Google

World Wide Web anti-scam


Seitenindex umschalten Seiten: 1 Thema versenden
Normales Thema Natasha <nataliaoreo2013@gmail.com> (Gelesen: 823 mal)
 
Berger Louis
Themenstarter Themenstarter
Scam Advisors
*****
Offline


I Love Weißbier

Beiträge: 842
Standort: Cham
Mitglied seit: 25. Juli 2009
Geschlecht: männlich
Natasha <nataliaoreo2013@gmail.com>
06. Juni 2018 um 20:14
 
Nach langer Abstinenz gibt es als Vorspeise Scammer vom Feinsten

Hello my new pen-friend! This is my first letter to you but could be the last. I saw an interest in your character in the moment that I looked you upon the inet. I believe you will not be against chat, because I am aiming for a friend for a beginning. My main goal is to build serious relationship in future. maybe you not going to be looking for that, then I thinkwill not be suit each other, and if you don't mind we can strive to know each other better and find out where it will lead us. I live in Russia. In my town time zone UTC / GMT + five. So, what do you say? could we write a some letters to learn if we are connected? maybe we are not linked we may become at least friends. I am new in this so I could accept any answer you say, just be fair.


Spoiler:
Return-path: <rkt@sepia.ocn.ne.jp>
Delivery-date: Sun, 03 Jun 2018 08:09:42 +0200
Received: from [195.4.92.23] (helo=mx13.freenet.de)
        by mbox138.freenet.de with esmtpa (ID exim) (Exim 4.90_1 #2)
        id 1fPMD0-0006Xe-Jm
        for @01019freenet.de; Sun, 03 Jun 2018 08:09:42 +0200
Received: from mbkd0338.ocn.ad.jp ([153.149.236.39]:40805)
        by mx13.freenet.de with esmtp (port 25) (Exim 4.90_1 #2)
        id 1fPMCx -0007ZU-Tx
        for @freenet.de; Sun, 03 Jun 2018 08:09:42 +0200
Received: from mf-smf-ucb035c1 (mf-smf-ucb035c1.ocn.ad.jp [153.153.66.230])
        by mbkd0338.ocn.ad.jp (Postfix) with ESMTP id E95ED120746B;
        Sun,  3 Jun 2018 14:54:20 +0900 (JST)
Received: from ntt.pod01.mv-mta-ucb024 ([153.149.142.98])
        by mf-smf-ucb035c1 with ESMTP
        id PLy8f4WiqpTPrPLy8fEDCH; Sun, 03 Jun 2018 14:54:20 +0900
Received: from smtp.ocn.ne.jp ([153.149.227.134])
        by ntt.pod01.mv-mta-ucb024 with 
        id u5uH1x00J2ud8JZ015uHwQ; Sun, 03 Jun 2018 05:54:20 +0000
Received: from localhost (unknown [49.0.33.174])
        by smtp.ocn.ne.jp (Postfix) with ESMTPA;
        Sun,  3 Jun 2018 14:54:17 +0900 (JST)
To:  <cas1021@yahoo.ca>
Subject:  Salut
From:  Iamf Mel <rkt@sepia.ocn.ne.jp>
Reply-To:  Iamf Mel < nataliaoreo2013@gmail.com>
Errors-To:  Iamf Mel <rkt@sepia.ocn.ne.jp>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="d964cba67c14b7f69bf2b27e51d8adf3"
Date: Sun, 03 Jun 2018 07:39:59 +0200
Message-ID: <20180603074000.9328.rkt@sepia.ocn.ne.jp>
X-Spam-score: 10.4
X-Spamreport: Action: add header
Symbol: RECEIVED_SPAMHAUS_XBL(3.00)
Symbol: RCVD_NO_TLS_LAST(0.00)
Symbol: GREYLIST(0.00)
Symbol: FROM_EQ_ENVFROM(0.00)
Symbol: TO_DN_NONE(0.00)
Symbol: MIME_GOOD(-0.10)
Symbol: FREEMAIL_ENVRCPT(0.00)
Symbol: REPLYTO_DOM_NEQ_FROM_DOM(0.00)
Symbol: FREEMAIL_REPLYTO(0.00)
Symbol: FREEMAIL_TO(0.00)
Symbol: RCVD_COUNT_FIVE(0.00)
Symbol: FROM_HAS_DN(0.00)
Symbol: R_DKIM_NA(0.00)
Symbol: FORGED_RECIPIENTS(2.00)
Symbol: HAS_REPLYTO(0.00)
Symbol: MIME_HTML_ONLY(0.20)
Symbol: HAS_ATTACHMENT(0.00)
Symbol: RCVD_VIA_SMTP_AUTH(0.00)
Symbol: R_SPF_ALLOW(-0.20)
Symbol: IP_SCORE(1.53)
Symbol: ASN(0.00)
Symbol: MID_CONTAINS_FROM(1.00)
Symbol: NEURAL_SPAM(3.00)
Symbol: RCPT_COUNT_ONE(0.00)
Symbol: DMARC_NA(0.00)
Symbol: REPLYTO_DN_EQ_FROM_DN(0.00)
Symbol: BAYES_HAM(-0.00)
Message: (SPF): spf allow
Message-ID: 20180603074000.9328.rkt@sepia.ocn.ne.jp
X-FN-Spambar: ---
X-Warning: obfuscated html,spam pattern,spaced spam,no DNS reverse,spam subject,advertised URL,advertised phone number,Spam signature,Bulk.Advertising signature,Bulk.Porn signature,Bulk signature,Suspect Signature
Delivered-To: xx@freenet.de
Envelope-to: xx@freenet.de
X-Originated-At: 153.149.236.39!40805

--d964cba67c14b7f69bf2b27e51d8adf3
Content-Type: text/html; charset=ISO-8859-1
« Zuletzt geändert: 20. August 2018 um 22:21 von vierauge »  

1_1525.jpg ( 17 KB | Downloads )
1_1525.jpg
Zum Seitenanfang
 
IP gespeichert
 
Indikation
Berger Louis
Themenstarter Themenstarter
Scam Advisors
*****
Offline


I Love Weißbier

Beiträge: 842
Standort: Cham
Mitglied seit: 25. Juli 2009
Geschlecht: männlich
Re: Natasha <nataliaoreo2013@gmail.com>
Antwort #1 - 06. Juni 2018 um 20:19
 
Erst mal kennenlernen


Hello ---! How are you? Thanks for your answer it is really a honour to get it from you. Thanks for appearing in my life, it is my immense pleasure in getting to know you! I will try to tell a little about myself. I have no children and never been married. My birthday is 25 July and I am 29 years old and currently I live in Ekaterinburg, Russia. I do not smoke and never did not try to smoke. About alcohol - I can drink a little wine or a couple of cocktails with my friends, but it happens very rarely. I am accountant, more precisely the assistant of the chief accountant in a small state institution that deals with electricity in my town. It is boring and I do not like to talk about it. I have degree in economic science, also I finished correspondence education at the Law Faculty one year ago. I studied English at school and in both universities, but I still continue to use a translator some times to check the spelling. I hope our communication will help me to practice the language, do you ready to help me  ? I am waiting for your answer. For example, you can write about your city and country where you live now and were you was born, write me about your family and pets. For me it is all very interesting. Today I am sending a few photos of me so you could introduce me better. I will be glad to see your photos too! If you answer on this letter, I am sure you will not regret, and we can at least be friends 
Natasha

Sent from Mail on Android

Spoiler für Header:

Return-path: <nataliaoreo2013@gmail.com>
Delivery-date: Wed, 06 Jun 2018 00:58:46 +0200
Received: from [195.4.92.21] (helo=mx11.freenet.de)
        by mbox138.freenet.de with esmtpa (ID exim) (Exim 4.90_1 #2)
        id 1fQKuc-0008P8-9f
        for xxxxxx@01019freenet.de; Wed, 06 Jun 2018 00:58:46 +0200
Received: from mail-wm0-x22a.google.com ([2a00:1450:400c:c09::22a]:54704)
        by mx11.freenet.de with esmtps (TLSv1.2:ECDHE-RSA-CHACHA20-POLY1305:256) (port 25) (Exim 4.90_1 #2)
        id 1fQKuc-0002ck-3m
        for xxxxxx@freenet.de; Wed, 06 Jun 2018 00:58:46 +0200
Received: by mail-wm0-x22a.google.com with SMTP id o13-v6so7933221wmf.4
        for <xxxxxx@freenet.de>; Tue, 05 Jun 2018 15:58:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:message-id:to:subject:in-reply-to:references:mime-version;
        bh=BmJYt/450bOYS1eufseNccgEGrKceokXMvJF1xI2YU0=;
        b=g2GQ2VCZnxtj60tBN/53Mp2pGS1GYFRmVeXvpXd+0x3wfeS0DRS3VgcC2vD6sfGOI9
         X/y+NzAJCLovDZq4N3MJyzbSAzP82jogZ3KAtOCwV7TFcMDA+YzNYjL5tHP3aJ/1RUth
         7m94OmDMTV8dmK07loWpVikflpzyQrNVkoKA9ffNRL5jiLrpoX/B8Q2P//UU7wj5bLTQ
         0SKqu1PPzFz0i+O2fLnaaycUdtBukDnPM0wzKd3KR7Npqz2PABDnj5GCQV9FDEGPgOxQ
         23Hd+KPXBKbr8lKHAIKcmfpehLnTm0n1k6Ixd4pmL+rSMYLVERD5Hb6qt0tSugaDBYoA
         qq5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:message-id:to:subject:in-reply-to
         :references:mime-version;
        bh=BmJYt/450bOYS1eufseNccgEGrKceokXMvJF1xI2YU0=;
        b=fp5d2j/XW4D5aZblzuzmBVwh0FwjZypplWFt0wwMGcSgTHaqOLbarEMav06OXssqQO
         9KOLKks0tlEmGUexmYixs+tcubEuBIoWW66BG8J8yhRag88FeRBFCe4QHzxvJ1EdXki0
         34Y7jHo064HWLnnQ+5dKX2D7tjdtdNyjrKY0FnqcFd3wSjcfurp78hj0NTZBldBHyPiJ
         Bi3QWAuS0fyYxYQu/Lsp13O0EzaqqckOtlQjpstQsbI+k45ilnTjgd2RmFKQrQjKBO8n
         OOnAtWZtOnREhUhKlxXfBmBAef30/OpP6xLLMwWng25WOtKVDyn48v5guGOc6deO+OwU
         0pXg==
X-Gm-Message-State: APt69E1ukF1ecVSE5tUCpgIDbwvr55U62UgnBjVwTROXK1YR6t6WIM2b
        9t2jL1QdAyGj3pi/IRj3f8rl5/Xq
X-Google-Smtp-Source: 
X-Received: by 2002:a1c:3448:: with SMTP id b69-v6mr126479wma.0.1528239525370;
        Tue, 05 Jun 2018 15:58:45 -0700 (PDT)
Received: from [10.10.0.10] ([5.196.200.226])
        by smtp.gmail.com with ESMTPSA id z16-v6sm14642499wro.41.2018.06.05.15.58.31
        for <xxxxxx@freenet.de>
        (version=TLS1_1 cipher=AES128-SHA bits=128/128);
        Tue, 05 Jun 2018 15:58:44 -0700 (PDT)
Date: Tue, 5 Jun 2018 17:58:27 -0500
From: Natalia <nataliaoreo2013@gmail.com>
X-Priority: 3 (Normal)
Message-ID: <969676258.20180605175015@gmail.com>
To: xxx xxx <xxxxxx@freenet.de>
Subject: Hello and thanks for your answer
In-Reply-To: <5772da82-a45d-06a4-3442-317265c3a746@freenet.de>
References: <20180603074000.9328.rkt@sepia.ocn.ne.jp> <5772da82-a45d-06a4-3442-317265c3a746@freenet.de>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------1291AC100367ECE90"
X-Spam-score: -13.6
X-Spamreport: Action: no action
Symbol: MIME_GOOD(-0.10)
Symbol: RCPT_COUNT_ONE(0.00)
Symbol: RCVD_TLS_LAST(0.00)
Symbol: PREVIOUSLY_DELIVERED(0.00)
Symbol: REPLY(-4.00)
Symbol: FROM_EQ_ENVFROM(0.00)
Symbol: FREEMAIL_ENVFROM(0.00)
Symbol: R_SPF_ALLOW(-0.20)
Symbol: FROM_HAS_DN(0.00)
Symbol: HAS_ATTACHMENT(0.00)
Symbol: TO_DN_ALL(0.00)
Symbol: MID_RHS_MATCH_FROM(0.00)
Symbol: RCVD_VIA_SMTP_AUTH(0.00)
Symbol: TO_MATCH_ENVRCPT_ALL(0.00)
Symbol: IP_SCORE(-2.81)
Symbol: ASN(0.00)
Symbol: BAYES_HAM(-3.00)
Symbol: DMARC_POLICY_ALLOW(-0.25)
Symbol: NEURAL_HAM(-3.00)
Symbol: R_DKIM_ALLOW(-0.20)
Symbol: HAS_X_PRIO_THREE(0.00)
Symbol: RCVD_COUNT_THREE(0.00)
Symbol: DKIM_TRACE(0.00)
Symbol: FREEMAIL_TO(0.00)
Symbol: FREEMAIL_FROM(0.00)
Symbol: FREEMAIL_ENVRCPT(0.00)
Message: (SPF): spf allow
Message-ID: 969676258.20180605175015@gmail.com
X-FN-Spambar: 
Delivered-To: xxxxxx@freenet.de
Envelope-to: xxxxxx@freenet.de
X-Originated-At: 2a00:1450:400c:c09::22a!54704

------------1291AC100367ECE90
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
« Zuletzt geändert: 20. August 2018 um 22:23 von vierauge »  

2_1085.jpg ( 44 KB | Downloads )
2_1085.jpg
3_872.jpg ( 43 KB | Downloads )
3_872.jpg
Zum Seitenanfang
 
IP gespeichert
 
Razor Buzz
Forum Administrator
Paragraphenreiter Öffentlichkeitsarbeit
*****
Offline


Servus

Beiträge: 5947
Standort: Oberpfalz
Mitglied seit: 24. April 2008
Re: Natasha <nataliaoreo2013@gmail.com>
Antwort #2 - 06. Juni 2018 um 20:22
 
Mail 1 kommt über Bangladesh:

Code
Alles auswählen

Home  »  IP Tools  »  IP Lookup  »  49.0.33.174
IP Details for 49.0.33.174
 Share details about this IP address

This information should not be used for emergency purposes, trying to find
someone's exact physical address, or other purposes that would require
100% accuracy.

Details for 49.0.33.174
IP:	49.0.33.174
Decimal:	822092206
Hostname:	49.0.33.174
ASN:	38744
ISP:	Always On Network Bangladesh
Organization:	AlwaysOn Network Bangladesh
Services:	Network sharing device or proxy server
Type:	Broadband
Assignment:	Static IP
Blacklist:
Continent:	Asia
Country:	Bangladesh bd flag
State/Region:	Dhaka
City:	Dhaka
Latitude:	23.726  (23° 43′ 33.60″ N)
Longitude:	90.4251  (90° 25′ 30.36″ E)
Postal Code:	1217
 




Mail 2 über Frankreich aber der Host hat einen russischen Namen:

Code
Alles auswählen
Details for 5.196.200.226
IP:	5.196.200.226
Decimal:	96782562
Hostname:	klastrenka.ru
ASN:	16276
ISP:	OVH SAS
Organization:	OVH SAS
Services:	None detected
Type:	Broadband
Assignment:	Static IP
Blacklist:
Continent:	Europe
Country:	France fr flag
Latitude:	48.8582  (48° 51′ 29.52″ N)
Longitude:	2.3387  (2° 20′ 19.32″ E) 



Die vermutlich gecrackte japanische Mailadresse in Header 1 schreit nach Scam... 

Berger Louis schrieb on 06. Juni 2018 um 20:14:
I live in Russia.


Smiley Smiley
« Zuletzt geändert: 06. Juni 2018 um 20:35 von Razor Buzz »  
Zum Seitenanfang
ICQ  
IP gespeichert
 
Stiray
Forum Administrator
*****
Offline


Stillstand ist die Vorstufe
des Untergangs

Beiträge: 65485
Mitglied seit: 09. Juni 2011
Geschlecht: männlich
Re: Natasha <nataliaoreo2013@gmail.com>
Antwort #3 - 06. Juni 2018 um 21:02
 
Zitat:
I live in Russia. In my town time zone UTC / GMT + five


Zitat:
I live in Russland. In my city time zone UTC / GMT + 5.


Zitat:
Ich komme aus Russland. In meiner Stadt Zeitzone UTC / GMT + 5.


Die Bilder wurden bei Anna Ivanova / Anna Khmelevaya aus Kiev geklaut.

https://vk.com/anny110690
https://ok.ru/profile/564817791413
https://vkfaces.com/vk/user/anny110690
https://www.facebook.com/people/Anna-Ivanova/100001668455482
http://vkbaza.ru/kiev/hmelevaya_anna-10203381/
https://www.instagram.com/a.n.n.a__i.v.a.n.o.v.a/
https://www.work.ua/resumes/1728932/

Weitere Themen:

Natasha <natasha.solnce096@gmail.com>
Natalia <natashaakasha98@gmail.com>
« Zuletzt geändert: 06. Juni 2018 um 21:05 von Stiray »  
Zum Seitenanfang
 
IP gespeichert
 
Seitenindex umschalten Seiten: 1
Thema versenden
Link zu diesem Thema