by pissedoff12
Tue May 31, 2011 1:31 pm
Copy and Paste code for forums
BBCode to copy and paste into a forum.
Copy To Clipboard
Email header analysis report
All valid IP Addresses found in the header.
Ip Address 3rd Party Info Provider City Flag Country
* 64.255.180.46 Opera Software Mountain View United States
212.82.108.117 n/a Dublin Ireland
77.238.189.50 n/a n/a Ireland
77.238.189.214 n/a n/a Ireland
98.138.90.117 Yahoo! Sunnyvale United States
*Probable originating IP address
Header Analysis
Originating Info
Email info Geographical Info
Originating IP address
From
Continent
Originating hostname
Originating Email address
Latitude
Originating ISP (Provider)
Subject
Longitude
Originating Country
Date Sent
Time zone
Originating City
Message ID
GMT offset
Google Map for 64.255.180.46
This is what I got after checking the header.
Here is the header.
From James Fernando Tue May 31 05:27:54 2011
X-Apparently-To: [email protected] via 98.138.90.117; Mon, 30 May 2011 22:27:55 -0700
Return-Path: <[email protected]>
Received-SPF: none (mta109.mail.ac4.yahoo.com: domain of [email protected] does not designate permitted sender hosts)
b29rb2ZtYXRjaGVzLlNvcnJ5IGkndmUgbm90IGJlZW4gaW4gdG91Y2guSSdt
IGN1cnJlbnRseSB3b3JraW5nIG91dCBvZiB0aGUgY291bnRyeSBvbiBhIGNv
bnRyYWN0LgEwAQEBAQ--
X-YMailISG: hl0_S2scZAoh0yMjjsNbJve9ogb.yLyhTzP9BvlrYgXB_Wg1
v0PJNN5FJNOPg0NHFlpkI18bb3NTTX87sIr_VPGKc.aM0xCXbREm0.LRS3hD
8BZuaONQTpMiq_Z6V.tzHatsjjWpiLD8qaOBYztVtGnuEn.enNnO6M6QhFRp
XLtGmsEr_By92ql8sei5adsQt3royoMdtBvbJ4Xez_fjg4L6GGIPVqRWdbFD
0dd.QwVGrZAsrDCTNfYOgTB5Hb58wAqlgK2g5lvLW7NBGAjKuYHK.lBx.y1D
k4m6URA9H4z3CyyG9z5Q1TWTSl3YgUytADmX9n9icEdiVI2pyasUOlnjXr.g
bMfnwxDrfIDWLKuCaHdTM5Cfj_vaVxqkwy15SGR5Fqn..a0YzpMTv7arNEgD
B33clY8s3ivEqaY5CmC4xxlZUbvdfJ_FgbLYrDsRhmUA5.ePnqOD1dCoDJkD
AclvlzHIf.OYBjDDlqlhRdVL14ZJ0KQQ1WcSxfDrsVEUGn14H5x41Oc0cWqz
2mbL_aIlIen1tUXGvMzjHAh6D4ONoc_b7efKZW2S7jCe0S3RJ0xVFLt52X4O
C1r1KRY30RrVBy_CvpdYewDESIPDxv4nn8KanHMveaKpxqMSWSHrKJnBsUZz
HknB9_vGhADx_Yj2Dd8kttZZcYjBQx7X2FSF8z4NkW8h1imN2gtRI_Pe19H2
B925gcljbgaGH35zR67tsvnkefKOtB0cS8LtcgPopjSAo30FoSf8sqy0l9.Y
fc5mzU4iZ78.wAZnz_JgxM7huk0YvDl0tXGTYIo9lg0wsZfHiowtoFjToAgK
a7CHIEkrm0VZxOYU1INskgTvNTf6EHqb_ceCVpV8_5.Ix..HtHuwLX6H0PoX
z.g3MS8hlNGQ6TZLGsFxdSnXLdt2wxVbjHS14OFmSQhinEilC0nMh4sQPkbO
3TblkOXr2NobTzh8ajTBoKXIRt8UShvvsl5o3kVt3if_1HPSNWvAn10.ladq
XY1wJ_raHZXA65Aq7w1DMmjwYGVW00dcHWd0TUMuj6mX.FaR0_a1AqcUTNe_
7WjlZz3IAcYz1w5tI71l2uXZut9H4l_MSpKktj__0X90Xv6zVE1vaor5W3wd
sJx8AtSp.TqR34A4ddjl3_Z0WG666A2Icg_uu9HViJjFaEExeWnZCa88qIAJ
U3dB2HgTbvmiorh5voEZaWU1JkwW5Dm_IJw7hvhffD0huzxT6rFeIMySC5uc
MCoX3ByKYq7IJ1iLVqaucHag4Drv1Pl9n2BaLNJOiOQjgDeOp0MWEq9Iw4nu
lsFlZS06_wnN4lAm3bpIs29_baWLxYf3URojk0pGVUub9bHQr9QIx0V4y4_p
F5jX3j5YTPNB1AI4Bi906msM3ohiWREejrQUz4nJDW.NDSNngsQ1baXGc5eu
cSk3g5HQxiLzEQ5ntuFTEDpl8Y9uSqnb88jd8RdCm1iuy0d.VMkufFqIBphC
KYtFjq0N.3rMD8_B138Dp.Zomp.1eYY.y1NtOy.GxyBD5v0.EbvXBSYPyR_K
kCqFTvPSVwzvgTp7.pbIjpKYkDabdNrZlZh71tbO3S4ew_zzmX8y1MkLXUrn
zzA-
X-Originating-IP: [77.238.189.214]
Authentication-Results: mta109.mail.ac4.yahoo.com from=yahoo.co.uk; domainkeys=pass (ok); from=yahoo.co.uk; dkim=pass (ok)
Received: from 127.0.0.1 (HELO nm17-vm0.bullet.mail.ird.yahoo.com) (77.238.189.214)
by mta109.mail.ac4.yahoo.com with SMTP; Mon, 30 May 2011 22:27:55 -0700
Received: from [77.238.189.50] by nm17.bullet.mail.ird.yahoo.com with NNFMP; 31 May 2011 05:27:54 -0000
Received: from [212.82.108.117] by tm3.bullet.mail.ird.yahoo.com with NNFMP; 31 May 2011 05:27:54 -0000
Received: from [127.0.0.1] by omp1026.mail.ird.yahoo.com with NNFMP; 31 May 2011 05:27:54 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
Received: (qmail 419 invoked by uid 60001); 31 May 2011 05:27:54 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s1024; t=1306819674; bh=aqnkFEUsX9IjP02AmQLmQcp4wRm081ZNMSkCpgTUmgo=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=QLPJ2TNk+2OJ2+xVlRyuYioSIqQx8h0/WtO9aniqwjzjAuEx1ws9GSjcxeRhgbDwCUFkrI9wiYuXmQndg5b/PDwTQverU4OWPj/w1vrmX/MR/BPhWN2Hj9ns5htys6UqRHKz0sazISXO0tRc+E+s2R+p84FG8PF+LPwbQj8oKoE=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.co.uk;
h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
b=rQZ0A8Z6DnMkq8Wc3YQp/wLfSy9hS6TC0IgZ3GkUIed7qWhwQiczNQ81Q5wqqvXepYeVNt7VliYXv9IqD2FKBnSIHhkqms7JB9oXIBtP5jOZNXJUqlHYUVLEz0A7ibky+N5zP4B6DtF7mrf2L/PWdKOqU3CmPEl4PRX334JLTGs=;
Message-ID: <[email protected]>
X-YMail-OSG: C4t2DscVM1k22v93XkJclQFKjrvee6bl04STMskpy0.VVMp
l8i3e9OsOD6jDwdSfbBW5oTbQpCsQEwKajnpD7Ytny17X8Sy8HOdeUBlSdfN
2x6wCE8s9G4Zlj.iLbNnVevEdOiZjE8GmiKLR3fjmJqTHYcCblltSuPxCvzL
oCIPmc3SMarJN6ECuIwVwfOLodwFPGpsVpkgKdjKuEXGxW4NB8diU9xLwgIJ
XpR9wYN..l_eR1AZn6MAv4N2IdEGM6.IXLac2JvRlx4dpY0WJ3pmpMDRe_an
qaXIT4PiyG0FyKB1BgPwLdoxX
Received: from [64.255.180.46] by web29210.mail.ird.yahoo.com via HTTP; Tue, 31 May 2011 06:27:54 BST
X-Mailer: YahooMailWebService/0.8.111.303096
Date: Tue, 31 May 2011 06:27:54 +0100 (BST)
From: James Fernando <[email protected]>
Subject: Hi
To: [email protected]
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Length: 139
Any idea, if this guy is for real or scam? I think it's a scam, but not sure.
BBCode to copy and paste into a forum.
ipTRACKERonline.com wrote:Header Analysis Quick Report
Originating IP: 64.255.180.46
Originating ISP: Opera Software
City: Mountain View
Country of Origin: United States
* For a complete report on this email header goto ipTRACKERonline
Copy To Clipboard
Email header analysis report
All valid IP Addresses found in the header.
Ip Address 3rd Party Info Provider City Flag Country
* 64.255.180.46 Opera Software Mountain View United States
212.82.108.117 n/a Dublin Ireland
77.238.189.50 n/a n/a Ireland
77.238.189.214 n/a n/a Ireland
98.138.90.117 Yahoo! Sunnyvale United States
*Probable originating IP address
Header Analysis
Originating Info
Email info Geographical Info
Originating IP address
From
Continent
Originating hostname
Originating Email address
Latitude
Originating ISP (Provider)
Subject
Longitude
Originating Country
Date Sent
Time zone
Originating City
Message ID
GMT offset
Google Map for 64.255.180.46
This is what I got after checking the header.
Here is the header.
From James Fernando Tue May 31 05:27:54 2011
X-Apparently-To: [email protected] via 98.138.90.117; Mon, 30 May 2011 22:27:55 -0700
Return-Path: <[email protected]>
Received-SPF: none (mta109.mail.ac4.yahoo.com: domain of [email protected] does not designate permitted sender hosts)
b29rb2ZtYXRjaGVzLlNvcnJ5IGkndmUgbm90IGJlZW4gaW4gdG91Y2guSSdt
IGN1cnJlbnRseSB3b3JraW5nIG91dCBvZiB0aGUgY291bnRyeSBvbiBhIGNv
bnRyYWN0LgEwAQEBAQ--
X-YMailISG: hl0_S2scZAoh0yMjjsNbJve9ogb.yLyhTzP9BvlrYgXB_Wg1
v0PJNN5FJNOPg0NHFlpkI18bb3NTTX87sIr_VPGKc.aM0xCXbREm0.LRS3hD
8BZuaONQTpMiq_Z6V.tzHatsjjWpiLD8qaOBYztVtGnuEn.enNnO6M6QhFRp
XLtGmsEr_By92ql8sei5adsQt3royoMdtBvbJ4Xez_fjg4L6GGIPVqRWdbFD
0dd.QwVGrZAsrDCTNfYOgTB5Hb58wAqlgK2g5lvLW7NBGAjKuYHK.lBx.y1D
k4m6URA9H4z3CyyG9z5Q1TWTSl3YgUytADmX9n9icEdiVI2pyasUOlnjXr.g
bMfnwxDrfIDWLKuCaHdTM5Cfj_vaVxqkwy15SGR5Fqn..a0YzpMTv7arNEgD
B33clY8s3ivEqaY5CmC4xxlZUbvdfJ_FgbLYrDsRhmUA5.ePnqOD1dCoDJkD
AclvlzHIf.OYBjDDlqlhRdVL14ZJ0KQQ1WcSxfDrsVEUGn14H5x41Oc0cWqz
2mbL_aIlIen1tUXGvMzjHAh6D4ONoc_b7efKZW2S7jCe0S3RJ0xVFLt52X4O
C1r1KRY30RrVBy_CvpdYewDESIPDxv4nn8KanHMveaKpxqMSWSHrKJnBsUZz
HknB9_vGhADx_Yj2Dd8kttZZcYjBQx7X2FSF8z4NkW8h1imN2gtRI_Pe19H2
B925gcljbgaGH35zR67tsvnkefKOtB0cS8LtcgPopjSAo30FoSf8sqy0l9.Y
fc5mzU4iZ78.wAZnz_JgxM7huk0YvDl0tXGTYIo9lg0wsZfHiowtoFjToAgK
a7CHIEkrm0VZxOYU1INskgTvNTf6EHqb_ceCVpV8_5.Ix..HtHuwLX6H0PoX
z.g3MS8hlNGQ6TZLGsFxdSnXLdt2wxVbjHS14OFmSQhinEilC0nMh4sQPkbO
3TblkOXr2NobTzh8ajTBoKXIRt8UShvvsl5o3kVt3if_1HPSNWvAn10.ladq
XY1wJ_raHZXA65Aq7w1DMmjwYGVW00dcHWd0TUMuj6mX.FaR0_a1AqcUTNe_
7WjlZz3IAcYz1w5tI71l2uXZut9H4l_MSpKktj__0X90Xv6zVE1vaor5W3wd
sJx8AtSp.TqR34A4ddjl3_Z0WG666A2Icg_uu9HViJjFaEExeWnZCa88qIAJ
U3dB2HgTbvmiorh5voEZaWU1JkwW5Dm_IJw7hvhffD0huzxT6rFeIMySC5uc
MCoX3ByKYq7IJ1iLVqaucHag4Drv1Pl9n2BaLNJOiOQjgDeOp0MWEq9Iw4nu
lsFlZS06_wnN4lAm3bpIs29_baWLxYf3URojk0pGVUub9bHQr9QIx0V4y4_p
F5jX3j5YTPNB1AI4Bi906msM3ohiWREejrQUz4nJDW.NDSNngsQ1baXGc5eu
cSk3g5HQxiLzEQ5ntuFTEDpl8Y9uSqnb88jd8RdCm1iuy0d.VMkufFqIBphC
KYtFjq0N.3rMD8_B138Dp.Zomp.1eYY.y1NtOy.GxyBD5v0.EbvXBSYPyR_K
kCqFTvPSVwzvgTp7.pbIjpKYkDabdNrZlZh71tbO3S4ew_zzmX8y1MkLXUrn
zzA-
X-Originating-IP: [77.238.189.214]
Authentication-Results: mta109.mail.ac4.yahoo.com from=yahoo.co.uk; domainkeys=pass (ok); from=yahoo.co.uk; dkim=pass (ok)
Received: from 127.0.0.1 (HELO nm17-vm0.bullet.mail.ird.yahoo.com) (77.238.189.214)
by mta109.mail.ac4.yahoo.com with SMTP; Mon, 30 May 2011 22:27:55 -0700
Received: from [77.238.189.50] by nm17.bullet.mail.ird.yahoo.com with NNFMP; 31 May 2011 05:27:54 -0000
Received: from [212.82.108.117] by tm3.bullet.mail.ird.yahoo.com with NNFMP; 31 May 2011 05:27:54 -0000
Received: from [127.0.0.1] by omp1026.mail.ird.yahoo.com with NNFMP; 31 May 2011 05:27:54 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
Received: (qmail 419 invoked by uid 60001); 31 May 2011 05:27:54 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.co.uk; s=s1024; t=1306819674; bh=aqnkFEUsX9IjP02AmQLmQcp4wRm081ZNMSkCpgTUmgo=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=QLPJ2TNk+2OJ2+xVlRyuYioSIqQx8h0/WtO9aniqwjzjAuEx1ws9GSjcxeRhgbDwCUFkrI9wiYuXmQndg5b/PDwTQverU4OWPj/w1vrmX/MR/BPhWN2Hj9ns5htys6UqRHKz0sazISXO0tRc+E+s2R+p84FG8PF+LPwbQj8oKoE=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.co.uk;
h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
b=rQZ0A8Z6DnMkq8Wc3YQp/wLfSy9hS6TC0IgZ3GkUIed7qWhwQiczNQ81Q5wqqvXepYeVNt7VliYXv9IqD2FKBnSIHhkqms7JB9oXIBtP5jOZNXJUqlHYUVLEz0A7ibky+N5zP4B6DtF7mrf2L/PWdKOqU3CmPEl4PRX334JLTGs=;
Message-ID: <[email protected]>
X-YMail-OSG: C4t2DscVM1k22v93XkJclQFKjrvee6bl04STMskpy0.VVMp
l8i3e9OsOD6jDwdSfbBW5oTbQpCsQEwKajnpD7Ytny17X8Sy8HOdeUBlSdfN
2x6wCE8s9G4Zlj.iLbNnVevEdOiZjE8GmiKLR3fjmJqTHYcCblltSuPxCvzL
oCIPmc3SMarJN6ECuIwVwfOLodwFPGpsVpkgKdjKuEXGxW4NB8diU9xLwgIJ
XpR9wYN..l_eR1AZn6MAv4N2IdEGM6.IXLac2JvRlx4dpY0WJ3pmpMDRe_an
qaXIT4PiyG0FyKB1BgPwLdoxX
Received: from [64.255.180.46] by web29210.mail.ird.yahoo.com via HTTP; Tue, 31 May 2011 06:27:54 BST
X-Mailer: YahooMailWebService/0.8.111.303096
Date: Tue, 31 May 2011 06:27:54 +0100 (BST)
From: James Fernando <[email protected]>
Subject: Hi
To: [email protected]
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Length: 139
Any idea, if this guy is for real or scam? I think it's a scam, but not sure.
Last edited by pissedoff12 on Sat Aug 27, 2011 1:37 am, edited 1 time in total.
