Google

World Wide Web anti-scam


Seitenindex umschalten Seiten: 1 Thema versenden
Normales Thema Irina <interamina@gmail.com> (Gelesen: 739 mal)
 
bigbear
Themenstarter Themenstarter
General Counsel
***
Offline


I Love Anti-Scam

Beiträge: 1330
Mitglied seit: 08. September 2009
Geschlecht: männlich
Irina <interamina@gmail.com>
09. November 2016 um 08:24
 
Hello! I have been wanting to write to you a long time ago and lastly I've decided to do that. I applyed to the dating agency and your e-mail adress was given there. I was afraid to write to you right away because I was very interested in you.
My name is Irina. I'm 28 years old. I'm from Russia. I'm looking for a man for serious relationship, a man who will be close to me. I hope you will answer me as soon as possible. I look forward to your response letter.
Irina

Spoiler:
Delivered-To:xxx
Received: by 10.107.135.166 with SMTP id r38csp32222ioi;
        Tue, 8 Nov 2016 22:23:32 -0800 (PST)
X-Received: by 10.157.16.120 with SMTP id o53mr8622680oto.11.1478672612416;
        Tue, 08 Nov 2016 22:23:32 -0800 (PST)
Return-Path: <edxqkzb@host04.onlinenic.com>
Received: from host04.onlinenic.com (host04.onlinenic.com. [216.245.210.50])
        by mx.google.com with ESMTPS id 187si21572806oih.230.2016.11.08.22.23.32
        for <xxx>
        (version=TLS1 cipher=AES128-SHA bits=128/128);
        Tue, 08 Nov 2016 22:23:32 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of edxqkzb@host04.onlinenic.com designates 216.245.210.50 as permitted sender) client-ip=216.245.210.50;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of edxqkzb@host04.onlinenic.com designates 216.245.210.50 as permitted sender) smtp.mailfrom=edxqkzb@host04.onlinenic.com;
       dmarc=fail (p=NONE dis=NONE) Quelltext.from=gmail.com
Received: from edxqkzb by host04.onlinenic.com with local (Exim 4.87)
     (envelope-from <edxqkzb@host04.onlinenic.com>)
     id 1c4MIH-0006p8-3g
     for xxx; Wed, 09 Nov 2016 00:23:33 -0600
To: xxx
Subject: Hello dear!
X-PHP-Script: 216.245.210.50/~edxqkzb/bin1.php for 94.242.214.191
From: <interamina@gmail.com>
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: PHP/5.5.32
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="1478672613SPB"
Message-Id: <E1c4MIH-0006p8-3g@host04.onlinenic.com>
Date: Wed, 09 Nov 2016 00:23:33 -0600
X-AntiAbuse: This Quelltext was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - host04.onlinenic.com
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [891 162] / [47 12]
X-AntiAbuse: Sender Address Domain - host04.onlinenic.com
X-Get-Message-Sender-Via: host04.onlinenic.com: authenticated_id: edxqkzb/only user confirmed/virtual account not confirmed
X-Authenticated-Sender: host04.onlinenic.com: edxqkzb
X-Source: /usr/bin/php
X-Source-Args: /usr/bin/php /home/edxqkzb/public_html/bin1.php 
X-Source-Dir: edxqkzb.com:/public_html

--1478672613SPB
Content-type: text/plain; charset="windows-1251"
Content-Transfer-Encoding: 8bit
« Zuletzt geändert: 09. November 2016 um 17:02 von Stiray »  

1_396.jpg ( 38 KB | Downloads )
1_396.jpg
Zum Seitenanfang
 
IP gespeichert
 
Indikation
Stiray
Forum Administrator
*****
Offline


Stillstand ist die Vorstufe
des Untergangs

Beiträge: 66661
Mitglied seit: 09. Juni 2011
Geschlecht: männlich
Re: Irina <interamina@gmail.com>
Antwort #1 - 09. November 2016 um 17:00
 
Svetlana <svetlanalapysik@gmail.com>

Webmaster schrieb on 13. Oktober 2016 um 05:36:
Der Scammer hat ein Script auf einem Server in Luxemburg installiert. Er schreibt seine Mail über diesen 
Server und versendet sie dann über den genannten Server in Texas... Das ist die totale Verschleierung


Code
Alles auswählen
IP:	94.242.214.191
Decimal:	1592972991
Hostname:	ip-static-94-242-214-191.server.lu
ASN:	5577
ISP:	root SA
Organization:	root SA
Services:	None detected
Assignment:	Static IP
Continent:	Europe
Country:	Luxembourg 



Code
Alles auswählen
IP:	216.245.210.50
Decimal:	3639988786
Hostname:	host04.onlinenic.com
ASN:	46475
ISP:	Limestone Networks
Organization:	Limestone Networks
Services:	None detected
Type:	Corporate
Assignment:	Static IP
Continent:	North America
Country:	United States
State/Region:	Texas
City:	Dallas 



Zitat:
X-PHP-Script: 216.245.210.50/~edxqkzb/bin1.php for 94.242.214.191
From: <interamina@gmail.com>
X-Mailer: PHP/5.5.32
Date: Wed, 09 Nov 2016 00:23:33 -0600
« Zuletzt geändert: 09. November 2016 um 17:01 von Stiray »  
Zum Seitenanfang
 
IP gespeichert
 
Seitenindex umschalten Seiten: 1
Thema versenden
Link zu diesem Thema