I did some further digging about this scam. First, I did a traceroute to 195.22.232.114, and this is what I got:
1 192.168.1.9 (192.168.1.9) 0.508 ms 0.402 ms 0.451 ms 2 bar2-serial5-1-1-0.Cleveland.cw.net (208.172.217.157) 3.811 ms 4.224 ms 4.583 ms 3 acr2-loopback.Cleveland.cw.net (208.172.210.62) 4.368 ms 5.757 ms 4.658 ms 4 agr3-loopback.NewYork.cw.net (206.24.194.103) 16.637 ms 16.528 ms 18.217 ms 5 dcr1-so-6-2-0.NewYork.cw.net (206.24.207.57) 18.728 ms 16.062 ms 17.043 ms 6 ccr1.Paris.cw.net (208.172.250.61) 106.871 ms 106.700 ms 106.635 ms 7 zcr1-so-6-0-0-2.Parispav.cw.net (208.172.251.174) 106.910 ms 107.509 ms 107.038 ms 8 zpr1-ge-0-2-0.parispat.cw.net (208.175.146.151) 107.203 ms 107.434 ms 107.469 ms 9 208.172.253.74 (208.172.253.74) 105.074 ms 106.150 ms 106.643 ms 10 if-8-0.core2.Paris2.Teleglobe.net (195.219.137.110) 105.507 ms 105.267 ms 105.625 ms 11 if-8-0.core2.Frankfurt2.teleglobe.net (195.219.15.210) 136.790 ms 138.260 ms 136.422 ms 12 if-3-0.core2.Copenhagen.Teleglobe.net (195.219.138.218) 140.411 ms 140.658 ms 138.270 ms 13 if-1-9.core2.Oslo.Teleglobe.net (195.219.138.182) 141.698 ms 139.204 ms 135.444 ms 14 if-5-0-0.bb1.Oslo.teleglobe.net (195.219.15.97) 136.118 ms 139.036 ms 138.241 ms 15 ix-0-0-0.bb1.Oslo.teleglobe.net (195.219.90.26) 146.117 ms 146.920 ms 143.878 ms 16 NO-NIT-TN-6.taide.net (193.219.193.136) 145.639 ms 146.584 ms 146.502 ms 17 l0-ro01.mdl.net (195.22.224.181) 689.803 ms 691.620 ms 701.753 ms 18 e0-ro05.mdl.net (195.22.224.237) 717.792 ms 688.796 ms 692.146 ms 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 195.22.232.114 (195.22.232.114) 700.412 ms 715.925 ms 702.550 ms Strange, those asterisks in 19-23. Anyway, it seems that 195.22.232.114 (where the email was sent from) either belongs to or is an downlink from mdl.net, so I did a whois on that, and here is the result: Domain Name: MDL.NET Registrar: NETWORK SOLUTIONS, INC. Whois Server: whois.networksolutions.com Referral URL: http://www.networksolutions.com Name Server: SFE01.MDL.NET Name Server: SFE02.MDL.NET Updated Date: 07-mar-2002 Registrant: MEGA Dat S.R.L. (MDL3-DOM) 55 Armeneasca str. Chisinau, MD MD2012 MD Domain Name: MDL.NET Administrative Contact: Mushuk, Edward (EM3740) [EMAIL PROTECTED] MEGA-DAT S.R.L. 73 Stefan cel Mare bd. Chisinau MD MD2001 MD + 3732 541375 (FAX) + 3732 541377 Technical Contact: Adamov, Tsvetan (TA2625) [EMAIL PROTECTED] MEGA Dat S.R.L. 77 Alba Iulia str. Chisinau, MD MD2071 MD + 3732 515599 (FAX) + 3732 515588 Billing Contact: Krivoruchka, Liudmila (LK2631) [EMAIL PROTECTED] MEGA Dat S.R.L. 73 Stefan cel Mare bd. Chisinau, MD MD2001 MD + 3732 541375 (FAX) + 3732 541377 Record last updated on 07-Mar-2002. Record expires on 02-Apr-2004. Record created on 02-Apr-1998. Database last updated on 18-Apr-2002 07:20:00 EDT. Domain servers in listed order: SFE01.MDL.NET 195.22.225.11 SFE02.MDL.NET 195.22.225.34 --- You are currently subscribed to e-gold-list as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
