by SueShe3
Fri Jan 01, 2016 11:55 pm
I have been receiving emails that appear to be from Walgreens for months, perhaps more than a year. Fortunately, I became suspicious before clicking on anything in the emails because I was certain I had not registered with Walgreens, plus only my email address/screen name appeared in the emails - if I had registered with them they would have addressed me by my real name. For a while I was blocking the domain from sending me emails until I realized each of the emails has a different domain associated with it. I haven't clicked on any of the emails to see where they would lead or what the "catch" is to allegedly receive a $50 gift-card since there are many red flags within the email text, but I decided to do a little more investigating. Although I didn't find a name associated with the domains, the address listed in the who-is data of the 2 most recent emails is the same address listed for other scams exposed on Scamwarners. The originating IP in the headers is apparently forged? The domain IP for both nonkeys.com and pelliam.com is 185.66.136.254 and is located in Romania.
Email header analysis for both emails by IPtrackeronline:
Who-is data from whoismind.com
Email header analysis for both emails by IPtrackeronline:
Originating Info
Originating IP address: 48.210.18.196
Originating hostname: 48.210.18.196
Originating Organization: The Prudential Insurance Company Of America
Originating Country: United States
Originating City: Newark
Email info
From: "Walgreens" <[email protected]>
Originating Email address: [email protected]
Date Sent: Fri, 01 Jan 2016 00:04:39 -0800
Message ID
Geographical Info
Continent: North America
Latitude: 40.7355
Longitude: -74.1741
Time zone: America/New_York
Originating Info
Originating IP address: 48.19.136.17
Originating hostname: 48.19.136.17
Originating Organization: The Prudential Insurance Company Of America
Originating Country: United States
Originating City: Newark
Email info
From: "Walgreens" <[email protected]>
Originating Email address: [email protected]
Date Sent: Thu, 31 Dec 2015 01:53:20 -0800
Message ID
Geographical Info
Continent: North America
Latitude: 40.7355
Longitude: -74.1741
Time zone: America/New_York
Who-is data from whoismind.com
Updated Date: 02-dec-2015
Creation Date: 02-dec-2015
Expiration Date: 02-dec-2016
Whois data:
Protect My Privacy Domain Name: NONKEYS.COM
Registry Domain ID: 1985251959_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2015-12-02T11:34:29.00Z
Creation Date: 2015-12-02T19:34:00.00Z
Registrar Registration Expiration Date: 2016-12-02T19:34:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Reseller: NAMECHEAP.COM
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: WHOISGUARD PROTECTED
Registrant Organization: WHOISGUARD, INC.
Registrant Street: P.O. BOX 0823-03411
Registrant City: PANAMA
Registrant State/Province: PANAMA
Registrant Postal Code: 00000
Registrant Country: PA
Registrant Phone: +507.8365503
Registrant Phone Ext:
Registrant Fax: +51.17057182
Registrant Fax Ext:
Registrant Email: email
Registry Admin ID:
Admin Name: WHOISGUARD PROTECTED
Admin Organization: WHOISGUARD, INC.
Admin Street: P.O. BOX 0823-03411
Admin City: PANAMA
Admin State/Province: PANAMA
Admin Postal Code: 00000
Admin Country: PA
Admin Phone: +507.8365503
Admin Phone Ext:
Admin Fax: +51.17057182
Admin Fax Ext:
Admin Email: email
Registry Tech ID:
Tech Name: WHOISGUARD PROTECTED
Tech Organization: WHOISGUARD, INC.
Tech Street: P.O. BOX 0823-03411
Tech City: PANAMA
Tech State/Province: PANAMA
Tech Postal Code: 00000
Tech Country: PA
Tech Phone: +507.8365503
Tech Phone Ext:
Tech Fax: +51.17057182
Tech Fax Ext:
Tech Email: email
Updated Date: 02-dec-2015
Creation Date: 02-dec-2015
Expiration Date: 02-dec-2016
Whois data:
Protect My Privacy Domain Name: PELLIAM.COM
Registry Domain ID: 1985251821_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: http://www.enom.com
Updated Date: 2015-12-02T11:34:25.00Z
Creation Date: 2015-12-02T19:34:00.00Z
Registrar Registration Expiration Date: 2016-12-02T19:34:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Reseller: NAMECHEAP.COM
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: WHOISGUARD PROTECTED
Registrant Organization: WHOISGUARD, INC.
Registrant Street: P.O. BOX 0823-03411
Registrant City: PANAMA
Registrant State/Province: PANAMA
Registrant Postal Code: 00000
Registrant Country: PA
Registrant Phone: +507.8365503
Registrant Phone Ext:
Registrant Fax: +51.17057182
Registrant Fax Ext:
Registrant Email: email
Registry Admin ID:
Admin Name: WHOISGUARD PROTECTED
Admin Organization: WHOISGUARD, INC.
Admin Street: P.O. BOX 0823-03411
Admin City: PANAMA
Admin State/Province: PANAMA
Admin Postal Code: 00000
Admin Country: PA
Admin Phone: +507.8365503
Admin Phone Ext:
Admin Fax: +51.17057182
Admin Fax Ext:
Admin Email: email
Registry Tech ID:
Tech Name: WHOISGUARD PROTECTED
Tech Organization: WHOISGUARD, INC.
Tech Street: P.O. BOX 0823-03411
Tech City: PANAMA
Tech State/Province: PANAMA
Tech Postal Code: 00000
Tech Country: PA
Tech Phone: +507.8365503
Tech Phone Ext:
Tech Fax: +51.17057182
Tech Fax Ext:
Tech Email: email
Walgreens <[email protected]> Dec 31 at 4:53 AM
To
<snipped>
Message body
<snipped>, You Won! December 30th Draw $50.00 from Walgreens!
[IMAGE]
If you cannot click the link above, Copy & Paste this link:
http://pelliam.c om/ neyJjIjogMjkzNTIsICJmIjogMCwgIm0iOiAyNTM0MiwgImwiOiAxOSwgInMiOiAwLCAidSI6IDk4MjQ0ODk4LCAidCI6IDEsICJzZCI6IDB9 Disabled link MW
