API tools faq
paste
Advertisement
wavellan

20231014_PHISHING_SCAM_1

wavellan
Oct 14th, 2023
218
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.38 KB | None | 0 0
raw download clone embed print report
  1. Compliment of the day to you, I'm Yuliia Kadulina Deputy Chairman of the Management Board, and Personal Finance Director at Ukrsibbank Ukraine. I have a beneficial proposal to discuss with you. Kindly revert so I can fill you in on the details.
  2. Thanks,
  3. Yuliia
  4.  
  5.  
  6.  
  7.  
  8. Received: from SA1PR05MB8178.namprd05.prod.outlook.com (2603:10b6:806:1b5::20)
  9. by MWHPR0501MB3899.namprd05.prod.outlook.com with HTTPS; Sat, 14 Oct 2023
  10. 18:41:28 +0000
  11. Received: from BY3PR05CA0054.namprd05.prod.outlook.com (2603:10b6:a03:39b::29)
  12. by SA1PR05MB8178.namprd05.prod.outlook.com (2603:10b6:806:1b5::20) with
  13. Microsoft SMTP Server (version=TLS1_2,
  14. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Sat, 14 Oct
  15. 2023 18:41:26 +0000
  16. Received: from DM6NAM12FT020.eop-nam12.prod.protection.outlook.com
  17. (2603:10b6:a03:39b:cafe::4) by BY3PR05CA0054.outlook.office365.com
  18. (2603:10b6:a03:39b::29) with Microsoft SMTP Server (version=TLS1_2,
  19. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend
  20. Transport; Sat, 14 Oct 2023 18:41:25 +0000
  21. Authentication-Results: spf=pass (sender IP is 90.85.147.196)
  22. smtp.mailfrom=sdis83.fr; dkim=fail (signature did not verify)
  23. header.d=sdis83.fr;dmarc=bestguesspass action=none
  24. header.from=sdis83.fr;compauth=pass reason=109
  25. Received-SPF: Pass (protection.outlook.com: domain of sdis83.fr designates
  26. 90.85.147.196 as permitted sender) receiver=protection.outlook.com;
  27. client-ip=90.85.147.196; helo=mcleaner1.sdis83.fr; pr=C
  28. Received: from mcleaner1.sdis83.fr (90.85.147.196) by
  29. DM6NAM12FT020.mail.protection.outlook.com (10.13.179.221) with Microsoft SMTP
  30. Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
  31. 15.20.6907.17 via Frontend Transport; Sat, 14 Oct 2023 18:41:25 +0000
  32. DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sdis83.fr;
  33. s=20941BBC-152A-11E7-91FB-EB0D0D96C3E7; h=Content-Type:MIME-Version:Subject:
  34. Message-ID:Reply-To:From:Date:Sender:To:Cc:Content-Transfer-Encoding:
  35. Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
  36. Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:
  37. List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
  38. bh=Rs9jeYqS5rcI3DHiQ1ixfY5Wm1nUBoQq9JQ7SNcWb6k=; b=aVJieX7d1azCZQNW4u2s2OpGpz
  39. sDy/vtkJkO7XHgcV0Yfo9+8DLH4yjFfT+qwfa1dHdAZVP61Db9T3KflPbECuvHXcM6ZeZx5Y4Hjeb
  40. IzxYQmAnk901oij+M9rorlsUHhgDoXI40PjQsX5Ss+LB2iFVm8twI8sEkzuq4bAVvsDBH5mgiHRaH
  41. O1IGYnqYYW7biXHcqfkIwYtslc3P8xqSZkE/1IXgqGIT9isgPTcTaAK7sRvLGGAu3ecnIcGgtiDGo
  42. 0YFO7abOKRECoPsVz1WxfIZp4o+sNn5/thsQeHe9DjFqJu4u7SSJUIS9YbR7MIwqaI9dUhFIFzQPw
  43. wBWyq0Dw==;
  44. Received: from [10.201.103.4] (helo=zimbra.sdis83.fr)
  45. by mcleaner1.sdis83.fr stage1 with esmtp
  46. (Exim MailCleaner)
  47. id 1qrjVJ-00051W-0Q
  48. from <[email protected]>;
  49. Sat, 14 Oct 2023 20:36:49 +0200
  50. Received: from localhost (localhost [127.0.0.1])
  51. by zimbra.sdis83.fr (Postfix) with ESMTP id EB74866C02DB;
  52. Sat, 14 Oct 2023 20:36:48 +0200 (CEST)
  53. X-Virus-Scanned: amavis at zimbra.sdis83.fr
  54. Received: from zimbra.sdis83.fr ([127.0.0.1])
  55. by localhost (zimbra.sdis83.fr [127.0.0.1]) (amavis, port 10026) with ESMTP
  56. id P2pYo4KmbQLX; Sat, 14 Oct 2023 20:36:48 +0200 (CEST)
  57. Received: from zimbra.sdis83.fr (localhost [127.0.0.1])
  58. by zimbra.sdis83.fr (Postfix) with ESMTP id E594E66C02CB;
  59. Sat, 14 Oct 2023 20:36:46 +0200 (CEST)
  60. Date: Sat, 14 Oct 2023 20:36:46 +0200 (CEST)
  61. From: Yuliia Kadulina <[email protected]>
  62. Reply-To: Yuliia Kadulina <[email protected]>
  63. Message-ID: <[email protected]>
  64. Subject: Favorable Deal
  65. MIME-Version: 1.0
  66. X-Originating-IP: [10.201.103.4]
  67. X-Mailer: Zimbra 8.8.15_GA_4562 (zclient/8.8.15_GA_4562)
  68. Thread-Index: f0nMAlO+AYMa6MKB+7DuqlZKNFBFaA==
  69. Thread-Topic: Favorable Deal
  70. X-MailCleaner-TrustedIPs: Ok
  71. X-MailCleaner-RDNS: invalid reverse DNS for 10.201.103.4
  72. To: Undisclosed recipients:;
  73. Return-Path: [email protected]
  74. X-MS-Exchange-Organization-ExpirationStartTime: 14 Oct 2023 18:41:25.4677
  75. (UTC)
  76. X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
  77. X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
  78. X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
  79. X-MS-Exchange-Organization-Network-Message-Id:
  80. d844487b-be35-4776-1701-08dbcce52ba2
  81. X-EOPAttributedMessage: 0
  82. X-EOPTenantAttributedMessage: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a:0
  83. X-MS-Exchange-Organization-MessageDirectionality: Incoming
  84. X-MS-PublicTrafficType: Email
  85. X-MS-TrafficTypeDiagnostic:
  86. DM6NAM12FT020:EE_|SA1PR05MB8178:EE_|MWHPR0501MB3899:EE_
  87. X-MS-Exchange-Organization-AuthSource:
  88. DM6NAM12FT020.eop-nam12.prod.protection.outlook.com
  89. X-MS-Exchange-Organization-AuthAs: Anonymous
  90. X-MS-Office365-Filtering-Correlation-Id: d844487b-be35-4776-1701-08dbcce52ba2
  91. X-MS-Exchange-Organization-SCL: 5
  92. X-Forefront-Antispam-Report:
  93. CIP:90.85.147.196;CTRY:FR;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:mcleaner1.sdis83.fr;PTR:mcleaner1.sdis83.fr;CAT:SPM;SFS:(13230031)(230922051799003)(109986022)(451199024)(7636003)(356005)(86362001)(7596003)(36756003)(1096003)(33964004)(58800400005)(6266002)(7116003)(2860700004)(8676002)(7696005)(22186003)(4300700001)(5660300002)(120186005)(426003)(7126003)(336012)(83380400001)(3480700007)(26005)(2616005)(4001660100023);DIR:INB;
  94. X-Microsoft-Antispam: BCL:0;
  95. X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2023 18:41:25.1708
  96. (UTC)
  97. X-MS-Exchange-CrossTenant-Network-Message-Id: d844487b-be35-4776-1701-08dbcce52ba2
  98. X-MS-Exchange-CrossTenant-Id: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a
  99. X-MS-Exchange-CrossTenant-AuthSource:
  100. DM6NAM12FT020.eop-nam12.prod.protection.outlook.com
  101. X-MS-Exchange-CrossTenant-AuthAs: Anonymous
  102. X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
  103. X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR05MB8178
  104. X-MS-Exchange-Transport-EndToEndLatency: 00:00:03.7331873
  105. X-MS-Exchange-Processed-By-BccFoldering: 15.20.6863.043
  106. X-Microsoft-Antispam-Mailbox-Delivery:
  107. ucf:0;jmr:0;auth:0;dest:J;OFR:SpamFilterAuthJ;ENG:(910001)(944506478)(944626604)(920097)(930097)(3100021)(140003);RF:JunkEmail;
  108. X-Microsoft-Antispam-Message-Info:
  109.  
  110. Content-type: multipart/alternative;
  111. boundary="B_3780143671_1428678464"
  112.  
  113. > This message is in MIME format. Since your mail reader does not understand
  114. this format, some or all of this message may not be legible.
  115.  
  116. --B_3780143671_1428678464
  117. Content-type: text/plain;
  118. charset="UTF-8"
  119. Content-transfer-encoding: 7bit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!