API tools faq
paste
Guest User

Hack attempt

a guest
Aug 4th, 2015
220
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.00 KB | None | 0 0
raw download clone embed print report
  1. Below is a 90%+ email header, of a hack attempt sent to an outlook email address - only 1 recipient's email address has been included, as she's known for her attempted hacks of Windows PCs. I believe the user has created an account in the name of The Lantern Project, in order to dupe the unwary. I also have a screenshot of the email
  2.  
  3. Immediately below is WhatsMyIP's analysis of the email header, then the rest of the header content:
  4.  
  5. The email source IP address is: 186.124.198.60
  6. The email source IP host name is: host60.186-124-198.telecom.net.ar.
  7. Email Source IP Lookup Info
  8. Country: Argentina
  9. City: Tucuman
  10. Area Code: -
  11. Latitude: -26.8083
  12. Longitude: -65.2333
  13. ISP: Telecom Argentina S.A.
  14. Organization: Telecom Argentina S.A.
  15.  
  16. x-store-info:fHNTDlzCF8Nxw6HwcfGQy+S7Ax/lqLSmNphQ3OF+T9E=
  17. smtp.mailfrom=TheLanternProject@turista31.com; dkim=none header.d=turista31.com; x-hmca=none header.id=TheLanternProject@turista31.com
  18. X-SID-PRA: TheLanternProject@turista31.com
  19. X-AUTH-Result: NONE
  20. X-SID-Result: NONE
  21. X-Message-Status: n:n
  22. X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0wO0Q9MjtHRD0yO1NDTD00
  23. X-Message-Info: 11chDOWqoTnp2jWDXFtGMLArnPVh5jbNZoMOV99bX9twF1FYNSn2qHgUPIrQTgGj2e6hO63Qb7VBbTnmaUuZtNT8f3ZGkxkFmegWwDfFvuaMJlaVG1Qr09cL2xvJp5l3DAm8UXOANIPDDoCE2FHOyjV8Ug23X4U6erBTCzMrMG3xxiaEeOWnwgIZNF0yFzhcxB0Mx+f67rZrvj9ZEuTKM/BbBSJx8X/9zqZXArU144Y=
  24. Received: from fnsib-smtp05.srv.cat ([46.16.61.56]) by BAY004-MC5F35.hotmail.com with Microsoft SMTPSVC(7.5.7601.23008);
  25. Mon, 3 Aug 2015 08:23:32 -0700
  26. Received: from smtp.turista31.com (host60.186-124-198.telecom.net.ar [186.124.198.60])
  27. by fnsib-smtp05.srv.cat (Postfix) with ESMTPA id AD34C1EF156;
  28. Mon, 3 Aug 2015 17:23:17 +0200 (CEST)
  29. Subject: from: The Lantern Project
  30. From: The Lantern Project <TheLanternProject@turista31.com>
  31. Content-Type: multipart/alternative;
  32. boundary=Apple-Mail-AFD0BE80-5F25-809F-311D-318988E5CF06
  33. X-Mailer: iPhone Mail (12D508)
  34. Message-Id: <f92506c13379$763a465c$224fd8d1$@turista31.com>
  35. Date: Sun, 3 Aug 2015 04:23:17 +0000
  36. "J Scharenborg" <janettescharenborg@gmail.com
  37. Content-Transfer-Encoding: 7bit
  38. Mime-Version: 1.0 (1.0)
  39. Return-Path: TheLanternProject@turista31.com
  40. X-OriginalArrivalTime: 03 Aug 2015 15:23:33.0355 (UTC) FILETIME=[5C0EF3B0:01D0CE00]
  41.  
  42.  
  43. --Apple-Mail-AFD0BE80-5F25-809F-311D-318988E5CF06
  44. Content-Type: text/plain;
  45. charset=us-ascii
  46. Content-Transfer-Encoding: 7bit
  47.  
  48.  
  49. http://AGRIBUSINESSDEVELOPMENT.com/case.php?The_Lantern_Project
  50.  
  51. The Lantern Project
  52. Sent from my iPhone
  53. --Apple-Mail-AFD0BE80-5F25-809F-311D-318988E5CF06
  54. Content-Type: text/html;
  55. charset=utf-8
  56. Content-Transfer-Encoding: 7bit
  57.  
  58. <html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div><i><br><a href="http://AGRIBUSINESSDEVELOPMENT.com/case.php?The_Lantern_Project">http://AGRIBUSINESSDEVELOPMENT.com/case.php?The_Lantern_Project</a></i></div><div><i><br></i></div><div><i>The Lantern Project<br>Sent from my iPhone</i></div></body></html>
  59. --Apple-Mail-AFD0BE80-5F25-809F-311D-318988E5CF06--
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!