API tools faq
paste
Advertisement
wavellan

20180824_PHISHING_SCAM_1

wavellan
Aug 25th, 2018
396
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.79 KB | None | 0 0
raw download clone embed print report
  1. Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by
  2. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  3. id 15.0.1367.3 via Mailbox Transport; Fri, 24 Aug 2018 16:19:08 -0500
  4. Received: from MBX09C-ORD1.mex08.mlsrvr.com (172.29.9.34) by
  5. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  6. id 15.0.1367.3; Fri, 24 Aug 2018 16:19:08 -0500
  7. Received: from gate.forward.smtp.iad3b.emailsrvr.com (146.20.86.8) by
  8. MBX09C-ORD1.mex08.mlsrvr.com (172.29.9.34) with Microsoft SMTP Server (TLS)
  9. id 15.0.1367.3 via Frontend Transport; Fri, 24 Aug 2018 16:19:08 -0500
  10. Return-Path: <[email protected]>
  11. X-Spam-Threshold: 95
  12. X-Spam-Score: 0
  13. X-Spam-Flag: NO
  14. X-Virus-Scanned: OK
  15. X-Orig-To: REMOVED
  16. X-Originating-Ip: [206.221.190.66]
  17. Authentication-Results: smtp3.gate.iad3b.rsapps.net; iprev=pass policy.iprev="206.221.190.66"; spf=softfail smtp.mailfrom="[email protected]" smtp.helo="dutchess.myrealserver.com"; dkim=pass header.d=advancedapplicationsdesign.com; dmarc=none (p=nil; dis=none) header.from=csc.com
  18. X-Suspicious-Flag: NO
  19. X-Classification-ID: 5609a08a-a7e3-11e8-9986-525400bb3479-1-1
  20. Received: from [206.221.190.66] ([206.221.190.66:56048] helo=dutchess.myrealserver.com)
  21. by smtp3.gate.iad3b.rsapps.net (envelope-from <[email protected]>)
  22. (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
  23. id C3/5A-03197-B46708B5; Fri, 24 Aug 2018 17:19:07 -0400
  24. DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
  25. d=advancedapplicationsdesign.com; s=default; h=Content-Type:MIME-Version:
  26. Message-ID:From:Date:Subject:To:Sender:Reply-To:Cc:Content-Transfer-Encoding:
  27. Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
  28. Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:
  29. List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
  30. bh=hLWRBRKjSjonnJV0cAfHhUwOb7Hs5SX+3lPduU3oZro=; b=ZVvNsaxTu6SDXpmcir5JhRJ9W
  31. M1kdRMgRnQzXNt9kLZWKqhC590VsR+WaTZogvxAzLh3mhqanWr/OvJUTwuN4qOdLwzOLa53QCdlsz
  32. LUg/uSJ9KGXGvM12WdOMGwLAycgzrnct33SPDh/LVvYVQfOMKqcJd2Um/onhyuyuV+FRgbqEvhY6O
  33. EIXfRwAo3HZxKh1UdC0U+k0iwV1Tagiv+6x3Wz+5GoyS2XX+wuBUU6LmRJZ6SGEFU/ltJaVMdbFjO
  34. AqciKV3M/TxprY6ibbKspciH8hwByqDthQUbZwp/HADS4IVGgNUBXoU116eBoAtuXs3de1BCQVlqX
  35. AMYsiuYDQ==;
  36. Received: from advance by dutchess.myrealserver.com with local (Exim 4.91)
  37. (envelope-from <[email protected]>)
  38. id 1ftJTB-009cdQ-1Q
  39. for REMOVED; Fri, 24 Aug 2018 17:18:13 -0400
  40. To: REMOVED
  41. Subject: Representative Offer
  42. X-PHP-Script: advancedapplicationsdesign.com/functionality/Gmailsmtp.php for 129.205.114.21
  43. Date: Fri, 24 Aug 2018 21:18:09 +0000
  44. From: Sichuan Textiles Import And Export Ltd <[email protected]>
  45. Message-ID: <[email protected]>
  46. X-Priority: 3
  47. X-Mailer: PHPMailer 5.2.16 (https://github.com/PHPMailer/PHPMailer)
  48. MIME-Version: 1.0
  49. X-cPanel-MailScanner-Information: Please contact the ISP for more information
  50. X-cPanel-MailScanner-ID: 1ftJTB-009cdQ-1Q
  51. X-cPanel-MailScanner: Found to be clean
  52. X-cPanel-MailScanner-SpamCheck:
  53. X-cPanel-MailScanner-From: [email protected]
  54. X-Spam-Status: No
  55. X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
  56. X-AntiAbuse: Primary Hostname - dutchess.myrealserver.com
  57. X-AntiAbuse: Original Domain - avellan.org
  58. X-AntiAbuse: Originator/Caller UID/GID - [511 499] / [47 12]
  59. X-AntiAbuse: Sender Address Domain - csc.com
  60. X-Get-Message-Sender-Via: dutchess.myrealserver.com: authenticated_id: advance/only user confirmed/virtual account not confirmed
  61. X-Authenticated-Sender: dutchess.myrealserver.com: advance
  62. X-Source:
  63. X-Source-Args:
  64. X-Source-Dir:
  65. X-MS-Exchange-Organization-Network-Message-Id: 14c9e903-38d0-483c-e935-08d60a073a8a
  66. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1446100;0;This mail has
  67. been scanned by Trend Micro ScanMail for Microsoft Exchange;
  68. X-MS-Exchange-Organization-SCL: 0
  69. X-MS-Exchange-Organization-AuthSource: MBX09C-ORD1.mex08.mlsrvr.com
  70. X-MS-Exchange-Organization-AuthAs: Anonymous
  71. Content-type: multipart/alternative;
  72. boundary="B_3618043850_1976723262"
  73.  
  74. > This message is in MIME format. Since your mail reader does not understand
  75. this format, some or all of this message may not be legible.
  76.  
  77. --B_3618043850_1976723262
  78. Content-type: text/plain;
  79. charset="UTF-8"
  80. Content-transfer-encoding: 7bit
  81.  
  82. Hello ,
  83.  
  84. I represent Sichuan Textiles Import & Export Ltd based in CHINA. We are state-run foreign trade enterprise specializing in the import & export of
  85. textiles. We are looking for a representative in the U.S region.
  86.  
  87. We want you to be our representatives in U.S region to retrieve payment from debtors for a commission of 5% of every payment retrieved on our
  88. behalf and a monthly salary $ 3000 to $5000, this Job will only take one hour of your time most likely two times a week.
  89.  
  90. For more info write back.
  91.  
  92. Mr.Richard Lee
  93. Offshore Recruitment Manager
  94. (SCTIE) Hong Kong
  95.  
  96.  
  97. --B_3618043850_1976723262
  98. Content-type: text/html;
  99. charset="UTF-8"
  100. Content-transfer-encoding: quoted-printable
  101.  
  102. <html>
  103. <head>
  104. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
  105. </head>
  106. <body>
  107. <p>Hello ,</p>
  108. <p>I represent Sichuan Textiles Import &amp; Export Ltd based in CHINA. We =
  109. are state-run foreign trade enterprise specializing in the import &amp; expo=
  110. rt of<br>
  111. textiles. We are looking for a representative in the U.S region.</p>
  112. <p>We want you to be our representatives in U.S region to retrieve payment =
  113. from debtors for a commission of 5% of every payment retrieved on our<br>
  114. behalf and a monthly salary $ 3000 to $5000, this Job will only take one ho=
  115. ur of your time most likely two times a week.</p>
  116. <p>For more info write back.</p>
  117. <p>Mr.Richard Lee<br>
  118. Offshore Recruitment Manager<br>
  119. (SCTIE) Hong Kong</p>
  120. </body>
  121. </html>
  122.  
  123.  
  124. --B_3618043850_1976723262--
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!