SHARE
TWEET

phishing

benkow_ Sep 6th, 2017 (edited) 203 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Received: from DB5EUR03HT070.eop-EUR03.prod.protection.outlook.com
  2.  (2603:10a6:6:14::20) by AM2PR02MB0452.eurprd02.prod.outlook.com with HTTPS
  3.  via DB6PR05CA0007.EURPRD05.PROD.OUTLOOK.COM; Wed, 30 Aug 2017 02:00:38 +0000
  4. Received: from DB5EUR03FT055.eop-EUR03.prod.protection.outlook.com
  5.  (10.152.20.52) by DB5EUR03HT070.eop-EUR03.prod.protection.outlook.com
  6.  (10.152.21.254) with Microsoft SMTP Server (version=TLS1_2,
  7.  cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.1341.15; Wed, 30
  8.  Aug 2017 02:00:37 +0000
  9. Authentication-Results: spf=none (sender IP is 212.237.42.100)
  10.  smtp.mailfrom=free.fr; hotmail.fr; dkim=none (message not signed)
  11.  header.d=none;hotmail.fr; dmarc=none action=none header.from=free.fr;
  12. Received-SPF: None (protection.outlook.com: free.fr does not designate
  13.  permitted sender hosts)
  14. Received: from SNT004-MC9F12.hotmail.com (10.152.20.52) by
  15.  DB5EUR03FT055.mail.protection.outlook.com (10.152.21.30) with Microsoft SMTP
  16.  Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
  17.  15.1.1385.11 via Frontend Transport; Wed, 30 Aug 2017 02:00:37 +0000
  18. X-IncomingTopHeaderMarker: OriginalChecksum:17B1B18977D07701D35BC95C96066E37DFD8AC8FA3846FF2163DA10525500BF4;UpperCasedChecksum:050E1766158C3D744348DF20AA82A844306DEEF1E5BA5AC81E02BAADD4894654;SizeAsReceived:718;Count:13
  19. Received: from unventre ([212.237.42.100]) by SNT004-MC9F12.hotmail.com with Microsoft SMTPSVC(7.5.7601.23143);
  20.      Tue, 29 Aug 2017 19:00:35 -0700
  21. Received: from unventre ([127.0.0.1]) by unventre with Microsoft SMTPSVC(7.5.7601.17514);
  22.      Wed, 30 Aug 2017 04:00:16 +0200
  23. From: Votre Espace Client EDF <service@free.fr>
  24. Subject: Non =?ISO-8859-1?Q?R=E9ception?= de Paiement
  25. To: <XXXXXXXXXRETRACTEDXXXXXXXXXXXXXX>
  26. Content-Type: text/html
  27. Reply-To: <service@free.fr>
  28. Date: Wed, 30 Aug 2017 04:00:16 +0200
  29. X-Library: Indy 8.0.25
  30. Return-Path: service@free.fr
  31. Message-ID: <UNVENTRE5R4r3mbfJ8V00001416@unventre>
  32. X-OriginalArrivalTime: 30 Aug 2017 02:00:16.0440 (UTC) FILETIME=[B993DB80:01D32133]
  33. X-IncomingHeaderCount: 13
  34. X-MS-Exchange-Organization-Network-Message-Id: 3a5fe4c4-5c89-412c-64b8-08d4ef4ae8b2
  35. X-EOPAttributedMessage: 0
  36. X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0
  37. X-MS-Exchange-Organization-MessageDirectionality: Incoming
  38. CMM-sender-ip: 212.237.42.100
  39. CMM-sending-ip: 212.237.42.100
  40. CMM-Authentication-Results: hotmail.com; spf=none (sender IP is
  41.  212.237.42.100) smtp.mailfrom=service@free.fr; dkim=none header.d=free.fr;
  42.  x-hmca=none header.id=service@free.fr
  43. CMM-X-SID-PRA: service@free.fr
  44. CMM-X-AUTH-Result: NONE
  45. CMM-X-SID-Result: NONE
  46. CMM-X-Message-Status: n:n
  47. CMM-X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD02
  48. CMM-X-Message-Info: 11chDOWqoTm1cASX9eyi7EJlsJxlk4+MNOAf94PsxztQZpg3ccIBW8f/BYMtMFcR53Qp9D+KUfUWR32RgJJ6LTqT+Qah+PJ/Zr0wjVT//avNJMsAD+30sTyFBhiYAZiX+liKTFz42fGADlHIvTRAPLwl2R1pOMQcHHbuXld9HxH582XQbjedPakUizNe5u/uLygedX7J/ePgbCjy4kvZ24jo3nxFjyCw2MOfW2ZRIbygB+BR4tNjhL8DNDLdgFsj
  49. X-MS-Exchange-Organization-SCL: 5
  50. X-MS-Exchange-Organization-PCL: 2
  51. X-MS-UserLastLogonTime: 8/30/2017 1:48:42 AM
  52. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03FT055;1:xOVJRDwdWfkHUoWU48uhYqmqHkn+nUU+wCTMIwUaz6D7iDnDGLHR9L0ztvV/KNks0gzqk18KTOIO7jigW5XwN25tCob9r4VvO43aODqW1riIpTp+Z44JjjYmgLNFjVWl
  53. X-MS-Exchange-Organization-AuthSource: DB5EUR03FT055.eop-EUR03.prod.protection.outlook.com
  54. X-MS-Exchange-Organization-AuthAs: Anonymous
  55. X-MS-PublicTrafficType: Email
  56. X-MS-Office365-Filtering-Correlation-Id: 3a5fe4c4-5c89-412c-64b8-08d4ef4ae8b2
  57. X-Microsoft-Antispam: BCL:9;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(300000502095)(300135100095)(23075)(22001)(8291501071);SRVR:DB5EUR03HT070;
  58. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03HT070;3:aUwy4VzaaCQEGYAnRh/g/QSbuFalmFw5SLScFzyugMhCeE8WkyuPb1njY/1lLSseWY5g1bO1lfAML1Kxi9WBuPBzeTW6wdroQP/Iu09ov+/i2oBM10iHOd0Qg6EBER19a9JVCwr5xu/g1dbZ1pIDE37dwjz9VAJGeaR3o0rJDnoVq7fsCdUeoYWNrlETKHxjjJvphcJAsILdlevT4Zx2iwxskMWZihzwtR+Skv/OqEYbMCYMlbSsXohOmBFubAFvhOrk9+J52NfmhgyT2r+GU0+nEDn6uSL56N9nXXpcvutK7bHBbZ28oKUkExmWNGgH;25:P77dSp5XY5YsTb1nNsErpQEqpHbr67tQ3LVLUHEPCxlRmdSlSjllWlr0ei3MxcJjsRuX3BXPOanrqdIYRNJA2dzgyHF+9DsaQHvijuXaDX5ul/uyK/CpPC37Q6Xt3k8/kckNH6gw2vK9RzUsbaB+xFjLxjdaTYuTwuf8Q9G7vQaXzh7APq6MvpH28oayWrSo82uAO3qa0zBzc0M+j8EkZs5hCNnhcD9+cNGNZHtCs+xT4TjoiD4s/q7Gxfx43ZmLxNL0bZaERq3JtJBCrzb263CfXywrfrNcC7aKsTnwc1n5lGXwev+0ABR5wWF04ZGqOE2KttJ/FN20TEeZdG0sGQ==;31:KoVzQILBtkmOpg7UNtTHBpuZkvj82IhFd5wAWYEZEuf8T3/2ba3GDb7kqM40EmAAU7bLw8mIhRV+QsONIqv+TrYRiVOrL1Vvl9PCDRtdVRO4EKL7yE5rwyT7M2Fw349tu85mLv9X4zz8GuAtf0WYxYUoxyNZJaa8tMCoeIeb3GhYa8xrnJb5iI1/BMrZ+5gQjuWuLOR5YxkPaklLYNM2NjLKVPmnM1H6562keC8k62g=
  59. X-MS-TrafficTypeDiagnostic: DB5EUR03HT070:
  60. X-Exchange-Antispam-Report-Test: UriScan:(166494164430575);
  61. X-Exchange-Antispam-Report-CFA-Test: BCL:9;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(444000031);SRVR:DB5EUR03HT070;BCL:9;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:DB5EUR03HT070;
  62. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03HT070;4:eOHX/8PJEDeLTn+z2OHYF14PoMTcFw14babUE2svdOJLt4y2lu0b4jGtE2YpQlR10y2KfKe7rpWT9vpXjw4381gurQch2D8evbihFD4XzBflrfptIPGWHQem7ByFoMgxKj5vrqxaYJIVxetYUUphVhIsqSF84WyLSrP/PlQIVQHbIW5N/lsvn+ttyTOFs5UsVbyPfquzjXdC76AoUK33CC4ODczmdVzqIsFXkTFQ/ypFQ6txRHc9KO72FRZKDL3rq6Ko0ARorTyqqyCKKrE+HsT/JlD85fT6VgRjyvFgNPg=;23:9i7dbix67UD26RdElYN7az8wxYP9Vm1TVW7WsKZDOd7yza8yw9nscBuDuW8o33/5vS++CQDNS+twMbCY4FAGZFJeLBtA4PvTAovUlCyqQP9R+kOBuNbjKhWGuCU3jXn2BpDxafnLdv//MOsa1H+sqioq+NUhOXHIwOhm3B5gv3CKu7ENV1LtMWLGvsAhA5zWzE/S/Yy+NrgwuHI53RzihA==;6:uaAAIWLMrKxjdSq+jqvjpTe7uJEn04YPJsYTaB5PYaDZ2uegH2+LVpV5cPjxvATYRHV0naBb3GS5oJT5Kp0ABCLbY7f6PgHFiAi/kw4yz0uLbVvvUIylXL43qm6L5+28/HXSHnEEk5a+WJn+IPnkWlJhpNpyTXxYe40lsZj2rhAA45e+MPv/jlGC5cZFajHA8yMfVkmkucW68vCw5EkyBHx7gqsB2PIvX5X2WtdLulzXq7BcwAqVHzuxxhPRkEP9xSCslE0XiQQyNX4uSrcAMiwaiC10Yq77MM6glG0oWCBk/Ge5fXoikLTeWyDvtEMYO9/05XcM1M2WfuWzF/cf0Q==
  63. X-Forefront-Antispam-Report: SFV:SPM;SFS:(28900001);DIR:INB;SFP:;SCL:5;SRVR:DB5EUR03HT070;H:SNT004-MC9F12.hotmail.com;FPR:;SPF:None;LANG:fr;
  64. X-Microsoft-Exchange-Diagnostics: 1;DB5EUR03HT070;5:CV3J3Vf7Pt5iUAPAHyVjx27gw0R9AKvIu/GWHPDoRf2A9LORD3926rg2yQF9vGp1I3uCkxOahxOJgTaEqihzFidgUjtkmNewS8cvtrUvn88lt1CnpwDZ/z7D9NbDUj8UldrujDoGcdIwSebjckeHcg==;24:0A5VbziacuLCyvwutmbWzjZArKQgBSzBz3fEsxMHw22isd4rCwDDfw5EWFEhjJbvyB+of6E+GD1EOVQ1Eys4fA==;7:QKZOllNUFw4fPZjgOLxRsOj/Oq6XJGnE6R4xfJhh7M5Ye2UsZWULPCxiCCb573mITgUpGPFugUpUQJ6L7QTBmS5GUFcw5BUGf5MckzDo/M+U2Y9TDjVQh7oooSLmeqs1RUcdg4TW73zlikYf0X0lVJllpKjpHjoZzxpPvM/Kc1u84VihBAvGeEcetLuwRcfbcS7yqRE6cvX5bUo59w7AVun5gd5yE9iH56QunwuZ57k=
  65. SpamDiagnosticOutput: 1:22
  66. SpamDiagnosticMetadata: Default
  67. X-OriginatorOrg: outlook.com
  68. X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Aug 2017 02:00:37.1081
  69.  (UTC)
  70. X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
  71. X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
  72. X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5EUR03HT070
  73. X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.9865857
  74. X-MS-Exchange-Processed-By-BccFoldering: 15.01.1385.000
  75. X-Microsoft-Exchange-Diagnostics:
  76.     1;AM2PR02MB0452;27:N5rJxOlryuikj4s3EF0RDSObb+CCtpUrK/n47qMUPNPI500pOPNo05Bjt5z/eaM8gA9oAU4/TS+VLxToOxA0DxJjJEq96td794moZtTv93KXjB851fsu++loIXafh7sU
  77. X-Microsoft-Antispam-Mailbox-Delivery:
  78.     kl:0;dkl:0;rwl:0;ex:0;auth:0;dest:J;WIMS-SenderIP:212.237.42.100;WIMS-SPF:free%2efr;WIMS-DKIM:free%2efr;WIMS-822:service%40free%2efr;WIMS-PRA:service%40free%2efr;WIMS-AUTH:NONE;ENG:(400001000128)(400125000095)(5062000261)(5061607266)(5061608174)(4900095)(4921089)(3120004)(4950112)(4990090)(9140004);RF:JunkEmail;OFR:SpamFilterAuthJ;
  79. X-Microsoft-Antispam-Message-Info:
  80.     KrLypncDnfYkwjyrgyTqTVvFAAi92MCwdMApJ8CbR6RBntJp65ALUmppcQ5r4JlkxYXSL+mii9+1eAoMeibu5HB5hQzRdnfxPY3pWaCf5JZQeuIzPJBqojByWujNmB9uyoUZktpMbmBSy/54TQE4X1bWpNffYkJ6olbcO8nkuziPUgYjLG/lOReIITK/K/mBF57aLYBueK8ZLZQ3xgZYGsHfsM8UmFB+kIMApgfS1e+JZz5aWC0kahG3q9pNpFlYGCDUuUOpeM9pbrS/5Q28zA==
  81. MIME-Version: 1.0
  82.  
  83. </div><div class="FBR"></div><div class="FBA"></div></div><div class="ClearBoth"><div id="mpf0_wideMsgBarPlaceholder"
  84.  
  85. class="WideMessageBarContainer"></div></div></div><div class="ClearBoth"></div><div id="mpf0_readMsgBodyContainer"
  86.  
  87. class="ReadMsgBody" onclick="return Control.invoke
  88.  
  89. ('MessagePartBody','_onBodyClick',event,event);"><div class="SandboxScopeClass ExternalClass" id="mpf0_MsgContainer"><div
  90.  
  91. class="ecxyiv590923720SandboxScopeClass
  92.  
  93. ecxyiv590923720ExternalClass" id="ecxyiv590923720mpf0_MsgContainer"><p><img src="http://creationdunproduitinnovant.com/wp-content/uploads/2015/03/edf-logo.jpg"
  94.  
  95. width="190"></p>
  96. <p><strong><font color="#ff9900" face="Verdana" size="2">Cher(e) EDF Client(e) :</font></strong></p>
  97.  <font face="Arial" size="2">
  98. <p>Votre paiement a été refusé par votre établissement bancaire en raison d'un problème
  99.  
  100. technique sur le systeme de prélèvement automatique.</p>
  101.  
  102.  
  103. <UL>
  104. <LI><b>Dépassement du plafond journalier,
  105. <LI>Erreur de saisie des données bancaires,
  106. <LI>Erreur de la saisie du nom du titulaire de la carte de crédit.</b>
  107. </UL>
  108.  
  109.  
  110.  
  111.  
  112. <p>Pour éviter la pénalités du retard, nous vous donnons la possibilité de payer en ligne.</p>
  113. <p>Afin de régler votre facture <font color="green" face="arial"><strong>N° F03247.6195.8456.1628</strong></font>,
  114.  
  115. cliquer sur le lien ci-dessous :</p>
  116. <p align=""><a rel="nofollow" href="https://grupomatos.com.br" target="_blank"  ><strong>  <b>‹‹ Régler votre facture
  117.  
  118. ››</b></strong></a></p>
  119. <p>Lors d'échec de régularisation de votre situation, nous procéderons à la suspension de
  120.  
  121.  
  122.  
  123.  
  124.  
  125. fourniture d'energie, Cette intervention vous sera facturée .</p>
  126.  
  127. </font><p><font face="Arial" size="2">
  128. ATTENTION : Ce message est strictement confidentiel. Son        intégrité n'est pas assurée sur Internet.<br /> Si
  129.  
  130. vous n'etes pas destinataire du message, merci de le détruire.
  131.  
  132. EDF SA au capital de 924 433 331 €, <br />
  133. RCS Paris n° 552 081 317, siège social 22-30 av de Wagram 75382 Paris cedex 08.
  134.  
  135. Copyright © EDF 2017
  136. </font>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top