API tools faq
paste
Advertisement
wavellan

201808013_PHISHING_SCAM_1

wavellan
Aug 13th, 2018
410
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.27 KB | None | 0 0
raw download clone embed print report
  1. Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by
  2. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  3. id 15.0.1367.3 via Mailbox Transport; Sun, 12 Aug 2018 05:19:39 -0500
  4. Received: from MBX03D-ORD1.mex08.mlsrvr.com (172.29.9.18) by
  5. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  6. id 15.0.1367.3; Sun, 12 Aug 2018 05:19:38 -0500
  7. Received: from gate.forward.smtp.ord1d.emailsrvr.com (161.47.34.7) by
  8. MBX03D-ORD1.mex08.mlsrvr.com (172.29.9.18) with Microsoft SMTP Server (TLS)
  9. id 15.0.1367.3 via Frontend Transport; Sun, 12 Aug 2018 05:19:38 -0500
  10. Return-Path: <[email protected]>
  11. X-Spam-Threshold: 95
  12. X-Spam-Score: 100
  13. Precedence: junk
  14. X-Spam-Flag: YES
  15. X-Virus-Scanned: OK
  16. X-Orig-To: REMOVED
  17. X-Originating-Ip: [162.213.31.5]
  18. Authentication-Results: smtp8.gate.ord1d.rsapps.net; iprev=pass policy.iprev="162.213.31.5"; spf=permerror smtp.mailfrom="[email protected]" smtp.helo="glasford.com.hk"; dkim=none (message not signed) header.d=none; dmarc=none (p=nil; dis=none) header.from=glasford.com.hk
  19. X-Suspicious-Flag: NO
  20. X-Classification-ID: 36d3b6d4-9e19-11e8-aece-5254001e5a60-1-1
  21. Received: from [162.213.31.5] ([162.213.31.5:52497] helo=glasford.com.hk)
  22. by smtp8.gate.ord1d.rsapps.net (envelope-from <[email protected]>)
  23. (ecelerity 4.2.38.62370 r(:)) with ESMTP
  24. id 3F/3F-04019-8B9007B5; Sun, 12 Aug 2018 06:19:38 -0400
  25. From: Sanjay Yadavi <[email protected]>
  26. To: REMOVED
  27. Subject: Re: T/T EUR 78,845.10
  28. Date: Sun, 12 Aug 2018 06:19:29 -0400
  29. Message-ID: <[email protected]>
  30. MIME-Version: 1.0
  31. X-MS-Exchange-Organization-Network-Message-Id: 00ec9e9d-34fa-43d0-e442-08d6003d1c08
  32. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1443700;0;This mail has
  33. been scanned by Trend Micro ScanMail for Microsoft Exchange;
  34. X-MS-Exchange-Organization-SCL: 5
  35. X-MS-Exchange-Organization-AuthSource: MBX03D-ORD1.mex08.mlsrvr.com
  36. X-MS-Exchange-Organization-AuthAs: Anonymous
  37. Content-type: multipart/mixed;
  38. boundary="B_3617002023_1793900748"
  39.  
  40. > This message is in MIME format. Since your mail reader does not understand
  41. this format, some or all of this message may not be legible.
  42.  
  43. --B_3617002023_1793900748
  44. Content-type: multipart/alternative;
  45. boundary="B_3617002023_1991765616"
  46.  
  47.  
  48. --B_3617002023_1991765616
  49. Content-type: text/plain;
  50. charset="UTF-8"
  51. Content-transfer-encoding: 7bit
  52.  
  53. Good Day,
  54.  
  55. Please find attached payment information made to your account for settlement of invoice attached.
  56.  
  57. Kindly confirm once you received the payment.
  58.  
  59.  
  60. Note: payment will be successfully received within 72 banking hours. If you didn't give any feedback within 3-5 banking days, this payment will be considered successfully received.
  61.  
  62.  
  63.  
  64. Regards.
  65.  
  66.  
  67. Mr Jamal Al. Shahrani
  68.  
  69. Abdullah M.Al-Shahrani Exchange
  70. P.O.Box No. 86820, Riyadh .11632
  71. Kingdom of Saudi Arabia
  72. Telephone: +96612653413/ 2643411
  73.  
  74.  
  75.  
  76.  
  77. --B_3617002023_1991765616
  78. Content-type: text/html;
  79. charset="UTF-8"
  80. Content-transfer-encoding: quoted-printable
  81.  
  82. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.=
  83. w3.org/TR/html4/loose.dtd">
  84. <html>
  85. <head>
  86. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
  87. <meta name=3D"GENERATOR" content=3D"MSHTML 11.00.9600.19003">
  88. </head>
  89. <body style=3D"MARGIN: 0.5em">
  90. <p>Good Day,</p>
  91. <p>Please find attached payment information made to your account for settle=
  92. ment of invoice attached.</p>
  93. <p>Kindly confirm once you received the payment.</p>
  94. <p>&nbsp;<br>
  95. Note: payment will be successfully received within 72 banking hours. If you=
  96. didn't give any feedback within 3-5 banking days, this payment will be cons=
  97. idered successfully received.</p>
  98. <p>&nbsp;</p>
  99. <p>Regards.</p>
  100. <p><br>
  101. Mr Jamal Al. Shahrani</p>
  102. <p>Abdullah M.Al-Shahrani Exchange<br>
  103. P.O.Box No. 86820, Riyadh .11632<br>
  104. Kingdom of Saudi Arabia<br>
  105. Telephone: &#43;96612653413/ 2643411</p>
  106. <p>&nbsp;</p>
  107. </body>
  108. </html>
  109.  
  110.  
  111. --B_3617002023_1991765616--
  112.  
  113.  
  114. --B_3617002023_1793900748
  115. Content-type: application/x-tar; name="SWIFT-COPY.tar";
  116. x-mac-creator="4F50494D"
  117. Content-ID: <[email protected]>
  118. Content-disposition: attachment;
  119. filename="SWIFT-COPY.tar"
  120. Content-transfer-encoding: base64
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!