You can't win a lottery you haven't entered! Please read here for information on lottery scams.
#184078 by Faizan Docherty Thu Dec 12, 2013 3:55 am
ipTRACKERonline.com wrote:Header Analysis Quick Report<br>Originating IP: 208.52.139.35<br>Originating ISP: Broadriver Communication Corp.<br> City: Atlanta<br>Country of Origin: United States<br>* For a complete report on this email header goto ipTRACKERonline


Delivered-To: <snipped>
Received: by 10.70.4.133 with SMTP id k5csp178280pdk;
Tue, 10 Dec 2013 02:07:35 -0800 (PST)
X-Received: by 10.42.224.10 with SMTP id im10mr636128icb.46.1386670055026;
Tue, 10 Dec 2013 02:07:35 -0800 (PST)
Return-Path: <[email protected]>
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com. [184.154.1.124])
by mx.google.com with ESMTPS id j8si1910594igj.11.2013.12.10.02.07.34
for <snipped>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Tue, 10 Dec 2013 02:07:35 -0800 (PST)
Received-SPF: neutral (google.com: 184.154.1.124 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=184.154.1.124;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 184.154.1.124 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
Received: from [202.85.40.117] (port=53274 helo=BGL-GATE.bogartlingerie.com)
by r8-chicago.webserversystems.com with esmtp (Exim 4.80)
(envelope-from <[email protected]>)
id 1VqKDy-000BYO-HN
for <snipped>; Tue, 10 Dec 2013 04:07:34 -0600
X-ASG-Debug-ID: 1386668723-703793e3000f-1Eip9O
Received: from spdev.morris.vci (rmpsbs.rmpresources.com [208.52.139.35]) by mailgate.bogartlingerie.com with ESMTP id 0xAodvyGZXO5GWOl; Tue, 10 Dec 2013 17:48:44 +0800 (HKT)
X-Barracuda-Envelope-From: [email protected]
X-Barracuda-AUTH-User: shipping
X-Barracuda-AUTH-User: shipping
X-Barracuda-AUTH-User: shipping
X-Barracuda-AUTH-User: shipping
X-Barracuda-AUTH-User: shipping
X-Barracuda-AUTH-User: shipping
<snipped>
Content-Type: multipart/alternative; boundary="===============1650647507=="
MIME-Version: 1.0
X-ASG-Orig-Subj: NOTIFICATION
To: Recipients <[email protected]>
From: [email protected]
Date: Tue, 10 Dec 2013 04:48:28 -0500
Reply-To: [email protected]
X-Barracuda-Connect: rmpsbs.rmpresources.com[208.52.139.35]
X-Barracuda-Start-Time: 1386668924
X-Barracuda-URL: http://192.168.253.10:80/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at bogartlingerie.com
Message-Id: <[email protected]>
X-Spam-Status: Yes, score=16.3
X-Spam-Score: 163
X-Spam-Bar: ++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: Congratulations! You have won US $1,750,000.00, with China-T
Mobile Worldwide lottery at China Guangdong International Payment Center
. Contact your Agent, Mr David Chen Lu for claim, on Email: ([email protected])
with Ref. Ticket Number: 68-43-14-3-83-5 Serial Number: 90-Q72 Batch Number:
CN/ZTG/040/203D Reference Number: GF.BDX.039.XTC Draw Date Dec 7th 2013.
Contact with your information's. Full Name: Marital Status: Age: Occupation:
Home Phone: Mobile Phone: City/Country: Nationality: Ref No: Batch No: Best
wishes, Miss Lisa Young Email: [email protected] Congratulations!
You have won US $1,750,000.00, with China-T Mobile Worldwide lottery at China
Guangdong International Payment Center . Contact your Agent, Mr David Chen
Lu for claim, on Email: ([email protected]) with Ref. Ticket Number:
68-43-14-3-83-5 Serial Number: 90-Q72 Batch Number: CN/ZTG/040/203D Reference
Number: GF.BDX.039.XTC Draw Date Dec 7th 2013. Contact with your information's.
Full Name: Marital Status: Age: Occupation: Home Phone: Mobile Phone: City/Country:
Nationality: Ref No: Batch No: Best wishes, Miss Lisa Young Email: [email protected]
[...]

Content analysis details: (16.3 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(china_t_mobile[at]yahoo.com)
0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is
CUSTOM_MED
1.6 FORGED_YAHOO_RCVD 'From' yahoo.com does not match 'Received' headers
1.8 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
0.0 HTML_MESSAGE BODY: HTML included in message
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5409]
0.0 LOTS_OF_MONEY Huge... sums of money
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
0.9 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list
3.3 FM_LOTTO_YOU_WON Talks about lotto and you won!
0.0 FILL_THIS_FORM Fill in a form with personal information
3.4 FILL_THIS_FORM_LONG Fill in a form with personal information
0.0 MONEY_FORM Lots of money if you fill out a form
0.0 ADVANCE_FEE_2_NEW_FRM_MNY Advance Fee fraud form and lots of money
1.6 ADVANCE_FEE_2_NEW_FORM Advance Fee fraud and a form
1.1 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
X-Spam-Flag: YES
Subject: ***SPAM*** NOTIFICATION
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r8-chicago.webserversystems.com
X-AntiAbuse: Original Domain - <snipped>
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - yahoo.com
X-Get-Message-Sender-Via: r8-chicago.webserversystems.com: none
X-Source:
X-Source-Args:
X-Source-Dir:

You will not see this in a MIME-aware mail reader.
--===============1650647507==
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body

Congratulations! You have won US $1,750,000.00, with China-T Mobile Worldwi=
de lottery at China Guangdong International Payment Center . Contact your A=
gent, Mr David Chen Lu for claim, on Email: ([email protected]) with Re=
f. Ticket Number: 68-43-14-3-83-5 Serial Number: 90-Q72 Batch Number: CN/ZT=
G/040/203D Reference Number: GF.BDX.039.XTC Draw Date Dec 7th 2013. Contact=
with your information's. Full Name: Marital Status: Age: Occupation: Home =
Phone: Mobile Phone: City/Country: Nationality: Ref No: Batch No: Best wish=
es, Miss Lisa Young Email: [email protected]
--===============1650647507==
Content-Type: text/html; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body


Congratulations! You have won US $1,750,000.00, with China-T Mobile Worldwide lottery at China Guangdong International Payment Center . Contact your Agent, Mr David Chen Lu for claim, on Email: ([email protected]) with Ref. Ticket Number: 68-43-14-3-83-5 Serial Number: 90-Q72 Batch Number: CN/ZTG/040/203D Reference Number: GF.BDX.039.XTC Draw Date Dec 7th 2013. Contact with your information's. Full Name: Marital Status: Age: Occupation: Home Phone: Mobile Phone: City/Country: Nationality: Ref No: Batch No: Best wishes, Miss Lisa Young Email: [email protected]

Please DO NOT tell a scammer that he has been posted here!

If you wish you can email me at
faizandocherty @ scamwarners [dot] com

How do I find email headers???

How to analyze an email header.
Advertisement

Who is online

Users browsing this forum: No registered users and 14 guests