RSS

Tag Archives: 98.136.216.151

Rev.Mrs.Sandra Morgan sandramorgan3@hotmail.com

Email Scammer AND Possible HACKER

IP:  98.136.216.151 - Project Honey Pot has also detected malicious scam behavior and possible phishing attacks relating to this IP address. ” The Threat Rating is a metric that describes how dangerous an IP is based off its observed suspicious activity. These activities include sending spam messages, performing dictionary attacks, harvesting addresses, posting spam comments to web forms, hosting bad web pages (phish sites, etc), and breaking nofollow or certain robot.txt rules. ”

Name: (Mrs.) Sandra Morgan

Email-Address: sandramorgan3@hotmail.com

Subject: “Rev Mrs. Sandra Morgan” <sandramorgan3@hotmail.com> sandramorgan711@yahoo.es

Email: 

From Rev Mrs Sandra Morgan, Kindly view the memo for more info and get back to me ASAP

(A link/document was also sent a but I wasn’t comfortable clicking it nor posting it.)

____________________

76.164.223.67 ↔ This e-mail address is also a threat and associated with Nigerian Scammers – Below is a list of IP’s and Usernames/EmailAddresses Associated with this IP

Associated Harvesters
61.209.182.171 | H
220.104.111.43 | H
220.209.92.10 | H
61.120.171.99 | H
58.93.60.43 | H
219.66.235.234 | H
124.100.242.218 | H
211.3.203.142 | H
207.58.242.51 | H
216.40.222.50 | H
87.118.98.62 | H
74.86.14.10 | H
61.12.159.10 | H
124.87.239.201 | H
210.197.231.224 | H
221.189.176.140 | H
211.3.202.189 | H
211.3.148.18 | H
58.1.134.137 | H
61.192.206.8 | H
210.159.185.76 | H
211.3.201.184 | H
221.187.26.77 | H
211.3.197.133 | H
58.93.52.120 | H
58.1.137.191 | H
211.3.150.226 | H
61.197.40.208 | H
221.191.123.113 | H
221.191.98.148 | H
211.3.149.19 | H
220.102.212.9 | H
211.3.197.244 | H
222.148.27.140 | H
210.159.185.248 | H
61.12.154.89 | HS
222.149.220.4 | H
203.141.139.66 | H
60.42.120.21 | H
122.16.111.96 | H
220.145.66.254 | H
220.212.121.156 | H
61.192.203.55 | H
60.42.121.62 | H
221.191.100.238 | H
221.187.33.151 | H
60.35.184.189 | H
61.194.3.241 | H
61.197.106.97 | H
211.3.148.38 | H
210.159.162.224 | H
61.209.182.88 | H
210.196.117.232 | H
219.66.233.209 | H
60.238.228.252 | H
60.39.204.165 | H
210.159.162.152 | H
210.159.164.35 | H
219.116.155.150 | H
60.41.42.46 | H
60.236.76.181 | H
58.93.58.112 | H
61.201.27.78 | H
61.192.190.165 | H
61.201.27.187 | H
211.3.202.95 | H
61.192.203.48 | H
211.3.198.197 | H
61.209.182.129 | H
219.66.234.219 | H
220.98.187.188 | H
61.201.27.254 | H
218.43.35.206 | H
211.3.200.161 | H
220.104.131.236 | H
IPs In The Neighborhood
76.164.222.99
76.164.222.104 | D
76.164.222.119 | SC
76.164.222.132
76.164.222.137 | S
76.164.222.138 | S
76.164.222.154 | S
76.164.222.162
76.164.223.54 | SDC
76.164.223.57 | SD
76.164.223.68 | SDC
76.164.223.69 | SC
76.164.223.73 | S
76.164.223.76 | SC
76.164.223.77 | C
76.164.223.80 | SC
76.164.223.81 | SDC
76.164.223.83 | S
76.164.223.89 | SD
76.164.223.92 | S
76.164.223.93 | S
76.164.223.99 | SC
76.164.223.100 | SDC
76.164.223.101 | S
76.164.223.104 | S
76.164.223.107 | S
76.164.223.113 | S
76.164.223.117 | SD
76.164.223.122 | S
76.164.223.124 | S
76.164.223.166 | S
76.164.223.175 | S
76.164.223.180 | SD
76.164.223.198 | D
76.164.223.200 | SD
76.164.223.216 | SC
76.164.223.219 | S
76.164.223.220 | S
Sample Spam URLs & Keywords Posted From 76.164.223.67
Domain: blackscissors.org
URL: http://blackscissors.org/forum/showthread.php?26109-salg-billige-Silagra-piller&p=26140#post26140
Domain: www.narproducerattidaholm.se
URL: http://www.narproducerattidaholm.se/forum/viewtopic.php?f=4&t=89925
Domain: slideweb.fr
URL: http://slideweb.fr/showthread.php?tid=10290
Domain: www.teenmentalillness.org
URL: http://www.teenmentalillness.org/index.php?topic=82103.new#new
Domain: forum.sotkov.cz
URL: http://forum.sotkov.cz/viewtopic.php?f=2&t=158059
Domain: rxdoctoronline.com
URL: http://rxdoctoronline.com/pictname/diflucan.jpg
Domain: rxdoctoronline.com
URL: http://rxdoctoronline.com/buy-diflucan-dk.html
Domain: www.alcatraz0572.be
URL: http://www.alcatraz0572.be/phpBB-3.0.2/phpBB3/viewtopic.php?f=2&t=18519&sid=605025174e220963ca42c615 …
Domain: ifthisismotherhood.com
URL: http://ifthisismotherhood.com/parentadvocate/viewtopic.php?f=1&t=114613
Domain: www.tiempodecriar.com
URL: http://www.tiempodecriar.com/foro/viewtopic.php?f=10&t=9725
Domain: bloodguild.org
URL: http://bloodguild.org/viewtopic.php?f=6&t=109560
Domain: redroid.blogja.net
URL: http://redroid.blogja.net/forum/viewtopic.php?f=23&t=149483
Domain: rxdoctoronline.com
URL: http://rxdoctoronline.com/pictname/zithromax.jpg
Domain: rxdoctoronline.com
URL: http://rxdoctoronline.com/buy-zithromax-dk.html
Domain: www.exponenteducation.com
URL: http://www.exponenteducation.com/node/2883
Keywords: kennel cough and amoxicillin successive
76.164.223.67′s User Agent Strings
Mozilla/0.6 Beta (Windows)
Mozilla/4.0 (compatible; MSIE 4.01; Digital AlphaServer 1000A 4/233; Windows NT; Powered By 64-Bit Alpha Processor)
Mozilla/4.0 (compatible; MSIE 5.0; Windows 2000) Opera 6.0 [en]
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0; .NET CLR 1.0.2914)
Mozilla/4.0 (compatible; MSIE 6.0; Update a; AOL 6.0; Windows 98)
Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) NS8/0.9.6
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)
Mozilla/4.76 [en] (Windows NT 5.0; U)
Mozilla/4.79 [en] (Windows NT 5.0; U)
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.165 Safari/535.19 YI
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.63 Safari/535.7
Mozilla/5.0 (Windows NT 5.1; rv:14.0) Gecko/20100101 Firefox/14.0
Mozilla/5.0 (Windows NT 5.2; rv:12.0) Gecko/20100101 Firefox/12.0
Mozilla/5.0 (Windows NT 5.2; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.1634 Safari/535.19 YE
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.165 Safari/535.19 YI
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.52 Safari/536.5 Comodo_Dragon/19.1.0.0
Opera/7.54 (Windows NT 5.1; U) [pl]
Opera/9.00 (Windows NT 5.1; U; en)
Opera/9.01 (Windows NT 5.1; U; en)
Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.00
Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.229 Version/11.61
Example Messages Sent From 76.164.223.67
From:”‹´��û ‚¢‚±‚¢” <op5ifu2nnh@hotmail.com>
Subject: “ダメ男を買う”イ
From:”’‡��c Ž��–ë��T” <tqhr7h83yl@docomo.ne.jp>
Subject: =?ISO-2022-JP?B?GyRCSH49dyRyS=?=
From:”ì��£ —R“ß” <d8oegspfnh@willcom.com>
Subject: 話題の逆援コミュニティ
From:”�ᏼ �g�T” <r5tqjudmcl@willcom.com>
Subject: ■不倫の出会い掲示板(
From:”�㐙 ����” <nqkm6z3wm6@msn.com>
Subject: 貴方にあったセフレを無
From:”•l��è ��ؖȎq” <pkjnbxh9vf@docomo.ne.jp>
Subject: 貴方の時間をお金で買わ
From:”•Ð��ª –¾ˆßŽq” <pso4rdn1pn@docomo.ne.jp>
Subject: 史上初!!先振込みの逆
From:”���� ����” <ii86l9oq47@willcom.com>
Subject: あなたがH目的なら無駄
From:”’r��{ ‘½ˆ��” <ll70xaqbez@livedoor.com>
Subject: 今晩5万円でお相手して
From:”¬��c“‡ Ž” <oalhy9nkgx@yahoo.com>
Subject: あなたの時間を売ってく
From:”¼��ì Žì‹P” <udsewkvuap@docomo.ne.jp>
Subject: 旦那以外の方と…
From:”���X �[��” <orhdnlol1g@ezweb.ne.jp>
Subject: 即愛はいかが?
From:”’ç ˆÇ‹|” <banamwccxd@msn.com>
Subject: 大人気のSTAR-CAS
From:”���� �ԓގq” <hcrmzpijqx@yahoo.com>
Subject: =?ISO-2022-JP?B?GyRCJCpGQCRKGyhCQi1DQVMbJEIlKyE8JU=?
From:”�΋� ���Ƃ�” <ktejbvfxmm@docomo.ne.jp>
Subject: 限定販売!便利なB-C
From:”…��ì Žé”T” <zk360a6l@docomo.ne.jp>
Subject: 夢のカードが、今なら特
From:”•l��û ��ѓތb” <i2b1nyyt@i.softbank.jp>
Subject: =?ISO-2022-JP?B?GyRCOiMhIkJ=?
From:”‘q��{ ¬—t” <zus9qfit@softbank.ne.jp>
Subject: =?ISO-2022-JP?B?GyRCJUYlbCVTJE4lQSVjJXMlTSVrJHIbKE=?
From:”�镔 �x�D” <f9udtjsp@docomo.ne.jp>
Subject: 全てのチャンネルが制限
From:”���� �P��” <q1coqz6p@ezweb.ne.jp>
Subject: スカパー!全有料チャン
From:”‚”¨ t“Þ” <n3foeznnxu@i.softbank.jp>
Subject: 【半永久】半永久的に使
From:”‹àŽR ��mŠG” <7oichpls@mail.goo.ne.jp>
Subject: =?ISO-2022-JP?B?GyRCJDMkbBsoQjEbJEJLZyRHQTQkRiROJU=?
From:”Elva —R��üŽq” <tuotsbbwxrvmrj@goomeil.com>
Subject: avxezrzfae@ezweb.ne.jp
From:”Silas ŒbŽq” <ovlkdazex@goomeil.com>
Subject: qmckkf@yahoo.co.jp
From:”Alexis Œ‹Žq” <iflwflsiimhwdu@yahoo.com>
Subject: zjswekt@goomeil.com
Example User Names Used By 76.164.223.67
User-name: eslie.hubler
User-name: istan_c_cabanela
User-name: archive1_1963
User-name: aratyfus_1964

 

 

Header:

Return-Path: <sandramorgan3@hotmail.com>
X-YahooFilteredBulk: 98.136.216.151
Received-SPF: softfail (transitioning domain of hotmail.com does not designate 98.136.216.151 as permitted sender)
X-YMailISG: jJ0QtIEWLDv_WDdKEHNBtLRVf.cuyLK58wwtme64dCer.zJl aQF6QYPEtjfmg9IzTHRPezMFoNle7UyMF.k3hoMT1JqqkWXYk31Ryzq3Olag htLZOkTeYzuJGnskOb5NNGQ.l8h4xOVJUaFlX9bxnK52gOONrBO45P7GfObo LtzfZODJb.ni.0raEZ1S_CLxTVaPRHaCLJ9zeBv2IRk_48eonWDoGM.yZXmD eLQJ5yEdYVZSYGxQuQ7iSRp4W9p_6745FX6rw1L6ss8a.VCt265jnFYTJCgm HsNEVcAva_tfe7gnN8Dy11IZ9Mt3UzFjRRyEIxgJVl8Nz5dGP_yIyV6ZhHnJ HrBn6HBpYOk_T0g_v7ojeTNCLfZyAKQBL09fe6l0WclHbBjqMkGMnRoBrjzq TFRJ.IFKhIQtva3YXMubvzwTKq1Dbv.fnjDbaauFFOvBU2arWr6m76rnJtza h4Yw2xXVttSt79PkZgdkCqZANYKIhre77bsoLMdw6Bdcw3vpitvbCj2c.8vC UpBnP6bbRBQXZXNFzVgqPh2G6xtCd_8AbBx9yGDRzsPziIwGXx_iNgCW6YhS 4PbcuEhWrqa80vMl802UZCfQTxoxxTRsai7rndIwcZ6Lt8h3PwN6Toz5pq.L buQ_hXfucVOmCu.PmE3edojpHkwgMddseoxzITCMxJLlA2guTJplMBvDSfj7 4EKTtaPCxKzLdeFHJdKf1h8X.nWuQZXSWhtY1DsCpHQiKMV3okF0gCRTpZQ9 ONsMoiOgm_OWP1lWKY3EsK_Tl3PaWvW_hCvfeto0MWqy_w.mhLrlSoe6Yj.o chfgP3sy2s1LhpDnFDilmgu4iYWYlXw2r_wgDfLAAt6.SKKnjv1WTeVnc_3p RjfW_lAYfGa.ODOqupEqaXAAzNfByNNLFC.2s3qHC6hiDPl9iyBzDqHkVUqG djDbb2Kh6k8LVyBR.TS8uKv71iiUr1BQ65gfDLXLMZEuOJmq1c7PELdX2rbX ex3KBFEPvfq7G1.kmqIvWZE8wcBsq0MmULPabYQEHFyz8ZTXqL2b_m.qOSer 4NyQW9xcQyYFTCLgJ6ICVX2EtyT1hSxbXYP.2hOxQK92OsaUYT6YQ3.4.4Fl 30AVc0U9AF7Swc4o810pBeMGRMWPubBW391GZvZSK9sHuAhREK3vO7MkdM1j lKnK8PCYEuDzamgGsYImRqn5O1rwwTZ5EnY9TFbhHmGW
X-Originating-IP: [98.136.216.151]
Authentication-Results: mta1243.mail.sk1.yahoo.com from=hotmail.com; domainkeys=neutral (no sig); from=hotmail.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO nm27-vm8.bullet.mail.gq1.yahoo.com) (98.136.216.151) by mta1243.mail.sk1.yahoo.com with SMTP; Thu, 18 Oct 2012 01:52:11 -0700
Received: from [98.137.12.55] by nm27.bullet.mail.gq1.yahoo.com with NNFMP; 18 Oct 2012 08:52:09 -0000
Received: from [98.136.185.47] by tm15.bullet.mail.gq1.yahoo.com with NNFMP; 18 Oct 2012 08:52:08 -0000
Received: from [127.0.0.1] by smtp108.mail.gq1.yahoo.com with NNFMP; 18 Oct 2012 08:52:08 -0000
X-Yahoo-Newman-Id: 920957.30208.bm@smtp108.mail.gq1.yahoo.com
Message-ID: <920957.30208.bm@smtp108.mail.gq1.yahoo.com>
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: RCeCcIQVM1muyrgHf8tFbAK_TyyCFBtb0IJdtseZjnsWyd1 k4f1DlPremX9ocgnXNu1rIc5pccsyZaZSTdynHvW3Qjy6GkDsGjiACqQJq3m ePy_3Q68lIyXqbwRM6FlvnRYkWjr58eWhphr0Fl1KcBbH1fN_a.T7BUlxILc O_dZ09vj1XwYfVCUsYSwO646Tlv6HROuZ8rCQQ.5IgCIGThMZgjLuDhU0Jfn p.ROAkfB4y1wdN3L34OjNvs6OQBaQf_TVeiwOTAZ.iuOFI2cDPoDWo_.idv6 khYgPN7MtLJqtwuSqiR8QhSGmEPqfn886pIKt4M84xk72TbKnygvITRrZHTC l_bJhhXE5kcPXmYw4npOotVo6hOgoo94gQvpjNE4yBFwTRwOX_M43P5V3oTk Fz7yj7vX4mg4Uda.I85WlRlChLKqexP70TNKAymX7zNhf
X-Yahoo-SMTP: rcUwqs.swBCs4f4vwoVy9tuv4a_36owJ2kQYl6t9GG.H0B7U
Received: from User (sandramorgan3@76.164.223.67 with login) by smtp108.mail.gq1.yahoo.com with SMTP; 18 Oct 2012 01:52:08 -0700 PDT
Reply-To: <sandramorgan711@yahoo.es>
From: “Rev.Mrs.Sandra Morgan”<sandramorgan3@hotmail.com>
Subject: From Rev.Mrs.Sandra Morgan,Kindly view the memo for more info and get back to me.ASAP
Date: Thu, 18 Oct 2012 09:52:06 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary=”—-=_NextPart_000_010C_01C2A9A6.43814626″
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Content-Length: 4220
 

Tags: , , , , , , , , , , , , , , ,

 
Follow

Get every new post delivered to your Inbox.

Join 63 other followers

%d bloggers like this: