I am trying to track an Email I received to see where it originated from (harmful scam Email).

Here is the full header:

Received-SPF: pass (domain of aol.com designates 205.188.109.203 as permitted sender) ZSwgeW91ciBpbmZvcm1hdGlvbiBoYXMgYmVlbiBhY2NlcHRlZCBhbmQgYXBw cm92ZWQgYnkgb3VyIFJlY3J1aXRpbmcgRGVwYXJ0bWVudC4gWU9VUiBGSVJT VCBBU1NJR05NRU5UIERFVEFJTFMuIFdlc3Rlcm4gVW5pb24gTW9uZXkgVHJh bnNmZXIgaGFkIHJlcG9ydHMgYWJvdXQgbGFwc2VzIGluIHRoZSBzZXJ2aWNl cyBvZiBzb21lIG9mIHRoZWlyIG91dGxldHMgYW5kIHNvbWUgbwEwAQEBAQN0 ZXh0L3BsYWluAwMwAgN0ZXh0L2h0bWwDAzIx X-YMailISG: HeDj35sWLDvNbQaO2B72kIm7hhiubE2qUysyBFo2m3GE4wsk FOs6uaYWwBVUBbL_ubGEs5Gitm1b86QFPuQYdS3g5s2f_uY3dyHhXh7DcBIB Ad4mJBzeRozs5.0s6vbqhsIEYlaKI4EDrsocJEbDbTUiUq2UyxZ7Ery8Iqow _sBVN0msHJvcI09KwmaXUteV_qCL7qFlj7WNSmdMM.wVUm3pyiWzw1VUZlyD nwoEzdEImQdwmJqoTM1YE8XU6BE8IkmUkh1Z8XkfLtHqmAsPi1_.Msbi8ubk QD71BcTABjb7ixELg5NfomsyZKVN.9G.TnuISlX5umByjS701ITyQ2PUYXai hoVCWg37bKWNR9MAWdogUK8PIV3MWPv5gdglNAKuPdS5Z7.01J39UGyH7R60 aIiIWdAsQ7_3VQBgIi9Seg2YM2j1U5g9QtdcJxBe0.1oigmj7G2sC9.YXNGX 3abQ1EcWVlJLuSuBbQ4Flpbe_Y3_ssz8nZIK2YjKy0U8WWe77vfnxdEBsknf w2OA_PAzHtuAAuxETnAOU_MeMIssgRAtihKC_26Au1LnKYCGPGADFBLaLNHF 30itI.kBvUjdvUfqV11dnGe50kFVzBGDMJFm8mXvb5WtIKq6qU1ZZmUroCew EgXjVZ.JKbux2KQmHh2zZbIJO3nOmLGkzuRczYiWCUNBDtmUZE6imuIQ4P6S RjusSbMITf2fIL_xe.qFCnW563sOdc4u.uXLDx.lq30740l8lWkkLX6KaDMF k9TY0VQKsMynqa4vXKpkTVNdukAcGd0p2i3newxY4q_9eZLn9czsJimfpKNW SX1bqjs0iCQHb4FTydf1Zpa2b.6lIhdjVlIM8tiWhfGhlUeM267T3njEM6nz 0vxyjparR_G_s0VnIVhSeLw2F5KpAL226w2yA.WBcqoG2ROSa7fK.0ZYwy36 Qcmk8C.HKj8Fng1qFLtEfaI4F66rCEJi7h1d6EK0Jk4a_TJnBBub1VQVoU.s SJ2ehs8aDjDqJw27_Ia4vYekKhIU8Oak0vYSmMXhZ5IvJfGfOHYVy4ebkoQf IDE3lSfex1nHZqcMqq0agPOZUOdznSIGJVx4T8m6MGwrEouvL.grhT6KUJQ5 g8UX6DVTgj.8lHuTyOzj3A3NRwDFs2JqicprOMJRS4UWYX8eQ1y4j.4ora36 LnWYm7k1n6X0lDBW5ZdZlsLy7.0al0G1uCIAZwBNo7FnHr6q2mQNwgFaPkNO FOiykqFHu0khLO_cZw87MpDslZO_3lFbJGlnchSs81hkESSQsldUxqdNkIV. yWsS58p1uuwVNksp4NB.QW41wfBtY5FU.Q80g8KiOZIz0daou3GlzoahcHoQ GPgSa86GKtSo.ew2xEUKk6c.ffAT9RjqNh5fzyhBdzEYURxJBYgMlL5DQp2G yYIGhlIS5h9JzPFVkk2XhBoY2NgEAAfJfAfqKoMNNKIW.bEwbgNa9xtSzHNg YdmDfOSkYkAGZDqwa.uONguq5.jqtnWDnx3GDyuoVg-- X-Originating-IP: [205.188.109.203] Authentication-Results: mta1343.mail.bf1.yahoo.com from=aol.com; domainkeys=neutral (no sig); from=mx.aol.com; dkim=pass (ok) Received: from 127.0.0.1 (EHLO omr-d06.mx.aol.com) (205.188.109.203) by mta1343.mail.bf1.yahoo.com with SMTP; Fri, 18 Oct 2013 10:11:15 -0700 Received: from mtaomg-da05.r1000.mx.aol.com (mtaomg-da05.r1000.mx.aol.com [172.29.51.141]) by omr-d06.mx.aol.com (Outbound Mail Relay) with ESMTP id ACFAD7012DFB4 for <.confidential.>; Fri, 18 Oct 2013 13:11:15 -0400 (EDT) Received: from core-mfb002c.r1000.mail.aol.com (core-mfb002.r1000.mail.aol.com [172.29.47.199]) by mtaomg-da05.r1000.mx.aol.com (OMAG/Core Interface) with ESMTP id 2ADB6E000089 for <.confidential.>; Fri, 18 Oct 2013 13:11:15 -0400 (EDT) References: <[email protected]> <[email protected]> <[email protected]> To: .confidential. Subject:.confidential. In-Reply-To: <[email protected]> X-MB-Message-Source: WebUI MIME-Version: 1.0 From: .confidential. X-MB-Message-Type: User Content-Type: multipart/alternative; boundary="--------MB_8D09A3C2FD3105D_1338_33A66_webmail-d257.sysops.aol.com" X-Mailer: AOL Webmail 38109-STANDARD Received: from 66.199.226.81 by webmail-d257.sysops.aol.com (205.188.17.42) with HTTP (WebMailUI); Fri, 18 Oct 2013 13:11:15 -0400 Message-Id: <[email protected]> X-Originating-IP: [66.199.226.81] Date: Fri, 18 Oct 2013 13:11:15 -0400 (EDT) x-aol-global-disposition: G DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com; s=20121107; t=1382116275; bh=9TXLF90L8beaMnjNzoKDwcv3Eq06jiZGN40YTBw2YOI=; h=From:To:Subject:Message-Id:Date:MIME-Version:Content-Type; b=xHVjoH5AccrOpPZoZZW+b41uJ7nzHDrryGsO6WzvtBOFGWX3xJMO3RB1ILFlJAsF6 P9olk8Gz6LDydX9SOZ4w/yPI8y8eU6z1AauwOPxw9F1lu82goIGwK3jIcvOv72koB5 Izq9By7L6PESEmmJ5nFc4ko9vH2CBMcJKPV95HTg= x-aol-sid: 3039ac1d338d52616bb37d53 Content-Length: 26445

The Email was from the aol domain, so I understand the IP of aol. My question is, looking at 66.199.226.81 , would it be safe to say that the Email originated from "Access Integrated Technologies"?

Thanks for any help!