hardlyPremium
join:2004-02-10
USA
4 edits | Google ?I received this today, and the closer I look, the less I can find wrong with it. Phish Tracker rejected it. What am I missing? Delivered-To: xxxxxxxxxxxx@gmail.com
Received: by 10.194.157.34 with SMTP id wj2csp150226wjb;
Fri, 8 Feb 2013 16:49:39 -0800 (PST)
X-Received: by 10.220.153.2 with SMTP id i2mr9011791vcw.53.1360370979168;
Fri, 08 Feb 2013 16:49:39 -0800 (PST)
Return-Path: <3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com>
Received: from mail-vb0-f76.google.com (mail-vb0-f76.google.com [209.85.212.76])
by mx.google.com with ESMTPS id h7si31771588vce.29.2013.02.08.16.49.38
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Fri, 08 Feb 2013 16:49:39 -0800 (PST)
Received-SPF: pass (google.com: domain of 3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com designates 209.85.212.76 as permitted sender) client-ip=209.85.212.76;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of 3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com designates 209.85.212.76 as permitted sender) smtp.mail=3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com;
dkim=pass header.i=@google.com
Received: by mail-vb0-f76.google.com with SMTP id fe20so14804vbb.3
for <xxxxxxxxxxxx@gmail.com>; Fri, 08 Feb 2013 16:49:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=mime-version:x-received:message-id:date:subject:from:to
:content-type;
bh=EwV641Drca7JmpWKZdLw38KxRUIHGZ75O2H1dhuCUlA=;
b=B+cDcuC/AKRYSqcQuFhbhl+SIxzU2NNmUFqfgQLsknjYLI4nYtOVOXRocr56Wp/sTK
l5+/N/pIp7Ab37o/+em6p50Ow17DLDa62Lzbic3jaABsgMDDXJRA3gMO1
Sq0Ztd0A4xHZxKZp5HUhnU+hnMODcdjsdeUAg3LL0y4TRufVUDOcH1KsBpWM4sqeyhh3
3rdZc6T4/ExcJvUwffkppz/PK1BOPjjMLARAHej6NPQzfWuIOEF+OXDt8ijnAgrCm9xM
eUwnTH6m91yqxEfwM5d2kJCtqLR1MpiHN7wob4o56wZMPOnDoXB3C5rSHrW9KKCPe5f7
spMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=mime-version:x-received:message-id:date:subject:from:to
:content-type:x-gm-message-state;
bh=EwV641Drca7JmpWKZdLw38KxRUIHGZ75O2H1dhuCUlA=;
b=DVVk3BhPllWUHCI0VIP1C7bdQBzi7nwkQxasbkX8TriQqBNUekexF4xcx6byWk+Tuu
bXAUI7E6UZn3I7OsrabNqSreqGbBOiY5bXzUWv22uweyfHF4rda0GWuaR/O/zd3ZoGRs
tCKGxsdZAW1/bOItFPi66RUaKrPEWyKwYvhLqhiVciRMV5JxXCJ/NxWs8RTmPUrxpQAc
eH/P8KxSNbuQyhz5YHVTSMe2grTJPfzi7uSSvv7/L9HTZ6r4PZnOlijTy3+NdONCXFRR
G1Bo0zZNTb1NkdRFgugFgSqTb91yQSXEcD6yFHx3b38Xwssmrw3Dy9tTqnvmNSChMp9r
+wUw==
MIME-Version: 1.0
X-Received: by 10.224.189.78 with SMTP id dd14mr4347982qab.0.1360370978608;
Fri, 08 Feb 2013 16:49:38 -0800 (PST)XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Message-ID: <1befh0o0000000010igbaa001163hox70mjie9m6ko30c1g60o3ad1o@mail.gmail.com>
Date: Sat, 09 Feb 2013 00:49:38 +0000
Subject: Notification from Google
From: USLawEnforcement@google.com
To: xxxxxxxxxxxx@gmail.com
Content-Type: multipart/alternative; boundary=20cf30363683f156f204d5400c88
X-Gm-Message-State: ALoCoQnsQ7pzoBva50PcxRFVW67D5XvsEdNQbxBBPcE/0BXxUMUESwxUMoZWomGdJzF5IEp9ElsN50YwYESLm9O0rkGxpjtc7J5td2s6EZV648xCYW8PMAa/6Uavi3gEzB6P7w0p8VzYFLOynyo5YiVGrdIJfPst/GeIv9/eZub5jWs6W7N5SSRf1xYkQdnpCVQjjCcBLfPt
--20cf30363683f156f204d5400c88
Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=yes
Content-Transfer-Encoding: base64
XXXXXXXXXXXXXXXXXXXXXXXXZ21haWwuY29tLA0KDQpHb29nbGUgaGFzIHJlY2VpdmVkIGxlZ2Fs
IHByb2Nlc3MgZm9yIGluZm9ybWF0aW9uIHJlbGF0ZWQgdG8geW91ciBhY2NvdW50DQppbiBhIG1h
dHRlciBpc3N1ZWQgYnkgT2ZmaWNlIG9mIEluc3VyYW5jZSBDb21taXNzaW9uZXIuDQoNClRvIGNv
bXBseSB3aXRoIHRoZSBsYXcsIEdvb2dsZSBtYXkgcHJvdmlkZSByZXNwb25zaXZlIGRvY3VtZW50
cyBwdXJzdWFudCB0bw0KdGhlIEVsZWN0cm9uaWMgQ29tbXVuaWNhdGlvbnMgUHJpdmFjeSBBY3Qu
IFNlZSAxOCBVLlMuQy4gwqcgMjcwMSBldCBzZXEuDQoNCkZvciBtb3JlIGluZm9ybWF0aW9uIGFi
b3V0IHRoZSBsZWdhbCBwcm9jZXNzIHNlZWtpbmcgeW91ciBHb29nbGUgYWNjb3VudA0KaW5mb3Jt
YXRpb24sIHlvdSBtYXkgd2lzaCB0byBjb250YWN0IHRoZSBwYXJ0eSBzZWVraW5nIHRoaXMgaW5m
b3JtYXRpb24gYXQ6DQoNCjM2MC01ODYtMjU2Nw0KDQpVbmZvcnR1bmF0ZWx5LCBHb29nbGUgaXMg
bm90IGluIGEgcG9zaXRpb24gdG8gcHJvdmlkZSB5b3Ugd2l0aCBsZWdhbCBhZHZpY2UNCm9yIGRp
c2N1c3MgdGhlIHN1YnN0YW5jZSBvZiB0aGUgcHJvY2VzcyBpbiBvdXIgcG9zc2Vzc2lvbi4NCg0K
SWYgeW91IGhhdmUgb3RoZXIgcXVlc3Rpb25zIHJlZ2FyZGluZyB0aGlzIG1hdHRlciwgd2UgZW5j
b3VyYWdlIHlvdSB0bw0KY29udGFjdCB5b3VyIGF0dG9ybmV5Lg0KDQpSZWdhcmRzLA0KR29vZ2xl
IEluYy4NCkxlZ2FsIEludmVzdGlnYXRpb25zIFN1cHBvcnQNCg==
--20cf30363683f156f204d5400c88
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><span style=3D"background-color: rgb(255, 255, 255);">Dear=
<span class=3D"suggest" id=3D"gwt-uid-1">xxxxxxxxxxxx</span>@gmail.com,<br=
><br>Google has received legal process for information related to your acco=
unt in a matter issued by <span style=3D"font-family: arial, helvetica=
, sans-serif; line-height: 25px;">Office of Insurance Commissioner</span>. =
<br><br>To comply with the law, Google may provide responsive documents pur=
suant to the Electronic Communications Privacy Act. See 18 U.S.C. =C2=A7 27=
01 et seq. <br><br>For more information about the legal process seeking yo=
ur Google account information, you may wish to contact the party seeking th=
is information at:<br><br><span style=3D"font-family: arial, helvetica, san=
s-serif; line-height: 25px;">360-586-2567</span><br><br>Unfortunately, Goog=
le is not in a position to provide you with legal advice or discuss the sub=
stance of the process in our possession. <br><br>If you have other question=
s regarding this matter, we encourage you to contact your attorney.<br><br>=
Regards, <br>Google Inc.<br>Legal Investigations Support</span><br></div>
--20cf30363683f156f204d5400c88--
edit: sub better attachment edit2: add block code edit3: obfuscate |
|
 nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7
 ·AT&T U-Verse
| Phish Tracker rejected it, because there is no suspicious URL there. It does not appear to be a phish. It might be a vish (voice phish), since there is a phone number.
The mail might be legitimate. It's hard to know.
The "Received:" lines are not giving information about the source (or IP address) from which received. Checking a known legit email from google, I see the same problem. It troubles me that google is failing to provide such information in the headers.
On a surface read, it appears that some organization with a name too vague to be identified, has requested information about you from google. And it looks as if google is going to provide that information.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 12.3 Beta1; firefox 18.0 |
|
 SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:6
 ·RoadRunner Cable
 ·Clearwire Wireless
| reply to hardly
You will get more 'looks' if you post the headers using code blocks rather than posting them in a pdf.
Aah, nwrickert  to the rescue!  |
|
nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7 | I agree - I would have preferred a code block to the pdf. |
|
|
|
hardlyPremium
join:2004-02-10
USA
1 edit | reply to nwrickert
Here is the entire email: Delivered-To: xxxxxxxxxxxx@gmail.com
Received: by 10.194.157.34 with SMTP id wj2csp150226wjb;
Fri, 8 Feb 2013 16:49:39 -0800 (PST)
X-Received: by 10.220.153.2 with SMTP id i2mr9011791vcw.53.1360370979168;
Fri, 08 Feb 2013 16:49:39 -0800 (PST)
Return-Path: <3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com>
Received: from mail-vb0-f76.google.com (mail-vb0-f76.google.com [209.85.212.76])
by mx.google.com with ESMTPS id h7si31771588vce.29.2013.02.08.16.49.38
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Fri, 08 Feb 2013 16:49:39 -0800 (PST)
Received-SPF: pass (google.com: domain of 3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com designates 209.85.212.76 as permitted sender) client-ip=209.85.212.76;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of 3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com designates 209.85.212.76 as permitted sender) smtp.mail=3Ip0VURAKDEEXVOdzHqirufhphqwjrrjoh.frpkd1ghqlvodqgjpdlo.frp@cases-outbound-prod.bounces.google.com;
dkim=pass header.i=@google.com
Received: by mail-vb0-f76.google.com with SMTP id fe20so14804vbb.3
for <xxxxxxxxxxxx@gmail.com>; Fri, 08 Feb 2013 16:49:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=mime-version:x-received:message-id:date:subject:from:to
:content-type;
bh=EwV641Drca7JmpWKZdLw38KxRUIHGZ75O2H1dhuCUlA=;
b=B+cDcuC/AKRYSqcQuFhbhl+SIxzU2NNmUFqfgQLsknjYLI4nYtOVOXRocr56Wp/sTK
l5+/N/pIp7Ab37o/+em6p50Ow17DLDa62Lzbic3jaABsgMDDXJRA3gMO1
Sq0Ztd0A4xHZxKZp5HUhnU+hnMODcdjsdeUAg3LL0y4TRufVUDOcH1KsBpWM4sqeyhh3
3rdZc6T4/ExcJvUwffkppz/PK1BOPjjMLARAHej6NPQzfWuIOEF+OXDt8ijnAgrCm9xM
eUwnTH6m91yqxEfwM5d2kJCtqLR1MpiHN7wob4o56wZMPOnDoXB3C5rSHrW9KKCPe5f7
spMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=mime-version:x-received:message-id:date:subject:from:to
:content-type:x-gm-message-state;
bh=EwV641Drca7JmpWKZdLw38KxRUIHGZ75O2H1dhuCUlA=;
b=DVVk3BhPllWUHCI0VIP1C7bdQBzi7nwkQxasbkX8TriQqBNUekexF4xcx6byWk+Tuu
bXAUI7E6UZn3I7OsrabNqSreqGbBOiY5bXzUWv22uweyfHF4rda0GWuaR/O/zd3ZoGRs
tCKGxsdZAW1/bOItFPi66RUaKrPEWyKwYvhLqhiVciRMV5JxXCJ/NxWs8RTmPUrxpQAc
eH/P8KxSNbuQyhz5YHVTSMe2grTJPfzi7uSSvv7/L9HTZ6r4PZnOlijTy3+NdONCXFRR
G1Bo0zZNTb1NkdRFgugFgSqTb91yQSXEcD6yFHx3b38Xwssmrw3Dy9tTqnvmNSChMp9r
+wUw==
MIME-Version: 1.0
X-Received: by 10.224.189.78 with SMTP id dd14mr4347982qab.0.1360370978608;
Fri, 08 Feb 2013 16:49:38 -0800 (PST)XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Message-ID: <1befh0o0000000010igbaa001163hox70mjie9m6ko30c1g60o3ad1o@mail.gmail.com>
Date: Sat, 09 Feb 2013 00:49:38 +0000
Subject: Notification from Google
From: USLawEnforcement@google.com
To: xxxxxxxxxxxx@gmail.com
Content-Type: multipart/alternative; boundary=20cf30363683f156f204d5400c88
X-Gm-Message-State: ALoCoQnsQ7pzoBva50PcxRFVW67D5XvsEdNQbxBBPcE/0BXxUMUESwxUMoZWomGdJzF5IEp9ElsN50YwYESLm9O0rkGxpjtc7J5td2s6EZV648xCYW8PMAa/6Uavi3gEzB6P7w0p8VzYFLOynyo5YiVGrdIJfPst/GeIv9/eZub5jWs6W7N5SSRf1xYkQdnpCVQjjCcBLfPt
--20cf30363683f156f204d5400c88
Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=yes
Content-Transfer-Encoding: base64
XXXXXXXXXXXXXXXXXXXXXXXXZ21haWwuY29tLA0KDQpHb29nbGUgaGFzIHJlY2VpdmVkIGxlZ2Fs
IHByb2Nlc3MgZm9yIGluZm9ybWF0aW9uIHJlbGF0ZWQgdG8geW91ciBhY2NvdW50DQppbiBhIG1h
dHRlciBpc3N1ZWQgYnkgT2ZmaWNlIG9mIEluc3VyYW5jZSBDb21taXNzaW9uZXIuDQoNClRvIGNv
bXBseSB3aXRoIHRoZSBsYXcsIEdvb2dsZSBtYXkgcHJvdmlkZSByZXNwb25zaXZlIGRvY3VtZW50
cyBwdXJzdWFudCB0bw0KdGhlIEVsZWN0cm9uaWMgQ29tbXVuaWNhdGlvbnMgUHJpdmFjeSBBY3Qu
IFNlZSAxOCBVLlMuQy4gwqcgMjcwMSBldCBzZXEuDQoNCkZvciBtb3JlIGluZm9ybWF0aW9uIGFi
b3V0IHRoZSBsZWdhbCBwcm9jZXNzIHNlZWtpbmcgeW91ciBHb29nbGUgYWNjb3VudA0KaW5mb3Jt
YXRpb24sIHlvdSBtYXkgd2lzaCB0byBjb250YWN0IHRoZSBwYXJ0eSBzZWVraW5nIHRoaXMgaW5m
b3JtYXRpb24gYXQ6DQoNCjM2MC01ODYtMjU2Nw0KDQpVbmZvcnR1bmF0ZWx5LCBHb29nbGUgaXMg
bm90IGluIGEgcG9zaXRpb24gdG8gcHJvdmlkZSB5b3Ugd2l0aCBsZWdhbCBhZHZpY2UNCm9yIGRp
c2N1c3MgdGhlIHN1YnN0YW5jZSBvZiB0aGUgcHJvY2VzcyBpbiBvdXIgcG9zc2Vzc2lvbi4NCg0K
SWYgeW91IGhhdmUgb3RoZXIgcXVlc3Rpb25zIHJlZ2FyZGluZyB0aGlzIG1hdHRlciwgd2UgZW5j
b3VyYWdlIHlvdSB0bw0KY29udGFjdCB5b3VyIGF0dG9ybmV5Lg0KDQpSZWdhcmRzLA0KR29vZ2xl
IEluYy4NCkxlZ2FsIEludmVzdGlnYXRpb25zIFN1cHBvcnQNCg==
--20cf30363683f156f204d5400c88
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><span style=3D"background-color: rgb(255, 255, 255);">Dear=
<span class=3D"suggest" id=3D"gwt-uid-1">xxxxxxxxxxxx</span>@gmail.com,<br=
><br>Google has received legal process for information related to your acco=
unt in a matter issued by <span style=3D"font-family: arial, helvetica=
, sans-serif; line-height: 25px;">Office of Insurance Commissioner</span>. =
<br><br>To comply with the law, Google may provide responsive documents pur=
suant to the Electronic Communications Privacy Act. See 18 U.S.C. =C2=A7 27=
01 et seq. <br><br>For more information about the legal process seeking yo=
ur Google account information, you may wish to contact the party seeking th=
is information at:<br><br><span style=3D"font-family: arial, helvetica, san=
s-serif; line-height: 25px;">360-586-2567</span><br><br>Unfortunately, Goog=
le is not in a position to provide you with legal advice or discuss the sub=
stance of the process in our possession. <br><br>If you have other question=
s regarding this matter, we encourage you to contact your attorney.<br><br>=
Regards, <br>Google Inc.<br>Legal Investigations Support</span><br></div>
--20cf30363683f156f204d5400c88--
|
|
 dbmavenThere's no shortagePremium,Mod
join:1999-10-26
Sty in Sky
kudos:2
 ·VOIPo
Host:
Filesharing Software
No, I Will Not Fix..
Time Warner Intern..
Bright House Netwo..
Computer Hardware ..
| reply to hardly
Google may or may not be your friend 
But a simple Google search on the phone # yields this:
....please contact the Washington State Patrol, Criminal Investigative Division, Olympia OIC office at (360) 586-2567....
--
Ad astra per alas porci!!
|
|
hardlyPremium
join:2004-02-10
USA | Thank you. I had tried
»800notes.com/
without results prior to posting. |
|
garys_2kPremium
join:2004-05-07
Farmington, MI | reply to hardly
Yep, I think it's legit, too. Time to lawyer up! |
|
