Hello & Welcome to our community. Is this your first visit? Register
Page 1 of 5 12345 LastLast
Results 1 to 10 of 49
  1. #1
    Join Date
    Oct 2005
    Posts
    11

    Default ISP Trace Help Please

    Greetings to All,
    I have read that email using the "The Bat!" X-mailer program is a red flag to identify these Russian scammers. I see that I have received one.(My e-mail source info is listed below). I had no idea as to the HUGE number scammers out there.

    I did some googleing and of course came upon all those "Blacklist Sites" Being on a dialup connection - I had to make lunch while all their pics downloaded!! Oh my. Although I must say, I don't believe I've ever seen so many beautiful women on one webpage. What a shame.

    Perhaps someone can shed a little light on my source info below.
    It would be greatly appreciated. Better safe than sorry.
    Thank You in advance,
    ~Bob




    Return-Path: <xxxx@rambler.ru>
    Received: from mxb.rambler.ru ([81.19.66.30])
    by cortelyou.mail.atl.earthlink.net (EarthLink SMTP Server) with ESMTP id 1enS6715M3Nl3py0
    for <xxxx@peoplepc.com>; Fri, 7 Oct 2005 09:17:14 -0400 (EDT)
    Received: from mailc.rambler.ru (mailc.rambler.ru [81.19.66.27])
    by mxb.rambler.ru (Postfix) with ESMTP id DB442852B4
    for <xxxx@peoplepc.com>; Fri, 7 Oct 2005 17:17:13 +0400 (MSD)
    Received: from 127.0.0.1 ([82.198.27.203])
    (authenticated bits=0)
    by mailc.rambler.ru (8.12.10/8.12.10) with ESMTP id j97DHAev081229
    for <xxxx@peoplepc.com>; Fri, 7 Oct 2005 17:17:12 +0400 (MSD)
    X-AntiVirus: Checked by Dr.Web [version: 4.32b, engine: 4.32b, virus records: 76871, updated: 8.06.2005]
    Date: Fri, 7 Oct 2005 17:15:51 +0400
    From: xxxx@rambler.ru
    X-Mailer: The Bat! (v1.53d)
    Reply-To: xxxx@rambler.ru
    Organization: xxxx@rambler.ru
    X-Priority: 3 (Normal)
    Message-ID: <42366953093.20051007171551@rambler.ru>
    To: xxxx <xxxx@eoplepc.com>
    Subject: Re[2]: Another letter to my friend - xxxx!
    In-Reply-To: <30945034.1128660557978.JavaMail.root@mswamui-bichon.atl.sa.earthlink.net>
    References: <30945034.1128660557978.JavaMail.root@mswamui-bichon.atl.sa.earthlink.net>
    MIME-Version: 1.0
    Content-Type: text/plain; charset=us-ascii
    Content-Transfer-Encoding: 7bit
    X-Auth-User: xxxx@rambler.ru, whoson: (null)
    X-ELNK-AV: 0

  2. #2
    Join Date
    Aug 2005
    Posts
    622

    Default

    a: you should by rights, not post her e mail address unless you know she is a scammer. reasons are very simple:

    1: for all you know somebody may write to her and give her a link to the thread (there are russians who read this board)

    2: if she finds out you are checking her out and she is genuine, guess you understand she will not write back to you.

    here is her trace:
    81.19.66.30 belongs to rambler ru. it is not her isp
    81.19.66.27 belongs to rambler ru. it is not her isp
    82.198.27.203 is her isp
    the bat she is using is a very old version
    she is from yoshkar ola. or close to it. the pc she used to send that letter at the moment is switched off. (last few nodes are unknown which means the pc is not switched on. Longtitude and lattitude of where that isp originated is 56.667N and 47.912E ) Note: places like for example Volzsk show as Yoshkar ola on a trace as it shows nearest large towns. The longtitude and lattitude give a more details position. ************************************************** ****************

    NeoTrace Version 3.25 Trace Results
    Target: 82.198.27.203
    Date: 09/10/2005 (Sunday), 16:29:51
    Nodes: 12


    Node Data
    Node Net Reg IP Address Location Node Name
    1 - - 81.76.217.194 Leeds fcuk
    2 1 - 195.92.168.42 Birmingham
    3 1 1 195.92.168.2 Birmingham ge7-0.4.pbr-1.brm.as5388.net
    4 2 1 195.92.55.158 Southwark pos0-0.ber-1.r18.telh.as5388.net
    5 3 2 195.66.224.112 Southwark ge1-0.ar2.lon2.gblx.net
    6 4 2 67.17.67.250 STOCKHOLM so6-0-0-2488m.ar1.arn1.gblx.net
    7 5 - 208.50.51.210 Unknown
    8 6 3 82.198.27.126 Ioshkar-Ola ni-2-sg.nid.ru
    9 - - 0.0.0.0 Unknown No Response
    10 - - 0.0.0.0 Unknown No Response
    11 - - 0.0.0.0 Unknown No Response
    12 6 - 82.198.27.203 Ioshkar-Ola


    Packet Data
    Node High Low Avg Tot Lost
    1 0 0 0 1 0
    2 294 294 294 1 0
    3 229 229 229 1 0
    4 233 233 233 1 0
    5 269 269 269 1 0
    6 305 305 305 1 0
    7 259 259 259 1 0
    8 591 591 591 1 0
    9 ---- ---- ---- 2 2
    10 ---- ---- ---- 2 2
    11 ---- ---- ---- 2 2
    12 687 687 687 1 0


    Network Data
    Network id#: 1
    Energis UK
    Melbourne Street
    Leeds, LS2 7PS
    United Kingdom

    Network id#: 2
    Energis UK
    Melbourne Street
    Leeds, LS2 7PS
    United Kingdom

    Network id#: 3
    London Internet Exchange
    2nd Floor
    92-94 Tooley Street
    London SE1 2TH
    ENGLAND

    Network id#: 4

    OrgName: Global Crossing
    OrgID: GBLX
    Address: 14605 South 50th Street
    City: Phoenix
    StateProv: AZ
    PostalCode: 85044-6471
    Country: US

    Network id#: 5

    OrgName: Global Crossing
    OrgID: GBLX
    Address: 14605 South 50th Street
    City: Phoenix
    StateProv: AZ
    PostalCode: 85044-6471
    Country: US

    Network id#: 6

    OrgName: RIPE Network Coordination Centre
    OrgID: RIPE
    Address: P.O. Box 10096
    City: Amsterdam
    StateProv:
    PostalCode: 1001EB
    Country: NL



    Registrant Data
    Registrant id#: 1
    Registrant:
    Planet On-Line
    The White House Melbourne St
    UK, UK LS2 7SP
    UK

    Registrant id#: 2
    Registrant:
    Global Crossing
    95 N. Fitzhugh Street
    Rochester, NY 14614-1212
    US

    Registrant id#: 3
    See Registrant Pane for registrant contact information.
    _____
    NeoTrace
    43493769
    3f 17



    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  3. #3
    Join Date
    Aug 2005
    Posts
    622

    Default

    a: you should by rights, not post her e mail address unless you know she is a scammer. reasons are very simple:

    1: for all you know somebody may write to her and give her a link to the thread (there are russians who read this board)

    2: if she finds out you are checking her out and she is genuine, guess you understand she will not write back to you.

    here is her trace:
    81.19.66.30 belongs to rambler ru. it is not her isp
    81.19.66.27 belongs to rambler ru. it is not her isp
    82.198.27.203 is her isp
    the bat she is using is a very old version
    she is from yoshkar ola. or close to it. the pc she used to send that letter at the moment is switched off. (last few nodes are unknown which means the pc is not switched on. Longtitude and lattitude of where that isp originated is 56.667N and 47.912E ) Note: places like for example Volzsk show as Yoshkar ola on a trace as it shows nearest large towns. The longtitude and lattitude give a more details position. ************************************************** ****************

    NeoTrace Version 3.25 Trace Results
    Target: 82.198.27.203
    Date: 09/10/2005 (Sunday), 16:29:51
    Nodes: 12


    Node Data
    Node Net Reg IP Address Location Node Name
    1 - - 81.76.217.194 Leeds fcuk
    2 1 - 195.92.168.42 Birmingham
    3 1 1 195.92.168.2 Birmingham ge7-0.4.pbr-1.brm.as5388.net
    4 2 1 195.92.55.158 Southwark pos0-0.ber-1.r18.telh.as5388.net
    5 3 2 195.66.224.112 Southwark ge1-0.ar2.lon2.gblx.net
    6 4 2 67.17.67.250 STOCKHOLM so6-0-0-2488m.ar1.arn1.gblx.net
    7 5 - 208.50.51.210 Unknown
    8 6 3 82.198.27.126 Ioshkar-Ola ni-2-sg.nid.ru
    9 - - 0.0.0.0 Unknown No Response
    10 - - 0.0.0.0 Unknown No Response
    11 - - 0.0.0.0 Unknown No Response
    12 6 - 82.198.27.203 Ioshkar-Ola


    Packet Data
    Node High Low Avg Tot Lost
    1 0 0 0 1 0
    2 294 294 294 1 0
    3 229 229 229 1 0
    4 233 233 233 1 0
    5 269 269 269 1 0
    6 305 305 305 1 0
    7 259 259 259 1 0
    8 591 591 591 1 0
    9 ---- ---- ---- 2 2
    10 ---- ---- ---- 2 2
    11 ---- ---- ---- 2 2
    12 687 687 687 1 0


    Network Data
    Network id#: 1
    Energis UK
    Melbourne Street
    Leeds, LS2 7PS
    United Kingdom

    Network id#: 2
    Energis UK
    Melbourne Street
    Leeds, LS2 7PS
    United Kingdom

    Network id#: 3
    London Internet Exchange
    2nd Floor
    92-94 Tooley Street
    London SE1 2TH
    ENGLAND

    Network id#: 4

    OrgName: Global Crossing
    OrgID: GBLX
    Address: 14605 South 50th Street
    City: Phoenix
    StateProv: AZ
    PostalCode: 85044-6471
    Country: US

    Network id#: 5

    OrgName: Global Crossing
    OrgID: GBLX
    Address: 14605 South 50th Street
    City: Phoenix
    StateProv: AZ
    PostalCode: 85044-6471
    Country: US

    Network id#: 6

    OrgName: RIPE Network Coordination Centre
    OrgID: RIPE
    Address: P.O. Box 10096
    City: Amsterdam
    StateProv:
    PostalCode: 1001EB
    Country: NL



    Registrant Data
    Registrant id#: 1
    Registrant:
    Planet On-Line
    The White House Melbourne St
    UK, UK LS2 7SP
    UK

    Registrant id#: 2
    Registrant:
    Global Crossing
    95 N. Fitzhugh Street
    Rochester, NY 14614-1212
    US

    Registrant id#: 3
    See Registrant Pane for registrant contact information.
    _____
    NeoTrace
    43493769
    3f 17



    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  4. #4
    Join Date
    Oct 2005
    Posts
    11

    Default

    Thank you Nick - That was speedy work!!
    (That neotrace looks handy - I shall have to check that out!)

    I have removed her email info from my post - point well taken. Thanks.

    This girl claims to be from Cheboksary. It looks like a long commute to the internet cafe to me. It has to be 100 km away - across the volga river - which is the in the next republic to the southeast.

    Shall I quiz her on this? Or just post her pic & info on the blacklist?
    She hasn't asked for anything, but it's early on - only 4 or 5 letters each.

    Thank you much!
    ~Bob

  5. #5
    Join Date
    Oct 2005
    Posts
    11

    Default

    Thank you Nick - That was speedy work!!
    (That neotrace looks handy - I shall have to check that out!)

    I have removed her email info from my post - point well taken. Thanks.

    This girl claims to be from Cheboksary. It looks like a long commute to the internet cafe to me. It has to be 100 km away - across the volga river - which is the in the next republic to the southeast.

    Shall I quiz her on this? Or just post her pic & info on the blacklist?
    She hasn't asked for anything, but it's early on - only 4 or 5 letters each.

    Thank you much!
    ~Bob

  6. #6
    Join Date
    Aug 2005
    Posts
    622

    Default

    Chekbosary is close to Yoshkar Ola. Some women will say they are from there as well because they know that Yoshkar Ola is known as scammers paradise. i would not worry that much about it. here is a link. when she writes check the time she wrote (not the time you received it). check against this link. if for example she writes at say 1am or 3am, you should know that at that time nobody in their right mind goes to an internet cafe. but the trace gave it is a dialup and usually internet cafes do not use dialups but either adsl or broadband.

    http://www.worldtimezone.com/time-russia1.htm (when you go on the link, the time is "real time" so if it says for example 21:00 that is the time at the moment in that part of russia.

    i would not just "jump the gun" and put her on the blacklist. technically speaking she has not done anything wrong has she?

    just read her letters. answer them and take it from there.





    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  7. #7
    Join Date
    Aug 2005
    Posts
    622

    Default

    Chekbosary is close to Yoshkar Ola. Some women will say they are from there as well because they know that Yoshkar Ola is known as scammers paradise. i would not worry that much about it. here is a link. when she writes check the time she wrote (not the time you received it). check against this link. if for example she writes at say 1am or 3am, you should know that at that time nobody in their right mind goes to an internet cafe. but the trace gave it is a dialup and usually internet cafes do not use dialups but either adsl or broadband.

    http://www.worldtimezone.com/time-russia1.htm (when you go on the link, the time is "real time" so if it says for example 21:00 that is the time at the moment in that part of russia.

    i would not just "jump the gun" and put her on the blacklist. technically speaking she has not done anything wrong has she?

    just read her letters. answer them and take it from there.





    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  8. #8
    Join Date
    Oct 2005
    Posts
    11

    Default

    Well that didn't take long...

    I emailed her yesterday - from a different email account, using a different name and country as my own. I told her I had been on holiday for a long time and that I had just got around to checking my email... and that I had just discovered her letter. Which was, of course, all bullsh*t.

    Sure enough - back came the response. (Within the same hour she sent the "real" me another letter) She used the exact same canned letter that she originally mailed the "real" me. She had even edited out one part that I had previously questioned her on, which was inconsistent with her follow-up letters. The same photo of herself was also attached to her letter.

    She must be a beginner, or is not keeping track of who she approaches. She found the real me originally on "singleparentsmeet.com" website.

    She was quite perceptive as to my character. Which makes me wonder if they are using any spyware software or a keystroke recorder? Are there any reports of that?

    Thank you again Nick!
    This is a great site.
    ~Bob

  9. #9
    Join Date
    Oct 2005
    Posts
    11

    Default

    Well that didn't take long...

    I emailed her yesterday - from a different email account, using a different name and country as my own. I told her I had been on holiday for a long time and that I had just got around to checking my email... and that I had just discovered her letter. Which was, of course, all bullsh*t.

    Sure enough - back came the response. (Within the same hour she sent the "real" me another letter) She used the exact same canned letter that she originally mailed the "real" me. She had even edited out one part that I had previously questioned her on, which was inconsistent with her follow-up letters. The same photo of herself was also attached to her letter.

    She must be a beginner, or is not keeping track of who she approaches. She found the real me originally on "singleparentsmeet.com" website.

    She was quite perceptive as to my character. Which makes me wonder if they are using any spyware software or a keystroke recorder? Are there any reports of that?

    Thank you again Nick!
    This is a great site.
    ~Bob

  10. #10
    Join Date
    Aug 2005
    Posts
    622

    Default

    well there are trojans that can be sent to a pc (which is why need good protection). also worth to use what is called a firewall and also there is a program called key logger. but doubt she is as sophisticated as all that.

    perceptive in what way? did she know something "totally" private? like what sites you have been on today? (there are cookies for this sort of thing that can be put on a pc). or did she know what colour briefs you have on?

    or was it "a wild guess" like they do in palm readings?

    but as to putting cookies on your pc and key loggers etc i would not think so. they are after a quick buck not finding out your life.

    have fun and remember........ happy fishing

    p.s. BUT the decent ones do exist.
    p.p.s. the fact she wrote to another name, with a different e mail address means nothing as well. technically speaking she is a free agent the same way you are. i have had 11 writing to me at the same time. now i brought it down to 2. i've met one. will be meeting the other one soon. then will drop it down to one person. its when you start talking about love and all the gooey, sloppy things that counts if she is writing to other men or not. and learn from the start.......

    they suffer from unkept promises and also from lying. (unless she is really in love with you)


    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

Similar Threads

  1. Scam odds
    By Reactive in forum Scam or not?
    Replies: 0
    Last Post: 11-04-2004, 03:05 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT. The time now is 07:14 AM.
Powered by vBulletin® Version 4.2.3
Copyright © 2016 vBulletin Solutions, Inc. All rights reserved.
Username Changing provided by Username Change (Free) - vBulletin Mods & Addons Copyright © 2016 DragonByte Technologies Ltd.
vBulletin Skin By: PurevB.com