dateritme.ru – More Russian Dating Scammers and Spammers

I get a lot of spam. Predictably much of it Russian bride related. However, these clowns are spamming one of our site addresses.

Not just the odd one either. I am getting several a day from all different addresses. But they all point to the same site: dateritme.ru

So, it narked me off deleting this crap (which passes the spam filters incidentally) and I spent 5 minutes researching them.

Here is another one I got just now:

Hello dear, do you remember how we communicated with you? Long ago you could not see, I am Marina – with Russia, do you remember me? “Come to my page – let’s talk, I’m waiting!
dateritme.ru

Rocket science it isn’t. But, it is worth noting for the benefit of Googlers.

So here is the data:

Header Analysis Quick Report
Originating IP: 81.3.27.99
Originating ISP: Hostway Deutschland GmbH
City: n/a
Country of Origin: Germany

It appears to come from Germany, but in there also is this IP in the headers: 46.100.166.212 which originates in Iran. Neither IP shows a city, so I am thinking they are likely just spamming proxies.

The reply email address is: allison.lewin@keller-verlag.de – again German. The domain keller-verlag.de traces to this:

Domain: keller-verlag.de
Nserver: ns1.s-dns.de
Nserver: ns2.s-dns.de
Status: connect
Changed: 2008-02-12T22:13:29+01:00
[Tech-C]
Type: PERSON
Name: Edeltraud Kreft
Address: THUECOM Medien GmbH
Address: Zittauer Str. 30
PostalCode: 99091
City: Erfurt
CountryCode: DE
Phone: +49 361 730 8800
Fax: +49 361 730 8820
Email:
Changed: 2001-10-05T19:18:36+02:00
[Zone-C]
Type: PERSON
Name: Edeltraud Kreft
Address: THUECOM Medien GmbH
Address: Zittauer Str. 30
PostalCode: 99091
City: Erfurt
CountryCode: DE
Phone: +49 361 730 8800
Fax: +49 361 730 8820
Email: kreft@thuecom.de[/quote]
The domain dateritme.ru only gives us this:
[quote]domain: DATERITME.RU
nserver: ns1.reg.ru.
nserver: ns2.reg.ru.
state: REGISTERED, DELEGATED, UNVERIFIED
person: Private Person
e-mail: audrawajmi@mail.com
registrar: REGRU-REG-RIPN
created: 2011.10.15
paid-till: 2012.10.15
source: TCI

That is a commercial site pretending to be a private individual.

The site dateritme.ru is hosted in Turkey at 31.210.103.7

The name “audrawajmi” doesn’t sound either Russian or German. Turkish or Iranian? Maybe. So dateritme.ru is a Russian domain, with the owners ID falsely withheld, hosted in Turkey, likely operated from Germany by Turks or Iranians.

Not the best place to seek out a Russian wife methinks!

November 1st, 2011 | Posted in Politics & Random Musings | No Comments

Copy Protected by Chetan's WP-Copyprotect.