Monday, March 12, 2018

Pending Mails (Gmail phishing)

Hi *

Due to the Routine checks on the mail servers,

Some of your mails might be on pending status...

Get started here validate and retrieve mail(s).

Also, Enter details once and correctly, then wait for response from Our Server.

Sincerely,
gmail.com Support Team

Phishing analysis :

CLICK : Get started here
OPEN : https://qidecul.ga/bin/others/?email=@
REDIRECT : https://qidecul.ga/bin/others/*.php?*
SCREENSHOT :


Email analysis :

NOTE : noreply@starslabels.ae
NOTE : 80.112.200.71

Thursday, November 16, 2017

Warning Your test@test.com Shut Down !!! (Gmail phishing)

Server Message

Dear test@test.com

Our record indicates that you have recently made a request to deactivate email. This request will be processed shortly. If this request was made accidentally and you have no knowledge of it, you are advised to cancel the request now

Cancel De-activation

However, if you do not cancel this request, your account will be de-activated shortly and all your email data will be permanently lost.

Regards.

Email Administrator

Message is auto This-generated from security server, and replies sent to this email can not be delivered. This email is meant for:

Email analysis :

NOTE : support@mailserver.com
NOTE : Received : from mailserver.com ([148.163.101.104])


Phishing analysis :

CLICK : Cancel De-activation
OPEN : http://www.ksawed.org/webmail.php?email=test@test.com
SCREENSHOT :


VALIDATE : FORM
REDIRECT : https://support.google.com/accounts/answer/141137?hl=&visit_id=0-636464428251608265-4216504168&rd=1
SCREENSHOT :


INFO : Gmail phishing...

Wednesday, December 28, 2016

VERY CONFIDENTIAL.

Compliment of the season,

I am contacting you regarding a venture through which we both can come on a substantial amount of money.

My name is Barad Fufana, I work with one of the reputable banks here in West Africa, and also as the personal banker to a customer of our bank who passed on heart-related condition. If you are interested please get back to me through this email: (barafufan@gmail.com) for a complete details.

Regards
Baradi Fufana.

Email analysis :

NOTE : barafufan@gmail.com
NOTE : Authentication-Results : mx.google.com; dkim=pass header.i=@yahoo.com; spf=softfail
NOTE : X-Yahoo-Newman-Property : ymail-4

Thursday, December 8, 2016

Message notification *@gmail.com (Link to virus)


Google

Nddcole Watddson (Google Support) just sent you a message:

06/12/2016

Undeliverable messages (*@gmail.com).

Get more information

Don't want occasional updates about Gmail activity? Change what email Google Team sends you.

Email analysis :

NOTE : Received : from server.oeirasdigital.pt
NOTE : (server.oeirasdigital.pt. [213.229.111.207])
NOTE : client-ip=213.229.111.207;


NOTE : X-Php-Originating-Script : 10000:bisend.php

Link analysis :

CLICK : Get more information
OPEN : http://projetomac.org/wp/Undeliverable_messages.html
DOWNLOAD A FILE : Undeliverable_messages.zip
INFORMATION : Undeliverable_messages.zip is a virus
SHA256 : be0908fbf059517f8ea204d1636e00a7810146fb9c920fc01bb4315b8e8e0067

Virus analysis :

AegisLab Troj.Downloader.Script!c
Arcabit HEUR.JS.Trojan.ba
Cyren JS/Nemucod.EY!Eldorado
F-Prot JS/Nemucod.EY!Eldorado
Fortinet Malware_Generic.P0
K7AntiVirus Trojan ( 004dfe6d1 )
K7GW Trojan ( 004dfe6d1 ) 20161208
Kaspersky HEUR:Trojan-Downloader.Script.Generic
Sophos Mal/DrodZp-A

Exposing virus :

PASTEBIN : http://pastebin.com/20PLKDCB
RAW : http://pastebin.com/raw/20PLKDCB



Wednesday, September 28, 2016

OFFER LATTER FROM HENK BOELENS,, /

Utility & Trust Deposit Fin. Inc.
7th Floor 2 George Yard
Lombard Street
London EC3V 9DH

Dear Friend

Please accept my apologies if this request does not meet your personal ethics as it is not intended to cause you any embarrassment in what ever form. I got your contact email address from the internet directory and decided to contact you for this transaction that is based on trust and your outstanding. I have an interesting business proposal for you that will be of immense benefit to both of us. Although this may be hard for you to believe because i know that there is absolutely going to be a great doubt and distrust in your heart in respect of this email as this might sound strange to you and coupled with the fact that, so many individuals have taken possession of the Internet to facilitate their nefarious deeds, thereby making it extremely difficult for genuine and legitimate persons to get attention and recognition. Please grant me the benefit of doubt and hear me out.

My name is Henk Boelens . I work with Utility and Trust Deposit Finance here in London-UK as a branch manager. I discovered an abandoned sum of GBP 19,850,000.00 (Nineteen Million Eight Hundred And Fifty Thousand British Pounds) in an account that belongs to one of our foreign customers, Late Dr. Erin Jacobson, an American citizen who unfortunately lost his life and his entire family in Montana plane crash on March 23, 2009, on their way to a group ski vacation. The choice of contacting you is aroused from the geographical nature of where you live, particularly due to the sensitivity of this transaction and the confidentiality herein. Now our bank has been waiting for any of the relatives to come up for the claim but nobody has done that. I personally tried to locate any member of his family but have been unsuccessful in locating the relatives for 7 years now, i have also checked the deposit documents and discovered that he did not declare any next of kin on the deposit.

Now the Management of our bank as instructed me to look for the next of kin or they will convert the funds into the Government Treasury Account as unclaimed funds and the funds will be wasted. Therefore, I cannot claim these funds without presenting a foreigner to stand as next of kin. This is the reason why I contacted you to seek your consent to present you as a next of kin so that the funds will be release to you, then we share it 50% for me and 50% for you and is deal between me and you. I have employed the service of an Attorney who will secure all necessary legal documents that could be used to back up this claim. All the attorney need to do is to fill in your names to the documents and legalize it in the Court here to prove you as the legitimate next of kin to the late depositor Dr. Erin Jacobson then the bank will release the funds to you as the rightful beneficiary.

This is a fair deal without any risk attached either on your part or on my part as long as we comply with the laws governing the claiming of funds in our establishment. All I require is your honest co-operation to enable us see this deal through, and with my position in the bank as a bank manager, I will do every thing possible to protect your interest and to make sure everything workout successfully. If you are interested in this deal, kindly send me your complete information, your full names and address, Your Private telephone and Fax numbers, and Cell phone so that the attorney will start processing the necessary paperwork that would facilitate the release of the funds to you.

Best regards,

Henk Boelen

Email analysis :

NOTE : henkboelens67@gmail.com
NOTE : sale@drysuit.ru
NOTE : Received : from [128.199.40.168] (helo=User)


NOTE : by f4.radisol.ru with esmtpa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256)
NOTE : (Exim 4.84_2) (envelope-from < sale@drysuit.ru >)
NOTE : Received : from unknown (HELO s3.radisol.ru) (95.213.144.13)

Monday, June 27, 2016

I NEED YOUR QUICK REPLY.

Dear Beloved,

Please this is important and urgent as well as confidential that is why I kindly ask you to reply via this my direct and personal email address: mrsgracammachel@gmail.com With due respect, I must apologize for this unsolicited message, I am aware that this is certainly not a conventional way of approaching an unknown person for establishment of project and investment. But I respectfully insist you read this message carefully before you either take a decision of proceeding or deleting my message as I am optimistic it will be successful for unimaginable financial benefit for both of us and our families. I am Mrs. Graca Machel Mandela the wife of South African icon and freedom fighter late Nelson Rotlatla Mandela The former President of the republic South Africa from 1994 till1999 who died on December 5, 2013 after a protracted lung infection contacted during his 27th years of incarceration in robin island prison. Actually, I managed to get your contact details online here in Johannesburg South Africa in my desperate search for a trustworthy person to assist me in this confidential business transaction. (http://en.wikipedia.org/wiki/Gra%C3%A7a_Machel) As the Third wife of late Nelson Mandela, he deposited cash in a trust account on my name here in south Africa, for self keeping, he did this because he knew that upon his death, his lioness x-wife Winnie Mandela might use all her structural contacts within the AFRICAN NATIONAL CONGRESS [ANC] to deny me what is due to me as his wife who looked after him all this period he was on sick bed. As his instinct pre-informed him, his fears is ongoing right now, and as a Mozambican, all the family members have swooped on me, Opposing me that I should hand over the asset to them, and good of a thing that when my late husband deposited the money into the trust fund account on my hand we used my sons name, Mr. Malengani Machel, who is currently living here in Johannesburg South Africa, for security reason. My late husband, Nelson Mandela, deposited US$60.5 MILLIONS (Sixty Millions, Five Hundred Thousand United States Dollars) in cash in a bank here in South Africa through diplomatic channel, After his death, I and my son being in Johannesburg South Africa, decided to transfer this money out of South Africa for my family use since it is the only confidential thing we benefited. I have relinquished and waved most of his assets /estate willed to me as we are married in community of property for the interest of peace. This is genuine and not of criminal origin. I must then emphasize that this transaction is highly confidential and it is to be kept as such confidential. Therefore indicate your full interest on assurance of trust, so that we can actualize this great opportunity together and share the benefit together by the help of God. And in the area whereby you are not interested in this deal please kindly delete it immediately from your email. If you are interested, kindly provide me with your full names and direct private phone numbers.

Regards in sincerity,

Mrs Graca Machel
4th Street Houghton Estates
Johannesburg South Africa
Phone: No. +27839733172
Email: mrsgracammachel@gmail.com

Email analysis :

NOTE : gracamachel@hotmail.com
NOTE : vw1@arcor.de
NOTE : X-Webmailclientip : 41.246.151.201

Wednesday, March 9, 2016

Vous avez 48 heures pour confirmer votre identité.

"Cher utilisateur"
Votre compte "Gmail" a expiré,

Veuillez nous répondre "ACTIF"pour éviter la clôture de votre compte.

Cordialement,
Services des comptes Google.

Email analysis :

NOTE : no.reply10@mynet.com
NOTE : X-Mynet-Mailborder-Ip-Protocol : IPv4
NOTE : X-Sender-Ip : 209.85.223.178

Thursday, March 3, 2016

(=Protéger votre GMAIL=).

Cher utilisateur de "GMAIL"

Veuillez répondre "ACTIF"pour éviter la clôture de votre compte.

Cordialement
Service Comptes.

Email analysis :

NOTE : no.reply10@mynet.com
NOTE : X-Mynet-Mailborder-Ip-Protocol : IPv4

Friday, November 20, 2015

Best Regards,

Attention,

I have been mandated by the minister for finance Libya , Finance Prof. Dr. Kilani, Abdul Karim al-Kilani, to seek for your cooperation in the supply of your company products and other equipments to the Libyan Government! A consideration also is that your quotation must be CIF Port of commericale GABES Tunisia; we choose this port as result of the present security situation in Libya . I will reveal more procedural information to you upon your re-confirmation.

Best Regards,

Dr. Mohammed Abdelaziz, PHD
Director of Contract, Ministry of Finance Libya!

Email analysis :

NOTE : libya.contract@qq.com
NOTE : contract.libya@gmail.com
NOTE : client-ip=62.36.20.210;
NOTE : Received : from out10.wanadoo.es (out10.wanadoo.es. [62.36.20.210])
NOTE : X-Login :
NOTE : Received : from [74.93.194.113] (helo=sbs2003) by out10.wanadoo.es

Thursday, November 12, 2015

GMAIL SERVICE AUX MEMBRES

Gmail!
Bonjour, Cher(e)s clients

Nous avons détecté une tentative de connexion à votre compte Gmail à partir d’un mobile non identifié. Date : Dim. 08 Novembre 2015 10:27 GMT+1, lieu : Bénin.

Était-ce vous ? Si oui, effectuez la vérification secondaire de connexion ou connectez-vous de votre terminal habituel.

Si cette connexion n’a pas été effectuée par vous, veuillez nous fournir les information ci-dessous pour apprendre à protéger votre compte Gmail :

Confirmation de votre identité.

Nom: ............................................................
Prénom : ...........................................................
Gmail ID!. ............................................................
Adresse Gmail! ...................................................
Mot de passe .......................................................
Occupation:.........................................................
Date de création du compte:........................................
Numéro de telephone: ............................................
Pays : .................................................................

Pour des raisons de sécurité, ce message de vérification vous servira à apprendre comment les alertes de ce type peuvent vous aider à protéger votre compte

Cordialement,
Gmail! Member Services
Merci !,
Services des comptes Gmail

Email analysis :

NOTE : X-Originating-Ip : [41.79.219.215]

Monday, September 14, 2015

***@gmail.com :Your Account Will Be Blocked!

dear ***@gmail.com

Your Account Will Be Blocked!
***@gmail.com
Your Account will EXPIRE in 2days.
If you would like to continue using your Email Address,

(mail center)

UPGRADE YOUR ACCOUNT NOW
YOU WILL LOSE YOUR EMAIL ADDRESS IF YOU DO NOT UPGRADE YOUR ACCOUNT.

UPGRADE IS FREE OFF CHARGE

Phishing analysis :

CLICK : UPGRADE YOUR ACCOUNT NOW
OPEN : http://www.igeveca.com/ckeditor/kcfinder/upload/files/mudf/auto/conflict.php?Email=***@gmail.com&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1

LINK : CAN BE REDUCED TO :

http://www.igeveca.com/ckeditor/kcfinder/upload/files/mudf/auto/conflict.php?Email=***@gmail.com


OR EVEN TO :

http://www.igeveca.com/ckeditor/kcfinder/upload/files/mudf/auto/conflict.php?Email=http://www.scam.cz


VALIDATE : FORM
REDIRECT : http://www.igeveca.com/ckeditor/kcfinder/upload/files/mudf/auto/loading.php
REDIRECT : https://godaddy.com/

Email analysis :

NOTE : Received : from mail.binhlongrubber.vn ([123.30.109.136])
NOTE : Received : from [169.254.47.55] by binhlongrubber.vn (MDaemon PRO v10.0.0)
NOTE : huutu@binhlongrubber.vn
NOTE : ***@gmail.com :Your Account Will Be Blocked!

Monday, May 11, 2015

All Gmail free account owners,

All Gmail free account owners,

We are having congestions due to the anonymous registration of Gmail accounts so we are shutting down some Gmail accounts and your account
was among those to be deleted.We are sending you this email so that you can verify and let us know if you still want to use this account.If you are still interested please confirm your account by filling the space below.Your User name,password,date of bith and your country information would be needed to verify your account.Due to the congestion in all Gmail users and removal of all unused Gmail Or Gmx Accounts,

Gmail Or Gmx would be shutting down all unused Accounts, You will have to confirm your E-mail by filling out your Login Information below after clicking the reply button, or your account will be suspended within 48 hours for security reasons.

* Username: .......
* Password: .......
* Date of Birth: ......
* Country Or Territory:.....

After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences. Warning!!! Account owner that refuses to update his/her account after two days of receiving this warning stands the risk of lossing his or her account permanently.

The Gmail Or Gmx Management
Custormer Care

Email analysis :

NOTE : custormercustormer@gmail.com
NOTE : info@rechargetime.net
NOTE : Received : from 41.138.181.74 ([41.138.181.74])
NOTE : (SquirrelMail authenticated user info@rechargetime.net)
NOTE : by 119.18.59.192 with HTTP;

Tuesday, November 25, 2014

[ALERTE]

Veuillez Cliquer sur la pièce jointe afin d'évité la suppression de votre login

1111111111111111.docx

Email analysis :

NOTE : INFO COMPTE
NOTE : fa940949@skynet.be
NOTE : Received : from mailsec118.isp.belgacom.be
NOTE : (mailsec118.isp.belgacom.be. [195.238.20.114])
NOTE : X-Mailer : Open-Xchange Mailer v7.2.2-Rev27

Tuesday, October 21, 2014

Email Storage Alert234 (Google phishing)


Your mailbox is almost full.

Dear ***@***.com,

3840MB 4096MB

Current size Maximum size

Please reduce your mailbox size. Delete any items you don't need from your mailbox and empty your Deleted Items folder. Click here to do reduce size automatically.

Thanks,
Mail System Administrator

This notification was sent to %email%; Don't want occasional updates about subscription preferences and friendly suggestions? Change what email Google+ sends you. Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043 USA

Email analysis :

NOTE : Return-Path : < webmaster@socialshop.us >
NOTE : Received : from nofubu.be (70.32.77.185)
NOTE : Received : from ANTHORAZY-PC.www.huaweimobilewifi.com (unknown [41.58.76.5])
NOTE : X-No-Relay : not in my network
NOTE : Content-Type : text/html; charset="iso-8859-1"
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : quoted-printable
NOTE : Content-Description : Mail message body
NOTE : Email Storage Alert234

Phishing analysis :

CLICK : Click here
OPEN : http://www.sintsolar.com.ua/info/language/en/upgrade/ii.php
SCREENSHOT :


sintsolar.com.ua whois :

domain: sintsolar.com.ua
dom-public: NO
registrant: com-sint0-2
admin-c: com-sint0-2
tech-c: com-msl6-2
tech-c: com-rc-3
mnt-by: ua.forward
nserver: ns.radiocom.net.ua
nserver: ns.secondary.net.ua
status: ok
created: 2006-12-15 02:12:12+02
modified: 2013-11-27 01:57:46+02
expires: 2015-12-15 02:12:12+02
source: UAEPP
registrar: ua.forward
organization: FOP Cherkashin Vyacheslav Yurievich
organization-loc: ФОП Черкашин В'ячеслав Юрійович
url: http://forward.com.ua
city: Dnipropetrovsk
country: UA
source: UAEPP
contact-id: com-sint0-2
person: Industrial comercial company SINTEK Ltd.
organization: Industrial comercial company SINTEK Ltd.
e-mail: sintsolar@sintek.zp.ua
address: Patriotychna 64a 22
address: ZAPORIZHZHYA
postal-code: 69000
country: UA
country-loc: UA
phone: +380.612136116
fax: +380.612136116
mnt-by: ua.forward
status: ok
status: linked
created: 2013-03-31 19:15:51+03
source: UAEPP
contact-id: com-sint0-2
person: Industrial comercial company SINTEK Ltd.
organization: Industrial comercial company SINTEK Ltd.
e-mail: sintsolar@sintek.zp.ua
address: Patriotychna 64a 22
address: ZAPORIZHZHYA
postal-code: 69000
country: UA
country-loc: UA
phone: +380.612136116
fax: +380.612136116
mnt-by: ua.forward
status: ok
status: linked
created: 2013-03-31 19:15:51+03
source: UAEPP
contact-id: com-msl6-2
person: Microcom Sich Ltd.
organization: Microcom Sich Ltd.
e-mail: hostmaster@microcom.net.ua
address: P.O. 6493 -
address: ZAPORIZHZHYA
postal-code: 69035
country: UA
country-loc: UA
phone: +380.612202299
mnt-by: ua.forward
status: ok
status: linked
created: 2013-03-31 19:14:45+03
source: UAEPP
contact-id: com-rc-3
person: RadioCom ISP
organization: RadioCom ISP
e-mail: hostmaster@radiocom.net.ua
address: Krasnaya 22
address: ZAPOROZHYE
postal-code: 69068
country: UA
country-loc: UA
phone: +380.612148333
fax: +380.612148333
mnt-by: ua.forward
status: ok
status: linked
created: 2013-03-31 19:15:32+03
source: UAEPP

Monday, August 11, 2014

Google Phishing

Nous avons reçu le rapport de H24Staff_Mail que votre compte a été impliqué dans l'activité illégale qui viole nos conditions de service.

S'il vous plaît, veuillez prendre connaissance de la pièc[e] joint[e]

< Indications (1).pdf >


NOTE : verifinbox1@daum.net
NOTE : from wwl1737.hanmail.net ([117.52.3.197]) by smail-38.hanmail.net (8.12.1/8.9.1)
NOTE : from hanadmin@localhost by wwl1737.hanmail.net (8.12.9/8.9.1)
NOTE : 10.66.219.42
NOTE : 211.43.197.220
NOTE : X-Mailer : Daum Web Mailer 1.2
NOTE : Mime-Version : 1.0
NOTE : X-Hanmail-Attr : fc=1
NOTE : Content-Type : multipart/mixed; boundary="1407660650.DaumWebMailer."
NOTE : => Suspension de votre c/ompt/e
NOTE : servgool.hostingsiteforfree.com
NOTE : Hosted by 1freehosting.com

CLICKING THE LINK : servgool.hostingsiteforfree.com



CLICKING : VALIDER

NEW URI : servgool.hostingsiteforfree.com/formmail.php

Thursday, July 31, 2014

HKEL Trading.Co Phishing

Please be advised that the following payment was made to you on behalf of L T LTD-ECC DIVISION-SSC(VENDOR)

Transaction Reference: BARCGB14448464128
Payer/Remitter's Reference No: 10/63771/1
Beneficiary Details: ********** / UBIN0532622
Payment method: Electronic Fund Transfer
Payment Amount: 4,977.00
Currency: USD
Processing Date: 29-Jul-2014
Payment Details: E7979PO4001105

Kindly contact your remitter directly for any queries on the payment advice.

View slideshow Download

NOTE : storestrade@gmail.com
NOTE : Info@hkeltrading.com
NOTE : HKEL Trading.Co
NOTE : Rép :Fw: Swift Payment
Note : View slideshow > http://www.simplysalvage.com/wordpress/wp-content/plugins/mail/index.htm
Note : Download > http://www.simplysalvage.com/wordpress/wp-content/plugins/mail/index.htm

simplysalvage.com WHOIS :
===============================================================
Domain Name: simplysalvage.com
Registry Domain ID: 1665278578_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.melbourneit.com
Registrar URL: http://www.melbourneit.com.au
Updated Date: 2014-06-20T16:35:08Z
Creation Date: 2011-07-05T01:44:48Z
Registrar Registration Expiration Date: 2015-07-05T01:44:48Z
Registrar: Melbourne IT Ltd
Registrar IANA ID: 13
Registrar Abuse Contact Email: abuse@melbourneit.com.au
Registrar Abuse Contact Phone: +61.386242300
Domain Status: ok
Registry Registrant ID:
Registrant Name: Lindsey Hamlin
Registrant Organization: Lindsey Hamlin
Registrant Street: 1600 Hawthorne Lane
Registrant City: Prattville
Registrant State/Province: AL
Registrant Postal Code: 36066
Registrant Country: US
Registrant Phone: +1.3216951072
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: lindsey.stephan@live.com
Registry Admin ID:
Admin Name: Lindsey Hamlin
Admin Organization: Lindsey Hamlin
Admin Street: 1600 Hawthorne Lane
Admin City: Prattville
Admin State/Province: AL
Admin Postal Code: 36066
Admin Country: US
Admin Phone: +1.3216951072
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: lindsey.stephan@live.com
Registry Tech ID:
Tech Name: Lindsey Hamlin
Tech Organization: Lindsey Hamlin
Tech Street: 1600 Hawthorne Lane
Tech City: Prattville
Tech State/Province: AL
Tech Postal Code: 36066
Tech Country: US
Tech Phone: +1.3216951072
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: lindsey.stephan@live.com
Name Server: NS.INMOTIONHOSTING.COM
Name Server: NS2.INMOTIONHOSTING.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdrprs.internic.net
===============================================================

http://www.simplysalvage.com/wordpress/wp-content/plugins/mail/index.htm :
===============================================================
===============================================================

Gmail clicked

http://www.simplysalvage.com/wordpress/wp-content/plugins/mail/index.htm :
===============================================================
===============================================================

Submit clicked.

A page open.

http://www.st-enodoc.co.uk/update/lib/kcfinder/upload/files/swift/Bank.jpg

st-enodoc.co.uk whois :
===============================================================
Domain name:
st-enodoc.co.uk
Registrant:
St Enodoc Golf Club
Registrant type:
Other UK Entity (e.g. clubs, associations, many universities)
Registrant's address:
St Enodoc G.C.
Rock
Wadebridge
PL27 6LD
United Kingdom
Data validation:
Registrant contact details validated by Nominet on 10-Dec-2012
Registrar:
1 & 1 Internet AG [Tag = SCHLUND]
URL: https://www.1and1.co.uk
Relevant dates:
Registered on: 17-Oct-2004
Expiry date: 17-Oct-2014
Last updated: 16-Oct-2012
Registration status:
Registered until expiry date.
Name servers:
ns33.1and1.co.uk 217.160.80.150 2001:08d8:00fe:0053:0000:d9a0:5096:0100
ns34.1and1.co.uk 217.160.81.150 2001:08d8:00fe:0053:0000:d9a0:5196:0100
===============================================================

http://www.st-enodoc.co.uk/update/lib/kcfinder/upload/files/swift/Bank.jpg
===============================================================
===============================================================

Thursday, January 30, 2014

CONGRATULATIONS LUCKY WINNER

National Lottery Draws Results.
BBC INTERNATIONAL LOTTERY CENTER NO: 768 DERRY WAYN WNT.
LONDON. ENGLAND.
Winning No:1654
+447031970264

Dear WINNER,

BBC LIVE DRAW WINNER NO. (06) (16) (26) (32) (34) (46) BONUS (33).

This is to inform you that you have WON the sum of ?1.000.000.00 Pounds from our charity bonanza. The draw winning no. 1654 brought out your e-mail address from a notify Data Base of Internet Email Users and qualified you a benefited winner of the stated winning amount in the ongoing ?44.4million Spring lottery charity bonanza for UK London's heritage. The BBC National Lottery Fund gives grants to globe for the less privilege once,we are here to use our diverse heritage to change lives in every part of the global world. Sustain and transform individual lives all over the world. Please send your draw winning no 1582 and Fill the Information below and Send it to our claims department Via E-mail:( winningclaimbonaza@gmail.com )

1. Name………………………
2. Address……………………
3. Country/State
4. Mobile No…………………
5. Sex…………………
6. Age…………………
7. Occupation………………
8. Scan copy of your Identification (Driving License or any Valid I.D Proof)is Needed.

Yours sincerely,
Claims Manager
Mr.Ben Smith
UK BBC LOTTERY SPONSOR’S
PLEASE REPLY HERE:( winningclaimbonaza@gmail.com )

Note : from zero04.nayana.kr (218.145.71.189)
Note : from User ([41.138.181.66]) (authenticated bits=0)
Note : by zero04.nayana.kr (8.13.8/8.13.8)

Wednesday, January 22, 2014

Service Confirmation - COURRIER EXPRESS GMAIL

Veuillez mettre à jour votre boite aux lettres en confirmant d'abord qu'elle est active.

Cordialement.

E-mail : mailreply@naver.com
Note : Received : from cmailsend12.nm.naver.com
Note : Received : (cmailsend12.nm.naver.com. [125.209.208.221])
Note : 196.201.66.216