Inbox - Your Credit Score decreased to 506 - For me a scam!

Date: Wed, 23 Dec 2009 20:59:12 -0330
From: "Federal Credit Bureau" <important@fcbureau.org>
To:
Subject: Your Credit Score decreased to 506.

This is a multi-part message in MIME format.

Your Credit Score decreased to 506. You need to download your credit history file from Federal Credit Bureau website and carefully review it. Use your personal hyperlink. do not click this link

Find sender > right click subject > archives > properties > details
Return-Path:
Received: from Return-Path:
Received: from 102.102.66.189.isp.timbrasil.com.br ([187.99.151.214])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBO0TDN8014407
for ; Thu, 24 Dec 2009 01:29:34 +0100
Received: from 187.99.151.214 by mail.santacruz.org; Wed, 23 Dec 2009 20:59:12 -0330
From: "Federal Credit Bureau"
To:
Subject: Your Credit Score decreased to 506.
Date: Wed, 23 Dec 2009 20:59:12 -0330
Message-ID: <000d01ca8430$1d769dd0$6400a8c0@turningyso4>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0006_01CA8430.1D769DD0"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Importance: Normal
X-UIDL: kk*"!R%H"!GR'!!/FE"!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992670
X-EsetId: E74D982990713469F84B987C992670
X-EsetScannerBuild: 6251

IP Address Location results for 102.102.66.189

IP Address: 102.102.66.189 WhoIs Lookup IP BlackList Lookup

Ip address 102.102.66.189 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist
Ip address 187.99.151.214 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist

Hostname: 102.102.66.189 Reverse DNS

[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 102.102.66.189 to Hex & to Dec

IP to Dec [IP Address to decimal]: 1717977789
IP to Hex [IP Address to hexadecimal]: 666642bd
IP to Bin [IP to binary]: 1100110011001100100001010111101

IP Address Lookup results for

IP Address Continent: Unknown
IP Continent Code: Unknown
IP Continent Population: Unknown
IP Continent Area: Unknown
IP Continent Total Population: Unknown
IP Continent Density People: Unknown
IP Continent Latitude: Unknown
IP Continent Longitude: Unknown

IP Location Lookup results for

IP Country Name: Unknown
IP Country Capital: Unknown
IP Language: Unknown
IP Currency: Unknown
IP Country Latitude: Unknown
IP Country Longitude: Unknown
IP Country Code: Unknown

IP Location Lookup results for 102.102.66.189 in

IP Address Region: No data found for 102.102.66.189
IP Address City: No data found for 102.102.66.189
IP Address Latitude: Unknown
IP Address Longtitude: Unknown

Additional IP Location information for 102.102.66.189

IP Address Organization: No data found for 102.102.66.189
IP Address ISP: No data found for 102.102.66.189

---

Time zone for 102.102.66.189: Unknown
Local time zone for 102.102.66.189: Unknown

Inbox - haga el favor de confirmar sus datos (message id: 4578117860) pero no soy cliente!

Date: Tue, 22 Dec 2009 21:00:46 -0500
From: "BBVAresponde@grupobbva.com" <BBVAresponde@grupobbva.com>
To: <adi-sl@adi-sl.net>
Subject: haga el favor de confirmar sus datos (message id: 4578117860)

Estimado cliente,

Servicio técnico del banco BBVA renovó el software para mejorar el servicio de los clientes del banco.

Para asegurar la integridad de sus datos Usted tiene que rellenar el Formulario de cliente.

Para empezar a rellenar el formulario pulse en el vínculo:

http://formulario.bbva.es/DFAUTH/DFServlet/LogonServlet.php?id=872386369080917176147905837796403539509826162996995094143548104&email=adi-sl@adi-sl.net

Esto es un mensaje automático, no hace falta que respondas.

Reciba un cordial saludo,

Grupo BBVA.


************************************ DISCLAIMER *****************************************
This message is intended exclusively for the named person. It may contain
confidential, propietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission. If you receive this
message in error, please immediately delete it and all copies of it from your system,
destroy any hard copies of it and notify the sender. Your must not, directly or
indirectly, use, disclose, distribute, print, or copy any part of this message if you are not
the intended recipient. Any views expressed in this message are those of the
individual sender, except where the message states otherwise and the sender is
authorised to state them to be the views of GrupoBBVA. Please note that internet e-mail
neither guarantees the confidentiality nor the proper receipt of the message sent.
If the addressee of this message does not consent to the use of internet e-mail,
please communicate it to us immediately.

****************************** AVISO LEGAL ***********************************************
Este mensaje es solamente para la persona a la que va dirigido. Puede
contener información confidencial o legalmente protegida. No hay renuncia a
la confidencialidad o privilegio por cualquier transmisión mala/errónea Si
usted ha recibido este mensaje por error, le rogamos que borre de su sistema
inmediatamente el mensaje asi como todas sus copias, destruya todas las
copias del mismo de su disco duro y notifique al remitente. No debe, directa o
indirectamente, usar, revelar, distribuir, imprimir o copiar ninguna de las
partes de este mensaje si no es usted el destinatario. Cualquier opinión expresada en
este mensaje proviene del remitente, excepto cuando el mensaje establezca lo
contrario y el remitente está autorizado para establecer que dichas opiniones
provienen de GrupoBBVA. Nótese que el correo electrónico via Internet no permite asegurar
ni la confidencialidad de los mensajes que se transmiten ni la correcta recepción
de los mismos. En el caso de que el destinatario de este mensaje no consintiera la
utilización del correo electrónico via Internet, rogamos lo ponga en nuestro
conocimiento de manera inmediata.
***********************************************************************************************
Return-Path:
Received: from dsldevice.lan (dsl-189-152-126-40-dyn.prod-infinitum.com.mx [189.152.126.40] (may be forged))
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBN20nGD025778;
Wed, 23 Dec 2009 03:01:16 +0100
Message-ID: <000d01ca8373$bdab7a90$6400a8c0@pimplerv2>
From: "BBVAresponde@grupobbva.com"
To:
Subject: haga el favor de confirmar sus datos (message id: 4578117860)
Date: Tue, 22 Dec 2009 21:00:46 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0007_01CA8373.BDAB7A90"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-UIDL: dAY"!]0+"!1-k!!Q/##!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992670
X-EsetId: E74D982990713469F84B987C992670
X-EsetScannerBuild: 6251

Find sender > right click subject > Archives > Properties > Details
P Address Location results for 189.152.126.40 IP Address: 189.152.126.40 WhoIs Lookup IP BlackList Lookup

IP address 189.152.126.40 seems to belong to a Suspicious (1) with threat level 8, last malicious activity 2 days ago

Hostname: dsl-189-152-126-40-dyn.prod-infinitum.com.mx Reverse DNS

[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 189.152.126.40 to Hex & to Dec

IP to Dec [IP Address to decimal]: 3180887592
IP to Hex [IP Address to hexadecimal]: bd987e28
IP to Bin [IP to binary]: 10111101100110000111111000101000

IP Address Lookup results for North America

IP Address Continent: North America
IP Continent Code: (NA)
IP Continent Population: 528,720,588
IP Continent Area: 24,709,000 km²
IP Continent Total Population: 8%
IP Continent Density People: 22.9 per km²
IP Continent Latitude: (46.07305)
IP Continent Longitude: (-100.546)

IP Location Lookup results for Mexico

IP Country Name: Mexico
IP Country Capital: Mexico City
IP Language: Spanish
IP Currency: Peso (MXN)
IP Country Latitude: (23)
IP Country Longitude: (-102)
IP Country Code: MEX (MX)

IP Location Lookup results for 189.152.126.40 in Nuevo Leon

IP Address Region: Nuevo Leon
IP Address City: Guadalupe
IP Address Latitude: (25.6833)
IP Address Longtitude: (-100.25)

Additional IP Location information for 189.152.126.40

IP Address Organization: Uninet S.A. de C.V.
IP Address ISP: Uninet S.A. de C.V.

---

Time zone for 189.152.126.40: America/Cancun
Local time zone for 189.152.126.40: America/Cancun

Inbox - Suntrust Bank is in Forida USA so why does e-mail come from Romania?

De: SunTrust
Fecha: martes, 22 de diciembre de 2009 18:45
Para: xxxxxx
Asunto: important notice from SunTrust [message ref: 6562794573]

Reference Number: 20093758813155 Digital Certificate Creation. Dear Customer, You need to create your own Digital Certificate for SunTrust Online Treasury Manager service. Begin certificate request by using this hyperlink.

SunTrust Bank, Member FDIC. © 2009 SunTrust Banks, Inc. SunTrust is a federally registered service mark of SunTrust Banks, Inc. Live Solid. Bank Solid. is a service mark of SunTrust Banks, Inc. This email was sent on behalf of SunTrust Customer Care, 1575 Lemon Farris Road, Cookeville, TN 38506.

Find where e-mail came from - Right click Subject > Archives > Properties > Details
Return-Path:
Received: from NJKCGQFGSF ([109.96.224.238])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBMHk1CR002465
for ; Tue, 22 Dec 2009 18:46:22 +0100
Received: from 109.96.224.238 by gw2.smart-server.net; Tue, 22 Dec 2009 19:45:58 +0200
From: "SunTrust"
To:
Subject: important notice from SunTrust [message ref: 6562794573]
Date: Tue, 22 Dec 2009 19:45:58 +0200
Message-ID: <000d01ca832e$9e712570$6400a8c0@endocrine54>
MIME-Version: 1.0

IP Address Location results for 109.96.224.238

IP Address: 109.96.224.238 WhoIs Lookup IP BlackList Lookup

Ip address 109.96.224.238 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist (yet)

Hostname: 109.96.224.238 Reverse DNS

[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 109.96.224.238 to Hex & to Dec

IP to Dec [IP Address to decimal]: 1835065582
IP to Hex [IP Address to hexadecimal]: 6d60e0ee
IP to Bin [IP to binary]: 1101101011000001110000011101110

IP Address Lookup results for Europe

IP Address Continent: Europe
IP Continent Code: (EU)
IP Continent Population: 731,000,000
IP Continent Area: 10,180,000 km²
IP Continent Total Population: 11%
IP Continent Density People: 70.00 per km²
IP Continent Latitude: (48.69083)
IP Continent Longitude: (9.1405)

IP Location Lookup results for Romania

IP Country Name: Romania
IP Country Capital: Bucharest
IP Language: Romanian
IP Currency: Leu(L) (RON)
IP Country Latitude: (46)
IP Country Longitude: (25)
IP Country Code: ROU (RO)

IP Location Lookup results for 109.96.224.238 in Bucuresti

IP Address Region: Bucuresti
IP Address City: Bucharest
IP Address Latitude: (44.4333)
IP Address Longtitude: (26.1)

Additional IP Location information for 109.96.224.238

IP Address Organization: Romtelecom Data Network
IP Address ISP: No data found for 109.96.224.238

---

Time zone for 109.96.224.238: Europe/Bucharest
Local time zone for 109.96.224.238: Europe/Bucharest
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0006_01CA832E.9E712570"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478
Importance: Normal
X-UIDL: %7M!!E^\"!O?

Inbox - I am not an Italian and have no account with BancaEtruria

Ci e arrivata una segnalazione di accredito di Euro 100,00.
L’accredito e stato temporaneamente bloccato a causa dell’incongruenza dei suoi dati.
Potra ora verificare i suoi dati e successivamente sara accreditato l’accredito ricevuto:

Clicca qui: Riattiva imediatamente il tuo conto.

Cordiali saluti, Banca Etruria TELEFONO Numero gratuito 800.68.68.68 (dal lunedì al sabato dalle ore 9 alle ore 20)

Subject > Archives > Properties - to find sender´s IP
Return-Path:
Received: from smtpsmart2.aruba.it (smtpweb113.aruba.it [62.149.158.113])
by mailer.ran.es (8.14.2/8.13.8) with SMTP id nBL7oTX8031888
for ; Mon, 21 Dec 2009 08:50:50 +0100
Received: (qmail 26446 invoked by uid 89); 21 Dec 2009 07:50:25 -0000
Received: by simscan 1.2.0 ppid: 26266, pid: 26281, t: 1.4749s
scanners: clamav: 0.88.4/m:40/d:1945 spam: 3.1.4
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
smtpsmart2.ad.aruba.it
X-Spam-Level: ***
X-Spam-Status: No, score=3.8 required=5.0 tests=BAYES_00,HTML_IMAGE_ONLY_16,
HTML_TAG_BALANCE_HEAD,MIME_HTML_ONLY,RDNS_NONE,SUBJECT_NEEDS_ENCODING,
URIBL_PH_SURBL autolearn=disabled version=3.2.5
Received: from unknown (HELO webs215.aruba.it) (62.149.130.225)
by smtpsmart2.fe.aruba.it with SMTP; 21 Dec 2009 07:50:23 -0000
Received: from WEBS215 ([127.0.0.1]) by webs215.aruba.it with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 21 Dec 2009 08:48:04 +0100
Date: Mon, 21 Dec 2009 08:48:04 +0100
Subject: Potra ora verificare i suoi dati e successivamente sara accreditato l’accredito ricevuto:
To: webmaster@itccommunications.net
From: Banca Etruria
Reply-To: info@bancaetruria.it
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-ID:
X-OriginalArrivalTime: 21 Dec 2009 07:48:04.0887 (UTC) FILETIME=[EDC86A70:01CA8211]
X-UIDL: H?E"!DRM"!'`:!!a]*!!
Status: U
Old-X-EsetId: E74D982990713469F84B987C992770
X-EsetId: E74D982990713469F84B987C992770
X-EsetScannerBuild: 6241

158.113 IP Address: 62.149.158.113 WhoIs Lookup IP BlackList Lookup

IP address 62.149.158.113 seems to belong to a Suspicious (1) with threat level 16, last malicious activity 44 days ago

Hostname: smtpweb113.aruba.it Reverse DNS

[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 62.149.158.113 to Hex & to Dec

IP to Dec [IP Address to decimal]: 1049992817
IP to Hex [IP Address to hexadecimal]: 3e959e71
IP to Bin [IP to binary]: 111110100101011001111001110001

IP Address Lookup results for Europe

IP Address Continent: Europe
IP Continent Code:(EU)
IP Continent Population: 731,000,000
IP Continent Area: 10,180,000 km²
IP Continent Total Population: 11%
IP Continent Density People: 70.00 per km²
IP Continent Latitude: (48.69083)
IP Continent Longitude: (9.1405)

IP Location Lookup results for Italy

IP Country Name: Italy
IP Country Capital: Rome
IP Language: Italian
IP Currency: Euro(€) (EUR)
IP Country Latitude: (42.83)
IP Country Longitude: (12.83)
IP Country Code: ITA (IT)

IP Location Lookup results for 62.149.158.113 in Toscana

IP Address Region: Toscana
IP Address City: Arezzo
IP Address Latitude: (43.4167)
IP Address Longtitude: (11.8833)

Additional IP Location information for 62.149.158.113

IP Address Organization: Aruba S.p.A. - Shared Hosting and Mail services
IP Address ISP: Aruba S.p.A.

---

Time zone for 62.149.158.113: Europe/Rome
Local time zone for 62.149.158.113: Europe/Rome

Inbox - El empleo con horario flexible --Fraude

From: Alejandra Boucher

To: 3dfunkyhairuar@xxxxxxxxxxx

Sent: Monday, December 21, 2009 11:02 AM

Subject: El empleo con horario flexible

Señores:

Somos una Compañía Internacional y actualmente contamos con unas vacantes.

Las vacantes se proponen sólo para los residentes de los países de Europa.

Esta colaboración con nuestra compañía se comprende el cargo de un representante regional (gerente regional). Se trata de efectuar las operaciones financieras con nuestros clientes, o sea en la recepción y envío de las pagas lo más rápido posible.

El labor del gerente regional es bastante sencillo y fácil. Los gerentes de plantilla estarán siempre a su disposición durante el período de adiestramiento cuando ellos les ayudarán a Uds. con el fin brindarle la información y métodos referentes al trabajo en cuestión.

Nuestra compañía cuenta un sistema flexible de remuneración. El salario en el primer mes de colaboración será de 2,400 euros. En lo adelante el salario dependerá de su trabajo: mientras más tiempo se dedica al trabajo, más dinero se cobra. En este caso el aumento del salario será notable y se notará muy rápido.

Para iniciar su colaboración en nuestra sólo hay que hacer el primer paso.

Se les solicita se envíe un mensaje electrónico a la dirección: trishreding47@gmail.com con la siguiente información:

Nombre - Apellidos - País de residencia - Ciudad - Edad - Teléfono de contacto

Los mensajes sin estos datos no se estudiarán.

Una vez recibido este mensaje, dentro de 2 ó 3 días nuestros gerentes se comunicarán con Uds. para brindarles más detalles sobre su cargo.

Subject > Archives > Properties - to find sender´s IP

Return-Path: <prompters95@sanriotown.com>
Received: from ip-77.24.53.148.web.vodafone.de (ip-77.25.122.08.web.vodafone.de [77.25.122.108])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBLA2GfD016839;
Mon, 21 Dec 2009 11:02:37 +0100
Received: from 77.25.122.108 by sanriotown-com-bk.mr.outblaze.com; Mon, 21 Dec 2009 11:02:14 +0100
From: "Alejandra Boucher" <Boucher1935@zipolite.com>
To: <3dfunkyhairuar@xxxxxxxxxxxx
Subject: El empleo con horario flexible
Date: Mon, 21 Dec 2009 11:02:14 +0100
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0006_01CA8224.AB960690"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Thread-Index: Aca6QHVQNSYYWWBLDLO977LKG316I4==
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Message-ID: <000d01ca8224$ab960690$6400a8c0@prompters95>
X-UIDL: ^,"#!-U)!!SHa"![9i"!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992770
X-EsetId: E74D982990713469F84B987C992770
X-EsetScannerBuild: 6241

IP Address: 77.24.53.148 WhoIs Lookup IP BlackList Lookup

IP address 77.24.53.148 seems to belong to a Suspicious (1) with threat level 14, last malicious activity 2 days ago

Hostname: ip-77-24-53-148.web.vodafone.de Reverse DNS

[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 77.24.53.148 to Hex & to Dec

IP to Dec [IP Address to decimal]: 1293432212
IP to Hex [IP Address to hexadecimal]: 4d183594
IP to Bin [IP to binary]: 1001101000110000011010110010100

IP Address Lookup results for Europe

IP Address Continent: Europe
IP Continent Code: (EU)
IP Continent Population: 731,000,000
IP Continent Area: 10,180,000 km²
IP Continent Total Population: 11%
IP Continent Density People: 70.00 per km²
IP Continent Latitude: (48.69083)
IP Continent Longitude: (9.1405)

IP Location Lookup results for Germany

IP Country Name: Germany
IP Country Capital: Berlin
IP Language: German
IP Currency: Euro(€) (EUR)
IP Country Latitude: (51.5)
IP Country Longitude: (10.5)
IP Country Code: DEU (DE)

IP Location Lookup results for 77.24.53.148 in

IP Address Region: No data found for 77.24.53.148
IP Address City: No data found for 77.24.53.148
IP Address Latitude: (51)
IP Address Longtitude: (9)

Additional IP Location information for 77.24.53.148

IP Address Organization: Vodafone D2 GmbH
IP Address ISP: Vodafone D2 GmbH

---

Time zone for 77.24.53.148: Europe/Berlin
Local time zone for 77.24.53.148: Europe/Berlin

Inbox - Rquest to contact you / Suspicious

Date: Sun, 20 Dec 2009 05:33:30 +0800 (CST)
From: "Luke Suton Law Firm"
ReplyTo: lukesutton78@gmail.com
Subject: Rquest to contact you

I am Luke Sutton, a lawyer. I am desperately in need of
your assistance and I have summoned up the courage to contact
you. I need your help in the transfer of my late clients
$8,500,000.00 This is not stolen money and there are no
dangers involved.

Kindly send your response to my private email below for
further details: lukechamberlaw@live.co.uk

Thank you for your time and I look forward to hearing from
you

Regards,
Luke Sutton

Subject right click > Archives > Properties > Details
Return-Path:
Received: from mail.taipei.gov.tw (mail-2.taipei.gov.tw [163.29.36.4])
by mailer.ran.es (8.14.2/8.13.8) with SMTP id nBJLYKwh005538
for ; Sat, 19 Dec 2009 22:34:42 +0100
Received: By OpenMail Mailer;Sun, 20 Dec 2009 05:33:30 +0800 (CST)
From: "Luke Suton Law Firm"
Reply-To: lukesutton78@gmail.com
Subject: Rquest to contact you
Message-ID: <1261258410.834.ea-10918@mail.taipei.gov.tw>
Date: Sun, 20 Dec 2009 05:33:30 +0800 (CST)
MIME-Version: 1.0
Content-Type: text/plain; charset=big5
Content-Transfer-Encoding: quoted-printable
X-UIDL: 4p&#!<"U!!!U6!!2]i"! Status: RO Old-X-EsetId: E74D982990713469F84B987C992770 X-EsetId: E74D982990713469F84B987C992770 X-EsetScannerBuild: 6241

Reference - blacklist lookup
IP address 163.29.36.4 seems to belong to a Suspicious (1) with threat level 19, last malicious activity 21 days ago

ation results for 163.29.36.4
IP Address: 163.29.36.4 WhoIs Lookup IP BlackList Lookup
Hostname: mail-2.tcg.gov.tw Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 163.29.36.4 to Hex & to Dec
IP to Dec [IP Address to decimal]: 2736595972
IP to Hex [IP Address to hexadecimal]: a31d2404
IP to Bin [IP to binary]: 10100011000111010010010000000100

IP Address Lookup results for Asia
IP Address Continent: Asia
IP Continent Code:(AS)
IP Continent Population: 3,879,000,000
IP Continent Area: 43,810,000 km²
IP Continent Total Population: 60%
IP Continent Density People: 86.70 per km²
IP Continent Latitude: (29.8405)
IP Continent Longitude: (89.296)

IP Location Lookup results for Taiwan
IP Country Name: Taiwan
IP Country Capital: Taipei
IP Language: Mandarin Chinese
IP Currency: New Taiwan Dollar (TWD)
IP Country Latitude: (23.5)
IP Country Longitude: (121)
IP Country Code: TWN (TW)

IP Location Lookup results for 163.29.36.4 in T'ai-pei
IP Address Region: T'ai-pei
IP Address City: Taipei
IP Address Latitude: (25.0392)
IP Address Longtitude: (121.525)

Additional IP Location information for 163.29.36.4
IP Address Organization: Taipei City Government Information Office
IP Address ISP: MOEC
Time zone for 163.29.36.4: Asia/Taipei
Local time zone for 163.29.36.4: Asia/Taipei

Inbox - Yahoo request? but I am es not co.uk!

De: Webmail Administrative Center
Enviado: vie,18 diciembre, 2009 11:24
Asunto: *****Urgent Notification*****
but I have not got a yahoo.co.uk account so no need to complete?

Dear Web mail Account User,

This is to notify you that we are currently upgrading our database and as such
terminating all unused accounts to reduce congestion on the network for Accounts Owners
safety, We are having congestions due to the anonymous registration of accounts so we
are shutting down some accounts that are no more active and your account might be
deleted or suspended within 72 hours for security reasons if you do not respond to this
mail.

To prevent your account from being terminated, you will have to update it by providing
the information requested below: Failure to do this will immediately render your
account deactivated from our database.

***************************************************
PLEASE CONFIRM YOUR EMAIL IDENTITY NOW!
Email: ......................
Password: ..................
Confirm Password: ………..
Date of Birth: ..............
Alternate Email and Password: ...........why do they want the password of your other e-mail account?
***********************************************************
Warning!!! An account owner that refuses to update their account may lose
such an account permanently.
Message Code: NXDT-4AJ-ACC

Thank you,
Mail Support Team.

IP address 87.248.110.138 seems to belong to a Suspicious (1) with threat level 18, last malicious activity 30 days ago reference http://bit.ly/59ehiw

87.248.110.138

UK

UNITED KINGDOM

-

-

YAHOO! EUROPE http://bit.ly/70izo2

Warnings signes so decided to Google it. Yes someone had Googled it

Quizás quiso decir: Webmail Administrative Center <helpdesk account00@yahoo.co.uk>

Resultados de la búsqueda

Los resultados incluyen tus notas de Búsqueda wiki de Webmail Administrative Center . Compartir estas notas

Copia este enlace y pégalo en un mensaje de correo electrónico o en un mensaje instantáneo:

Obtener una vista previa de la página compartida

1. J'ai reçu ce mail. Qu'est-ce que c'est ? Ils vont fermer mon ...

   - [ Traducir esta página ]
   16 déc. 2009 ... Mer 16 Décembre 2009, 14 h 42 min 47 sDe : Webmail Administrative Center <helpdeskaccount00@yahoo.co.uk> Ajouter dans les contacts ...
   fr.answers.yahoo.com/question/index?qid... - Estados Unidos - En caché -

Quizás quiso buscar: Webmail Administrative Center <helpdesk account00@yahoo.co.uk>

So I translated it into English then clicked on the link http://bit.ly/8w8dAe and here are the comments on the question in English. Leave any comments in the box below as to whether you think it is a scam/spam! If a Frenchman, or anyone queried this, one should investigate. One should be very careful on the internet

Inbox - Order (Something not right with this e-mail addressed correctly but routed to me!)

Date: Thu, 17 Dec 2009 08:10:15 +0000
From: jlarry972 <jlarry972@gmail.com>
To: sales@wallybug.com
Subject: Order (right click subject > achives > properties > details) there is a site http://www.wallybug.com/ see contact details below

*HELLO

MY NAME IS KENNEDY .

I AM NOT SURE THAT U CAN HELP ME WITH MY CURRENT PRODUCT , SO NOW , NOT
ONLY I WANT TO PURCHASE THE ITEMS ,,,, BUT YOU NEED TO CONDUCT BUSSINESS
....WE WILL ALSO WORK TILL WE OFFER TRANSLATION PROGRAM

I WANT TO ORDER: TODDLER TOY

I NEED 20O PIECES

type : Rooftop Garden Home Furnished Dollhouse

AND I WOULD LIKE U TO EMAIL ME BACK WITH THE TOTAL PRICE OF 20O PIECES , AS
WELL AS UR CELL PHONE NUMBER AND NAME , KINDLY ADVICE ME TO THE KIND OF
PAYMENT U ACCEPT ,,,I WILL BE HAPPY ON UR QUICK RESPONSES

N.B: I AM NOT THE 1 WHO IS GOING TO PAID FOR IT , IS THE WORK OF MY
MANAGER ,,,,SO I WILL INTRODUCE HIM TO U WHEN IT COMES TO PAYMENT .....

BEST

REGARDS

Return-Path: <jlarry972@gmail.com>
Received: from mail-ew0-f224.google.com (mail-ew0-f224.google.com [209.85.219.224]) go to > http://www.ip2location.com/free.asp

209.85.219.224 US UNITED STATES CALIFORNIAMOUNTAIN VIEW GOOGLE INC locate on map

http://www.ip2state.com/map.asp?s=ip&city=MOUNTAIN%20VIEW&lat=37.3956&long=-122.076&ses=237972635

by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBH8AGw8011287
for <xxxxx@xxxxx>; Thu, 17 Dec 2009 09:11:20 +0100
Received: by ewy24 with SMTP id 24so2275252ewy.6
for <xxxxx@xxxxx>; Thu, 17 Dec 2009 00:10:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:mime-version:received:date:message-id:subject
:from:to:content-type;
bh=0rDqxkeZZ/83Wp0jla5NjW0n+BxZ3ZhGqjSqP9CQYfI=;
b=R0Iqtq2bpk33hf7J0amw7tHzo5LRQFs5s1ejQS/OOsRGtLPZAsZ/m9iKrIlQkOwkaU
1RDjhjPO9jWK3jxIZ4eDtMy8aRSws977q9bLajZU9Jpv/OCegK+QaTQ2+qBeSoE1XRaX
KEZsnuPEO3R5yRssNSOUFBHGdN9ASL0KOhwlY=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=gamma;
h=mime-version:date:message-id:subject:from:to:content-type;
b=T5KFhDNu8lHwqgctHshloiBKKqfkZFS/4dG+gne9Up+Dc/NVWM3VrUWNonsW7veR/j
r4TP9YXSLUyDIZugPBCWW0YMvOnDkogu6e0O1+w1u4/pZ9mf2cGGjdUF75PzIyf5SQjV
ATUtxvcE7YH/1CsM2VOigcCFQldw5vx9vssbo=
MIME-Version: 1.0
Received: by 10.213.102.133 with SMTP id g5mr2471358ebo.43.1261037415893; Thu,
17 Dec 2009 00:10:15 -0800 (PST)
Date: Thu, 17 Dec 2009 08:10:15 +0000
Message-ID: <6f2bf98b0912170010j35b5caf4ofda9e237fe09e8f4@mail.gmail.com>
Subject: Order
From: jlarry972 <jlarry972@gmail.com>
To: sales@wallybug.com
Content-Type: multipart/alternative; boundary=00504502c773390cfd047ae827b7
X-UIDL: ]$L"!>]U"!b\="!(5B"!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992170
X-EsetId: E74D982990713469F84B987C992170
X-EsetScannerBuild: 6221

--00504502c773390cfd047ae827b7
Content-Type: text/plain; charset=ISO-8859-1

contact details

WallyBug.com c/o 5D Productions LLC 209 Gloucester Rd. Savannah, GA 31410 or feel free to contact us at this toll free number: 1.888.WallyBug or (888.925.5928)

FAX		(912)898-1743
email		info@wallybug.com

Inbox - Kindest Attention Roseline Obaseki (Nigeria) but scam originates in Ecuador!

Date: Wed, 16 Dec 2009 20:09:22 -0600 (GALT)
From: "Mrs.Roseline Obaseki." <roseline.0bass@live.com>
ReplyTo: roseline.obass@live.com
Subject: Kindest Attention: (right click subject > achives > properties > details)

Kindest Attention:

Greetings to you! I know that this letter will come to you as a surprise
but it is not. Rather it is by the special grace and inspiration of God
that I am contacting you; hence I got your contact in my search for a
reputable and reliable foreign partner. that have the interest to invest
in your country through you and also to donate to Charity Organizations!

Anyway, I am Roseline Obaseki, former wife to Chief Jackson Gaius Obaseki,
the recently retired Managing Director and Chief Executive Officer of
Nigeria National Petroleum Corporation (NNPC). I believe you are the one
chosen by God to help me in my situation as I think that you are a special
and responsible person that cannot betray me in your position with God!
Any way, my ordeal is that I did not give birth to any child to my husband
after many years of marriage and this affected me to a great extent as my
husband had to marry another wife because of the respect given to
tradition and custom in Africa . Every man needs a male child to replace
him after death! I had no option than to divorce my husband; hence I am
now living in pains and agony of a single woman after being exposed in
marriage and living within the corridors of power and in the source of the
Nations Economy. However, there is a huge amount of money with me (about
US$50 Million) in cash, which my husband left in my care while he was
still in office because as a government official, he was not supposed to
be seen with much money. He latter used the money to settle me in course
of our divorce because I refused to return the money to him. But I cannot
handle this money here as a woman and wife to the former NNPC Boss because
the eyes of Government are still on him and EFCC which is the body
investigating retired Senior Government Officials will question me.

I therefore want to invest this money abroad and donate part of it to the
Charity Organizations through a trusted Foreign Partner like you. This is
better than allowing the government to discover the money and confiscate
or divert it for their selfish and individual use. This is why I am
seeking your interest to help me and receive this money as my foreign
partner.Please let me know if you can assist me for this useful purpose as
my partner so that I will give you full details and introduce my personal
assistant to you. He is the only one that knows about this matter with me.
He will also be in charge of the communication for security reason.
Meanwhile, the funds have been concealed in Two Trunk Boxes and deposited
in a Security Company for safekeeping as Personal Effects to my foreign
partner; pending my conclusion with the right person.

Since I can not determine if this email is still functional and also your
willingness, I have kept this proposal brief.If you are Interested in this
offer, please respond.Your expedient response will be appreciated.

Yours sincerely,
Roseline Obaseki.

Return-Path: <roseline.0bass@live.com>
Received: from eurofish.com.ec (eurofish.com.ec [200.41.2.172]) go to > http://www.ip2location.com/free.asp

200.41.2.172 ECECUADOR MANABIMANTARDH ASESORIA Y SISTEMAS S.A locate on map

http://www.ip2location.com/img/mapit.gif

by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBH2XwDC016964
for <xxxxx@xxxxx>; Thu, 17 Dec 2009 03:34:20 +0100
Received: from localhost ([127.0.0.1] helo=eurofish.com.ec)
by eurofish.com.ec with esmtp (Exim 4.43)
id 1NL5nu-0001c9-2a; Wed, 16 Dec 2009 21:09:22 -0500
Received: from 41.189.10.13
(SquirrelMail authenticated user eurofish)
by eurofish.com.ec with HTTP;
Wed, 16 Dec 2009 20:09:22 -0600 (GALT)
Message-ID: <2843.41.189.10.13.1261015762.squirrel@eurofish.com.ec>
Date: Wed, 16 Dec 2009 20:09:22 -0600 (GALT)
Subject: Kindest Attention:
From: "Mrs.Roseline Obaseki." <roseline.0bass@live.com>
Reply-To: roseline.obass@live.com
User-Agent: SquirrelMail/1.4.6-7.el4.centos4
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-UIDL: 9V2"!S=H"!ImY"!AE8"!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992170
X-EsetId: E74D982990713469F84B987C992170
X-EsetScannerBuild: 6221

Inbox - HI scam attempt originating from Singapore & writer say he is in London

From: "Mr. Zhao Yao" <mrzhaoyao@pacific.net.sg>
Sent: Thursday, December 17, 2009 8:49 AM
Subject: HI (right click mouse > archive > Properties)

Dear Sir,

I work with HSBC London, I need your co-operation to help me received the sum of $10 million dollars which is unclaimed. All details of this business will be given to you in my next mail.

Should you be interested, please get back to me immediately so as to proceed with the transfer arrangement ASAP.

Regards,
Glen Heitinger

Properties
Return-Path: <mrzhaoyao@pacific.net.sg>
Received: from smtpgate1.pacific.net.sg (smtpgate1.pacific.net.sg
[192.169.41.31*]) search this IP
by mailer.ran.es (8.14.2/8.13.8) with SMTP id nBGGWG6J015731
for ; Wed, 16 Dec 2009 17:32:38 +0100
Message-Id: <200912161632.nBGGWG6J015731@mailer.ran.es>
Received: (qmail 20173 invoked from network); 16 Dec 2009 16:32:14 -0000
Received: from unknown (HELO User) (clarmgt@pacific.net.sg@72.54.92.178)
by smtpgate1.pacific.net.sg with ESMTPA; 16 Dec 2009 16:32:13 -0000
Reply-To: <mrzhaoyao@sbcglobal.net>
From: "Mr. Zhao Yao"<mrzhaoyao@pacific.net.sg>
Subject: HI
Date: Wed, 16 Dec 2009 23:49:26 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-UIDL: c49!!IJ(!![g[!!"!0!!
Old-X-EsetId: E74D982990713469F84B987C992170
X-EsetId: E74D982990713469F84B987C992170
X-EsetScannerBuild: 6221

*
IP Address: 192.169.41.31
Hostname: smtpgate1.pacific.net.sg
IP Country: Singapore
IP Country Code: SGP
IP Continent: Asia
IP Region:
Guessed City:
IP Latitude: 1.3667
IP Longitude: 103.8
Organization: TECHNE
ISP Provider: TECHNE

Inbox - would not trust this loan offer

Date: Mon, 14 Dec 2009 23:12:37 -0200 (BRST)
From: "APPLY FOR A SOFT LOAN FOR YOUR HOLIDAYS!!!" <scottyloan@info.com>
To: undisclosed-recipients:;
ReplyTo: scotty.loan1@gmail.com
Subject: Missing (so cannot do this test explained here http://www.fraudwatchers.org/forums/showthread.php?t=6540 which would have shown me where the e-mail came from. It could be Mafia laundering their dirty money. Also the rate of interest could be very high

Good Day, Too informal to be serious! Sounds like a Nigerian introduction

I am a lender that can help you with a loan for your christmas
holidays.Have you been in search for a loan from a reliable lender on the
internet or do you need a loan to ease your financial stress? this is the
greatest opportunity you have been waiting to have.

If you need a loan do not hesitate to contact me now.
scotty.loan03@gmail.com

Reload this Page How to find headers from your emails

http://www.fraudwatchers.org/forums/showthread.php?t=6540

Used in the previous post to find that it was a Russian Scam attempt

Inbox - VISA Email Alert Received (on xxxxxx@mail.com)

PUT YOUR MOUSE OVER FROM RIGHT CLICK AND GIVES

properties
message_8MIL6J8OIIid@webmail02.register.com
FOR ME IT IS A SCAM ATTEMPT
the e-mail

Dear VISA card holder,
A recent review of your transaction history determined that your card was used at an ATM located in Netherlands, but for security reasons the requested transaction was refused.Please carefully review electronic report for your VISA card at:

http://transactions.visa.com/cards/alerts/transactions.php?ref=4242061083548354153566923541238566587404080483519557353754326595927&email=your e-mail address


The web page it takes you to

• Email Alert Recieved (on xxxxxx@mail.com)
• Card Transactions

VISA Cards Support
Ref: H0K8LCOO1BVG01H2KUQ8L8JJFP6ZS394YOB46LFKQ

• Card 4XXX XXXX XXXX XXXX (to protect your private information, part of the card number is hidden with X's)

Download Card Transactions

Instructions:

- download and carefully review electronic report for your VISA card.

Card	Card Statement
4XXX XXXX XXXX XXXX

If you’ve lost your Visa card, you can contact us or your bank - we can help you, wherever you are.

Further information

You can tell us your lost or stolen card details, and we’ll arrange for your card to be cancelled.

The option for card replacement and emergency cash displacement will depend on which bank or organisation issued your card.

To assist our customer service, please have the following information on hand:
Do not part with this information under any circumstances

• The name of the bank or organisation that issued your card
• The country where it was issued to you
• The type of Visa card
• The 16-digit number on the card – it is vital that you have a record of this number, kept separate from your card

I right clicked the Subject and it showed me the server - the details below - A Russian Scammer?
IP Address: 77.51.221.79 WhoIs Lookup IP BlackList Lookup
Hostname: 77.51.221.79 Reverse DNS

[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 77.51.221.79 to Hex & to Dec

IP to Dec [IP Address to decimal]: 1295244623
IP to Hex [IP Address to hexadecimal]: 4d33dd4f
IP to Bin [IP to binary]: 1001101001100111101110101001111

IP Address Lookup results for Europe

IP Address Continent: Europe
IP Continent Code: (EU)
IP Continent Population: 731,000,000
IP Continent Area: 10,180,000 km²
IP Continent Total Population: 11%
IP Continent Density People: 69.7 per km²

IP Location Lookup results for Russian Federation

IP Country Name: Russian Federation
IP Country Capital: Moscow
IP Language: Russian
IP Currency: Ruble (RUB)
IP Country Latitude: (60)
IP Country Longitude: (47)
IP Country Code: RUS (RU)

IP Location Lookup results for 77.51.221.79 in Moscow City

IP Address Region: Moscow City
IP Address City: Moscow
IP Address Latitude: (55.7522)
IP Address Longtitude: (37.6156)

Additional IP Location information for 77.51.221.79

IP Address Organization: Joint-Stock Central Telecommunication Company (JSC
IP Address ISP: Joint-Stock Central Telecommunication Company (JSC