API tools faq
paste
Advertisement
benkow_

phishing

benkow_
Sep 6th, 2017
2,578
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.01 KB | None | 0 0
raw download clone embed print report
  1. Received: from DB5EUR03HT070.eop-EUR03.prod.protection.outlook.com
  2. (2603:10a6:6:14::20) by AM2PR02MB0452.eurprd02.prod.outlook.com with HTTPS
  3. via DB6PR05CA0007.EURPRD05.PROD.OUTLOOK.COM; Wed, 30 Aug 2017 02:00:38 +0000
  4. Received: from DB5EUR03FT055.eop-EUR03.prod.protection.outlook.com
  5. (10.152.20.52) by DB5EUR03HT070.eop-EUR03.prod.protection.outlook.com
  6. (10.152.21.254) with Microsoft SMTP Server (version=TLS1_2,
  7. cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.1341.15; Wed, 30
  8. Aug 2017 02:00:37 +0000
  9. Authentication-Results: spf=none (sender IP is 212.237.42.100)
  10. smtp.mailfrom=free.fr; hotmail.fr; dkim=none (message not signed)
  11. header.d=none;hotmail.fr; dmarc=none action=none header.from=free.fr;
  12. Received-SPF: None (protection.outlook.com: free.fr does not designate
  13. permitted sender hosts)
  14. Received: from SNT004-MC9F12.hotmail.com (10.152.20.52) by
  15. DB5EUR03FT055.mail.protection.outlook.com (10.152.21.30) with Microsoft SMTP
  16. Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
  17. 15.1.1385.11 via Frontend Transport; Wed, 30 Aug 2017 02:00:37 +0000
  18. X-IncomingTopHeaderMarker: OriginalChecksum:17B1B18977D07701D35BC95C96066E37DFD8AC8FA3846FF2163DA10525500BF4;UpperCasedChecksum:050E1766158C3D744348DF20AA82A844306DEEF1E5BA5AC81E02BAADD4894654;SizeAsReceived:718;Count:13
  19. Received: from unventre ([212.237.42.100]) by SNT004-MC9F12.hotmail.com with Microsoft SMTPSVC(7.5.7601.23143);
  20. Tue, 29 Aug 2017 19:00:35 -0700
  21. Received: from unventre ([127.0.0.1]) by unventre with Microsoft SMTPSVC(7.5.7601.17514);
  22. Wed, 30 Aug 2017 04:00:16 +0200
  23. From: Votre Espace Client EDF <service@free.fr>
  24. Subject: Non =?ISO-8859-1?Q?R=E9ception?= de Paiement
  25. To: <XXXXXXXXXRETRACTEDXXXXXXXXXXXXXX>
  26. Content-Type: text/html
  27. Reply-To: <service@free.fr>
  28. Date: Wed, 30 Aug 2017 04:00:16 +0200
  29. X-Library: Indy 8.0.25
  30. Return-Path: service@free.fr
  31. Message-ID: <UNVENTRE5R4r3mbfJ8V00001416@unventre>
  32. X-OriginalArrivalTime: 30 Aug 2017 02:00:16.0440 (UTC) FILETIME=[B993DB80:01D32133]
  33. X-IncomingHeaderCount: 13
  34. X-MS-Exchange-Organization-Network-Message-Id: 3a5fe4c4-5c89-412c-64b8-08d4ef4ae8b2
  35. X-EOPAttributedMessage: 0
  36. X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0
  37. X-MS-Exchange-Organization-MessageDirectionality: Incoming
  38. CMM-sender-ip: 212.237.42.100
  39. CMM-sending-ip: 212.237.42.100
  40. CMM-Authentication-Results: hotmail.com; spf=none (sender IP is
  41. 212.237.42.100) smtp.mailfrom=service@free.fr; dkim=none header.d=free.fr;
  42. x-hmca=none header.id=service@free.fr
  43. CMM-X-SID-PRA: service@free.fr
  44. CMM-X-AUTH-Result: NONE
  45. CMM-X-SID-Result: NONE
  46. CMM-X-Message-Status: n:n
  47. CMM-X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD02
  48. CMM-X-Message-Info: 11chDOWqoTm1cASX9eyi7EJlsJxlk4+MNOAf94PsxztQZpg3ccIBW8f/BYMtMFcR53Qp9D+KUfUWR32RgJJ6LTqT+Qah+PJ/Zr0wjVT//avNJMsAD+30sTyFBhiYAZiX+liKTFz42fGADlHIvTRAPLwl2R1pOMQcHHbuXld9HxH582XQbjedPakUizNe5u/uLygedX7J/ePgbCjy4kvZ24jo3nxFjyCw2MOfW2ZRIbygB+BR4tNjhL8DNDLdgFsj
  49. X-MS-Exchange-Organization-SCL: 5
  50. X-MS-Exchange-Organization-PCL: 2
  51. X-MS-UserLastLogonTime: 8/30/2017 1:48:42 AM
  52. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03FT055;1:xOVJRDwdWfkHUoWU48uhYqmqHkn+nUU+wCTMIwUaz6D7iDnDGLHR9L0ztvV/KNks0gzqk18KTOIO7jigW5XwN25tCob9r4VvO43aODqW1riIpTp+Z44JjjYmgLNFjVWl
  53. X-MS-Exchange-Organization-AuthSource: DB5EUR03FT055.eop-EUR03.prod.protection.outlook.com
  54. X-MS-Exchange-Organization-AuthAs: Anonymous
  55. X-MS-PublicTrafficType: Email
  56. X-MS-Office365-Filtering-Correlation-Id: 3a5fe4c4-5c89-412c-64b8-08d4ef4ae8b2
  57. X-Microsoft-Antispam: BCL:9;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(300000502095)(300135100095)(23075)(22001)(8291501071);SRVR:DB5EUR03HT070;
  58. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03HT070;3:aUwy4VzaaCQEGYAnRh/g/QSbuFalmFw5SLScFzyugMhCeE8WkyuPb1njY/1lLSseWY5g1bO1lfAML1Kxi9WBuPBzeTW6wdroQP/Iu09ov+/i2oBM10iHOd0Qg6EBER19a9JVCwr5xu/g1dbZ1pIDE37dwjz9VAJGeaR3o0rJDnoVq7fsCdUeoYWNrlETKHxjjJvphcJAsILdlevT4Zx2iwxskMWZihzwtR+Skv/OqEYbMCYMlbSsXohOmBFubAFvhOrk9+J52NfmhgyT2r+GU0+nEDn6uSL56N9nXXpcvutK7bHBbZ28oKUkExmWNGgH;25:P77dSp5XY5YsTb1nNsErpQEqpHbr67tQ3LVLUHEPCxlRmdSlSjllWlr0ei3MxcJjsRuX3BXPOanrqdIYRNJA2dzgyHF+9DsaQHvijuXaDX5ul/uyK/CpPC37Q6Xt3k8/kckNH6gw2vK9RzUsbaB+xFjLxjdaTYuTwuf8Q9G7vQaXzh7APq6MvpH28oayWrSo82uAO3qa0zBzc0M+j8EkZs5hCNnhcD9+cNGNZHtCs+xT4TjoiD4s/q7Gxfx43ZmLxNL0bZaERq3JtJBCrzb263CfXywrfrNcC7aKsTnwc1n5lGXwev+0ABR5wWF04ZGqOE2KttJ/FN20TEeZdG0sGQ==;31:KoVzQILBtkmOpg7UNtTHBpuZkvj82IhFd5wAWYEZEuf8T3/2ba3GDb7kqM40EmAAU7bLw8mIhRV+QsONIqv+TrYRiVOrL1Vvl9PCDRtdVRO4EKL7yE5rwyT7M2Fw349tu85mLv9X4zz8GuAtf0WYxYUoxyNZJaa8tMCoeIeb3GhYa8xrnJb5iI1/BMrZ+5gQjuWuLOR5YxkPaklLYNM2NjLKVPmnM1H6562keC8k62g=
  59. X-MS-TrafficTypeDiagnostic: DB5EUR03HT070:
  60. X-Exchange-Antispam-Report-Test: UriScan:(166494164430575);
  61. X-Exchange-Antispam-Report-CFA-Test: BCL:9;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(444000031);SRVR:DB5EUR03HT070;BCL:9;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:DB5EUR03HT070;
  62. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03HT070;4:eOHX/8PJEDeLTn+z2OHYF14PoMTcFw14babUE2svdOJLt4y2lu0b4jGtE2YpQlR10y2KfKe7rpWT9vpXjw4381gurQch2D8evbihFD4XzBflrfptIPGWHQem7ByFoMgxKj5vrqxaYJIVxetYUUphVhIsqSF84WyLSrP/PlQIVQHbIW5N/lsvn+ttyTOFs5UsVbyPfquzjXdC76AoUK33CC4ODczmdVzqIsFXkTFQ/ypFQ6txRHc9KO72FRZKDL3rq6Ko0ARorTyqqyCKKrE+HsT/JlD85fT6VgRjyvFgNPg=;23:9i7dbix67UD26RdElYN7az8wxYP9Vm1TVW7WsKZDOd7yza8yw9nscBuDuW8o33/5vS++CQDNS+twMbCY4FAGZFJeLBtA4PvTAovUlCyqQP9R+kOBuNbjKhWGuCU3jXn2BpDxafnLdv//MOsa1H+sqioq+NUhOXHIwOhm3B5gv3CKu7ENV1LtMWLGvsAhA5zWzE/S/Yy+NrgwuHI53RzihA==;6:uaAAIWLMrKxjdSq+jqvjpTe7uJEn04YPJsYTaB5PYaDZ2uegH2+LVpV5cPjxvATYRHV0naBb3GS5oJT5Kp0ABCLbY7f6PgHFiAi/kw4yz0uLbVvvUIylXL43qm6L5+28/HXSHnEEk5a+WJn+IPnkWlJhpNpyTXxYe40lsZj2rhAA45e+MPv/jlGC5cZFajHA8yMfVkmkucW68vCw5EkyBHx7gqsB2PIvX5X2WtdLulzXq7BcwAqVHzuxxhPRkEP9xSCslE0XiQQyNX4uSrcAMiwaiC10Yq77MM6glG0oWCBk/Ge5fXoikLTeWyDvtEMYO9/05XcM1M2WfuWzF/cf0Q==
  63. X-Forefront-Antispam-Report: SFV:SPM;SFS:(28900001);DIR:INB;SFP:;SCL:5;SRVR:DB5EUR03HT070;H:SNT004-MC9F12.hotmail.com;FPR:;SPF:None;LANG:fr;
  64. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03HT070;5:CV3J3Vf7Pt5iUAPAHyVjx27gw0R9AKvIu/GWHPDoRf2A9LORD3926rg2yQF9vGp1I3uCkxOahxOJgTaEqihzFidgUjtkmNewS8cvtrUvn88lt1CnpwDZ/z7D9NbDUj8UldrujDoGcdIwSebjckeHcg==;24:0A5VbziacuLCyvwutmbWzjZArKQgBSzBz3fEsxMHw22isd4rCwDDfw5EWFEhjJbvyB+of6E+GD1EOVQ1Eys4fA==;7:QKZOllNUFw4fPZjgOLxRsOj/Oq6XJGnE6R4xfJhh7M5Ye2UsZWULPCxiCCb573mITgUpGPFugUpUQJ6L7QTBmS5GUFcw5BUGf5MckzDo/M+U2Y9TDjVQh7oooSLmeqs1RUcdg4TW73zlikYf0X0lVJllpKjpHjoZzxpPvM/Kc1u84VihBAvGeEcetLuwRcfbcS7yqRE6cvX5bUo59w7AVun5gd5yE9iH56QunwuZ57k=
  65. SpamDiagnosticOutput: 1:22
  66. SpamDiagnosticMetadata: Default
  67. X-OriginatorOrg: outlook.com
  68. X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Aug 2017 02:00:37.1081
  69. (UTC)
  70. X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
  71. X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
  72. X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5EUR03HT070
  73. X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.9865857
  74. X-MS-Exchange-Processed-By-BccFoldering: 15.01.1385.000
  75. X-Microsoft-Exchange-Diagnostics:
  76. 1;AM2PR02MB0452;27:N5rJxOlryuikj4s3EF0RDSObb+CCtpUrK/n47qMUPNPI500pOPNo05Bjt5z/eaM8gA9oAU4/TS+VLxToOxA0DxJjJEq96td794moZtTv93KXjB851fsu++loIXafh7sU
  77. X-Microsoft-Antispam-Mailbox-Delivery:
  78. kl:0;dkl:0;rwl:0;ex:0;auth:0;dest:J;WIMS-SenderIP:212.237.42.100;WIMS-SPF:free%2efr;WIMS-DKIM:free%2efr;WIMS-822:service%40free%2efr;WIMS-PRA:service%40free%2efr;WIMS-AUTH:NONE;ENG:(400001000128)(400125000095)(5062000261)(5061607266)(5061608174)(4900095)(4921089)(3120004)(4950112)(4990090)(9140004);RF:JunkEmail;OFR:SpamFilterAuthJ;
  79. X-Microsoft-Antispam-Message-Info:
  80. KrLypncDnfYkwjyrgyTqTVvFAAi92MCwdMApJ8CbR6RBntJp65ALUmppcQ5r4JlkxYXSL+mii9+1eAoMeibu5HB5hQzRdnfxPY3pWaCf5JZQeuIzPJBqojByWujNmB9uyoUZktpMbmBSy/54TQE4X1bWpNffYkJ6olbcO8nkuziPUgYjLG/lOReIITK/K/mBF57aLYBueK8ZLZQ3xgZYGsHfsM8UmFB+kIMApgfS1e+JZz5aWC0kahG3q9pNpFlYGCDUuUOpeM9pbrS/5Q28zA==
  81. MIME-Version: 1.0
  82.  
  83. </div><div class="FBR"></div><div class="FBA"></div></div><div class="ClearBoth"><div id="mpf0_wideMsgBarPlaceholder"
  84.  
  85. class="WideMessageBarContainer"></div></div></div><div class="ClearBoth"></div><div id="mpf0_readMsgBodyContainer"
  86.  
  87. class="ReadMsgBody" onclick="return Control.invoke
  88.  
  89. ('MessagePartBody','_onBodyClick',event,event);"><div class="SandboxScopeClass ExternalClass" id="mpf0_MsgContainer"><div
  90.  
  91. class="ecxyiv590923720SandboxScopeClass
  92.  
  93. ecxyiv590923720ExternalClass" id="ecxyiv590923720mpf0_MsgContainer"><p><img src="http://creationdunproduitinnovant.com/wp-content/uploads/2015/03/edf-logo.jpg"
  94.  
  95. width="190"></p>
  96. <p><strong><font color="#ff9900" face="Verdana" size="2">Cher(e) EDF Client(e) :</font></strong></p>
  97. <font face="Arial" size="2">
  98. <p>Votre paiement a été refusé par votre établissement bancaire en raison d'un problème
  99.  
  100. technique sur le systeme de prélèvement automatique.</p>
  101.  
  102.  
  103. <UL>
  104. <LI><b>Dépassement du plafond journalier,
  105. <LI>Erreur de saisie des données bancaires,
  106. <LI>Erreur de la saisie du nom du titulaire de la carte de crédit.</b>
  107. </UL>
  108.  
  109.  
  110.  
  111.  
  112. <p>Pour éviter la pénalités du retard, nous vous donnons la possibilité de payer en ligne.</p>
  113. <p>Afin de régler votre facture <font color="green" face="arial"><strong>N° F03247.6195.8456.1628</strong></font>,
  114.  
  115. cliquer sur le lien ci-dessous :</p>
  116. <p align=""><a rel="nofollow" href="https://grupomatos.com.br" target="_blank" ><strong> <b>‹‹ Régler votre facture
  117.  
  118. ››</b></strong></a></p>
  119. <p>Lors d'échec de régularisation de votre situation, nous procéderons à la suspension de
  120.  
  121.  
  122.  
  123.  
  124.  
  125. fourniture d'energie, Cette intervention vous sera facturée .</p>
  126.  
  127. </font><p><font face="Arial" size="2">
  128. ATTENTION : Ce message est strictement confidentiel. Son intégrité n'est pas assurée sur Internet.<br /> Si
  129.  
  130. vous n'etes pas destinataire du message, merci de le détruire.
  131.  
  132. EDF SA au capital de 924 433 331 €, <br />
  133. RCS Paris n° 552 081 317, siège social 22-30 av de Wagram 75382 Paris cedex 08.
  134.  
  135. Copyright © EDF 2017
  136. </font>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!