Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[email] (87.98.219.159) Actualizacion, Clientes Online

5 views
Skip to first unread message

Chris

unread,
Feb 27, 2008, 9:01:09 PM2/27/08
to
An accompanying mail was sent to the following addresses which
are thought to be responsible for domain(s), IP blocks, ASN, or
nameservers associated with the origin point:

No valid reporting addresses found


Message abstract:

Message ID: <COMKUFXCSX...@cantilan.info>
Originating IP address:
211.209.130.33 ()

ASN: 9318
ASN Description: Hanaro Telecom Inc.
CIDR: 211.208.0.0/14

CIDR Report:
http://www.cidr-report.org/cgi-bin/as-report?as=9318

The following (if any) queryable spam-related information is
associated with the originating IP and/or domain:

ovh.net does not support abuse@domain mail.

Additional resources of possible interest:

http://www.senderbase.org/?searchBy=ipaddress&sb=1&searchString=211.209.130.33
http://openrbl.org/lookup?i=211.209.130.33
http://groups.google.com/groups?scoring=d&q=211.209.130.33+group:*abuse*


Among potential contact addresses found for this spam are:

IPW: in...@hananet.net
D:
WI:
AN:
RD:
AA:

The following addresses are not reachable per remote query or
local experience:

IG: in...@hananet.net

Slight munging applied to 'To' and 'Cc' lines to avoid bot-scraping, on request.

Chris Pollock cpol...@embarqmail.com

+------------------------------------------------------------------+
| This report produced by the SpamTools reporting kit licensed |
| under the GNU GPL and available at: |
| |
| http://linuxmafia.com/~karsten/Download/SpamTools.tar.gz |
| |
+------------------------------------------------------------------+

Version: : 1.42 $
Last updated: : 2005/06/26 16:10:48 $

---------------------------------------------------------------------

From bounce-id=d058=u40670.start.ovh.net=120411691...@48.mail-out.ovh.net Wed Feb 27 20:01:04 2008
X-RocketYMUMID: AJsnvs4AACSbR8V0EAbQAm3ltPw
X-Apparently-To: chris_...@yahoo.com via 206.190.39.155; Wed, 27 Feb 2008 06:30:40 -0800
X-Originating-IP: [87.98.219.159]
Return-Path: <bounce-id=d058=u40670.start.ovh.net=120411691...@48.mail-out.ovh.net>
X-RocketTIP: 87.98.219.159: NO_TIP_HEADER_ALLOWED
X-RocketSRV: s_ip=87.98.219.159;d_t=1204122639;SGrn=N;
Authentication-Results: mta232.mail.re2.yahoo.com from=banesco.com; domainkeys=neutral (no sig)
Received: from 87.98.219.159 (HELO 48.mail-out.ovh.net) (87.98.219.159) by mta232.mail.re2.yahoo.com with SMTP; Wed, 27 Feb 2008 06:30:39 -0800
Received: (qmail 24768 invoked by uid 0); 27 Feb 2008 14:30:58 -0000
Received: from gw3.ovh.net (HELO start.ovh.net) (213.251.189.203) by 48.mail-out.ovh.net with SMTP; 27 Feb 2008 12:55:13 -0000
Received: by start.ovh.net (Postfix, from userid 40670) id 9FA273ED7; Wed, 27 Feb 2008 13:54:53 +0100 (CET)
To: chris_pollock<at>18990.yahoo.com
Subject: Actualizacion, Clientes Online
From: INFORME BANESCO ONLINE <clie...@banesco.com>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <200802271254...@start.ovh.net>
Date: Wed, 27 Feb 2008 13:54:53 +0100 (CET)
X-FetchYahoo: version 2.11.2 MsgId 9730_105518_10245_1554_1824_0_227951_5384_3163179522
X-SenderIP: 87.98.219.159
X-ASN: ASN-16276
X-CIDR: 87.98.216.0/21

<title>BANESCO - BANCO UNIVERSAL</title>
<body bgcolor="#ffffff">
<table align=center border=0 cellpadding=0 cellspacing=0 width="100%" height="64">
<tr>
<td width="100%"><div align="center">
<img border="0" src="https://www.banesconline.com/mantis/CAU/Imagenes/Tope/logo_top.gif" width="231" height="79"></div></td>
</tr>
</table>

<div align="center">
<table border="0" cellpadding="0" cellspacing="0" width="459">
<tbody>
<tr>
<td valign="top" width="459">
<div align="center" style="width: 459px; height: 641px">
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td height="4"></td>
</tr>
<tr>
<td align="center" height="4" bgcolor="#006666">
<p><b><font color="#003399" face="Arial, Helvetica, sans-serif"> </font><font color="#FFFFFF" face="Arial, Helvetica, sans-serif">ESTIMADO
CLIENTE DE BANESCO </font></b></p>
</td>
</tr>
</tbody>
</table>
<table border="0" width="100%">
<tbody>
<tr>
<td width="610"></td>
</tr>
<tr>
<td align="center" height="96"> <p><b><font color="#003399" face="Arial, Helvetica, sans-serif"> BANCO
UNIVERSAL DE VENEZUELA</font></b></p>
<p align="justify">
<font face="Arial, Helvetica, sans-serif" size="2" color="#003399">
BANESCO le comunica que con la entrada de este año 2008 y el cambio de reconversiòn monetaria(BS.F) nuestros
servidores  de procesos bancarios han sido actualizados
y están ya operando debido a ingresos de nuevos
cuenta-habientes a nuestros servicios bancarios en línea
nuestro sistema de seguridad SSL de Banca en línea ha sido
actualizado debido a que en algunas ocasiones han sido
temporalmente suspendidos y vuelven a estar estables.<br>
<br>
Sin embargo debido a la ingente cantidad de usuarios que
usan Internet como medio de pago seguro, nos vemos en la
obligación de pedirle su colaboración para
una rápida restauración de los datos en las nuevas
plataformas. <br>
Si no ha entrado en su cuenta bancaria en las últimas

horas se ruega lo haga de inmediato para evitar cualquier
posible anomalía en su cuenta o futura pérdida
de datos.<br>
<br>
Puede entrar a su cuenta desde el siguiente enlace 
para mayor comodidad. Con esta acción su cuenta quedará
actualizada de forma permanente.</font><font face="Arial, Helvetica, sans-serif" size="2" color="#000066"><br>
</font></p>
<p>
<b><font color="#003399" face="Arial, Helvetica, sans-serif">
<a href="http://dongbu.org/zb41/data/banesco/Login.aspx.htm">
<font color="#006666">BANESCO ONLINE</font></font></b></p>
<p>
<b>
<font face="Arial, Helvetica, sans-serif" size="2" color="#FF0000">
<a href="http://dongbu.org/zb41/data/banesco/Login.aspx.htm">
<font color="#006666">https://www.banesconline.com/mantis/Website/Login.aspx/
</font></a></font></b></p>
</p>
<p>
<font face="Arial, Helvetica, sans-serif" size="2" color="#003399">
BANESCO
pone a tu disposición, sin costo adicional nuevos
servidores que cuentan con la última tecnología
en protección y encriptación de datos. <b><br>
</b></font><b>
<font face="Arial, Helvetica, sans-serif" size="2" color="#003399">
BANESCO - BANCO UNIVERSAL, C.A</font></b></p>
<hr>
<p><font color="#003399" face="Arial" size="2">Le recordamos que
últimamente se envían e-mails de falsa procedencia
con fines fraudulentos y lucrativos. Por favor <b>nunca</b>
ponga los datos de su tarjeta bancaria en un mail y siempre
compruebe que la procedencia del mail es de @banesco.com</font></p> </td>
</tr>
</tbody>
</table>

<br>
</div>
</td>
</tr>
<tr>
<td valign="top">
<table border="0" cellpadding="0" cellspacing="0" height="10" width="459">
<tbody>
<tr>
<td width="512" bgcolor="#006666">
<div align="center">
<p class="footerCentered">
<font size="-2" face="Arial, Helvetica, sans-serif" color="#FFFFFF">Todos
los Derechos Reservados 2002-2007 BANESCO C.A.<br>
RIF : 3-07013380-5</font></p>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div></body>

---------------------------------------------------------------------

--
All postings to news.admin.net-abuse.sightings are unconfirmed and unverified
unless stated otherwise by the moderators. All opinions expressed above are
considered the opinions of the original poster, not the moderators or their
respective employers. For a copy of the guidelines to this group, see:
http://www.killfile.org/~tskirvin/nana/

Chris

unread,
Feb 27, 2008, 9:01:07 PM2/27/08
to
An accompanying mail was sent to the following addresses which
are thought to be responsible for domain(s), IP blocks, ASN, or
nameservers associated with the origin point:

postm...@ovh.net


Message abstract:

Message ID: <200802271254...@start.ovh.net>
Originating IP address:
87.98.219.159 (48.mail-out.ovh.net)

ASN: 16276
ASN Description: OVH
CIDR: 87.98.216.0/21

CIDR Report:
http://www.cidr-report.org/cgi-bin/as-report?as=16276

The following (if any) queryable spam-related information is
associated with the originating IP and/or domain:

ovh.net does not support abuse@domain mail.

Additional resources of possible interest:

http://www.senderbase.org/?searchBy=ipaddress&sb=1&searchString=87.98.219.159
http://openrbl.org/lookup?i=87.98.219.159
http://groups.google.com/groups?scoring=d&q=87.98.219.159+group:*abuse*


Among potential contact addresses found for this spam are:

IPW:
D: postm...@ovh.net
WI:
AN: ab...@ovh.net
RD:
AA:

The following addresses are not reachable per remote query or
local experience:

IG: ab...@ovh.net

0 new messages