20180712_PHISHING_SCAM_2

1. Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by
2. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
3. id 15.0.1367.3 via Mailbox Transport; Thu, 12 Jul 2018 12:07:58 -0500
4. Received: from MBX08D-ORD1.mex08.mlsrvr.com (172.29.9.33) by
5. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
6. id 15.0.1367.3; Thu, 12 Jul 2018 12:07:58 -0500
7. Received: from gate.forward.smtp.iad3a.emailsrvr.com (204.232.172.40) by
8. MBX08D-ORD1.mex08.mlsrvr.com (172.29.9.33) with Microsoft SMTP Server (TLS)
9. id 15.0.1367.3 via Frontend Transport; Thu, 12 Jul 2018 12:07:58 -0500
10. Return-Path: <[email protected]>
11. X-Spam-Threshold: 95
12. X-Spam-Score: 100
13. Precedence: junk
14. X-Spam-Flag: YES
15. X-Virus-Scanned: OK
16. X-Orig-To: REMOVED
17. X-Originating-Ip: [153.149.143.6]
18. Authentication-Results: smtp1.gate.iad3a.rsapps.net; iprev=pass policy.iprev="153.149.143.6"; spf=pass smtp.mailfrom="[email protected]" smtp.helo="mr-bdf-ucb005.ocn.ad.jp"; dkim=none (message not signed) header.d=none; dmarc=none (p=nil; dis=none) header.from=orion.ocn.ne.jp
19. X-Suspicious-Flag: NO
20. X-Classification-ID: 1f45f03a-85f6-11e8-af4a-52540091dea5-1-1
21. Received: from [153.149.143.6] ([153.149.143.6:55841] helo=mr-bdf-ucb005.ocn.ad.jp)
22. by smtp1.gate.iad3a.rsapps.net (envelope-from <[email protected]>)
23. (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTP
24. id D8/24-32593-DEA874B5; Thu, 12 Jul 2018 13:07:57 -0400
25. Received: from mf-smf-ucb035c3 (mf-smf-ucb035c3.ocn.ad.jp [153.153.66.232])
26. by mr-bdf-ucb005.ocn.ad.jp (Postfix) with ESMTP id E68862C2C51;
27. Thu, 12 Jul 2018 17:21:07 +0900 (JST)
28. Received: from ntt.pod01.mv-mta-ucb021 ([153.149.142.84])
29. by mf-smf-ucb035c3 with ESMTP
30. id dWqZf5KpC3vLcdWqZfAMRO; Thu, 12 Jul 2018 17:21:07 +0900
31. Message-ID: <1531383667.dWqZf5KpC3vLcdWqZfAMRO@mf-smf-ucb035c3>
32. Received: from smtp.ocn.ne.jp ([153.149.227.166])
33. by ntt.pod01.mv-mta-ucb021 with
34. id 9kM51y00G3c2f7501kM5Ur; Thu, 12 Jul 2018 08:21:07 +0000
35. Received: from smtp.ocn.ne.jp (unknown [123.20.247.113])
36. by smtp.ocn.ne.jp (Postfix) with ESMTPA;
37. Thu, 12 Jul 2018 17:21:05 +0900 (JST)
38. MIME-Version: 1.0
39. To: REMOVED
40. From: Jeannette REMOVED <[email protected]>
41. Subject: Re:
42. Date: Wed, 11 Jul 2018 23:21:01 -0900
43. Importance: normal
44. X-Priority: 3
45. X-MS-Exchange-Organization-Network-Message-Id: 96a1cd91-bd2f-419c-8bc5-08d5e81a044f
46. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1437300;0;This mail has
47. been scanned by Trend Micro ScanMail for Microsoft Exchange;
48. X-MS-Exchange-Organization-SCL: 5
49. X-MS-Exchange-Organization-AuthSource: MBX08D-ORD1.mex08.mlsrvr.com
50. X-MS-Exchange-Organization-AuthAs: Anonymous
51. Content-type: multipart/alternative;
52. boundary="B_3614279056_823823139"
53.  
54. > This message is in MIME format. Since your mail reader does not understand
55. this format, some or all of this message may not be legible.
56.  
57. --B_3614279056_823823139
58. Content-type: text/plain;
59. charset="UTF-8"
60. Content-transfer-encoding: 7bit
61.  
62. http://guide.greatandhra.org
63.  
64. Jeannette REMOVED
65.  
66.  
67.  
68.  
69.  
70.  
71.  
72.  
73.  
74.  
75. --B_3614279056_823823139
76. Content-type: text/html;
77. charset="UTF-8"
78. Content-transfer-encoding: quoted-printable
79.  
80. <html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:schema=
81. s-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/office/20=
82. 04/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40">
83. <head>
84. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
85. <meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
86. <style><!--
87. /* Font Definitions */
88. @font-face
89. {font-family:"Cambria Math";
90. panose-1:2 4 5 3 5 4 6 3 2 4;}
91. @font-face
92. {font-family:Calibri;
93. panose-1:2 15 5 2 2 2 4 3 2 4;}
94. /* Style Definitions */
95. p.MsoNormal, li.MsoNormal, div.MsoNormal
96. {margin:0in;
97. margin-bottom:.0001pt;
98. font-size:11.0pt;
99. font-family:"Calibri",sans-serif;}
100. a:link, span.MsoHyperlink
101. {mso-style-priority:99;
102. color:#0563C1;
103. text-decoration:underline;}
104. a:visited, span.MsoHyperlinkFollowed
105. {mso-style-priority:99;
106. color:#954F72;
107. text-decoration:underline;}
108. span.MsoIntenseEmphasis
109. {mso-style-priority:21;
110. color:#4472C4;
111. font-style:italic;}
112. span.MsoSubtleReference
113. {mso-style-priority:31;
114. font-variant:small-caps;
115. color:#5A5A5A;}
116. ..MsoChpDefault
117. {mso-style-type:export-only;}
118. @page WordSection1
119. {size:8.5in 11.0in;
120. margin:1.0in 1.0in 1.0in 1.0in;}
121. div.WordSection1
122. {page:WordSection1;}
123. --></style>
124. </head>
125. <body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72">
126. <div class=3D"WordSection1">
127. <p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt"><a href=3D"http://guide.gre=
128. atandhra.org">http://guide.greatandhra.org</a></p>
129. <p class=3D"MsoNormal">Jeannette REMOVED<o:p></o:p></p>
130. <p class=3D"MsoNormal"><span class=3D"MsoIntenseEmphasis"><o:p>&nbsp;</o:p></sp=
131. an></p>
132. <p class=3D"MsoNormal"><span class=3D"MsoIntenseEmphasis"><o:p>&nbsp;</o:p></sp=
133. an></p>
134. <p class=3D"MsoNormal"><span class=3D"MsoSubtleReference"><o:p>&nbsp;</o:p></sp=
135. an></p>
136. <p class=3D"MsoNormal"><span class=3D"MsoIntenseEmphasis"><o:p>&nbsp;</o:p></sp=
137. an></p>
138. </div>
139. </body>
140. </html>
141.  
142.  
143. --B_3614279056_823823139--