Hello & Welcome to our community. Is this your first visit? Register

Page 5 of 5 FirstFirst 12345
Results 41 to 49 of 49
  1. #1
    Join Date
    Oct 2005
    Posts
    11

    Default ISP Trace Help Please

    Greetings to All,
    I have read that email using the "The Bat!" X-mailer program is a red flag to identify these Russian scammers. I see that I have received one.(My e-mail source info is listed below). I had no idea as to the HUGE number scammers out there.

    I did some googleing and of course came upon all those "Blacklist Sites" Being on a dialup connection - I had to make lunch while all their pics downloaded!! Oh my. Although I must say, I don't believe I've ever seen so many beautiful women on one webpage. What a shame.

    Perhaps someone can shed a little light on my source info below.
    It would be greatly appreciated. Better safe than sorry.
    Thank You in advance,
    ~Bob




    Return-Path: <xxxx@rambler.ru>
    Received: from mxb.rambler.ru ([81.19.66.30])
    by cortelyou.mail.atl.earthlink.net (EarthLink SMTP Server) with ESMTP id 1enS6715M3Nl3py0
    for <xxxx@peoplepc.com>; Fri, 7 Oct 2005 09:17:14 -0400 (EDT)
    Received: from mailc.rambler.ru (mailc.rambler.ru [81.19.66.27])
    by mxb.rambler.ru (Postfix) with ESMTP id DB442852B4
    for <xxxx@peoplepc.com>; Fri, 7 Oct 2005 17:17:13 +0400 (MSD)
    Received: from 127.0.0.1 ([82.198.27.203])
    (authenticated bits=0)
    by mailc.rambler.ru (8.12.10/8.12.10) with ESMTP id j97DHAev081229
    for <xxxx@peoplepc.com>; Fri, 7 Oct 2005 17:17:12 +0400 (MSD)
    X-AntiVirus: Checked by Dr.Web [version: 4.32b, engine: 4.32b, virus records: 76871, updated: 8.06.2005]
    Date: Fri, 7 Oct 2005 17:15:51 +0400
    From: xxxx@rambler.ru
    X-Mailer: The Bat! (v1.53d)
    Reply-To: xxxx@rambler.ru
    Organization: xxxx@rambler.ru
    X-Priority: 3 (Normal)
    Message-ID: <42366953093.20051007171551@rambler.ru>
    To: xxxx <xxxx@eoplepc.com>
    Subject: Re[2]: Another letter to my friend - xxxx!
    In-Reply-To: <30945034.1128660557978.JavaMail.root@mswamui-bichon.atl.sa.earthlink.net>
    References: <30945034.1128660557978.JavaMail.root@mswamui-bichon.atl.sa.earthlink.net>
    MIME-Version: 1.0
    Content-Type: text/plain; charset=us-ascii
    Content-Transfer-Encoding: 7bit
    X-Auth-User: xxxx@rambler.ru, whoson: (null)
    X-ELNK-AV: 0
    Female Scammers from Nigeria, Ghana, Russia, Ukraine and Philippines

  2. #41
    Join Date
    Aug 2005
    Posts
    622

    Default

    sorry for late post but as rjg381 said i was away for a week. just got back.

    @rjg381, yes you are right. just did a trace and it comes same location you mention.

    map of russia: http://www.russiatrek.com/map.shtml

    look at this one. http://www.worldtimezone.com/time-russia1.htm

    novgorod is close to st petersburg.

    trace:

    NeoTrace Version 3.25 Trace Results
    Target: 212.67.4.53
    Date: 22/10/2005 (Saturday), 04:12:44
    Nodes: 2


    Node Data
    Node Net Reg IP Address Location Node Name
    1 - - 81.76.238.159 Leeds fcuk
    2 1 1 212.67.4.53 Nizhny Novgorod ipdl053.nis.nnov.su


    Packet Data
    Node High Low Avg Tot Lost
    1 0 0 0 1 0
    2 ---- ---- ---- 2 2


    Network Data
    Network id#: 1
    Kostina, 2, 11
    Nizhny Novgorod, Russia



    Registrant Data
    Registrant id#: 1
    See Registrant Pane for registrant contact information.

    by the way, rjg381, thanks for kind words about one of my posts. i do hope it helps people in not being scammed.



    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  3. #42
    Join Date
    Oct 2005
    Posts
    6

    Default

    To get information on an IP : a good site :
    http://www.dnsstuff.com/
    and for example on this site information got about IP 82.198.27.203 is below.
    % Information related to '82.198.27.0 - 82.198.27.255'

    inetnum: 82.198.27.0 - 82.198.27.255
    netname: NATA-INFO
    descr: Nata-Info Dial-Up Network
    country: RU
    admin-c: LKV2000-RIPE
    tech-c: EVE7-RIPE
    status: ASSIGNED PA
    mnt-by: SATGATE-MNT
    changed: sergey@satgate.net 20041215
    source: RIPE

    person: Kirill V Lupandin
    address: SatGate LLC
    address: 942 Windemere Dr. NW
    address: OR 82001 Salem
    address: USA
    phone: +7 0112 573 070
    fax-no: +7 0112 573 073
    e-mail: kirill@satgatellc.com
    nic-hdl: LKV2000-RIPE
    notify: kirill@satgatellc.com
    mnt-by: SATGATE-MNT
    source: RIPE
    changed: kirill@satgatellc.com 20020903

    person: Elena V Egorova
    address: 942 Windemere Dr. NW
    address: OR 82001 Salem
    address: USA
    phone: +7 0112 573 070
    fax-no: +7 0112 573 073
    e-mail: jeg@satgatellc.com
    nic-hdl: EVE7-RIPE
    notify: jeg@satgatellc.com
    changed: jeg@satgatellc.com 20020903
    source: RIPE

    % Information related to '82.198.27.0/24AS21166'

    route: 82.198.27.0/24
    descr: Nata-Info Dial-Up Network
    origin: AS21166
    mnt-by: SATGATE-MNT
    changed: sergey@satgate.net 20041215
    source: RIPE


  4. #43
    Join Date
    Oct 2005
    Posts
    6

    Default

    To get information on an IP : a good site :
    http://www.dnsstuff.com/
    and for example on this site information got about IP 82.198.27.203 is below.
    % Information related to '82.198.27.0 - 82.198.27.255'

    inetnum: 82.198.27.0 - 82.198.27.255
    netname: NATA-INFO
    descr: Nata-Info Dial-Up Network
    country: RU
    admin-c: LKV2000-RIPE
    tech-c: EVE7-RIPE
    status: ASSIGNED PA
    mnt-by: SATGATE-MNT
    changed: sergey@satgate.net 20041215
    source: RIPE

    person: Kirill V Lupandin
    address: SatGate LLC
    address: 942 Windemere Dr. NW
    address: OR 82001 Salem
    address: USA
    phone: +7 0112 573 070
    fax-no: +7 0112 573 073
    e-mail: kirill@satgatellc.com
    nic-hdl: LKV2000-RIPE
    notify: kirill@satgatellc.com
    mnt-by: SATGATE-MNT
    source: RIPE
    changed: kirill@satgatellc.com 20020903

    person: Elena V Egorova
    address: 942 Windemere Dr. NW
    address: OR 82001 Salem
    address: USA
    phone: +7 0112 573 070
    fax-no: +7 0112 573 073
    e-mail: jeg@satgatellc.com
    nic-hdl: EVE7-RIPE
    notify: jeg@satgatellc.com
    changed: jeg@satgatellc.com 20020903
    source: RIPE

    % Information related to '82.198.27.0/24AS21166'

    route: 82.198.27.0/24
    descr: Nata-Info Dial-Up Network
    origin: AS21166
    mnt-by: SATGATE-MNT
    changed: sergey@satgate.net 20041215
    source: RIPE


  5. #44
    Join Date
    Aug 2005
    Posts
    622

    Default

    @ scammerfight

    dnstuff.com is ok but basically all it is, is a whois. same information can be got from http://www.ripe.net/whois

    dnstuff.com also may have a problem. some isp's are not allowed to use the service as apparently they have been pinged too many times.

    the information given is a "wide" horizon namely based on the isp range in that dynamic group. it also does not tell you the location.

    on the other hand a program like neotrace will give the same information and also the location of the isp. a further trace with ip scammer will tell if the pc is online at the moment of pinging and will advise which ports are open on that computer. there is also magic netrace that does the same thing as neotrace and will also give the whois on that isp at the same time.

    you can also use programs to for example ping the computer at say 300 pings per minute which after a while will lock the computer and stop access to the internet or will slow it down to a snails pace......... but that is when she scams you.


    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  6. #45
    Join Date
    Aug 2005
    Posts
    622

    Default

    @ scammerfight

    dnstuff.com is ok but basically all it is, is a whois. same information can be got from http://www.ripe.net/whois

    dnstuff.com also may have a problem. some isp's are not allowed to use the service as apparently they have been pinged too many times.

    the information given is a "wide" horizon namely based on the isp range in that dynamic group. it also does not tell you the location.

    on the other hand a program like neotrace will give the same information and also the location of the isp. a further trace with ip scammer will tell if the pc is online at the moment of pinging and will advise which ports are open on that computer. there is also magic netrace that does the same thing as neotrace and will also give the whois on that isp at the same time.

    you can also use programs to for example ping the computer at say 300 pings per minute which after a while will lock the computer and stop access to the internet or will slow it down to a snails pace......... but that is when she scams you.


    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  7. #46
    Join Date
    Oct 2005
    Posts
    26

    Default

    Yandex.ru is kind of Russia's version of Yahoo from what I can tell. Yandex offers free email boxes same as Yahoo from what I read on Yandex home page. So if someone who lets say lives in Toronto gets an Yandex email account and accesses it through the Yandex home page and sends email with the account, will the email actually look like its being sent from Russia?? Does anyone know about this? Thanks

  8. #47
    Join Date
    Oct 2005
    Posts
    26

    Default

    Yandex.ru is kind of Russia's version of Yahoo from what I can tell. Yandex offers free email boxes same as Yahoo from what I read on Yandex home page. So if someone who lets say lives in Toronto gets an Yandex email account and accesses it through the Yandex home page and sends email with the account, will the email actually look like its being sent from Russia?? Does anyone know about this? Thanks

  9. #48
    Join Date
    Aug 2005
    Posts
    622

    Default

    quote:Originally posted by fafemtp

    Yandex.ru is kind of Russia's version of Yahoo from what I can tell. Yandex offers free email boxes same as Yahoo from what I read on Yandex home page. So if someone who lets say lives in Toronto gets an Yandex email account and accesses it through the Yandex home page and sends email with the account, will the email actually look like its being sent from Russia?? Does anyone know about this? Thanks
    yes. hotmail, yahoo and other non pop3 e mail accounts will not give the isp of the sender. http://www.freecenter.com/email.html

    have fun and choose one or as many as you want.

    by the way...... anybody writes from a non pop3 e mail address? bin the letter it is like saying "i have something to hide".



    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

  10. #49
    Join Date
    Aug 2005
    Posts
    622

    Default

    quote:Originally posted by fafemtp

    Yandex.ru is kind of Russia's version of Yahoo from what I can tell. Yandex offers free email boxes same as Yahoo from what I read on Yandex home page. So if someone who lets say lives in Toronto gets an Yandex email account and accesses it through the Yandex home page and sends email with the account, will the email actually look like its being sent from Russia?? Does anyone know about this? Thanks
    yes. hotmail, yahoo and other non pop3 e mail accounts will not give the isp of the sender. http://www.freecenter.com/email.html

    have fun and choose one or as many as you want.

    by the way...... anybody writes from a non pop3 e mail address? bin the letter it is like saying "i have something to hide".



    to all russian scammers: i am somewhat of a bullshi*ter myself but i do like to listen to a professional. please carry on

 

 

Similar Threads

  1. Scam odds
    By Reactive in forum Scam or not?
    Replies: 0
    Last Post: 11-04-2004, 03:05 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT. The time now is 05:04 PM.