by Faizan Docherty
Thu Dec 05, 2013 1:46 am
ipTRACKERonline.com wrote:Header Analysis Quick Report<br>Originating IP: 176.9.19.247<br>Originating ISP: Hetzner Online Ag<br> City: n/a<br>Country of Origin: Germany<br>* For a complete report on this email header goto ipTRACKERonline
Delivered-To: <snipped>
Received: by 10.70.4.133 with SMTP id k5csp261905pdk;
Wed, 4 Dec 2013 01:49:29 -0800 (PST)
X-Received: by 10.50.66.180 with SMTP id g20mr150396igt.29.1386150569266;
Wed, 04 Dec 2013 01:49:29 -0800 (PST)
Return-Path: <[email protected]>
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com. [184.154.1.124])
by mx.google.com with ESMTPS id nh2si8393578icc.91.2013.12.04.01.49.28
for <snipped>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Wed, 04 Dec 2013 01:49:29 -0800 (PST)
Received-SPF: neutral (google.com: 184.154.1.124 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=184.154.1.124;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 184.154.1.124 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
Received: from s10.tecspace.net ([176.9.19.247]:47258)
by r8-chicago.webserversystems.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.80)
(envelope-from <[email protected]>)
id 1Vo95D-000FnA-KM
for <snipped>; Wed, 04 Dec 2013 03:49:28 -0600
Received: by s10.tecspace.net (Postfix, from userid 105901)
id 933EE3CA84C; Wed, 4 Dec 2013 10:49:25 +0100 (CET)
X-Additional-Header: /home/www/105901/bfatv
To: <snipped>
Subject: Business Proposal
From: Danny Sunbren <[email protected]>
Content-ID: <[email protected]>
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
Content-Transfer-encoding: 8bit
Reply-To: Danny Sunbren <[email protected]>
X-ME-bounce-domain: orange.fr
X-ME-bounce-domain: voila.fr
X-ME-bounce-domain: yahoo.com
X-ME-bounce-domain: hotmail.com
X-ME-bounce-domain: outlook.com
X-ME-bounce-domain: mx.google.com
X-ME-bounce-domain: aol.com
X-me-spamlevel: not-spam
X-ME-Entity: vla
X-Mailer: PHP
Message-Id: <[email protected]>
Date: Wed, 4 Dec 2013 10:49:25 +0100 (CET)
X-Spam-Status: No, score=3.9
X-Spam-Score: 39
X-Spam-Bar: +++
X-Ham-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Dear Sirs, My name is Barr. Danny Sunbren of Rico Abogados
Law Firm in Madrid, Spain I have a business proposal which is highly confidential
and will be of great benefit for me and you, Please let me know if you are
interested and I will forward you my proposal. Kindly Contact Email:[email protected]
Yours sincerely, Barr. Danny Sunbren (Esq) Senior Associate Rico Abogados
Law Firm Espana [...]
Content analysis details: (3.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 DEAR_SOMETHING BODY: Contains 'Dear (something)'
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(dannysunbren[at]aol.com)
-0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
0.0 HTML_MESSAGE BODY: HTML included in message
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5311]
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
X-Spam-Flag: NO
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r8-chicago.webserversystems.com
X-AntiAbuse: Original Domain - <snipped>
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - s10.tecspace.net
X-Get-Message-Sender-Via: r8-chicago.webserversystems.com: none
X-Source:
X-Source-Args:
X-Source-Dir:
Dear Sirs, My name is Barr. Danny Sunbren of Rico Abogados Law Firm in Madrid, Spain I have a business proposal which is highly confidential and will be of great benefit for me and you, Please let me know if you are interested and I will forward you my proposal. Kindly Contact Email:[email protected] Yours sincerely, Barr. Danny Sunbren (Esq) Senior Associate Rico Abogados Law Firm Espana
Please DO NOT tell a scammer that he has been posted here!
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
