Andrew.Ferguson@Hilton.com ~ garykenedy@outlook.com

Email header analysis report
All valid IP Addresses found in the header.
Ip Address 3rd Party Info Provider City Flag Country
* 169.254.3.29 Check 169.254.3.29 at Senderbase.org Check 169.254.3.29 at Reputationauthority.org n/a n/a
169.254.2.29 Check 169.254.2.29 at Senderbase.org Check 169.254.2.29 at Reputationauthority.org n/a n/a
167.187.100.2 Check 167.187.100.2 at Senderbase.org Check 167.187.100.2 at Reputationauthority.org Red Lion Hotels & Inns Beverly Hills United States
68.232.140.118 Check 68.232.140.118 at Senderbase.org Check 68.232.140.118 at Reputationauthority.org Cisco Systems Ironport Division San Bruno United States

*Probable originating IP address

_______________________

scamalertDelivered-To: scamfraudalert@gmail.com
Received: by 10.205.102.194 with SMTP id df2csp79006bkc;
Sat, 24 Aug 2013 10:11:20 -0700 (PDT)
X-Received: by 10.236.228.137 with SMTP id f9mr5774561yhq.44.1377364279248;
Sat, 24 Aug 2013 10:11:19 -0700 (PDT)
Return-Path: <prvs=9418cc540=Andrew.Ferguson@hilton.com> Received: from esa5.hilton.iphmx.com (esa5.hilton.iphmx.com. [68.232.140.118])
by mx.google.com with ESMTPS id f5si2629081yhd.241.1969.12.31.16.00.00
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Sat, 24 Aug 2013 10:11:19 -0700 (PDT)
Received-SPF: pass (google.com: domain of prvs=9418cc540=Andrew.Ferguson@hilton.com designates 68.232.140.118 as permitted sender) client-ip=68.232.140.118;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of prvs=9418cc540=Andrew.Ferguson@hilton.com designates 68.232.140.118 as permitted sender) smtp.mail=prvs=9418cc540=Andrew.Ferguson@hilton.com
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ap8AAAjoGFKnu2QCmWdsb2JhbABagkOBSoMnqwSRZh58Fg4BAQEBAQ
YNCwcUKIIbAQoFBBwzOAEGBQEJFVYmAQoBDAiFboILiQKMS450CJIHgSe
PIIMeECZ9A54/ji48gW4
X-IPAS-Result: Ap8AAAjoGFKnu2QCmWdsb2JhbABagkOBSoMnqwSRZh58Fg4BAQEBAQYNCwc
UKIIbAQoFBBwzOAEGBQEJFVYmAQoBDAiFboILiQKMS450CJIHgSePIIMeECZ9A54/
ji48gW4
X-IronPort-AV: E=Sophos;i=”4.89,947,1367989200″;
d=”scan’208,217″;a=”34322933″
Received: from unknown (HELO mail.hilton.com) ([167.187.100.2])
by esa5.hilton.iphmx.com with ESMTP/TLS/AES128-SHA; 24 Aug 2013 12:11:00 -0500
Received: from HFWMXMSG05PH.hotels.ad.hilton.com (10.80.40.25) by
HFWMRMSG02PH.hotels.ad.hilton.com (10.80.200.52) with Microsoft SMTP Server
(TLS) id 14.2.342.3; Sat, 24 Aug 2013 13:10:56 -0400
Received: from HFWMXMSG03PH.hotels.ad.hilton.com ([169.254.2.29]) by
HFWMXMSG05PH.hotels.ad.hilton.com ([169.254.3.29]) with mapi id
14.02.0342.004; Sat, 24 Aug 2013 13:10:57 -0400
From: Andrew Ferguson <Andrew.Ferguson@Hilton.com>
Subject: RE
Thread-Topic: RE
Thread-Index: Ac6g7OWpg6LodkHkS525FS6TJ4rcDA==
Date: Sat, 24 Aug 2013 17:10:56 +0000
Message-ID: <DAF30024411FD3488FFA317D89C3085D1445E561

@HFWMXMSG03PH.hotels.ad.hilton.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.80.202.30]
Content-Type: text/html; charset=”koi8-r”
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
To: Undisclosed recipients:;
Return-Path: <Andrew.Ferguson@Hilton.com>

This transmission is not a digital or electronic signature and cannot be used to form, document, or authenticate a contract. Hilton and its affiliates accept no liability arising in connection with this transmission.Copyright 2013 Hilton Worldwide Proprietary and Confidential

________________________________________________

Din e-mail-id er blevet udvalgt til kontanter 1.000.000,00 fra selskabet Jumbo som den heldige vinder. Send Navne …… Nationalitet ….. telefon …. til denne e-mail: garykenedy@outlook.com
___________________________________________

North Carolina AG Warns of Corporate Records Service

Don’t Fall for the Latest Corporate Records Scam

If you own or work for a business, don’t respond to an official looking mailing from scamalerta group called Corporate Records Service.  Businesses across the state have reported getting the letter, which asks you to fill out an annual corporate records form and send $125 to an address in Raleigh by September 4.

The letter includes references to state law on corporate records, which is enforced by the North Carolina Secretary of State.  But the Secretary of State’s Office does not issue letters like the ones sent by Corporate Records Service, nor does the agency collect fees for filing these records.

We’re investigating these misleading letters, and have taken action against a possibly related scam in the past.  In that case, we barred a California company that sent similar mailings from operating in the state and returned $90,000 in checks it had collected to small businesses across North Carolina.

If you receive one of these letters, don’t respond.  Report scams like this one to the Attorney General’s Consumer Protection Division by calling 1-877-5-NO-SCAM or filing a complaint online at www.ncdoj.gov.

This message brought to you on behalf of North Carolina Attorney General Roy Cooper.