API tools faq
paste
Advertisement
wavellan

20180508_PHISHING_SCAM_1

wavellan
May 8th, 2018
382
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.69 KB | None | 0 0
raw download clone embed print report
  1. Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by
  2. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  3. id 15.0.1367.3 via Mailbox Transport; Tue, 8 May 2018 11:57:07 -0500
  4. Received: from MBX03C-ORD1.mex08.mlsrvr.com (172.29.9.17) by
  5. MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS)
  6. id 15.0.1367.3; Tue, 8 May 2018 11:57:06 -0500
  7. Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by
  8. MBX03C-ORD1.mex08.mlsrvr.com (172.29.9.17) with Microsoft SMTP Server (TLS)
  9. id 15.0.1367.3 via Frontend Transport; Tue, 8 May 2018 11:57:07 -0500
  10. Return-Path: REMOVED
  11. X-Spam-Threshold: 95
  12. X-Spam-Score: 0
  13. X-Spam-Flag: NO
  14. Authentication-Results: smtp1.gate.ord1c.rsapps.net x-tls.subject="/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com"; auth=pass (cipher=AES128-GCM-SHA256)
  15. X-Virus-Scanned: OK
  16. X-Orig-To: REMOVED
  17. X-Originating-Ip: [74.125.82.66]
  18. Authentication-Results: smtp1.gate.ord1c.rsapps.net; iprev=pass policy.iprev="74.125.82.66"; spf=pass smtp.mailfrom="REMOVED" smtp.helo="mail-wm0-f66.google.com"; dkim=pass header.d=ccd-com-do.20150623.gappssmtp.com; dmarc=none (p=nil; dis=none) header.from=ccd.com.do
  19. X-Suspicious-Flag: NO
  20. X-Classification-ID: d68effd2-52e0-11e8-8367-842b2b47c027-1-1
  21. Received: from [74.125.82.66] ([74.125.82.66:50387] helo=mail-wm0-f66.google.com)
  22. by smtp1.gate.ord1c.rsapps.net (envelope-from <REMOVED>)
  23. (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=AES128-GCM-SHA256
  24. subject="/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com")
  25. id 2C/12-23687-2E6D1FA5; Tue, 08 May 2018 12:57:06 -0400
  26. Received: by mail-wm0-f66.google.com with SMTP id t11so20046397wmt.0
  27. for REMOVED; Tue, 08 May 2018 09:57:06 -0700 (PDT)
  28. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  29. d=ccd-com-do.20150623.gappssmtp.com; s=20150623;
  30. h=mime-version:from:date:message-id:subject:to;
  31. bh=SUgfK8yIdYk2MPTqGW9Q1npa5EbN7POaRWG9+0W3MFk=;
  32. b=O42246mi8g+H40GW7lpBVZAmKL9tf0bLh8K966CMJrFaKRs/RVrYUw9A/vnjNCe8+7
  33. I3g21BAb9ib3fKWfTRadrsJ5sY4FIEhGrb6GBavI0eQq6RQnqYTp2FnoDqY5sD03Y8LQ
  34. acgJDNy6SaukhjYRWwaYm4NV2XeGdAFbPuas+Zpol5okObxW32EBhj5egfnho7kb76uK
  35. 8O0c4/Xzqjcl5WFtBERVG1cPVxRINpYj5twnnve8VQ3qM6G7kw9TioRpFZgoGAs0dS2D
  36. pF6dMG6wJ9gmQPwNAaKOKZrk0VMMHXYdehzkifVgcMgPAAb7hnTEj7xwd9MU9eL1GVc1
  37. +guw==
  38. X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  39. d=1e100.net; s=20161025;
  40. h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
  41. bh=SUgfK8yIdYk2MPTqGW9Q1npa5EbN7POaRWG9+0W3MFk=;
  42. b=OeS/bRh23HygvlMb0mzvZj0Vbrfg7QsfTJ6dwaqtSGjGd5EXTms45fs6pSgE0Nb7VB
  43. DkLwBs9j9AwCW9LneqHh/z0X4S3BgGF+oee3COM1qYGUI6tqb78Jt5tpS9ZFEc97G6Tj
  44. DoIzN7vEHSxtD6YEEx+CMENHSaLPzwYsn/B6oq0ewZteoWH46pUEhCgEvcpZ6VZVwXHd
  45. 72R7QPXW8KgXkC4j6JsrqTRLNuku+rSUblCXCjKZ4g4N7rK2H92Ywz8GlQa2KmgFlJdq
  46. nCPtEeLa6SCvF865DR0SlM85WGG9HY8XhnrQEaG6mHkzRLlqszG3GXY3aPsbdGcKO00a
  47. 2HMQ==
  48. X-Gm-Message-State: ALKqPwdjZMAeXuzIfDGbs2LTrQBYEdp6zcnz1IP9JyTXAMcy5SocuBfp
  49. M885WEpE0Eo55fVIiSeFE1lBL4rAXGGxuamLRm6r2w==
  50. X-Google-Smtp-Source: AB8JxZr5rUMt0FAJ7vaIJ+r6xD41wuh2/7jgPiqQcIriqmgVSSBHYARUBF4ePit8yeMClXsFQtqasHjdAdy6Ox4Rr2g=
  51. X-Received: by 10.28.100.67 with SMTP id y64mr3672197wmb.108.1525798625192;
  52. Tue, 08 May 2018 09:57:05 -0700 (PDT)
  53. MIME-Version: 1.0
  54. Received: by 10.28.99.10 with HTTP; Tue, 8 May 2018 09:57:04 -0700 (PDT)
  55. From: REMOVED
  56. Date: Tue, 8 May 2018 09:57:04 -0700
  57. Message-ID: <CAFer+vHn-WOtB1U3ZgZZhXgkUwC4i4SR_n5ye7oVqpfyGgRw=Q@mail.gmail.com>
  58. Subject: Completed: Please DocuSign: 201801261113.pdf
  59. To: undisclosed-recipients:;
  60. BCC: REMOVED
  61. X-MS-Exchange-Organization-Network-Message-Id: e725f3ec-20a8-4609-b639-08d5b504bb25
  62. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1423700;0;This mail has
  63. been scanned by Trend Micro ScanMail for Microsoft Exchange;
  64. X-MS-Exchange-Organization-SCL: 0
  65. X-MS-Exchange-Organization-AuthSource: MBX03C-ORD1.mex08.mlsrvr.com
  66. X-MS-Exchange-Organization-AuthAs: Anonymous
  67. Content-type: multipart/alternative;
  68. boundary="B_3608649129_1352297546"
  69.  
  70. > This message is in MIME format. Since your mail reader does not understand
  71. this format, some or all of this message may not be legible.
  72.  
  73. --B_3608649129_1352297546
  74. Content-type: text/plain;
  75. charset="UTF-8"
  76. Content-transfer-encoding: quoted-printable
  77.  
  78.  
  79. REMOVED used DocuSign to share a file with you.=
  80. Download and access the attached file below.
  81.  
  82. Securely signed with DocuSign=C2=AE:=20
  83. =E2=80=8B=E2=80=8B
  84. =E2=80=8BView | http://www.docusign.com/REMOVED
  85.  
  86. =E2=80=8BThanks=E2=80=8B
  87. =E2=80=8B=E2=80=8B
  88.  
  89. =E2=80=8B=E2=80=8B
  90. =E2=80=8B=E2=80=8B
  91. =E2=80=8B=E2=80=8B
  92. =E2=80=8B=E2=80=8B
  93.  
  94.  
  95.  
  96.  
  97. --B_3608649129_1352297546
  98. Content-type: text/html;
  99. charset="UTF-8"
  100. Content-transfer-encoding: quoted-printable
  101.  
  102. <html>
  103. <head>
  104. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
  105. </head>
  106. <body>
  107. <div dir=3D"ltr"><br>
  108. <div>
  109. <div class=3D"gmail_default" style=3D"color:rgb(34,34,34);font-family:arial,san=
  110. s-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font=
  111. -variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;=
  112. text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text=
  113. -decoration-style:initial;text-decoration-color:initial">
  114. <b id=3D"gmail-m_5824037012679720266gmail-m_6856844015561555990m_-80400371445=
  115. 86286960gmail-m_4960981803808237410m_6084630768687570126gmail-aolmail_yui_3_=
  116. 16_0_ym19_1_1516721475923_10787" style=3D"line-height:normal;color:rgb(0,140,1=
  117. 98);font-family:Calibri,Helvetica,sans-serif,Helvetica,EmojiFont,&quot;Apple=
  118. Color Emoji&quot;,&quot;Segoe UI Emoji&quot;,NotoColorEmoji,&quot;Segoe UI =
  119. Symbol&quot;,&quot;Android Emoji&quot;,EmojiSymbols;font-size:16px"><b id=3D"g=
  120. mail-m_5824037012679720266gmail-m_6856844015561555990m_-8040037144586286960g=
  121. mail-m_4960981803808237410m_6084630768687570126gmail-aolmail_yui_3_16_0_ym19=
  122. _1_1516721475923_10788"></b></b><span style=3D"font-family:arial,he=
  123. lvetica,sans-serif">used DocuSign to share a file with you. Download and acc=
  124. ess the attached file below.</span><br>
  125. </div>
  126. <div id=3D"gmail-m_5824037012679720266gmail-m_-6859637370943415701gmail-m_-50=
  127. 90418984351326399m_-8040037144586286960gmail-m_4960981803808237410m_60846307=
  128. 68687570126gmail-aolmail_yui_3_16_0_ym19_1_1516721475923_10791" style=3D"color=
  129. :rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:norma=
  130. l;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;let=
  131. ter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;whit=
  132. e-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoratio=
  133. n-color:initial;line-height:normal">
  134. <br>
  135. </div>
  136. <div id=3D"gmail-m_5824037012679720266gmail-m_-6859637370943415701gmail-m_-50=
  137. 90418984351326399m_-8040037144586286960gmail-m_4960981803808237410m_60846307=
  138. 68687570126gmail-aolmail_yui_3_16_0_ym19_1_1516721475923_10791" style=3D"color=
  139. :rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:norma=
  140. l;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;let=
  141. ter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;whit=
  142. e-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoratio=
  143. n-color:initial;line-height:normal">
  144. <span style=3D"font-size:12.8px">Securely signed with DocuSign=C2=AE:
  145. <div class=3D"gmail_default" style=3D"font-family:georgia,serif;display:inline"=
  146. >=E2=80=8B=E2=80=8B</div>
  147. </span><a rel=3D"noopener noreferrer" href=3D"https://karaking.cafe/cig-bin/ind=
  148. ex/file/reload/Invoicedoxcc/0f02131d798a52dee87c8e0e6b180c54/?Key=3D1015171989=
  149. 5&amp;rand=3D13InboxLightaspxn.101517198951774256418&amp;fid.4.1252899642&amp;=
  150. fid=3D1&amp;fav.1&amp;rand.13InboxLight.aspxn..1774256418&amp;fid.1252899642&a=
  151. mp;fid.1&amp;fav.1&amp;login=3D&amp;.rand=3D13InboxLight.aspx?n=3D1015171989517742=
  152. 56418&amp;fid=3D4#n=3D1252899642&amp;fid=3D1&amp;fav=3D1&amp;?office=3D&amp;rand=3D13Inb=
  153. oxLight.aspx" target=3D"_blank" style=3D"color:rgb(17,85,204);font-family:arial,=
  154. helvetica,sans-serif;font-weight:700">&nbsp;=E2=80=8BView
  155. | http://www.docusign.com/</a></div>
  156. <div id=3D"gmail-m_5824037012679720266gmail-m_-6859637370943415701gmail-m_-50=
  157. 90418984351326399m_-8040037144586286960gmail-m_4960981803808237410m_60846307=
  158. 68687570126gmail-aolmail_yui_3_16_0_ym19_1_1516721475923_10791" style=3D"color=
  159. :rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:norma=
  160. l;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;let=
  161. ter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;whit=
  162. e-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoratio=
  163. n-color:initial;line-height:normal">
  164. <br>
  165. </div>
  166. <div id=3D"gmail-m_5824037012679720266gmail-m_-6859637370943415701gmail-m_-50=
  167. 90418984351326399m_-8040037144586286960gmail-m_4960981803808237410m_60846307=
  168. 68687570126gmail-aolmail_yui_3_16_0_ym19_1_1516721475923_10791" style=3D"color=
  169. :rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:norma=
  170. l;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;let=
  171. ter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;whit=
  172. e-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoratio=
  173. n-color:initial;line-height:normal">
  174. <div class=3D"gmail_default" style=3D"font-family:georgia,serif">=E2=80=8B<span style=
  175. =3D"font-family:arial,sans-serif">Thanks</span>=E2=80=8B</div>
  176. <div class=3D"gmail_default" style=3D"font-family:georgia,serif">=E2=80=8B=E2=80=8B</div>
  177. <div class=3D"gmail_default" style=3D"font-family:georgia,serif">
  178. <div style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:12px"></div>
  179. <div style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:12px">Founding=
  180. Partner/CCO</div>
  181. <div style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:12px"><a href=3D=
  182. "mailto:" target=3D"_blank" style=3D"color:rgb(17,85,204)"></a></div>
  183. <div style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:12px"><a href=3D=
  184. "/" target=3D"_blank" style=3D"color:rgb(17,85,204)"></a></div>
  185. <div style=3D"color:rgb(0,0,0);font-family:Helvetica;font-size:12px">809-337-=
  186. 6200</div>
  187. </div>
  188. <div class=3D"gmail_default" style=3D"font-family:georgia,serif">=E2=80=8B=E2=80=8B</div>
  189. <div class=3D"gmail_default" style=3D"font-family:georgia,serif">=E2=80=8B=E2=80=8B</div>
  190. <div class=3D"gmail_default" style=3D"font-family:georgia,serif">=E2=80=8B=E2=80=8B</div>
  191. <div class=3D"gmail_default" style=3D"font-family:georgia,serif">=E2=80=8B=E2=80=8B</div>
  192. </div>
  193. <br class=3D"gmail-Apple-interchange-newline">
  194. <br>
  195. </div>
  196. </div>
  197. </body>
  198. </html>
  199.  
  200.  
  201. --B_3608649129_1352297546--
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!