrugs.com/
- http://skelaxin-online.com/
- http://stopsmokingzyban.com/
- http://superpharmacyrx.com/
- http://temovate-online.com/
- http://thetramadolsite.com/
- http://tramadoltoday.net/
- http://trustedpainmedssource.com/
- http://ultracettramadol.com/
- http://united-drugs.com/
- http://web-meds.net/
- http://webhomedelivery.com/
- http://wehavemeds.com/
- http://wellbutrin-online.net/
- http://westside-pharmacy.com/
- http://wilshirepharmacy.com/
- http://www.2clickmeds.com/
- http://www.aciphex-online.com/
- http://www.acmeds.com/
- http://www.acyclovir-online.com/
- http://www.advancedpharmacy.net/
- http://www.affordable-pills.com/
- http://www.affordable-rx-meds.com/
- http://www.affordable-rxmeds.com/
- http://www.aldara-online.com/
- http://www.allegra-d-online.com/
- http://www.allnewdrugs.com/
- http://www.alphapharmacy.net/
- http://www.americanpill.net/
- http://www.basicmeds.net/
- http://www.bestcarepharmacy.net/
- http://www.bestfioricet.com/
- http://www.bestsoma.com/
- http://www.bignationpharmacy.com/
- http://www.birthcontrolonline-usa.com/
- http://www.bucksmaker.net/
- http://www.buspar-online.com/
- http://www.buy-acyclovir.net/
- http://www.buy-allegra-d.com/
- http://www.buy-allegra-online.com/
- http://www.buy-buspar.com/
- http://www.buy-celexa-online.net/
- http://www.buy-claritin-d.com/
- http://www.buy-cyclobenzaprine.com/
- http://www.buy-denavir.com/
- http://www.buy-elavil-online.com/
- http://www.buy-estradiol.com/
- http://www.buy-famvir.com/
- http://www.buy-flexeril.com/
- http://www.buy-flextra-ds.com/
- http://www.buy-flonase.com/
- http://www.buy-fluoxetine-online.com/
- http://www.buy-fosamax.com/
- http://www.buy-lamisil.net/
- http://www.buy-lexapro.net/
- http://www.buy-nasonex.com/
- http://www.buy-norvasc.net/
- http://www.buy-paxil-online.com/
- http://www.buy-prevacid.net/
- http://www.buy-prilosec-online.com/
- http://www.buy-prozac-online.com/
- http://www.buy-remeron.net/
- http://www.buy-renova.net/
- http://www.buy-soma-rx.com/
- http://www.buy-triphasil.com/
- http://www.buy-yasmin.net/
- http://www.buy-zithromax-online.net/
- http://www.buy-zovirax.com/
- http://www.buy-zyrtec.com/
- http://www.buycheapfioricetonline.com/
- http://www.buyelavilonline.com/
- http://www.buyfioricetonline-usa.com/
- http://www.buymedicationnow.com/
- http://www.buyritepharmacy.com/
- http://www.buysafedrugs.net/
- http://www.buysomanow.net/
- http://www.buysomaonline-usa.com/
- http://www.buytramadolonline-usa.com/
- http://www.cedardrugs.com/
- http://www.celexa-online.com/
- http://www.cheap-aciphex.com/
- http://www.cheap-allegra-d.com/
- http://www.cheap-celexa.com/
- http://www.cheap-cyclobenzaprine.com/
- http://www.cheap-diflucan.com/
- http://www.cheap-famvir.com/
- http://www.cheap-flonase.com/
- http://www.cheap-fosamax.com/
- http://www.cheap-lamisil.com/
- http://www.cheap-lexapro.com/
- http://www.cheap-norvasc.com/
- http://www.cheap-ortho-tricyclen.com/
- http://www.cheap-renova.net/
- http://www.cheap-seasonale.com/
- http://www.cheap-valtrex.net/
- http://www.cheap-wellbutrin.com/
- http://www.cheap-zanaflex.com/
- http://www.cheap-zoloft.net/
- http://www.cheap-zovirax.com/
- http://www.cheap-zyban.com/
- http://www.cheapbranddrugs.com/
- http://www.cheapest-allegra.com/
- http://www.cheapest-famvir.com/
- http://www.cheapest-paxil.com/
- http://www.cheapest-tramadol-online.net/
- http://www.cheapest-valtrex.com/
- http://www.cheapest-zyban.net/
- http://www.cheapest-zyrtec.com/
- http://www.cheapestlevitra.net/
- http://www.cheaplipitor.net/
- http://www.cheapnoprescriptiondrugstore.net/
- http://www.cheapultram.net/
- http://www.cherrys-pharmacy.com/
- http://www.clarinex-online.com/
- http://www.claritin-d-online.com/
- http://www.condylox-online.com/
- http://www.corner-drug-store.net/
- http://www.cornerstone-pharmacy.net/
- http://www.cvsmedication.com/
- http://www.cvspills.com/
- http://www.cyclobenzaprine-online.com/
- http://www.diamondpharmacy.net/
- http://www.dirtcheapmeds.com/
- http://www.discount-aciphex.com/
- http://www.discount-aldactone.com/
- http://www.discount-allegra-d.com/
- http://www.discount-antivert.com/
- http://www.discount-celexa.com/
- http://www.discount-clarinex.com/
- http://www.discount-claritin-d.com/
- http://www.discount-cyclobenzaprine.com/
- http://www.discount-elavil.com/
- http://www.discount-evista.com/
- http://www.discount-flexeril.com/
- http://www.discount-flextra-ds.com/
- http://www.discount-fluoxetine.com/
- http://www.discount-fosamax.com/
- http://www.discount-imitrex.com/
- http://www.discount-lamisil.com/
- http://www.discount-naprosyn.com/
- http://www.discount-nexium.com/
- http://www.discount-norvasc.com/
- http://www.discount-paxil.net/
- http://www.discount-phentermine-dietpills.com/
- http://www.discount-prevacid.com/
- http://www.discount-prilosec.com/
- http://www.discount-propecia.net/
- http://www.discount-prozac.net/
- http://www.discount-remeron.com/
- http://www.discount-renova.net/
- http://www.discount-retin-a.com/
- http://www.discount-valtrex.com/
- http://www.discount-vaniqa.com/
- http://www.discount-wellbutrin.com/
- http://www.discount-zanaflex.com/
- http://www.discount-zoloft.com/
- http://www.discount-zyban.com/
- http://www.discount-zyloprim.com/
- http://www.discount-zyrtec.net/
- http://www.discountcialisonline.net/
- http://www.discountedovernightmeds.com/
- http://www.discountmedsovernight.com/
- http://www.eagle-pharmacy.com/
- http://www.eastsidepharmacy.net/
- http://www.elavil-online.com/
- http://www.evista-online.com/
- http://www.ezrxforyou.com/
- http://www.fairview-pharmacy.com/
- http://www.fioricetpainrelief.net/
- http://www.fioricetweb.com/
- http://www.flonase-online.com/
- http://www.fosamax-online.com/
- http://www.free-online-prescription-drugs.com/
- http://www.getallmeds.com/
- http://www.getallpills.com/
- http://www.harvardpharmacy.com/
- http://www.herpesmedications.net/
- http://www.hillcroftpharmacy.com/
- http://www.honolulupharmacy.net/
- http://www.husammneimneh.com/
- http://www.jorgepharmacy.com/
- http://www.kansascitypharmacy.net/
- http://www.lawndalepharmacy.com/
- http://www.leaderdrugstore.com/
- http://www.lexapro-online.net/
- http://www.losangelesdrugs.net/
- http://www.losangelespharmacy.net/
- http://www.madisonpharmacy.net/
- http://www.med-pharmacy.net/
- http://www.medicalstoreonline.net/
- http://www.medicationovernight.net/
- http://www.medicationpharmacydirect.com/
- http://www.medrxcheap.com/
- http://www.medrxone.net/
- http://www.medssolutionrx.com/
- http://www.mesapharmacy.net/
- http://www.metrodrugs.net/
- http://www.musclerelaxersonline-usa.com/
- http://www.myprescriptionmedsonline.com/
- http://www.nasonex-online.com/
- http://www.nationalpharma.net/
- http://www.newyorkrx.net/
- http://www.norvasc-online.com/
- http://www.norxviagra.net/
- http://www.online-prescription-drug-store.com/
- http://www.onlinedrugstoresite.com/
- http://www.onlinedrugstoreworld.com/
- http://www.onlinemedicalhealth.net/
- http://www.onlinemedscheap.com/
- http://www.onlinemedscheap.net/
- http://www.onlineprescriptionsfast.com/
- http://www.onlineprescriptionsfast.net/
- http://www.order-tramadol–online.com/
- http://www.orderbutalbitalonline-usa.com/
- http://www.ordercialisonline-usa.com/
- http://www.orderfioricetonline-usa.com/
- http://www.orderlevitraonline-usa.com/
- http://www.ordersomaonline-usa.com/
- http://www.ordertramadolonline-usa.com/
- http://www.orderultracetonline-usa.com/
- http://www.orderultramonline-usa.com/
- http://www.orderviagraonline-usa.com/
- http://www.ortho-evra-online.com/
- http://www.ortho-tricyclen-online.net/
- http://www.pain-relief-online.com/
- http://www.pain-relief-rx.com/
- http://www.paindoctornow.com/
- http://www.painrelief-pharmacy.com/
- http://www.painrelieversonline-usa.com/
- http://www.parkviewpharmacy.net/
- http://www.pharmaceuticals-online.net/
- http://www.phoenixpharmacy.net/
- http://www.pillsolution.net/
- http://www.prescriptionmasters.com/
- http://www.prescriptionsforweightloss.com/
- http://www.prevacid-online.com/
- http://www.prilosec-online.net/
- http://www.prozac-online.net/
- http://www.reallyfastmeds.com/
- http://www.retin-a-online.net/
- http://www.riverside-pharmacy.com/
- http://www.route88pharmacy.com/
- http://www.rxmedspharmacy.com/
- http://www.rxmedspharmacy.net/
- http://www.rxquickship.com/
- http://www.rxtoyourdoor.com/
- http://www.safechoicerx.com/
- http://www.safeprescription.com/
- http://www.save-ondrugs.com/
- http://www.skelaxin-online.com/
- http://www.stopsmokingzyban.com/
- http://www.superpharmacyrx.com/
- http://www.temovate-online.com/
- http://www.thetramadolsite.com/
- http://www.tramadoltoday.net/
- http://www.trustedpainmedssource.com/
- http://www.ultracettramadol.com/
- http://www.united-drugs.com/
- http://www.usonlinepills.com/
- http://www.web-meds.net/
- http://www.webhomedelivery.com/
- http://www.wehavemeds.com/
- http://www.wellbutrin-online.net/
- http://www.westside-pharmacy.com/
- http://www.wilshirepharmacy.com/
- http://www.yasmin-online.com/
- http://www.zanaflex-online.net/
- http://www.zithromax-online.com/
- http://www.zovirax-online.com/
- http://www.zyban-online.com/
- http://www.zyrtec-online.com/
- http://yasmin-online.com/
- http://zanaflex-online.net/
- http://zithromax-online.com/
- http://zovirax-online.com/
- http://zyban-online.com/
- http://zyrtec-online.com/
- http://zyloprim-withoutprescription.com/
scamFRAUDalert®Pharmacies Checker 
Adding new Domains and DNS info when ever http://www.allbestlinks.info and it’s RBN affiliate of http://www.ipahere.com when they add new domains only when the ZeuS Botnet gains more hosts, servers and hijack websites for Russia’s own personal game, they will be listed here,
http://www.edtabs-solution.com DNS Info, New host,
DNS servers
ns1.extendedlv.com
ns2.extendedlv.com
Answer records
http://www.edtabs-solution.com A 190.120.229.5 300s
Authority records
edtabs-solution.com NS ns2.extendedlv.com 300s
edtabs-solution.com NS ns1.extendedlv.com 300s
Additional records
ns1.extendedlv.com A 190.120.229.5 300s
ns2.extendedlv.com A 89.248.172.131 300s <—Spamhaus listed as Spamgang, Nathan Pothier – Centennial Media – SBL94009(Snowshoe and Warez hoster(maybe hosting Xrumer Blackhat SEO crimeware?)), Host likely relayed via ZeuS and SEO Blackhat activity.
Main Whois info,
Domain Name: EDTABS-SOLUTION.COM
Registrar: CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM
Whois Server: whois.joker.com
Referral URL: http://www.joker.com
Name Server: NS1.EXTENDEDLV.COM
Name Server: NS2.EXTENDEDLV.COM
Status: clientTransferProhibited
Updated Date: 07-mar-2011
Creation Date: 07-mar-2011
Expiration Date: 07-mar-2012
Additional Whois Info,
Results returned from whois.joker.com:domain: edtabs-solution.com
owner: Eugene Kotovski
email: kotovskie@gmail.com
address: 59 Glenthorne Rd
city: London
state: —
postal-code: W6 0LJ
country: GB
phone: +44.7039400218
admin-c: CCOM-1692104 kotovskie@gmail.com
tech-c: CCOM-1692104 kotovskie@gmail.com
billing-c: CCOM-1692104 kotovskie@gmail.com
nserver: ns1.extendedlv.com 190.120.229.5
nserver: ns2.extendedlv.com 89.248.172.131
status: lock
created: 2011-03-07 13:27:53 UTC
modified: 2011-03-07 15:38:38 UTC
expires: 2012-03-07 13:27:53 UTC
query-source: 67.222.132.193
contact-hdl: CCOM-1692104
person: Eugene Kotovski
email: kotovskie@gmail.com
address: 59 Glenthorne Rd
city: London
state: —
postal-code: W6 0LJ
country: GB
phone: +44.7039400218
source: joker.com live whois service
query-time: 0.015064
db-updated: 2011-06-26 01:31:30
And ISP Whois info,
inetnum: 190.120.224/20
status: allocated
owner: Infolink Communication Services
ownerid: PA-ICSE-LACNIC
responsible: Network Administrator
address: APDO 0832-2745, Suite 152, World Trade C, –,
address: 00000 – Panama – PA
country: PA
phone: +50 7 3902015 []
owner-c: INA3
tech-c: INA3
abuse-c: IAT
inetrev: 190.120.224/21
nserver: THING1.INFOLINK.COM
nsstat: 20110624 AA
nslastaa: 20110624
nserver: THING2.INFOLINK.COM
nsstat: 20110624 AA
nslastaa: 20110624
created: 20090205
changed: 20091105
nic-hdl: IAT
person: Infolink Abuse Team
e-mail: abuse@INFOLINK.COM
address: ADPO 0832-2745, Suite 152 , World Trade C, –,
address: 0000 – Panama – PA
country: PA
phone: +50 7 3902015 []
created: 20091014
changed: 20091105
nic-hdl: INA3
person: Infolink Network Administrator
e-mail: netadm@INFOLINK.COM
address: 3109 Grand Ave. #455, 455,
address: 33133 – Miami – FL
country: US
phone: +011 305 3241616 []
created: 20070717
changed: 20110530
Please check this domain for the likely hood of more illegal pharma hosting.
playing items 1 to 30, out of a total of 30
http://best-generics-supplier.com/
http://edmedications-online.com/
http://edtabs-selection.com/
http://edtabs-sellout.com/
http://edtabs-solution.com/
http://fast-edhelp.com/
http://fast-edsolution.com/
http://french-online-pharmacy.com/
http://my-securebilling.com/
http://popularpills-online.com/
http://reliable-tablets.com/
http://safe-edpills.com/
http://spanish-online-pharmacy.com/
http://trustedtablets-online.com/
http://www.best-generics-supplier.com/
http://www.edmedications-online.com/
http://www.edtabs-selection.com/
http://www.edtabs-sellout.com/
http://www.edtabs-solution.com/
http://www.fast-edhelp.com/
http://www.fast-edsolution.com/
http://www.french-online-pharmacy.com/
http://www.my-securebilling.com/
http://www.popularpills-online.com/
http://www.reliable-tablets.com/
http://www.safe-edpills.com/
http://www.spanish-online-pharmacy.com/
http://www.trustedtablets-online.com/
http://www.your-perfect-generics.com/
http://your-perfect-generics.com/
Ok Scrub, got another fresh domain offered by allbestlinks.info , another newly created RBN related affiliate which includes something in the ISP Whois that has a “Russia” address but is from another country, and it is not a www based address,
bestpillsmarket.com DNS and Whois Info,
DNS servers
ns1.serverns.com
ns2.serverns.com
Query for DNS records for bestpillsmarket.com failed: Timed out <– likely firewalled
Main Whois Info,
Domain Name: BESTPILLSMARKET.COM
Registrar: 1 API GMBH
Whois Server: whois.1api.net
Referral URL: http://www.1api.net
Name Server: NS1.SERVERNS.COM
Name Server: NS2.SERVERNS.COM
Status: ok
Updated Date: 21-jun-2011
Creation Date: 21-jun-2011
Expiration Date: 21-jun-2012
Additional Whois info,
DOMAIN: BESTPILLSMARKET.COM
RSP: HEXONET Services Inc.
URL: http://www.HEXONET.net
created-date: 2011-06-21 10:58:14
updated-date: 2011-06-21 10:58:14
registration-expiration-date: 2012-06-21 10:58:16
owner-organization: Registrant of bestpillsmarket.com
owner-name: c/o WHOIStrustee.com Limited
owner-street: Suite 3686, 24b Moorefield Road
owner-city: Johnsonville
owner-state: Wellington
owner-zip: 6037
owner-country: NZ
owner-phone: +64.0000
owner-fax:
owner-email: daadd8fd9b@bestpillsmarket.com.whoistrustee.com
admin-organization: Registrant of bestpillsmarket.com
admin-name: c/o WHOIStrustee.com Limited
admin-street: Suite 3686, 24b Moorefield Road
admin-city: Johnsonville
admin-state: Wellington
admin-zip: 6037
admin-country: NZ
admin-phone: +64.0000
admin-fax:
admin-email: daadd8fd9b@bestpillsmarket.com.whoistrustee.com
tech-organization: Registrant of bestpillsmarket.com
tech-name: c/o WHOIStrustee.com Limited
tech-street: Suite 3686, 24b Moorefield Road
tech-city: Johnsonville
tech-state: Wellington
tech-zip: 6037
tech-country: NZ
tech-phone: +64.0000
tech-fax:
tech-email: daadd8fd9b@bestpillsmarket.com.whoistrustee.com
billing-organization: Registrant of bestpillsmarket.com
billing-name: c/o WHOIStrustee.com Limited
billing-street: Suite 3686, 24b Moorefield Road
billing-city: Johnsonville
billing-state: Wellington
billing-zip: 6037
billing-country: NZ
billing-phone: +64.0000
billing-fax:
billing-email: daadd8fd9b@bestpillsmarket.com.whoistrustee.com
nameserver: ns1.serverns.com
nameserver: ns2.serverns.com
; —
; Be Your Own Services Provider
; Domains, Backorders, DNS, SSL Certs and much more …
and ISP Info,
inetnum: 78.41.203.135 – 78.41.203.135
netname: WORLD-DEDICATED-NET
descr: IP range World Dedicated Ltd
country: NL
admin-c: AA10575-RIPE
tech-c: AA10575-RIPE
remarks: ****************************************************************************************************
remarks: Please report _ALL_ abuse issues to e57303@abuse.bz
remarks: This is the only e-mail address that will guarantee a process of your report.
remarks: ****************************************************************************************************
status: ASSIGNED PA
mnt-by: SNEL-MNT
changed: ripe@snelis.com 20110531
source: RIPE
person: Alex Averin
address: Russian Federation, Moscow, Lenina st. 10 <– a Russian Address on a Netherlands ISP? Normally it is not available to countries like this…
phone: +79194740626
e-mail: alex.averin@mail.com
abuse-mailbox: e57303@abuse.bz
nic-hdl: AA10575-RIPE
mnt-by: SNEL-MNT
changed: ripe@snelis.com 20110531
source: RIPE
% Information related to '78.41.200.0/21AS20495'
route: 78.41.200.0/21
descr: Snel Internet IP space routed by We Dare
origin: AS20495
mnt-by: WEDARE-MNT
mnt-lower: SHIRYO-MNT
changed: beheer@we-dare.net 20101201
source: RIPE
% Information related to '78.41.203.0/24AS42267'
route: 78.41.203.0/24
descr: IP Range ServerFFS
origin: AS42267
mnt-by: SHIRYO-MNT
changed: beheer@we-dare.net 20110411
source: RIPE
Contact info of this ISP has connections in Germany and Netherlands only addresses, apparently RBN is trying to avoid being tracked by abuse report from the notions of that Russian Address in the ISP lookup.
Another Fresh RBN affiliated pharma site and is popular with allbestlinks.info and http://www.ipahere.com(and related websites with the “IPA” (Independent Pharmaceutical Association) affiliate via what is seen on a google search, and so,
Domain information of rxcod.com , again, not a www address,
DNS servers
ns3.pointservers.com
ns4.pointservers.com
Answer records
rxcod.com MX preference: 0
exchange: rxcod.com
14400s
rxcod.com SOA server: ns3.pointservers.com
email: dialupone@live.com
serial: 2011050902
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s
rxcod.com NS ns4.pointservers.com 86400s
rxcod.com NS ns3.pointservers.com 86400s
rxcod.com A 209.151.166.68 14400s
Authority records
Additional records
rxcod.com A 209.151.166.68 14400s
ns3.pointservers.com A 96.30.27.192 14400s
ns4.pointservers.com A 208.79.234.35 14400s
Main Whois Server,
Domain Name: RXCOD.COM
Registrar: CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM
Whois Server: whois.joker.com
Referral URL: http://www.joker.com
Name Server: NS3.POINTSERVERS.COM
Name Server: NS4.POINTSERVERS.COM
Status: clientTransferProhibited
Updated Date: 09-may-2011
Creation Date: 27-mar-2011
Expiration Date: 27-mar-2012
Additional Whois Info,
Results returned from whois.joker.com:domain: rxcod.com
owner: Steven Bowen
organization: Trusted Online LLC
email: domains@trustedonline.net
address: 4745 US 31 S
city: Charlevoix
state: MI
postal-code: 49720
country: US
phone: +1.2313301735
admin-c: CCOM-1662353 domains@trustedonline.net
tech-c: CCOM-1662353 domains@trustedonline.net
billing-c: CCOM-1662353 domains@trustedonline.net
nserver: ns3.pointservers.com
nserver: ns4.pointservers.com
status: lock
created: 2011-03-27 17:01:34 UTC
modified: 2011-05-09 20:12:08 UTC
expires: 2012-03-27 17:01:34 UTC
query-source: 67.222.132.193
contact-hdl: CCOM-1662353
person: Steven Bowen
organization: Trusted Online LLC
email: domains@trustedonline.net
address: 4745 US 31 S
city: Charlevoix
state: MI
postal-code: 49720
country: US
phone: +1.2313301735
source: joker.com live whois service
query-time: 0.008516
db-updated: 2011-06-28 11:40:24
ISP Whois Info,
NetRange: 209.151.160.0 – 209.151.175.255
CIDR: 209.151.160.0/20
OriginAS: AS31797
NetName: GALAX-NETBLK-14
NetHandle: NET-209-151-160-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
RegDate: 2009-04-20
Updated: 2010-06-29
Ref: http://whois.arin.net/rest/net/NET-209-151-160-0-1
OrgName: Galaxyvisions Inc
OrgId: GALAX-6
Address: 882 3rd avenue 8th floor
City: Brooklyn
StateProv: NY
PostalCode: 11232
Country: US
RegDate: 2003-12-15
Updated: 2009-04-17
Ref: http://whois.arin.net/rest/org/GALAX-6
ReferralServer: rwhois://rwhois.galaxyvisions.com:4321
OrgAbuseHandle: GALAX2-ARIN
OrgAbuseName: Galaxyvisions Abuse
OrgAbusePhone: +1-201-227-2072
OrgAbuseEmail: abuse@galaxyvisions.com
OrgAbuseRef: http://whois.arin.net/rest/poc/GALAX2-ARIN
OrgTechHandle: GALAX1-ARIN
OrgTechName: Galaxyvisions NOC
OrgTechPhone: +1-201-227-2072
OrgTechEmail: noc@galaxyvisions.com
OrgTechRef: http://whois.arin.net/rest/poc/GALAX1-ARIN
RTechHandle: GALAX1-ARIN
RTechName: Galaxyvisions NOC
RTechPhone: +1-201-227-2072
RTechEmail: noc@galaxyvisions.com
RTechRef: http://whois.arin.net/rest/poc/GALAX1-ARIN
RAbuseHandle: GALAX2-ARIN
RAbuseName: Galaxyvisions Abuse
RAbusePhone: +1-201-227-2072
RAbuseEmail: abuse@galaxyvisions.com
RAbuseRef: http://whois.arin.net/rest/poc/GALAX2-ARIN
The recent RBN created Generic illegal pharma domains have been recently using the registrar CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM, the Registrar that has been popular with Spamgangs and Cyber Criminal Mafias.
Ok Scrub, looks like I do have some updates concerning the 365pills.com RBN Affiliate, also word a site that tracks RBN domains has also caught something along the lines of their Giant Operation, will add DNS server information of the 3 domains,
Site of RBN listings which include malware, Fake Av, and yours truly Pharma domains that allbestlinks.info and http://www.ipahere.com is spewing,
http://doc.emergingthreats.net/pub/Main/RussianBusinessNetwork/RBN_IP_List_Update_6-19-2011.txt
The entriee I found listed is of some of those domains,
78.47.23.227
approvedpills.us
pillsnextday.com pharma
secure365pills.com
And now the DNS infomation of those including the unlisted priority-pills.com,
DNS servers
dns3.easydns.ca
dns2.easydns.net
dns1.easydns.com
Answer records
priority-pills.com SOA server: dns0.easydns.com
email: zone@easydns.com
serial: 1305702666
refresh: 43200
retry: 10800
expire: 1209600
minimum ttl: 10800
10800s
priority-pills.com A 78.47.23.227 10800s
priority-pills.com MX preference: 0
exchange: mx-caprica.easydns.com
10800s
priority-pills.com NS dns1.easydns.com 10800s
priority-pills.com NS dns3.easydns.ca 10800s
priority-pills.com NS dns2.easydns.net 10800s
Authority records
Additional records
mx-caprica.easydns.com A 64.68.200.71 300s
dns1.easydns.com A 64.68.192.10 300s
dns1.easydns.com 28 [16 bytes] 300s
dns2.easydns.net A 72.52.2.1 43200s
dns3.easydns.ca A 64.68.194.10 10800s
dns3.easydns.ca 28 [16 bytes] 10800s
Main Whois Info,
Domain Name: PRIORITY-PILLS.COM
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Name Server: DNS1.EASYDNS.COM
Name Server: DNS2.EASYDNS.NET
Name Server: DNS3.EASYDNS.CA
Status: clientTransferProhibited
Updated Date: 17-may-2011
Creation Date: 29-mar-2011
Expiration Date: 29-mar-2012
Addional Whois info,
Results returned from whois.publicdomainregistry.com:Registration Service Provided By: GOSSIMER
Contact: +1.8889024678
Website: http://www.gossimer.com
Domain Name: PRIORITY-PILLS.COM
Registrant:
5 Colomn
John May 5colomn@gmail.com
n/a
Moskow
Moskovskaya oblast,127000
RU
Tel. +7.9038013766
Creation Date: 29-Mar-2011
Expiration Date: 29-Mar-2012
Domain servers in listed order:
dns1.easydns.com
dns2.easydns.net
dns3.easydns.ca
Administrative Contact:
5 Colomn
John May 5colomn@gmail.com
n/a
Moskow
Moskovskaya oblast,127000
RU
Tel. +7.9038013766
Technical Contact:
5 Colomn
John May 5colomn@gmail.com
n/a
Moskow
Moskovskaya oblast,127000
RU
Tel. +7.9038013766
Billing Contact:
5 Colomn
John May (5colomn@gmail.com)
n/a
Moskow
Moskovskaya oblast,127000
RU
Tel. +7.9038013766
Status:LOCKED
Note: This Domain Name is currently Locked. In this status the domain
name cannot be transferred, hijacked, or modified. The Owner of this
domain name can easily change this status from their control panel.
This feature is provided as a security measure against fraudulent domain name hijacking.
And ISP Whois,
inetnum: 78.47.23.224 – 78.47.23.239
netname: HETZNER-ONLINE-AG-VIRTUALISIERUNG-POOL11
descr: Hetzner Online AG – Virtualisierung
country: DE
admin-c: HOAV1-RIPE
tech-c: HOAV1-RIPE
status: ASSIGNED PA
mnt-by: HOS-GUN
changed: ripe-dbm-updates@robot.first-ns.de 20110420
source: RIPE
person: Hetzner Online AG – Virtualisierung
address: Hetzner Online AG – Virtualisierung
address: Stuttgarter Str. 1
address: 91710 Gunzenhausen
address: GERMANY
phone: +499831610061
fax-no: +499831610062
e-mail: info@hetzner.de
nic-hdl: HOAV1-RIPE
notify: ripe-mntner@hetzner.de
mnt-by: HOS-GUN
changed: ripe-dbm-updates@robot.first-ns.de 20101008
changed: ripe-dbm-updates@robot.first-ns.de 20110110
source: RIPE
% Information related to ‘78.46.0.0/15AS24940’
route: 78.46.0.0/15
descr: HETZNER-RZ-NBG-BLK5
origin: AS24940
org: ORG-HOA1-RIPE
mnt-by: HOS-GUN
changed: ripe@hetzner.de 20070416
source: RIPE
organisation: ORG-HOA1-RIPE
org-name: Hetzner Online AG
org-type: LIR
address: Hetzner Online AG
Attn. Martin Hetzner
Stuttgarter Str. 1
91710 Gunzenhausen
GERMANY
phone: +49 9831 610061
fax-no: +49 9831 610062
e-mail: info@hetzner.de
admin-c: DM93-RIPE
admin-c: GM834-RIPE
admin-c: HOAC1-RIPE
admin-c: MH375-RIPE
admin-c: RB1502-RIPE
admin-c: SK2374-RIPE
admin-c: TF2013-RIPE
admin-c: MF1400-RIPE
mnt-ref: HOS-GUN
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
changed: hostmaster@ripe.net 20040415
changed: bitbucket@ripe.net 20041025
changed: bitbucket@ripe.net 20041216
changed: bitbucket@ripe.net 20041216
changed: bitbucket@ripe.net 20050201
changed: bitbucket@ripe.net 20050203
changed: bitbucket@ripe.net 20050204
changed: hostmaster@ripe.net 20050217
changed: hostmaster@ripe.net 20050217
changed: bitbucket@ripe.net 20050221
changed: bitbucket@ripe.net 20050321
changed: bitbucket@ripe.net 20050405
changed: bitbucket@ripe.net 20050706
changed: bitbucket@ripe.net 20050913
changed: bitbucket@ripe.net 20051220
changed: bitbucket@ripe.net 20051223
changed: bitbucket@ripe.net 20051227
changed: bitbucket@ripe.net 20060919
changed: bitbucket@ripe.net 20070328
changed: bitbucket@ripe.net 20070405
changed: bitbucket@ripe.net 20070411
changed: bitbucket@ripe.net 20070416
changed: bitbucket@ripe.net 20070416
changed: bitbucket@ripe.net 20070813
changed: bitbucket@ripe.net 20070829
changed: bitbucket@ripe.net 20080402
changed: bitbucket@ripe.net 20090519
changed: bitbucket@ripe.net 20091215
source: RIPE
The site of emergingthreats.net is currently updating RBN domains every month in order to track their activity, including SEO Operations like this, and hope that if you get a chance to check that RBN list URL, you might find more pharma domains that could be in need to be listed on your blog Scrub.
Got another Fresh RBN Affiliate unidentified pharma site they spewed again, knowing RBN continues to use Malware to hack servers and their hosts,
This domain is http://www.westcoastdrugs.net , here is the DNS Info,
DNS servers
ns.rackspace.com
ns2.rackspace.com
Answer records
westcoastdrugs.net SOA server: ns.rackspace.com
email: hostmaster@rackspace.com
serial: 1275027492
refresh: 3600
retry: 300
expire: 1814400
minimum ttl: 300
300s
westcoastdrugs.net MX preference: 10
exchange: westcoastdrugs.net
86400s
westcoastdrugs.net NS ns.rackspace.com 86400s
westcoastdrugs.net NS ns2.rackspace.com 86400s
westcoastdrugs.net TXT v=spf1 ip4:120.136.35.1/15 ip4:120.136.36.18 ptr:mail.westcoastdrugs.net –all 86400s
westcoastdrugs.net A 120.136.35.8 86400s
Main Whois Info,
Domain Name: WESTCOASTDRUGS.NET
Registrar: EASYDNS TECHNOLOGIES, INC.
Whois Server: whois.easydns.com
Referral URL: http://www.easydns.com
Name Server: NS.RACKSPACE.COM
Name Server: NS2.RACKSPACE.COM
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 19-sep-2010
Creation Date: 15-nov-2008
Expiration Date: 15-nov-2012
Additional Whois Info,
Results returned from whois.easydns.com:Registrant:
Asian Capital Equities
Suite 501 St James Court St Denis Street
Port Louis, MU 56290
MU
Domain name: WESTCOASTDRUGS.NET
Administrative Contact:
Managment, Domain domains@asiancapitalequities.com
Suite 501 St James Court St Denis Street
Port Louis, MU 56290
MU
1.7862313792 Fax: 1.9175919249
Technical Contact:
Managment, Domain domains@asiancapitalequities.com
Suite 501 St James Court St Denis Street
Port Louis, MU 56290
MU
1.7862313792 Fax: 1.9175919249
Registrar of Record: easyDNS Technologies, Inc.
Record last updated on 19-Sep-2010.
Record expires on 15-Nov-2012.
Record created on 15-Nov-2008.
Domain servers in listed order:
NS2.RACKSPACE.COM 65.61.188.4
NS.RACKSPACE.COM 69.20.95.4
Domain status: clientTransferProhibited
clientUpdateProhibited
This domain is being managed via EASYDNS
ISP Whois,
inetnum: 120.136.35.8 – 120.136.35.15
netname: RSPC-HK-Asian-Equities
descr: Asian Equities-IP space
country: US
admin-c: RN158-AP
tech-c: RN158-AP
status: ASSIGNED NON-PORTABLE
remarks:
notify: hostmaster@rackspace.com
mnt-by: MAINT-US-RSPC
changed: joconnel@rackspace.com 20090203
source: APNIC
person: Rackspace NOC
nic-hdl: RN158-AP
e-mail: noc@rackspace.com
address: 9725 Datapoint Drive, Suite 100
address: San Antonio, TX 78229
phone: +1-210-312-4700
country: US
changed: joconnel@rackspace.com 20080305
mnt-by: MAINT-US-RSPC
source: APNIC
And this is of many RBN domains that use more Generic companies that make it difficult to pinpoint or shutdown the site without affecting other sites as well, malware has this ablity.
A new RBN US server hijack with allbestlinks.info and is hording Search Enginues Like Google to prevent anti-spam sites from tracing this URL as “Bad”, to RBN’s methods,
This site is also part of PharmaCash Affiliate too, DNS info Below,
DNS servers
ns16.ixwebhosting.com
ns15.ixwebhosting.com
Answer records
superonlinemeds.com A 173.83.76.60 21600s
superonlinemeds.com MX preference: 10
exchange: mail509.ixwebhosting.com
21600s
superonlinemeds.com NS ns16.ixwebhosting.com 21600s
superonlinemeds.com SOA server: ns15.ixwebhosting.com
email: admin@ixwebhosting.com
serial: 2010082404
refresh: 10800
retry: 3600
expire: 604800
minimum ttl: 86400
21600s
superonlinemeds.com NS ns15.ixwebhosting.com 21600s
Authority records
Additional records
mail509.ixwebhosting.com A 76.162.254.119 21600s
ns15.ixwebhosting.com A 98.130.253.162 21600s
mail509.ixwebhosting.com A 76.162.254.116 21600s
mail509.ixwebhosting.com A 76.162.254.117 21600s
mail509.ixwebhosting.com A 76.162.254.120 21600s
ns16.ixwebhosting.com A 98.130.1.26 21600s
mail509.ixwebhosting.com A 76.162.254.118 21600s
Main Whois Info,
Domain Name: SUPERONLINEMEDS.COM
Registrar: FASTDOMAIN, INC.
Whois Server: whois.fastdomain.com
Referral URL: http://www.fastdomain.com
Name Server: NS15.IXWEBHOSTING.COM
Name Server: NS16.IXWEBHOSTING.COM
Status: clientTransferProhibited
Updated Date: 26-nov-2010
Creation Date: 25-nov-2008
Expiration Date: 25-nov-2011
Add Another Registrar RBN has obtained, Additional Whois Info,
Registrar: FastDomain Inc.
Provider Name….: BlueHost.Com
Provider Whois…: whois.bluehost.com
Provider Homepage: http://www.bluehost.com/
Domain Name: SUPERONLINEMEDS.COM
Created on…………..: 2008-11-25 20:30:05 GMT
Expires on…………..: 2011-11-25 20:30:05 GMT
Last modified on……..: 2010-12-01 01:03:34 GMT
Registrant Info: (FAST-12785240)
Bluehost.com
Bluehost Inc
1958 South 950 East
Provo, Utah 84604
United States
Phone: +1.8017659400
Fax..: +1.8017651992
Email: whois@bluehost.com
Last modified: 2010-12-06 18:43:32 GMT
Administrative Info: (FAST-12785240)
Bluehost.com
Bluehost Inc
1958 South 950 East
Provo, Utah 84604
United States
Phone: +1.8017659400
Fax..: +1.8017651992
Email: whois@bluehost.com
Last modified: 2010-12-06 18:43:32 GMT
Technical Info: (FAST-12785240)
Bluehost.com
Bluehost Inc
1958 South 950 East
Provo, Utah 84604
United States
Phone: +1.8017659400
Fax..: +1.8017651992
Email: whois@bluehost.com
Last modified: 2010-12-06 18:43:32 GMT
Status: Locked
Domain servers in listed order:
NS15.IXWEBHOSTING.COM
NS16.IXWEBHOSTING.COM
ISP info,
NetRange: 173.83.0.0 – 173.83.255.255
CIDR: 173.83.0.0/16
OriginAS: AS32392
NetName: ECOMM-200912
NetHandle: NET-173-83-0-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
RegDate: 2009-12-16
Updated: 2009-12-16
Ref: http://whois.arin.net/rest/net/NET-173-83-0-0-1
OrgName: Ecommerce Corporation
OrgId: ECOMM-5
Address: 1774 Dividend Dr
City: Columbus
StateProv: OH
PostalCode: 43228
Country: US
RegDate: 2006-11-06
Updated: 2011-05-24
Ref: http://whois.arin.net/rest/org/ECOMM-5
OrgNOCHandle: HNI1-ARIN
OrgNOCName: eCommerce NOC
OrgNOCPhone: +1-614-534-1960
OrgNOCEmail: ipadmin@ecommerce.com
OrgNOCRef: http://whois.arin.net/rest/poc/HNI1-ARIN
OrgAbuseHandle: ABUSE875-ARIN
OrgAbuseName: eCommerce Inc ABUSE Dept
OrgAbusePhone: +1-614-777-1699
OrgAbuseEmail: abuse@ecommerce.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE875-ARIN
OrgTechHandle: HNI1-ARIN
OrgTechName: eCommerce NOC
OrgTechPhone: +1-614-534-1960
OrgTechEmail: ipadmin@ecommerce.com
OrgTechRef: http://whois.arin.net/rest/poc/HNI1-ARIN
RNOCHandle: HNI1-ARIN
RNOCName: eCommerce NOC
RNOCPhone: +1-614-534-1960
RNOCEmail: ipadmin@ecommerce.com
RNOCRef: http://whois.arin.net/rest/poc/HNI1-ARIN
RTechHandle: HNI1-ARIN
RTechName: eCommerce NOC
RTechPhone: +1-614-534-1960
RTechEmail: ipadmin@ecommerce.com
RTechRef: http://whois.arin.net/rest/poc/HNI1-ARIN
RAbuseHandle: ABUSE875-ARIN
RAbuseName: eCommerce Inc ABUSE Dept
RAbusePhone: +1-614-777-1699
RAbuseEmail: abuse@ecommerce.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE875-ARIN
eCommerce was recently hit with more ZeuS Botnet activity and hosting of new servers so they may obtain new servers they could reproduce Xrumer Created Pharma sites for prevention of shutting down these sites.
http://alphapheromones.com/
http://bestokusuri.com/
http://bestpharma4u.com/
http://bestpharmaonline.com/
http://bestpill4u.com/
http://bestrxdeals.com/
http://billforcash.com/
http://blog.i-kusuri.jp/
http://bonus-rx.com/
http://discountabletz.com/
http://discountpillz.com/
http://epharm4u.com/
http://ezmedz.biz/
http://ezwhitesmile.com/
http://fastmedz.com/
http://generictab.com/
http://himekusuri.jp/
http://jeremys-diet-story.com/
http://jmen-fashion.com/
http://kenkostore.net/
http://medicfarm.com/
http://nicoles-diet-story.com/
http://online-saydalia.com/
http://online-sexual-health.com/
http://passion-ignited.com/
http://pharmasuitcal.com/
http://relationship-questionnaire.info/
http://rx-epharm.com/
http://rx-feeds.com/
http://rx-tab.com/
http://rx-tab.net/
http://rxcash.biz/
http://rxtrue.com/
http://safety-pay.com/
http://sdiscountpharmacy.com/
http://seiryokudo.com/
http://shl-partners.com/
http://shop-ed.net/
http://shop-viagra.net/
http://unitedtabs.com/
http://usviagraorder.com/
http://viagrausaonline.com/
http://vipmedz.com/
http://www.alphapheromones.com/
http://www.bestokusuri.com/
http://www.bestpharma4u.com/
http://www.bestpharmacy4u.com/
http://www.bestpharmacy4u.net/
http://www.bestpharmaonline.com/
http://www.bestpill4u.com/
http://www.bestrxdeals.com/
http://www.bonus-rx.com/
http://www.discountabletz.com/
http://www.discountpillz.com/
http://www.epharm4u.com/
http://www.ezmedz.biz/
http://www.ezmedz.info/
http://www.ezwhitesmile.com/
http://www.fastmedz.com/
http://www.generictab.com/
http://www.himekusuri.jp/
http://www.jeremys-diet-story.com/
http://www.kenkoclinic.com/
http://www.kenkostore.net/
http://www.medicfarm.com/
http://www.medshop.jp/
http://www.nicoles-diet-story.com/
http://www.online-saydalia.com/
http://www.online-sexual-health.com/
http://www.passion-ignited.com/
http://www.pharmasuitcal.com/
http://www.pharmbroker.com/
http://www.pillenpharmvip.com/
http://www.relationship-questionnaire.info/
http://www.rx-epharm.com/
http://www.rx-feeds.com/
http://www.rx-tab.com/
http://www.rx-tab.net/
http://www.rxtrue.com/
http://www.sdiscountpharmacy.com/
http://www.seiryokudo.com/
http://www.shl-partners.com/
http://www.shop-ed.net/
http://www.shop-viagra.net/
http://www.unitedtabs.com/
http://www.viagracheapusa.com/
http://www.viagramarkt.com/
http://www.viagrausaonline.com/
http://www.yorutomogaido.com/
http://yorutomogaido.com/
Add another to RBN’s list of supported ISPs such as FeBox to their attempted issue to prevent removal, and so a new domain has been issued, although this site is listed on the Forums, it is still currently not listed here where it needs to be reported on but,
The domain is american-pharmacy.us, here is it’s info, maybe different format due to it being Network Solutions, plus it has NO status info which makes it impossible to report,
DNS servers
ns44.mediacatch.com
ns43.mediacatch.com
Answer records
american-pharmacy.us MX preference: 0
exchange: american-pharmacy.us
300s
american-pharmacy.us SOA server: ns43.mediacatch.com
email: krypton@alerts.mediacatch.com
serial: 2011052101
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s
american-pharmacy.us NS ns43.mediacatch.com 86400s
american-pharmacy.us NS ns44.mediacatch.com 86400s
american-pharmacy.us A 204.15.12.89 300s
Authority records
Additional records
american-pharmacy.us A 204.15.12.89 300s
All Whois Info but with no Status check,
Domain Name: AMERICAN-PHARMACY.US
Domain ID: D32793776-US
Sponsoring Registrar: .US REGISTRAR L.L.C.
Registrar URL (registration services): http://www.networksolutions.com
Domain Status: clientTransferProhibited
Registrant ID: 42976861
Registrant Name: Darren Stien
Registrant Organization: Darren Stien
Registrant Address1: 26 Wiley Scott Rd
Registrant City: Jay
Registrant State/Province: FL
Registrant Postal Code: 32565
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.8277817818
Registrant Email: halanomany@hotmail.com
Registrant Application Purpose: P4
Registrant Nexus Category: C21
Administrative Contact ID: 42976863
Administrative Contact Name: Darren Stien
Administrative Contact Address1: 26 Wiley Scott Rd
Administrative Contact City: Jay
Administrative Contact State/Province: FL
Administrative Contact Postal Code: 32565
Administrative Contact Country: United States
Administrative Contact Country Code: US
Administrative Contact Phone Number: +1.8277817818
Administrative Contact Email: halanomany@hotmail.com
Billing Contact ID: 42976863
Billing Contact Name: Darren Stien
Billing Contact Address1: 26 Wiley Scott Rd
Billing Contact City: Jay
Billing Contact State/Province: FL
Billing Contact Postal Code: 32565
Billing Contact Country: United States
Billing Contact Country Code: US
Billing Contact Phone Number: +1.8277817818
Billing Contact Email: halanomany@hotmail.com
Technical Contact ID: 42976863
Technical Contact Name: Darren Stien
Technical Contact Address1: 26 Wiley Scott Rd
Technical Contact City: Jay
Technical Contact State/Province: FL
Technical Contact Postal Code: 32565
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.8277817818
Technical Contact Email: halanomany@hotmail.com
Name Server: NS43.MEDIACATCH.COM
Name Server: NS44.MEDIACATCH.COM
Created by Registrar: .US REGISTRAR L.L.C.
Last Updated by Registrar: .US REGISTRAR L.L.C.
Domain Registration Date: Sat May 21 18:01:12 GMT 2011
Domain Expiration Date: Sun May 20 23:59:59 GMT 2012
Domain Last Updated Date: Sat May 21 19:01:07 GMT 2011
ISP Info,
NetRange: 204.15.8.0 – 204.15.15.255
CIDR: 204.15.8.0/21
OriginAS:
NetName: FEBOX-1
NetHandle: NET-204-15-8-0-1
Parent: NET-204-0-0-0-0
NetType: Direct Allocation
Comment: http://www.FeBox.com
RegDate: 2005-08-01
Updated: 2005-09-19
Ref: http://whois.arin.net/rest/net/NET-204-15-8-0-1
OrgName: FeBox LLC
OrgId: FEBOX
Address: 65 Cheyenne St
City: Tinton Falls
StateProv: NJ
PostalCode: 07712
Country: US
RegDate: 2005-06-22
Updated: 2008-10-04
Ref: http://whois.arin.net/rest/org/FEBOX
ReferralServer: rwhois://rwhois.febox.com:4321/
OrgNOCHandle: ATR16-ARIN
OrgNOCName: ARIN Technical Role
OrgNOCPhone: +1-908-517-5206
OrgNOCEmail: arin@febox.com
OrgNOCRef: http://whois.arin.net/rest/poc/ATR16-ARIN
OrgAbuseHandle: AAR30-ARIN
OrgAbuseName: ARIN Abuse Role
OrgAbusePhone: +1-908-517-5206
OrgAbuseEmail: abuse@febox.com
OrgAbuseRef: http://whois.arin.net/rest/poc/AAR30-ARIN
OrgTechHandle: ATR16-ARIN
OrgTechName: ARIN Technical Role
OrgTechPhone: +1-908-517-5206
OrgTechEmail: arin@febox.com
OrgTechRef: http://whois.arin.net/rest/poc/ATR16-ARIN
RTechHandle: ATR16-ARIN
RTechName: ARIN Technical Role
RTechPhone: +1-908-517-5206
RTechEmail: arin@febox.com
RTechRef: http://whois.arin.net/rest/poc/ATR16-ARIN
And this again is one of many ISPs that support the Russian Business Network’s operation in the US and UK, think they can make sites not look like scams or frauds.
Displaying items 1 to 21, out of a total of 21
http://canadapharmacy.tabletspills.com/
http://drugstore.purchasetabs.com/
http://drugstore365.org/
http://ed.purchasetabs.com/
http://eu.4saledrugs.com/
http://eurogenpills.com/
http://europharmas.com/
http://greatdrugstore.biz/
http://homehealthpharmacy.org/
http://n1drugs.com/
http://onlinechemist24.org/
http://pills4sex.eu/
http://purchasetabs.com/
http://requestpills.com/
http://securedrugstock.com/
http://securetablets.com/
http://theonlineclinics.com/
http://viagra.pillsshops.com/
http://www.greatdrugstore.biz/
http://www.purchasetabs.com/
http://you-nature.com/
Ok, we got more RBN Fresh meat and looks like the ZeuS Botnet on Zeus Tracker is once again on the reinfection and move again to produce more domains and name servers not listed on here, and yes They doubled timed on the Xrumer bots tonight for allbestlinks.info,
Domain info for http://www.medstore-online.com, something already listed over on your forums Scrub which RBN continues to DDoS at, also it appears they are partnered with http://www.securepaymentcart.com(Almost something out of QuickCartPro, but not related, but both have the same DNS Infomation,
DNS servers
ns4.webstechnologies.com
ns3.webstechnologies.com
Answer records
medstore-online.com MX preference: 10
exchange: mail.medstore-online.com
86400s
medstore-online.com TXT v=spf1 +a +mx -all 86400s
medstore-online.com SOA server: ns3.webstechnologies.com
email: webmaster@webmanagement.ag
serial: 1266314009
refresh: 10800
retry: 3600
expire: 604800
minimum ttl: 3600
86400s
medstore-online.com NS ns3.webstechnologies.com 86400s
medstore-online.com NS ns4.webstechnologies.com 86400s
medstore-online.com A 174.142.228.131 86400s
Additional records
mail.medstore-online.com A 174.142.228.131 86400s
ns3.webstechnologies.com A 67.205.124.79 86400s
ns4.webstechnologies.com A 67.205.104.25 86400s
Main Whois info,
Domain Name: MEDSTORE-ONLINE.COM
Registrar: MESH DIGITAL LIMITED
Whois Server: whois.meshdigital.com
Referral URL: http://domains.meshdigital.com
Name Server: NS3.WEBSTECHNOLOGIES.COM
Name Server: NS4.WEBSTECHNOLOGIES.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 22-oct-2010
Creation Date: 10-feb-2010
Expiration Date: 10-feb-2012
Additional Whois Info,
Registrar: Domainmonster.com
http://www.domainmonster.com/
The friendly future of domain name registration.
Domain Name: MEDSTORE-ONLINE.COM
Date Created: Wed 20-October-2010
Date Expires: Fri 10-February-2012
Nameserver: NS3.WEBSTECHNOLOGIES.COM
Nameserver: NS4.WEBSTECHNOLOGIES.COM
Registrant Name: Domainmonster.com Privacy Service
Registrant Company: Mesh Digital Ltd (Domainmonster.com)
Registrant Address: PO Box 1125
Registrant Address:
Registrant Address:
Registrant Address: Guildford
Registrant Address: Surrey
Registrant Address: GU1 9LU
Registrant Address: United Kingdom
Technical Name: Domainmonster.com Privacy Service
Technical Company: Mesh Digital Ltd (Domainmonster.com)
Technical Address: PO Box 1125
Technical Address:
Technical Address:
Technical Address: Guildford
Technical Address: Surrey
Technical Address: GU1 9LU
Technical Address: United Kingdom
Technical E-Mail: 41B4F47A-6F22-4F85-99A7-A4C32027C007@privatemonster.com
Technical Tel: +44.1483307528
Technical Fax: +44.1483304031
Administrative Name: Domainmonster.com Privacy Service
Administrative Company: Mesh Digital Ltd (Domainmonster.com)
Administrative Address: PO Box 1125
Administrative Address:
Administrative Address:
Administrative Address: Guildford
Administrative Address: Surrey
Administrative Address: GU1 9LU
Administrative Address: United Kingdom
Administrative E-Mail: 41B4F47A-6F22-4F85-99A7-A4C32027C007@privatemonster.com
Administrative Tel: +44.1483307528
Administrative Fax: +44.1483304031
And ISP Info,
NetRange: 174.142.0.0 – 174.142.255.255
CIDR: 174.142.0.0/16
OriginAS: AS32613
NetName: IWEB-BLK-06
NetHandle: NET-174-142-0-0-1
Parent: NET-174-0-0-0-0
NetType: Direct Allocation
Comment: Please use abuse@noc.privatedns.com for abuse issues.
RegDate: 2008-12-19
Updated: 2010-05-19
Ref: http://whois.arin.net/rest/net/NET-174-142-0-0-1
OrgName: iWeb Technologies Inc.
OrgId: GIT-20
Address: 20, place du Commerce
City: Montreal
StateProv: QC
PostalCode: H3E-1Z6
Country: CA
RegDate: 2003-11-06
Updated: 2008-10-04
Comment: http://www.iweb.com
Ref: http://whois.arin.net/rest/org/GIT-20
OrgNOCHandle: NETWO2356-ARIN
OrgNOCName: Network Administrator
OrgNOCPhone: +1-514-286-4242
OrgNOCEmail: net-admin@noc.privatedns.com
OrgNOCRef: http://whois.arin.net/rest/poc/NETWO2356-ARIN
OrgAbuseHandle: ABUSE1906-ARIN
OrgAbuseName: Abuse Coordinator
OrgAbusePhone: +1-514-286-4242
OrgAbuseEmail: abuse@noc.privatedns.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE1906-ARIN
OrgTechHandle: NETWO2356-ARIN
OrgTechName: Network Administrator
OrgTechPhone: +1-514-286-4242
OrgTechEmail: net-admin@noc.privatedns.com
OrgTechRef: http://whois.arin.net/rest/poc/NETWO2356-ARIN
And once again as part of the top 10 RBN hosted ISPs on the net, iWeb once again continues to evade all blacklistings to this date, as they feel they are more “Bullet-Proof” then what it really has become before hand, and that is a concern that RBN is paying the host Millions of dollars to keep online.
Displaying items 1 to 21, out of a total of 21
http://canadapharmacy.tabletspills.com/
http://drugstore.purchasetabs.com/
http://drugstore365.org/
http://ed.purchasetabs.com/
http://eu.4saledrugs.com/
http://eurogenpills.com/
http://europharmas.com/
http://greatdrugstore.biz/
http://homehealthpharmacy.org/
http://n1drugs.com/
http://onlinechemist24.org/
http://pills4sex.eu/
http://purchasetabs.com/
http://requestpills.com/
http://securedrugstock.com/
http://securetablets.com/
http://theonlineclinics.com/
http://viagra.pillsshops.com/
http://www.greatdrugstore.biz/
http://www.purchasetabs.com/
http://you-nature.com/
RBN with Partner RxCash are back, and of course still no shutdown of allbestlinks.info and root.lu(like this country loves to serve for the Russian Business Network “Partnerka”,
Domain this time, http://www.trustgeneric4u.com,
DNS servers
ns12.dnsmadeeasy.com
ns10.dnsmadeeasy.com
ns13.dnsmadeeasy.com
ns14.dnsmadeeasy.com
ns11.dnsmadeeasy.com
ns15.dnsmadeeasy.com
Answer records
trustgeneric4u.com A 91.221.222.1 1800s
trustgeneric4u.com SOA server: ns10.dnsmadeeasy.com
email: dns@dnsmadeeasy.com
serial: 2009010108
refresh: 43200
retry: 3600
expire: 1209600
minimum ttl: 180
86400s
trustgeneric4u.com NS ns11.dnsmadeeasy.com 86400s
trustgeneric4u.com NS ns15.dnsmadeeasy.com 86400s
trustgeneric4u.com NS ns13.dnsmadeeasy.com 86400s
trustgeneric4u.com NS ns14.dnsmadeeasy.com 86400s
trustgeneric4u.com NS ns12.dnsmadeeasy.com 86400s
trustgeneric4u.com NS ns10.dnsmadeeasy.com 86400s
Main Whois Info,
Domain Name: TRUSTGENERIC4U.COM
Registrar: MONIKER ONLINE SERVICES, INC.
Whois Server: whois.moniker.com
Referral URL: http://www.moniker.com
Name Server: NS10.DNSMADEEASY.COM
Name Server: NS11.DNSMADEEASY.COM
Name Server: NS12.DNSMADEEASY.COM
Name Server: NS13.DNSMADEEASY.COM
Name Server: NS14.DNSMADEEASY.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 06-oct-2010
Creation Date: 06-oct-2010
Expiration Date: 06-oct-2011
Additional Whois Info,
Domain Name: TRUSTGENERIC4U.COM
Registrar: MONIKER
Registrant [3200998]:
Moniker Privacy Services TRUSTGENERIC4U.COM@monikerprivacy.net
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Administrative Contact [3200998]:
Moniker Privacy Services TRUSTGENERIC4U.COM@monikerprivacy.net
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155
Billing Contact [3200998]:
Moniker Privacy Services TRUSTGENERIC4U.COM@monikerprivacy.net
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155
Technical Contact [3200998]:
Moniker Privacy Services TRUSTGENERIC4U.COM@monikerprivacy.net
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155
Domain servers in listed order:
NS10.DNSMADEEASY.COM
NS11.DNSMADEEASY.COM
NS12.DNSMADEEASY.COM
NS13.DNSMADEEASY.COM
NS14.DNSMADEEASY.COM
Record created on: 2010-10-06 10:59:55.0
Database last updated on: 2010-10-06 11:05:55.147
Domain Expires on: 2011-10-06 10:59:55.0
ISP Whois Info,
inetnum: 91.221.222.0 – 91.221.223.255
netname: MOEGO-NET
descr: Moego Holdings Limited
country: US
org: ORG-MH14-RIPE
admin-c: SL5631-RIPE
tech-c: SL5631-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: PUREPEAK-MNT-US
mnt-routes: PUREPEAK-MNT-US
mnt-domains: PUREPEAK-MNT
notify: hostmaster@purepeak.com
changed: hostmaster@ripe.net 20101223
source: RIPE
organisation: ORG-MH14-RIPE
org-name: Moego Holdings Limited
org-type: OTHER
address: 16 Zinas Kanther St. Nicosia, Cyprus.
e-mail: shanelevi@gmail.com
mnt-ref: PUREPEAK-MNT-US
mnt-by: PUREPEAK-MNT-US
changed: hostmaster@purepeak.com 20101111
source: RIPE
person: Shane Levi
e-mail: shanelevi@gmail.com
address: 16 Zinas Kanther st., Karantoki Building, 7th floor, P.C 1065, Nicosia, Cyprus
phone: +35718889200530
nic-hdl: SL5631-RIPE
changed: hostmaster@purepeak.com 20101201
source: RIPE
mnt-by: PUREPEAK-MNT-US
% Information related to ‘91.221.222.0/24AS20645’
route: 91.221.222.0/24
descr: PUREPEAK
origin: AS20645
mnt-by: PUREPEAK-MNT
changed: hostmaster@purepeak.com 20101226
source: RIPE
Purepeak, another in the top 10 ISPs that RBN uses to host their pharma and ZeuS botnet rootkits to keep them from shutting them down, more reasons the US is failing due to Russia is bribing them to make the internet Russia’s own.
Sites on IP 88.80.6.219
Displaying items 1 to 100, out of a total of 100
http://101generic.com/
http://99brands.com/
http://acaieffect.com/
http://besterectiledysfunctionsolutions.com/
http://cheaprxdeals.com/
http://de-onlinesupport.com/
http://de-pillenpharm.com/
http://direct-meds-mall.com/
http://drug-konbini.com/
http://easy-regime.com/
http://ezmedz.info/
http://fr-onlinesupport.com/
http://get-natural.com/
http://it-onlinesupport.com/
http://jp-health-life.com/
http://jp-health-site.com/
http://jp-onlinesupport.com/
http://kenkoclinic.com/
http://kenkoclinik.com/
http://kenkoh-clinic.com/
http://kenkoh-clinik.com/
http://kenkohclinic.com/
http://kenkohclinik.com/
http://kenkou-clinik.com/
http://lidaezweightloss.com/
http://mall4uonline.com/
http://medicfarmvip.com/
http://morepharm.com/
http://mundofarm.com/
http://nwdrf.com/
http://onweb-payment.com/
http://pillenpharmvip.com/
http://pillsland.com/
http://pillsmed.net/
http://premiummedz.com/
http://private-magazine.biz/
http://rx-tablet.com/
http://rxaffs.com/
http://solidverification.com/
http://thebestdietshop.com/
http://topspot365.com/
http://treat-stress.com/
http://trustgeneric4u.com/
http://uk-onlinesupport.com/
http://verifiedbilling.com/
http://verify-sale.com/
http://viagramarkt.com/
http://vt-onweb.com/
http://vt-payment.com/
http://vterminal-onweb.com/
http://www.acaieffect.com/
http://www.besterectiledysfunctionsolutions.com/
http://www.billforcash.com/
http://www.cheaprxdeals.com/
http://www.christmasmeds4u.com/
http://www.de-onlinesupport.com/
http://www.de-pillenpharm.com/
http://www.direct-meds-mall.com/
http://www.drug-konbini.com/
http://www.easy-regime.com/
http://www.fr-onlinesupport.com/
http://www.get-natural.com/
http://www.it-onlinesupport.com/
http://www.jmen-fashion.com/
http://www.jp-health-life.com/
http://www.jp-health-site.com/
http://www.jp-onlinesupport.com/
http://www.kenkoclinik.com/
http://www.kenkoh-clinic.com/
http://www.kenkoh-clinik.com/
http://www.kenkohclinic.com/
http://www.kenkohclinik.com/
http://www.kenkou-clinik.com/
http://www.lidaezweightloss.com/
http://www.mall4uonline.com/
http://www.medicfarmvip.com/
http://www.morepharm.com/
http://www.mundofarm.com/
http://www.nwdrf.com/
http://www.onweb-payment.com/
http://www.pillsland.com/
http://www.pillsmed.net/
http://www.premiummedz.com/
http://www.private-magazine.biz/
http://www.rx-tablet.com/
http://www.rxaffs.com/
http://www.safety-pay.com/
http://www.solidverification.com/
http://www.thebestdietshop.com/
http://www.topspot365.com/
http://www.treat-stress.com/
http://www.trustgeneric4u.com/
http://www.uk-onlinesupport.com/
http://www.verifiedbilling.com/
http://www.verify-sale.com/
http://www.vipmedz.com/
http://www.vipmedzstore.com/
http://www.vt-onweb.com/
http://www.vt-payment.com/
http://www.vterminal-onweb.com/
End of list.
Ah yes, when new ZeuS related botnets get created, not shown on Spamhaus but when they get reports of Comment spammers, then that is where a new RBN Pharma domain has been added to allbestlinks.info and to ipahere.com,
RBN’s choice of domain this time, http://www.eztramadol.com
DNS servers
ns2.udns.in
ns1.udns.in
Answer records
eztramadol.com MX preference: 0
exchange: eztramadol.com
14400s
eztramadol.com SOA server: ns1.udns.in
email: abuse@underhost.com
serial: 2011062701
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s
eztramadol.com NS ns1.udns.in 86400s
eztramadol.com NS ns2.udns.in 86400s
eztramadol.com A 93.190.141.115 14400s
Authority records
Additional records
eztramadol.com A 93.190.141.115 14400s
ns1.udns.in A 93.190.141.115 14400s
ns2.udns.in A 93.190.141.116 14400s
Main Whois Info,
Domain Name: EZTRAMADOL.COM
Registrar: WEB COMMERCE COMMUNICATIONS LIMITED DBA WEBNIC.CC
Whois Server: whois.webnic.cc
Referral URL: http://www.webnic.cc
Name Server: NS1.UDNS.IN
Name Server: NS2.UDNS.IN
Status: ok
Updated Date: 11-jul-2011
Creation Date: 18-jun-2008
Expiration Date: 18-jun-2013
Additional Whois Info,
Domain: eztramadol.com
Status: Active
DNS:
ns1.udns.in
ns2.udns.in
Created: 2008-06-19 02:36:56
Expires: 2013-06-19 02:36:56
Last Modified: 2010-07-29 13:04:37
Registrant Contact:
Katz Global Domain Name Trust
Privacy Protected Domain Name Domain Proxy Center (domaintrust@katzglobal.com)
32 Maxwell Road #03-07 c/o
SC, Singapore, sg 069115
P: +65.67228356 F: +65.67258021
Administrative Contact:
Katz Global Domain Name Trust
Privacy Protected Domain Name Domain Proxy Center (domaintrust@katzglobal.com)
32 Maxwell Road #03-07 c/o
SC, Singapore, sg 069115
P: +65.67228356 F: +65.67258021
Technical Contact:
Katz Global Domain Name Trust
Privacy Protected Domain Name Domain Proxy Center (domaintrust@katzglobal.com)
32 Maxwell Road #03-07 c/o
SC, Singapore, sg 069115
P: +65.67228356 F: +65.67258021
Billing Contact:
Katz Global Domain Name Trust
Privacy Protected Domain Name Domain Proxy Center (domaintrust@katzglobal.com)
32 Maxwell Road #03-07 c/o
SC, Singapore, sg 069115
P: +65.67228356 F: +65.67258021
Traditional Privacy Protection, to mae sure they don’t spot the RBN’s members who happened to be connected to ChronoPay.
ISP info,
inetnum: 93.190.141.0 – 93.190.141.255
netname: WORLDSTREAM
descr: WorldStream IPv4.6
country: NL
admin-c: WS1670-RIPE
tech-c: WS1670-RIPE
status: ASSIGNED PA
mnt-by: MNT-WORLDSTREAM
mnt-domains: MNT-WORLDSTREAM
changed: info@worldstream.nl 20081022
source: RIPE
role: WORLDSTREAM DBM
address: Honderdland 111F
address: 2676LT Maasdijk
phone: +31174712117
fax-no: +31174512310
e-mail: info@worldstream.nl
admin-c: DV1495-RIPE
tech-c: DV1495-RIPE
nic-hdl: WS1670-RIPE
mnt-by: MNT-WORLDSTREAM
changed: info@worldstream.nl 20080515
source: RIPE
% Information related to ‘93.190.140.0/22AS49981’
route: 93.190.140.0/22
descr: CUSTOMERPANEL-BLK-93-190-140-0
origin: AS49981
remarks: ————————————————
remarks: Abuse notifications to: abuse@worldstream.nl
remarks: ————————————————
mnt-by: MNT-WORLDSTREAM
changed: info@worldstream.nl 20091208
source: RIPE
The site itself is a simple page, more likely to try to get those scam sites and Blacklisting sites to avoid making it a bad site if I say so myself.
Well I have 2 sites that seem to make me wonder why RBN is impossible to stop their operation, one is a new Pharma Domain they have obtained by both Botnet infection and due to a new free host that has hardly any information on the hosting site, the hosting site is wehostwebsites.com, providing RBN Pharma Domain http://www.us-onlinepharmacy.net,
Main DNS Info,
DNS servers
ns102.mschosting.com
ns101.mschosting.com
Answer records
us-onlinepharmacy.net MX preference: 0
exchange: us-onlinepharmacy.net
14400s
us-onlinepharmacy.net SOA server: ns101.mschosting.com
email: abuse@mschosting.com
serial: 2011022103
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s
us-onlinepharmacy.net NS ns101.mschosting.com 86400s
us-onlinepharmacy.net NS ns102.mschosting.com 86400s
us-onlinepharmacy.net A 72.18.130.164 14400s
Authority records
Additional records
us-onlinepharmacy.net A 72.18.130.164 14400s
ns101.mschosting.com A 110.4.45.4 14400s
ns102.mschosting.com A 72.18.132.245 14400s
Main Whois Info,
Domain Name: US-ONLINEPHARMACY.NET
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Name Server: NS101.MSCHOSTING.COM
Name Server: NS102.MSCHOSTING.COM
Status: clientTransferProhibited
Updated Date: 26-feb-2011
Creation Date: 15-oct-2010
Expiration Date: 15-oct-2011
Additional Whois Info not available due to apparently I guess RBN has some how DDoSed logicboxes.com’s Whois lookup system making it unavailable for everyone in order for them to be protected from DNS lookup sites, more reasons where they are starting to get even more persistant for us to not have a valid reason to shut them down and the Country’s Operation,
ISP info,
NetRange: 72.18.128.0 – 72.18.159.255
CIDR: 72.18.128.0/19
OriginAS:
NetName: NET-WEHOST-1
NetHandle: NET-72-18-128-0-1
Parent: NET-72-0-0-0-0
NetType: Direct Allocation
RegDate: 2004-11-29
Updated: 2006-08-24
Ref: http://whois.arin.net/rest/net/NET-72-18-128-0-1
OrgName: WeHostWebSites.com
OrgId: WEHOST-1
Address: 1801 California Street
Address: Suite 240
City: Denver
StateProv: CO
PostalCode: 80202
Country: US
RegDate: 2002-04-17
Updated: 2009-08-13
Ref: http://whois.arin.net/rest/org/WEHOST-1
ReferralServer: rwhois://rwhois.wehostwebsites.com:4321
OrgTechHandle: ZZ4166-ARIN
OrgTechName: operations, network
OrgTechPhone: +1-303-414-6910
OrgTechEmail: noc@wehostwebsites.com
OrgTechRef: http://whois.arin.net/rest/poc/ZZ4166-ARIN
OrgAbuseHandle: ABUSE1191-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-303-414-6910
OrgAbuseEmail: abuse@wehostwebsites.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE1191-ARIN
OrgNOCHandle: ZZ4166-ARIN
OrgNOCName: operations, network
OrgNOCPhone: +1-303-414-6910
OrgNOCEmail: noc@wehostwebsites.com
OrgNOCRef: http://whois.arin.net/rest/poc/ZZ4166-ARIN
RTechHandle: ZZ4166-ARIN
RTechName: operations, network
RTechPhone: +1-303-414-6910
RTechEmail: noc@wehostwebsites.com
RTechRef: http://whois.arin.net/rest/poc/ZZ4166-ARIN