[an error occurred while processing this directive]
The report for this spam can be found at: 2008 419 Scam Edition.
Return-Path: <albertsambo40@yahoo.ca>
Received: from web62506.mail.re1.yahoo.com (69.147.75.98) by
studio42.com with SMTP (Eudora Internet Mail Server 3.2.10) for
<webmaster@studio42.com>; Thu, 10 Jan 2008 10:04:51 -0800
Received: (qmail 84301 invoked by uid 60001); 10 Jan 2008 16:18:23 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.ca; h=X-YMail-OSG:Received:Date:From:Reply-To:Subject:To:MIME-Version:
Content-Type:Content-Transfer-Encoding:Message-ID; b=jXYToLX5oiGWJ0zNI4CSZgINiDi1hwfZmo5phzIrAd6yEpe7otIlyuSLoZ2s+mOqiuqlkAiMTXEfWF759bAnw0uSEFSzCKM6F+B7p/8v037D/RX8UCV39WLKtLqcP8eejQKxHZDjUIrAbMoy9nyGevIc6PGepBUfR3G6ILu4o/M=;
X-YMail-OSG: BiC4dUIVM1ls9jowdt1.mkI_fb5fzsRXQU4AFGKoDb5bOuPJ4xYlR32fl1S3uNGsBR84GBTj4a_GLWGPbeH665iLR0lusxH4GTpq.E7nQNZiOxXXv.7m6inYtP0Ivw--
Received: from [83.229.5.132] by web62506.mail.re1.yahoo.com via HTTP;
Thu, 10 Jan 2008 11:18:22 EST
Date: Thu, 10 Jan 2008 11:18:22 -0500 (EST)
From: "Mr.Charles Ben" <albertsambo40@yahoo.ca>
Reply-To: ertalb@myway.com
Subject: FROM:Mr.Charles Ben.
To: albertsambo120@yahoo.com
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Message-ID: <972915.82511.qm@web62506.mail.re1.yahoo.com>
UBS AG Potlatch
8098 Zurich
Switzerland
Dear Sir/Madam,
I am an investment consultant working with Bank Of
Switzerland, UBS AG. at their offshore department
Zurich Switzerland .I will be happy to work this deal
out with you if you have a corporate or personal
Bank Account and if you are capable to keep TOP
SECRET.I need strong Assurance that you will never let
me down, if I transfer this money to your account.
During one of our periodic auditing I discover a
dormant accounts with holding balance of 18,000.000.00
{Eighteen million US Dollars only} this account has
not been operated for the past years. As at this
moment, I am constrained to issue more details about
this business until your response is received.
If you are not familiar with my Bank profile, please
take a moment of your very busy schedules to read
about my Bank website;www.ubs.com and I look forward
to hearing from you as soon as possible if you are
interested, on replying send me the followings.
Bank Name................
Bank Address.............
Beneficiary Name.........
Account Number...........
Swift Code...............
Your Tel/Fax Numbers.....
State & Country..........
Thank you for your time and attention.
Warmest regards,
Mr.Charles Ben.
Chief investment Consultant .
UBS AG Potlatch
8098 Zurich
Switzerland
EMAIL:
Looking for the perfect gift? Give the gift of Flickr!
http://www.flickr.com/gift/
[studio42@flatus studio42]$ host 69.147.75.98
98.75.147.69.in-addr.arpa domain name pointer web62506.mail.re1.yahoo.com.
[studio42@flatus studio42]$ whois 69.147.75.98@whois.arin.net
[whois.arin.net]
OrgName: Yahoo
OrgID: YHOO
Address: 701 First Ave
City: Sunnyvale
StateProv: CA
PostalCode: 94089
Country: US
NetRange: 69.147.64.0 - 69.147.127.255
CIDR: 69.147.64.0/18
NetName: A-YAHOO-US5
NetHandle: NET-69-147-64-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.YAHOO.COM
NameServer: NS2.YAHOO.COM
NameServer: NS3.YAHOO.COM
NameServer: NS4.YAHOO.COM
NameServer: NS5.YAHOO.COM
Comment:
RegDate: 2006-06-26
Updated: 2006-09-22
RAbuseHandle: NETWO857-ARIN
RAbuseName: Network Abuse
RAbusePhone: +1-408-349-3300
RAbuseEmail: network-abuse@cc.yahoo-inc.com
RTechHandle: NA258-ARIN
RTechName: Netblock Admin
RTechPhone: +1-408-349-3300
RTechEmail: netblockadmin@yahoo-inc.com
OrgAbuseHandle: NETWO857-ARIN
OrgAbuseName: Network Abuse
OrgAbusePhone: +1-408-349-3300
OrgAbuseEmail: network-abuse@cc.yahoo-inc.com
OrgTechHandle: NA258-ARIN
OrgTechName: Netblock Admin
OrgTechPhone: +1-408-349-3300
OrgTechEmail: netblockadmin@yahoo-inc.com
# ARIN WHOIS database, last updated 2008-01-09 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
Yahoo loves spammers still.
Onto scammer:
[studio42@flatus studio42]$ host 83.229.5.132
Host 132.5.229.83.in-addr.arpa not found: 3(NXDOMAIN)
[studio42@flatus studio42]$ whois 83.229.5.132@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #2.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag
% Information related to '83.229.5.128 - 83.229.5.159'
inetnum: 83.229.5.128 - 83.229.5.159
org: ORG-RA123-RIPE
netname: Rainbownet
descr: Rainbownet
country: NG
admin-c: AAE28-RIPE
tech-c: AAE28-RIPE
status: ASSIGNED PA
mnt-by: SV-MNT
mnt-lower: SV-MNT
source: RIPE # Filtered
organisation: ORG-RA123-RIPE
org-name: Rainbownet
org-type: OTHER
address: Enugu
address: Nigeria
e-mail: admin@rbow.net
phone: +23442304208
phone: +23442300303
admin-c: AAE28-RIPE
tech-c: AAE28-RIPE
mnt-ref: SV-MNT
mnt-by: SV-MNT
source: RIPE # Filtered
person: Azuma Azuma Ezuma
address: Enugu
address: Nigeria
e-mail: admin@rbow.net
phone: +23442304208
phone: +23442300303
nic-hdl: AAE28-RIPE
source: RIPE # Filtered
% Information related to '83.229.0.0/17AS25228'
route: 83.229.0.0/17
descr: SkyVision Network Services
origin: AS25228
mnt-by: SV-MNT
source: RIPE # Filtered
% Information related to '83.229.0.0/20AS41042'
route: 83.229.0.0/20
descr: SkyVision Network Services
origin: AS41042
mnt-by: SV-MNT
source: RIPE # Filtered
And lastly, the web site they want to involve:
[studio42@flatus studio42]$ host www.ubs.com
www.ubs.com is an alias for www.gemini.ubs.com.
www.gemini.ubs.com has address 193.5.105.102
[studio42@flatus studio42]$ whois 193.5.105.102@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '193.5.96.0 - 193.5.111.255'
inetnum: 193.5.96.0 - 193.5.111.255
netname: UBS
descr: UBS
country: CH
admin-c: IBB1-RIPE
tech-c: UBS3-RIPE
status: ASSIGNED PI
mnt-by: UBS-MNT
mnt-by: CH-UNISOURCE-MNT
source: RIPE # Filtered
role: UBS Hostmaster
address: UBS
address: Telecom & Network Services
address: P.O.Box
address: 8098 Zurich
address: Switzerland
e-mail: hostmaster@ubs.com
admin-c: IBB1-RIPE
admin-c: MI1211-RIPE
admin-c: JW1857-RIPE
tech-c: IBB1-RIPE
tech-c: MCH9-RIPE
tech-c: PAM57-RIPE
tech-c: MI1211-RIPE
tech-c: JW1857-RIPE
tech-c: AK4835-RIPE
nic-hdl: UBS3-RIPE
mnt-by: UBS-MNT
source: RIPE # Filtered
person: Ian Beselin
address: UBS
address: Postfach
address: CH-8098 Zurich
address: Switzerland
mnt-by: UBS-MNT
phone: +41 (0)1 236 1629
e-mail: ian.beselin@ubs.com
nic-hdl: IBB1-RIPE
source: RIPE # Filtered
[studio42@flatus studio42]$ whois ubs.com
[whois.crsnic.net]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: UBS.COM
Registrar: MARKMONITOR INC.
Whois Server: whois.markmonitor.com
Referral URL: http://www.markmonitor.com
Name Server: JUPITER.UBS.COM
Name Server: MERCURY.UBS.COM
Name Server: NEPTUNE.UBS.COM
Name Server: PLUTO.UBS.COM
Name Server: URANUS.UBS.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 22-jul-2005
Creation Date: 15-feb-1993
Expiration Date: 16-feb-2013
>>> Last update of whois database: Thu, 10 Jan 2008 18:15:30 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[whois.markmonitor.com]
MarkMonitor.com - The Leader in Corporate Domain Management
----------------------------------------------------------
For Global Domain Consolidation, Research & Intelligence,
and Enterprise DNS, go to: www.markmonitor.com
----------------------------------------------------------
The Data in MarkMonitor.com's WHOIS database is provided by MarkMonitor.com
for information purposes, and to assist persons in obtaining information
about or related to a domain name registration record. MarkMonitor.com
does not guarantee its accuracy. By submitting a WHOIS query, you agree
that you will use this Data only for lawful purposes and that, under no
circumstances will you use this Data to: (1) allow, enable, or otherwise
support the transmission of mass unsolicited, commercial advertising or
solicitations via e-mail (spam); or (2) enable high volume, automated,
electronic processes that apply to MarkMonitor.com (or its systems).
MarkMonitor.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Registrant:
UBS AG
(DOM-328331)
Telecom & Network Services
Bahnhofstrasse 45 Zurich
-
8098 CH
Domain Name: ubs.com
Registrar Name: Markmonitor.com
Registrar Whois: whois.markmonitor.com
Registrar Homepage: http://www.markmonitor.com
Administrative Contact:
NCC Hostmaster
(NIC-1512483)
UBS AG
Telecom & Network Serv.
Bahnhofstr. 45 Zuerich
-
8098 CH
hostmaster@UBS.COM +41.12341111 Fax- +41.12366930
Technical Contact, Zone Contact:
Network Solutions
(NIC-1568379)
21355 Ridgetop Circle
Telecom & Network Serv. Dulles
VA
20166 US
customerservice@networksolutions.com +1.8886429675 Fax- +1.231231234
Created on..............: 1993-Feb-15.
Expires on..............: 2013-Feb-16.
Record last updated on..: 2007-Sep-18 08:12:33.
Domain servers in listed order:
URANUS.UBS.COM
PLUTO.UBS.COM
NEPTUNE.UBS.COM
MERCURY.UBS.COM
JUPITER.UBS.COM
MarkMonitor.com - The Leader in Corporate Domain Management
----------------------------------------------------------
For Global Domain Consolidation, Research & Intelligence,
and Enterprise DNS, go to: www.markmonitor.com
----------------------------------------------------------
And the harvesting site:
[studio42@flatus studio42]$ dig -mx myway.com
; <<>> DiG 9.2.1 <<>> -mx myway.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20163
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1
;; QUESTION SECTION:
;myway.com. IN A
;; ANSWER SECTION:
myway.com. 300 IN A 208.45.133.133
;; AUTHORITY SECTION:
myway.com. 172800 IN NS dns5.imgfarm.com.
myway.com. 172800 IN NS use1.akam.net.
myway.com. 172800 IN NS ns1-156.akam.net.
myway.com. 172800 IN NS dns4.imgfarm.com.
;; ADDITIONAL SECTION:
ns1-156.akam.net. 26457 IN A 193.108.91.156
;; Query time: 89 msec
;; SERVER: 10.1.42.11#53(10.1.42.11)
;; WHEN: Wed Jan 9 18:23:02 2008
;; MSG SIZE rcvd: 154
[studio42@flatus studio42]$ whois 208.45.133.133@whois.arin.net
[whois.arin.net]
Qwest Communications Corporation QWEST-INET-3 (NET-208-44-0-0-1)
208.44.0.0 - 208.47.255.255
Qwest Cybercenters QWEST-208-45-128 (NET-208-45-128-0-1)
208.45.128.0 - 208.45.135.255
IAC Search Media Inc QWEST-EWR-IACSEARCH08 (NET-208-45-133-0-1)
208.45.133.0 - 208.45.133.255
# ARIN WHOIS database, last updated 2008-01-09 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
[studio42@flatus studio42]$ whois NET-208-44-0-0-1@whois.arin.net
[whois.arin.net]
OrgName: Qwest Communications Corporation
OrgID: QCC-18
Address: 1801 California Street
City: Denver
StateProv: CO
PostalCode: 80202
Country: US
NetRange: 208.44.0.0 - 208.47.255.255
CIDR: 208.44.0.0/14
NetName: QWEST-INET-3
NetHandle: NET-208-44-0-0-1
Parent: NET-208-0-0-0-0
NetType: Direct Allocation
NameServer: DCA-ANS-01.INET.QWEST.NET
NameServer: SVL-ANS-01.INET.QWEST.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Comment: NOTE: For abuse issues, please email abuse@qwest.net.
RegDate: 1999-06-24
Updated: 2005-11-15
OrgAbuseHandle: QIA2-ARIN
OrgAbuseName: Qwest Abuse
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse@qwest.net
OrgNOCHandle: QIN-ARIN
OrgNOCName: Qwest IP NOC
OrgNOCPhone: +1-877-886-6515
OrgNOCEmail: support@qwestip.net
OrgTechHandle: QIA-ARIN
OrgTechName: Qwest IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin@qwest.com
# ARIN WHOIS database, last updated 2008-01-09 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
[studio42@flatus studio42]$ whois myway.com
[whois.crsnic.net]
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: MYWAY.COM
Registrar: EBRANDSECURE, LLC
Whois Server: whois.ebrandsecure.com
Referral URL: http://www.ebrandsecure.com
Name Server: DNS4.IMGFARM.COM
Name Server: DNS5.IMGFARM.COM
Name Server: NS1-156.AKAM.NET
Name Server: USE1.AKAM.NET
Status: clientDeleteProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 11-apr-2006
Creation Date: 23-nov-1998
Expiration Date: 22-nov-2008
>>> Last update of whois database: Thu, 10 Jan 2008 18:17:02 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
[whois.ebrandsecure.com]
MYWAY.COM
Language: ENG
Created: 12/3/2004 5:27:00 PM
Updated: 4/11/2006 1:08:00 PM
Expires: 11/22/2008 12:00:00 AM
Ask Jeeves, Inc. (56N74PTT1)
555 12th Street Suite 500
Oakland,, CA 94607
United States
Phone: +1.5109857400 Fax: +1.5109857400
E-Mail: dnsmanager@askjeeves.com
Updated: 10/13/2006 1:08:00 PM
Created: 12/8/2004 6:10:00 AM
Administrative, Technical Contact:
Ask Jeeves (MYWAY) (3GUXRPV4O)
P.O. Box 228
Irvington, NY 10533
United States
Phone: +1.9145912000 Fax: +.9145912000
E-Mail: domain@staff.iwon.com
Updated: 4/11/2006 1:08:00 PM
Created: 12/2/2004 3:37:00 AM
Billing Contact:
ccTLD CSC Corporate Domains Inc
PO Box 597
Yarmouth, Nova Scotia B5A 4B4
Canada
Phone: +1.9027465201 Fax: +1.4137238334
E-Mail: cctld-billing@cscinfo.com
Updated: 10/30/2007 8:28:00 AM
Created: 8/12/2004 11:13:00 AM
DNS Servers:
DNS4.IMGFARM.COM (208.45.133.230)
DNS5.IMGFARM.COM (208.45.133.231)
NS1-156.AKAM.NET (193.108.91.156)
USE1.AKAM.NET (65.163.234.133)
