#256371 by Faizan Docherty
Mon Jun 15, 2015 9:41 pm
ipTRACKERonline.com wrote:Header Analysis Quick Report
Originating IP: 15.1.190.9
Originating ISP: Hewlett-packard Company
City: Palo Alto
Country of Origin: United States
* For a complete report on this email header goto ipTRACKERonline
From [email protected] Sun Jun 14 16:27:01 2015
Return-Path: <[email protected]>
Received: from conecel.com (pgccforward2.conecel.com [192.168.1.29])
by pgccportafree.portafree.com (8.13.6/8.12.11) with ESMTP id t5ELR14D020344
for <snipped>; Sun, 14 Jun 2015 16:27:01 -0500
Received: from ([207.46.100.254])
by pgccforward2.conecel.com with ESMTP with TLS id DYFX5P1.64747143;
Sun, 14 Jun 2015 16:24:01 -0500
Received: from BY1PR0201CA0008.namprd02.prod.outlook.com (10.160.191.146) by
BLUPR02MB1634.namprd02.prod.outlook.com (10.162.213.12) with Microsoft SMTP
Server (TLS) id 15.1.190.14; Sun, 14 Jun 2015 21:23:56 +0000
Received: from BL2FFO11FD025.protection.gbl (2a01:111:f400:7c09::190) by
BY1PR0201CA0008.outlook.office365.com (2a01:111:e400:4814::18) with Microsoft
SMTP Server (TLS) id 15.1.190.14 via Frontend Transport; Sun, 14 Jun 2015
21:23:55 +0000
Authentication-Results: spf=pass (sender IP is 192.122.237.115)
smtp.mailfrom=nku.edu; yahoo.co.uk; dkim=none (message not signed)
header.d=none;
Received-SPF: Pass (protection.outlook.com: domain of nku.edu designates
192.122.237.115 as permitted sender) receiver=protection.outlook.com;
client-ip=192.122.237.115; helo=NKUMAIL2.hh.nku.edu;
Received: from NKUMAIL2.hh.nku.edu (192.122.237.115) by
BL2FFO11FD025.mail.protection.outlook.com (10.173.161.104) with Microsoft
SMTP Server (TLS) id 15.1.190.9 via Frontend Transport; Sun, 14 Jun 2015
21:23:54 +0000
Received: from NKUMAIL4.hh.nku.edu ([fe80::68d3:65a0:4e1e:ef02]) by
NKUMAIL2.hh.nku.edu ([fe80::2862:6202:843:a435%19]) with mapi id
14.03.0224.002; Sun, 14 Jun 2015 17:23:52 -0400
From: Dixie Leather <[email protected]>
To: Dixie Leather <[email protected]>
Subject: RE: Donation
Thread-Topic: Donation
Thread-Index: AdCm4uMzVcGMCEMHRB+qzcx6nyPAKwABSD0v
Date: Sun, 14 Jun 2015 21:23:51 +0000
Message-ID: <[email protected]>
References: <[email protected]>
In-Reply-To: <[email protected]>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.28.102.249]
Content-Type: multipart/alternative;
boundary="_000_A8DC39641833244AA138B55C3ABA2C52017F534334nkumail4hhnku_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: <snipped>
X-Forefront-Antispam-Report:
CIP:192.122.237.115;CTRY:US;IPV:NLI;EFV:NLI;SFV:SPM;SFS:(10019020)(438002)(377454003)(189002)(199003)(189998001)(107886002)(110136002)(2171001)(325944007)(5001920100001)(2656002)(2900100001)(2920100001)(2950100001)(2940100001)(104016003)(109096001)(89122001)(55846006)(88552001)(75432002)(84326002)(102836002)(68736005)(6200100001)(87936001)(5003600100002)(19580405001)(5250100002)(2910100002)(97736004)(221733001)(50986999)(106466001)(92566002)(16236675004)(76176999)(15843345004)(512934002)(19233515002)(54356999)(19580395003)(77156002)(6806004)(86362001)(5000100001)(33656002)(46102003)(62966003)(90282001)(523544005)(89076004);DIR:OUT;SFP:1501;SCL:5;SRVR:BLUPR02MB1634;H:NKUMAIL2.hh.nku.edu;FPR:;SPF:Pass;MLV:nov;MX:1;A:1;PTR:InfoDomainNonexistent;LANG:en;
X-Microsoft-Exchange-Diagnostics:
<snipped>
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR02MB1634;
X-Microsoft-Antispam-PRVS:
<BLUPR02MB16341BC5264FD1C6F6ABE055D7B90@BLUPR02MB1634.namprd02.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test:
BCL:0;PCL:0;RULEID:(601004)(520003)(5005006)(3002001);SRVR:BLUPR02MB1634;BCL:0;PCL:0;RULEID:;SRVR:BLUPR02MB1634;
X-Microsoft-Exchange-Diagnostics:
<snipped>
X-Forefront-PRVS: 06070568C5
X-Microsoft-Exchange-Diagnostics:
<snipped>
X-Microsoft-Exchange-Diagnostics:
<snipped>
X-OriginatorOrg: nku.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Jun 2015 21:23:54.0976
(UTC)
X-MS-Exchange-CrossTenant-Id: ac321855-1f55-4d0b-b2fa-531085ca3022
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=ac321855-1f55-4d0b-b2fa-531085ca3022;Ip=[192.122.237.115];Helo=[NKUMAIL2.hh.nku.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR02MB1634
X-esp: ESP<17>=
SHA:<8>
SHA_FLAGS:<100>
UHA:<10>
ISC:<0>
BAYES:<-1>
SenderID:<0>
DKIM:<0>
TS:<0>
SIG:<gHcABoAUAAITVFMyMC0xN0w1LTJPVTQtUFNES4AEAAEABgM5gAIABQACgAgA
BAdEWUZYNVAxgBkABxhNZGJQNE5GcTZURzNQRm5YNE1DSndBPT2ADQAIDDIu
MC4zLjAyLTk1M4AEAAkDSU0ggAcACgY2LjcuMiAAAAAAgJEACYABAA8CgAgA
By4KRAfsTlnQgAQAAlaom2eACAATCmw5phdUwPmACAAJLgpEB+xOWdCACAAK
irP1DCAG4T2ACQALeQy+iBhd+7EAgAgACB9UG/f1RSNlgAQADAAAAH6ADAAD
AAAAAeg0e4Xg2B/qgBsABAAZaHR0cDovL3Nocmlua2VlLmNvbS80ZW1rAAAA AAA=>
DSC:<0>
TRU_spam1: <0>
TRU_freehosting: <0>
TRU_money_spam: <0>
TRU_urllinks: <0>
TRU_medical_spam: <0>
TRU_lotto_spam: <0>
TRU_watch_spam: <0>
TRU_legal_spam: <0>
TRU_scam_spam: <0>
TRU_adult_spam: <0>
TRU_playsites: <0>
TRU_stock_spam: <0>
TRU_phish_spam: <0>
URL Real-Time Signatures: <0>
TRU_profanity_spam: <0>
From: Dixie Leather
Sent: Sunday, June 14, 2015 4:44 PM
Subject: Donation
Donation of $500,000 USD to you, email me at ( [email protected]<mailto:[email protected]> ) for immediate response
Please DO NOT tell a scammer that he has been posted here!
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
