API tools faq
paste
anishmworld

Phishing mail header

anishmworld
Jun 22nd, 2017
35
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.04 KB | None | 0 0
raw download clone embed print report
  1. X-Apparently-To: mlisolutions@ymail.com; Fri, 23 Jun 2017 01:49:11 +0000
  2. Return-Path: <ZSantos@insec.org>
  3. Received-SPF: pass (domain of insec.org designates 104.47.38.243 as permitted sender)
  4. X-YMailISG: 6kASnUAWLDtgsTDSSlcPa9h77jPSgcM3rl3gYTrzATf1e5VR
  5. LX9KqcBrd33fGXjd7blmZcJFzV5NZi9sd5Pn9SAu1MUW6V88dBxjArAQmg1A
  6. .BeK.zKReDFl.eXwEdU_h3Pe66PaGfniSaj.zZtcXqQiPlKuirvcc1kRQ7gR
  7. FyIaDh0iMnw2iOawL1cgk8IDbdE.N.clPOU1vQjgnN1Uqbo5idqf08zlMNn6
  8. LKSnjNIAXqIgAekxjDAKKFeVMv65rLpAZPTzpeH0VPr_2c2O6_V8EU4RL4Rf
  9. CegTPlR9osIli8lP3o4qKVfJyUlXw.Ttojo_Q2SvfAvvzID2MkrHSfPXxWOe
  10. unwfhOypKZTfevcZbvfmbFoMxwzw7M9ZiSM4UafDO84eO4Ol9ENLIJ.4bekT
  11. H7Thj2g2Y3Qvau.yWMUFOBuBjjOYBIl2EnHWCAFK5MpcT2uLHJ8ohfA5Ox5Q
  12. mQH3eYDGVIfejCQTLcmokXqDgOv1QkaIqUn5jAMD8KaWhOgVqcnC3Oo9e2tO
  13. eVMeHx48uz6g4wZDAQdA6JRLy.nWpHw9TFQ8GEEvIIE2IQN0KZEYVtXhcSCt
  14. ThAcNGax_Rb9dmRE5h2aE9EVYmcqkhKnXB9BiYYsoXfC6ibpNMKM5BfiRv6C
  15. Ykhye.v4QMAUI49csifE3onaBBTrUCBsNkyat3BzVYIOmv.bY6CmmEs_kIZg
  16. Ur_3rCXlwPft_raWLn2Mc1VNfgI9rORAPG0.O6oK6l__8hj20ZjHoHkDX1m5
  17. VxGBiFhi3xzjrnc22JUAOx41WyaQF_HinBDKQwXMatMVz6ObitpmlOM2rMzE
  18. lK2.Y7lH3n0v9nMTfpv2E1nw8i7jovF8TJzO45zb__z0KIscG3M.7B5vOut_
  19. iseBUIWOqKcKMw0mJ31sF2sXjqoaIR5lcynh2lqvpHr4FR5rvT7HmgxLHET8
  20. 5pRdRzl5iviDvGXn1FuMV6jTy064J4cb6P5MOQFErp_qCwqMXL9aTNj5xfF0
  21. WXpsyGzJO4DukT5OvAYD1j9lCgn3uiUsAdOykchGHy.H0.axMLCm1ZuRg8cp
  22. jUhNlrMEJgLe8bx.t5a55uRvEabzgrHQPKsvjEKs7kfiiLJ6FEUR48iENL2t
  23. Sl_NW_Z6eT4lUpcVV2FPjLxAXPpL9IenfSB0kgPhh46KKSBCfZ.s_bq4SIIW
  24. Ked3tOcJBNgjbB8Z9Q8YqY69TngJTGZpLdOl1j1xZGEvfYQEP0C_vuppnSdO
  25. 6eUjVHTScJxit.TifKLjGgDqxLFavFB1r1hCt.ylCxC4qzBQZc_Xdq8w_OAD
  26. ntcPtSpXI7WUlxISlMUIcnGyz2K09TwyS_7gWo29
  27. X-Originating-IP: [104.47.38.243]
  28. Authentication-Results: mta1168.mail.gq1.yahoo.com from=insec.org; domainkeys=neutral (no sig); from=Insecpr.onmicrosoft.com; dkim=pass (ok)
  29. Received: from 127.0.0.1 (EHLO NAM02-BL2-obe.outbound.protection.outlook.com) (104.47.38.243)
  30. by mta1168.mail.gq1.yahoo.com with SMTPS; Fri, 23 Jun 2017 01:49:11 +0000
  31. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  32. d=Insecpr.onmicrosoft.com; s=selector1-insec-org;
  33. h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
  34. bh=MxUoNFKMK+jG15AGErZrjpKBj7ErapFN0XCEVSD4+zA=;
  35. b=ccOZbr5TmnF+G4osN+R6hpBIBml+at4avnZASKD01u5+/h9w1HfB8q5+Ahe1w8zZ91ysHcLFRBEMUZg4v8GSVFox9cJopulrDOL8F04igOGV0zCKa8sNcqylTxTgkYL0F0iaFdfSVhqXN6lcYh5l2rYgkD/bGtSDideLjyQ1jrc=
  36. Received: from BN3PR0701MB1608.namprd07.prod.outlook.com (10.163.39.11) by
  37. BN3PR0701MB1606.namprd07.prod.outlook.com (10.163.38.29) with Microsoft SMTP
  38. Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id
  39. 15.1.1199.15; Fri, 23 Jun 2017 01:48:57 +0000
  40. Received: from BN3PR0701MB1608.namprd07.prod.outlook.com ([10.163.39.11]) by
  41. BN3PR0701MB1608.namprd07.prod.outlook.com ([10.163.39.11]) with mapi id
  42. 15.01.1199.017; Fri, 23 Jun 2017 01:48:57 +0000
  43. From: Zulma Rivera Santos <ZSantos@insec.org>
  44. Subject: Alibaba Product Inquiry
  45. Thread-Topic: Alibaba Product Inquiry
  46. Thread-Index: AQHS68K7NTY7/+ezmUSuM5TFtgVM+Q==
  47. Date: Fri, 23 Jun 2017 01:48:56 +0000
  48. Message-ID: <BN3PR0701MB160821ED488A541E82E8B3D6B2D80@BN3PR0701MB1608.namprd07.prod.outlook.com>
  49. Accept-Language: en-US
  50. Content-Language: en-US
  51. X-MS-Has-Attach: yes
  52. X-MS-TNEF-Correlator:
  53. authentication-results: mithradealers.com; dkim=none (message not signed)
  54. header.d=none;mithradealers.com; dmarc=none action=none
  55. header.from=insec.org;
  56. x-originating-ip: [197.149.87.54]
  57. x-ms-publictraffictype: Email
  58. x-microsoft-exchange-diagnostics: 1;BN3PR0701MB1606;7:JhB1836rS9s8tiR/o+83IMsEOg1k0hgR7Ipd3Ypmns8vpoynhbdzJaqOXcHaAFSgyiTuEWmlKxqwxKPbbBGl1NoQaZIiQzE6poTE/zyD60ubnVWuJKrWcEpP4Zg9IdefsNECZegIC3u1wQNK3imNElazElmcGQPnxEd84mh/hHUr+Bqh6NNOlR/jot9UcpIHDu094PgzMUgxph8zRcvvAFWa4LZA6rmPtdQdGodacBFy5fTMoLF9owsvCZI0ayeg410lIpHVq7cRbjT8LL9436UZbsrE/E+DnERoYqsBRmzffcNba1L1/26Vzn473XADg7KvTiNNSG6/nX97rrso2lkSO0+wd3EX4AFX5IywxskYasQmE2XLt0uXVnF+oXRCEWemS7iwm25Vn8AGLTa4wq3ztMmLwtn0nWtbTBEq5/q1rBR5AZbHtl5OefDUJcKU3507+HADWDRf5GDNfwiKnOLCsJLo+rorYmPttRFG8oUcIR2uDKvXSkZf64sc5sgqY9k5+jesRP5oBvFpOaVdxh0wb3gDPmZOd5V3yFDXAka3sqIDX7uaDkwOM7krrDHnypptzfb2/AeG3n1+8RzU3djYZXOTzqbgpedzus8HxnhLo6X+SoLa/ykx55Sw4v9pQ3o6asjsTPpGcpFM4LmwPHzxgfxdZgBvhwIXrA7E5la542yQCjMgFr+NxvRyxkFXwrVzvBJvYUBW3vqhOcXdqRR2DHasQ8MLh03PPlwlFGWaU2G3/5xY1JEuUICoyG4qyApakElpqgU6+wnlPlknb2qLnow1VDkDAPdMFhX/kbk=
  59. x-ms-office365-filtering-correlation-id: 2563a30e-d2d3-48e5-66fc-08d4b9da031a
  60. x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(2017030254075)(49563074)(201703131423075)(201702281549075);SRVR:BN3PR0701MB1606;
  61. x-ms-traffictypediagnostic: BN3PR0701MB1606:
  62. x-microsoft-antispam-prvs: <BN3PR0701MB1606F338DAC11297E220D92DB2D80@BN3PR0701MB1606.namprd07.prod.outlook.com>
  63. x-exchange-antispam-report-test: UriScan:;
  64. x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(102415395)(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(10201501046)(3002001)(6041248)(20161123560025)(201703131423075)(201703011903075)(201702281528075)(201703061421075)(20161123555025)(20161123562025)(20161123564025)(2016111802025)(20161123558100)(6043046)(6072148)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:BN3PR0701MB1606;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:BN3PR0701MB1606;
  65. x-forefront-prvs: 0347410860
  66. x-forefront-antispam-report: SFV:SPM;SFS:(10019020)(6009001)(39850400002)(39840400002)(39410400002)(39450400003)(39400400002)(7696004)(5660300001)(7116003)(17550700004)(68736007)(10916006)(33656002)(3280700002)(2906002)(6606003)(99936001)(110136004)(5890100001)(9686003)(80792005)(54896002)(86362001)(72206003)(25786009)(39060400002)(109986005)(508600001)(558084003)(38730400002)(14454004)(53936002)(55016002)(99286003)(8936002)(81166006)(77096006)(54356999)(7736002)(6436002)(3480700004)(6506006)(2900100001)(19627405001)(8676002)(8666007)(50986999)(122556002)(1671002)(74316002)(102836003)(3846002)(6116002)(189998001)(3660700001)(7406005)(66066001)(881003)(7366002)(7336002)(7276002)(7416002)(16040700007);DIR:OUT;SFP:1501;SCL:5;SRVR:BN3PR0701MB1606;H:BN3PR0701MB1608.namprd07.prod.outlook.com;FPR:;SPF:None;MLV:ovr;PTR:InfoNoRecords;LANG:en;
  67. spamdiagnosticoutput: 1:22
  68. Content-Type: multipart/mixed;
  69. boundary="_004_BN3PR0701MB160821ED488A541E82E8B3D6B2D80BN3PR0701MB1608_"
  70. MIME-Version: 1.0
  71. X-OriginatorOrg: insec.org
  72. X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jun 2017 01:48:56.4777
  73. (UTC)
  74. X-MS-Exchange-CrossTenant-fromentityheader: Hosted
  75. X-MS-Exchange-CrossTenant-id: cd58783c-4359-44c9-b5cb-714301914017
  76. X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0701MB1606
  77. Content-Length: 359677
  78.  
  79. --_004_BN3PR0701MB160821ED488A541E82E8B3D6B2D80BN3PR0701MB1608_
  80. Content-Type: multipart/alternative;
  81. boundary="_000_BN3PR0701MB160821ED488A541E82E8B3D6B2D80BN3PR0701MB1608_"
  82.  
  83. --_000_BN3PR0701MB160821ED488A541E82E8B3D6B2D80BN3PR0701MB1608_
  84. Content-Type: text/plain; charset="iso-8859-1"
  85. Content-Transfer-Encoding: quoted-printable
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!