Spam Alert
 
 Full Report: /International_Legal_RX_Medications_spam213055.html
 
 Changed status to confirmed spam.

igfijdib.com is one of the sites for the spam operation, "International Legal Rx Medications." This site and its spam are violating US law:
* It offers Provigil and sometimes Meridia, Valium, Xanax, and Ambien, which are federal contolled substances, without prescription. Xanax in particular has high street value.
* Its site advertises generic versions of drugs like Viagra which are still under patent protection. Therefore, any generics are by definition counterfeit.
* Its site includes "certificates" claiming endorsement from the Better Business Bureau and Verisign. As noted in the report on its sister site, My Canadian Pharmacy at http://www.spamtrackers.eu/wiki/index.php?title=My_Canadian_Pharmacy , all of these claims are outright falsehoods and violations of these agencies' trademarks. See also the BBB alert at http://www.saltlakecity.bbb.org/commonreport.html?bid=22009992
* It lists a fraudulent US address of "Pharmacy Corp., 1916 North Church Street, Layton, UT 84040" This is the address of the Adams Acres Sodding Farm, not likely to be sharing office space with an international pharmacy. See http://www.spamtrackers.eu/wiki/index.php?title=International_Legal_RX
* There is doubt whether they actually sell anything; the website may only be collecting credit card numbers.
* It violates US law by offering drugs for sale to US residents that they may not legally import from pharmacies outside the US, and it offers them for sale without prescription. See http://www.fda.gov/oc/buyonline/faqs.html
* It offers for sale to US residents drugs that have not been approved by the FDA for sale in the US, like rimonabant.
* Its site offers for sale antiepileptic medications like Neurontin, Depakote, Lamictal, Trileptal, Keppra, and Topamax. Given the documented fact that even when spamvertised pharmacies deliver medications, they are subpotent or completely inactive about half the time, well-controlled epileptics taking these pills could have seizures while driving, causing an accident that could kill or seriously injure themselves or others, or at very least, lead to loss of their drivers' licenses.
* Its site offers for sale anticancer agents like casodex and nolvadex. Again, even when spamvertised pharmacies deliver medications, they are subpotent or completely inactive about half the time. The first indication people taking these medications would have that they are taking inactive drug would be recurrence of their cancers.
* Its site offers for sale antibiotics like Levaquin, Amoxicillin, Augmentin, Cipro, Zithromax, and Suprax. As International Legal Rx Medications does not even claim to offer overnight delivery, the only reason to order these drugs without prescription from a pharmacy that takes weeks to deliver (if it ever delivers at all), is to keep it at home "just in case." As most people are unaware that viral illnesses do not respond to antibiotics, are not aware of which organisms are most likely to cause which infections nor which antibiotics will cover those organisms, and do not have the ability to perform culture and sensitivity testing to confirm empiric treatment, this practice is highly likely to select for drug resistant organisms like CA-MRSA (community acquired methicillin resistant staphylococcus aureus, a particularly aggressive variety of staph that causes recurrent skin boils and has a 50% mortality when it causes pneumonia). As Cipro and Levaquin also have anti-tubercular activity, their use can select for drug resistant tuberculosis. Extended drug resistant mycobacterium tuberculosis (XDR-TB) is extracting nearly 100% mortality in South Africa at present.
* Its site offers for sale Coumadin, a narrow therapeutic index drug that requires very frequent blood testing to determing the correct dose, and continued monitoring to readjust dose due to interactions with food and other medications. The consequence of too much OR too little can be stroke or death.
* Its site offers for sale major antipsychotic medications like Seroquel, Abilify, and Risperdal. In addition to the fact that inactive drug could cause a patient to relapse, leading to consequences like loss of employment, even if these pills contain real medication and the correct quantity of real medication, they are only sold by prescription because patients taking them must be monitored for possible side effects like diabetes.
* Its site offers for sale the fertility medication clomid which carries the risk of multiple pregnancy, visual disturbances, and ovarian tumors, especially if used in excess.
* Their spam messages violate the CAN-SPAM act because they have forged "from" and "reply to" addresses, are sent from hijacked computers without the knowledge or permission of the owners, do not include valid information identifying who has sent the spam or how to opt out, and do not honor opt-out requests on their websites. Addresses are collected by bots spidering the internet for email addresses.
* Sites in this spam family (My Canadian Pharmacy, International "Legal" Rx, Canadian Health&Care Mall, Men+ Health, US Drugs, VIP Pharmacy/"Viagra+Cialis") utilize hijacked Unix servers using the tirqd trojan. See:
http://www.spamtrackers.eu/wiki/index.php?title=My_Canadian_Pharmacy#The_tirqd_Unix_infection
* In each case in which this reporter was able to contact the person named in the whois information in the domain registration of one of these sites, that person denied having any knowledge of his/her personal information being used to register any domains. Some victims had already been aware of fraudulent charges on their credit cards for domain registrations. See documentation at http://spamtrackers.eu/wiki/index.php?title=Fake_bulker.biz/yambo_whois
In this case I spoke by phone with the person whose name, address, and phone were used to register this site and confirmed that it was done without her knowledge or permission.

Online prices for warfarin 5mg x 90 tabs (generic coumadin, a blood thinner) on 4/13/08:
Rite Aid (drugstore.com): US $35
International Legal Rx Medications US $227

The only reason for someone to order warfarin via an illegal pharmacy is to avoid having to see a doctor and get blood tests done to obtain a prescription. Warfarin is derived from a natural compound and has a complex metabolism and many food/drug interactions. Not only is there a very narrow range between the dose that prevents clots and the dose that causes excessive bleeding, the dose is different from person to person and even varies at different times for the same person. There is an extremely high risk of someone having complications like bleeding or strokes if he/she is not getting regular blood tests to check whether the dosage needs to be changed.

SiteAdvisor review at http://www.siteadvisor.com/sites/igfijdib.com

igfijdib.com is located at IP address 218.21.90.7
but loads images from port 8080 of five of the following servers:
http://116.228.7.35:8080/legalrx/images/logo.gif
http://193.165.209.3:8080/legalrx/images/logo.gif
http://193.231.163.125:8080/legalrx/images/logo.gif
http://203.24.211.11:8080/legalrx/images/logo.gif
http://62.168.101.112:8080/legalrx/images/logo.gif
http://83.148.186.142:8080/legalrx/images/logo.gif
http://84.253.77.6:8080/legalrx/images/logo.gif

Nameservers:
Generated by www.DNSstuff.com at 00:19:19 GMT on 25 Aug 2008.
ns1.seaportative.ru [60.249.77.35] 218.21.90.7
ns2.brendadnstest.com [210.47.0.50] 218.21.90.7



Spamhaus data on these IP addresses:
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL57599
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL67135
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL63807
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL65702
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL64072

IP Converted: 218.21.90.7

dword = 3658832391
hex1 = 0xda155a07
hex2 = 0xda.0x15.0x5a.0x7
oct = 0332.025.0132.07
IP Converted: 116.228.7.35

dword = 1961101091
hex1 = 0x74e40723
hex2 = 0x74.0xe4.0x7.0x23
oct = 0164.0344.07.043
View CIDR AS4134 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4134

"4134 | CN | apnic | 2002-08-01 | CHINANET-BACKBONE No.31,Jin-rong Street"<br />
Extended information for AS4134:
State/Province:
Country: cn
Responsible Domain: chinanet.cn.net
Abuse Email: cncert@cert.org.cn
IP Converted: 193.165.209.3

dword = 3248869635
hex1 = 0xc1a5d103
hex2 = 0xc1.0xa5.0xd1.0x3
oct = 0301.0245.0321.03
View CIDR AS4812 Report: http://www.cidr-report.org/cgi-bin/as-report?as=4812

"4812 | CN | apnic | 1996-01-09 | CHINANET-SH-AP China Telecom (Group)"<br />
Extended information for AS4812:
State/Province:
Country: cn
Responsible Domain: chinanet.cn.net
Abuse Email: cncert@cert.org.cn
IP Converted: 193.231.163.125

dword = 3253183357
hex1 = 0xc1e7a37d
hex2 = 0xc1.0xe7.0xa3.0x7d
oct = 0301.0347.0243.0175
View CIDR AS5407 Report: http://www.cidr-report.org/cgi-bin/as-report?as=5407

"5407 | EU | ripencc | 1995-08-17 | SKYNET-CZ SkyNet, a.s. / www.skynet.cz"<br />
Extended information for AS5407:
State/Province:
Country: cz
Responsible Domain: skynet.cz
Abuse Email: postmaster@skynet.cz
IP Converted: 203.24.211.11

dword = 3407401739
hex1 = 0xcb18d30b
hex2 = 0xcb.0x18.0xd3.0xb
oct = 0313.030.0323.013
View CIDR AS6746 Report: http://www.cidr-report.org/cgi-bin/as-report?as=6746

"6746 | RO | ripencc | 1996-08-21 | ASTRAL ASTRAL Telecom SA, Romania"<br />
Extended information for AS6746:
State/Province:
Country: ro
Responsible Domain: astral.ro
Abuse Email: abuse@astral.ro
IP Converted: 62.168.101.112

dword = 1051223408
hex1 = 0x3ea86570
hex2 = 0x3e.0xa8.0x65.0x70
oct = 076.0250.0145.0160
View CIDR AS10143 Report: http://www.cidr-report.org/cgi-bin/as-report?as=10143

"10143 | AU | apnic | 2004-04-01 | EXETEL-AS-AP Exetel Pty Ltd"<br />
Extended information for AS10143:
State/Province:
Country: au
Responsible Domain: onet.com.au
Abuse Email: stevew@onet.com.au
IP Converted: 83.148.186.142

dword = 1402256014
hex1 = 0x5394ba8e
hex2 = 0x53.0x94.0xba.0x8e
oct = 0123.0224.0272.0216
View CIDR AS5578 Report: http://www.cidr-report.org/cgi-bin/as-report?as=5578

"5578 | CZ | ripencc | 1996-03-18 | GTS-SK-AS GTS Nextra a.s."<br />
Extended information for AS5578:
State/Province:
Country: sk
Responsible Domain: gtsi.sk
Abuse Email: abuse@gtsi.sk
IP Converted: 84.253.77.6

dword = 1425886470
hex1 = 0x54fd4d06
hex2 = 0x54.0xfd.0x4d.0x6
oct = 0124.0375.0115.06
View CIDR AS20500 Report: http://www.cidr-report.org/cgi-bin/as-report?as=20500

"20500 | GB | ripencc | 2001-03-15 | GRIFFIN Griffin Internet European Network"<br />
Extended information for AS20500:
State/Province:
Country: uk
Responsible Domain: griffin.net.uk
Abuse Email: postmaster@griffin.net.uk
View CIDR AS8629 Report: http://www.cidr-report.org/cgi-bin/as-report?as=8629

"8629 | RU | ripencc | 1998-01-22 | MCNTT-AS MCNTT Autonomous System"<br />
Extended information for AS8629:
State/Province:
Country: ru
Responsible Domain: ntt.ru
Abuse Email: postmaster@ntt.ru
Generated and sent email spam alert to respective parties.