by Faizan Docherty
Sun Aug 24, 2014 3:27 pm
ipTRACKERonline.com wrote:Header Analysis Quick Report
Originating IP: 65.55.90.140
Originating ISP: Microsoft Hosting
City: Redmond
Country of Origin: United States
* For a complete report on this email header goto ipTRACKERonline
Delivered-To: <snipped>
Received: by 10.70.80.134 with SMTP id r6csp37136pdx;
Sun, 24 Aug 2014 09:20:15 -0700 (PDT)
X-Received: by 10.68.164.4 with SMTP id ym4mr21486743pbb.53.1408897215323;
Sun, 24 Aug 2014 09:20:15 -0700 (PDT)
Return-Path: <[email protected]>
Received: from relay.mailchannels.net (aso-006-i408.relay.mailchannels.net. [207.210.193.17])
by mx.google.com with ESMTP id n15si49335236pdl.109.2014.08.24.09.20.14
for <snipped>;
Sun, 24 Aug 2014 09:20:15 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 207.210.193.17 as permitted sender) client-ip=207.210.193.17;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning [email protected] does not designate 207.210.193.17 as permitted sender) [email protected]
X-Sender-Id: _forwarded-from|65.55.90.137
Received: from r8-chicago.webserversystems.com (ip-10-204-4-183.us-west-2.compute.internal [10.204.4.183])
by relay.mailchannels.net (Postfix) with ESMTPA id 3376F121506
for <snipped>; Sun, 24 Aug 2014 16:20:11 +0000 (UTC)
X-Sender-Id: _forwarded-from|65.55.90.137
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com [10.227.41.147])
(using TLSv1 with cipher DHE-RSA-AES256-SHA)
by 0.0.0.0:2500 (trex/5.2.12);
Sun, 24 Aug 2014 16:20:13 GMT
X-MC-Relay: Forwarding
X-MailChannels-SenderId: _forwarded-from|65.55.90.137
X-MailChannels-Auth-Id: wwwh
X-MC-Ingress-Time: 1408897213043
Received: from snt004-omc3s1.hotmail.com ([65.55.90.140]:56251)
by r8-chicago.webserversystems.com with esmtps (TLSv1:AES128-SHA:128)
(Exim 4.82)
(envelope-from <[email protected]>)
id 1XLaWX-0001iH-PI
for <snipped>; Sun, 24 Aug 2014 11:20:10 -0500
Received: from SNT153-W26 ([65.55.90.137]) by SNT004-OMC3S1.hotmail.com with Microsoft SMTPSVC(7.5.7601.22701);
Sun, 24 Aug 2014 09:20:09 -0700
X-TMN: [8ax6vQ4FQ5JJ+l9rG/F46gpwZ+OaXqLt]
X-Originating-Email: [[email protected]]
Message-ID: <[email protected]>
Content-Type: multipart/alternative;
boundary="_667f832f-a8da-4751-bc50-fda2dd01544e_"
From: jean olivier <[email protected]>
Subject: I am seeking your assistance in helping me
Date: Sun, 24 Aug 2014 17:20:08 +0100
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 24 Aug 2014 16:20:09.0271 (UTC) FILETIME=[46149C70:01CFBFB7]
X-Spam-Status: No, score=4.2
X-Spam-Score: 42
X-Spam-Bar: ++++
X-Ham-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Hello I am Mr. jean olivier from UNITED KINGDOM, I am seeking
your assistance in helping me make a research and make feasibility study
on areas I could invest in on as am willing to invest in your country at the
same time be my business partner [...]
Content analysis details: (4.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[65.55.90.140 listed in list.dnswl.org]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(jeanolivier01[at]hotmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.7 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (jeanolivier01[at]hotmail.com)
1.0 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information
0.1 ADVANCE_FEE_4_NEW Appears to be advance fee fraud (Nigerian 419)
0.0 FORM_FRAUD_5 Fill a form and many fraud phrases
3.5 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419)
X-Spam-Flag: NO
X-MC-Forward: <snipped>
X-AuthUser:
Hello
I am Mr. jean olivier
from UNITED KINGDOM, I am seeking your assistance in helping me make a research and make feasibility study on areas I could invest in on as am willing to invest in your country at the same time be my business partner
Kindly indicate your interest by responding to my private email address which is as follows: [email protected]
Regards.
jean olivier
Please DO NOT tell a scammer that he has been posted here!
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
