HOPE U READ THIS ON TIME
show details 1:28 PM (10 hours ago)
from Gray Smith graysmith@killer.com
reply-to graysmith@ymail.com
to date Fri, Jun 27, 2008 at 1:28 PM
subject HOPE U READ THIS ON TIME.
hide details 1:28 PM (10 hours ago)

I am very sorry for you, is a pity that this is how your life is going to end.

My duty as I am mailing you now is just to KILL you and I have to do it as I have already been paid for that.

Someone you call a friend wants you Dead by all means, and the person have spent a lot of money on this, the person also came to us and told me that he want you dead and he provided us with your name ,picture and other necessary information's we needed about you. So I sent my boys to track you down and they have carried out the necessary investigation needed for the operation on you, and they have done that but I told them not to kill you that I will like to contact you and see if your life is Important to you or not since their findings shows that you are innocent.


I called my client back and ask him of you email address which I didn't tell him what I wanted to do with it and he gave it to me and I am using it to contact you now.

As I am writing to you now my men are monitoring you and they are telling me everything about you. WARNING: DO NOT THINK OF CONTACTING THE POLICE OR EVEN TELL ANYONE BECAUSE I WILL KNOW.REMEMBER, SOMEONE WHO KNOWS YOU VERY WELL WANT YOU DEAD! I WILL EXTEND IT TO YOUR FAMILY, IN CASE I NOTICE SOMETHING FUNNY.

DO NOT COME OUT ONCE IT IS 7: 30 PM UNTIL I MAKE OUT TIME TO SEE YOU OF THE DISCUSSION WITH THE PERSON WHO WANT YOU DEAD FOR ANY LEGAL ACTION.


Name: Gray Smith
Email: graysmith@ymail.com

someone wants you dead.jpeg

Header Analysis

The following IP addresses were extracted from your headers:
IP Address Probable Country Additional Info
66.96.186.3 United States (Burlington)* Whois Google DNSStuff Urgentmessage.org
194.126.173.16 Netherlands* Whois Google DNSStuff Urgentmessage.org
* The last IP listed is usually the originating IP address

Here is the text you submitted, with the IP addresses highlighted:
Delivered-To: scamfraudalert@gmail.com
Received: by 10.150.123.2 with SMTP id v2cs77325ybc;
Fri, 27 Jun 2008 13:27:50 -0700 (PDT)
Received: by 10.101.70.5 with SMTP id x5mr2368154ank.24.1214598470602;
Fri, 27 Jun 2008 13:27:50 -0700 (PDT)
Return-Path:
Received: from bosmailout03.eigbox.net (bosmailout03.eigbox.net [66.96.186.3])
by mx.google.com with ESMTP id 31si441036wri.14.2008.06.27.13.27.50;
Fri, 27 Jun 2008 13:27:50 -0700 (PDT)
Received-SPF: pass (google.com: domain of SRS0=NstU5L=XJ=project-crime.com=resallerle@
designates 66.96.186.3 as permitted sender) client-ip=66.96.186.3;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of SRS0=NstU5L=XJ=project-crime.com=
designates 66.96.186.3 as permitted sender) smtp.mail=SRS0=NstU5L=XJ=project-crime.com=resallerler
Received: from bosmailscan25.eigbox.net ([10.20.15.25])
by bosmailout03.eigbox.net with esmtp (Exim)
id 1KCKXu-00079f-3s
for scamfraudalert@gmail.com; Fri, 27 Jun 2008 16:27:50 -0400
Received: from bosimpinc02.eigbox.net ([10.20.13.2])
by bosmailscan25.eigbox.net with esmtp (Exim)
id 1KCKXt-0004MO-QH
for ; Fri, 27 Jun 2008 16:27:49 -0400
Received: from ceres.e-dentify.nl ([194.126.173.16])
by bosimpinc02.eigbox.net with NO UCE
id j8Tp1Z00x0MbPnE0A8Tpam; Fri, 27 Jun 2008 16:27:49 -0400
X-EN-OrigIP: 194.126.173.16
X-EN-IMPSID: j8Tp1Z00x0MbPnE0A8Tpam
Received: from apache by ceres.e-dentify.nl with local (Exim 4.50)
id 1KCKYL-0001ls-LZ
for ; Fri, 27 Jun 2008 22:28:17 +0200
To:
Subject: HOPE U READ THIS ON TIME.
From: Gray Smith
Reply-To: graysmith@ymail.com
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
Message-Id:
Date: Fri, 27 Jun 2008 22:28:17 +0200

When the server was last reloaded, we had 5116 IP addresses banned.
Remember, you are not allowed to use automated programs to access our tools, unless you have a purchased a DNSstuff automated usage plan.
Please email sales@dnsstuff.com to learn more.

IP Information - 194.126.173.16

IP address: 194.126.173.16
Reverse DNS: [Timeout]
Reverse DNS authenticity: [Unknown]
ASN: 35017
ASN Name: SWIFTWAY-AS (SWIFTWAY Autonomous System)
IP range connectivity: 1
Registrar (per ASN): RIPE
Country (per IP registrar): NL [Netherlands]
Country Currency: EUR [euros]
Country IP Range: 194.126.172.0 to 194.126.175.255
Country fraud profile: Normal
City (per outside source): Unknown
Country (per outside source): -- []
Private (internal) IP? No
IP address registrar: whois.ripe.net
Known Proxy? No
Link for WHOIS: 194.126.173.16