noreply@security.comReceived: from mars.rapidvps.com (mars.rapidvps.com. [208.77.96.210])
by mx.google.com with ESMTPS id v45si26682947yhk.51.2013.01.24.17.40.00
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Thu, 24 Jan 2013 17:40:01 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
nobody@mars.rapidvps.com designates 208.77.96.210 as permitted sender) client-ip=208.77.96.210;
Authentication-Results: mx.google.com;
spf=pass (google.com: best guess record for domain of
nobody@mars.rapidvps.com designates 208.77.96.210 as permitted sender)
smtp.mail=nobody@mars.rapidvps.comReceived: from nobody by mars.rapidvps.com with local (Exim 4.77)
(envelope-from <nobody@mars.rapidvps.com>)
id 1TyYGu-0001Ia-Li
for
-----@gmail.com; Thu, 24 Jan 2013 20:40:00 -0500
To:
-----@gmail.comSubject: We have recently determined that various computers connect to your Amazon account
X-PHP-Originating-Script: 99:config.php
From: Amazon <noreply@security.com>
Reply-To:
noreply@security.comMIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1TyYGu-0001Ia-Li@mars.rapidvps.com>
Date: Thu, 24 Jan 2013 20:40:00 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - mars.rapidvps.com
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [99 500] / [47 12]
X-AntiAbuse: Sender Address Domain - mars.rapidvps.com
X-Source:
X-Source-Args: /usr/local/apache/bin/httpd -k start -DSSL
X-Source-Dir: totalhostsolutions.com:/public_html/mtvsub/dotproject/includes
ipTRACKERonline.com wrote:Header Analysis Quick Report<br>
Originating IP: 208.77.96.210<br>
Originating ISP: Infinitum Technologies<br>
City: Altamonte Springs<br>
Country of Origin: United States<br>* For a complete report on this email header goto
ipTRACKERonline
from:
Amazon <noreply@security.com> via mars.rapidvps.com
reply-to:
noreply@security.comto:
l010101@gmail.comdate:
Fri, Jan 25, 2013 at 1:40 AM
subject:
We have recently determined that various computers connect to your Amazon account
Dear Amazon Customer,
We have recently determined that various computers connect to your Amazon account, password, and the present of chess more taient before the connection. Now we need to confirm the new information from your Amazon account. If not completed within 48 hours, we will be forced to suspend your account indefinitely, because it can be used in a fraudulent intent. Thank you for your comprehension in this way. To confirm your online account:
> > Click here.
The link did not work, but if it had a phishing screen would have emerged