20180223_PHISHING_SCAM_2

1. http://assess.candoproducts.info
2.  
3. Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by
4. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
5. id 15.0.1293.2 via Mailbox Transport; Fri, 23 Feb 2018 03:22:38 -0600
6. Received: from MBX10C-ORD1.mex08.mlsrvr.com (172.29.9.35) by
7. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
8. id 15.0.1293.2; Fri, 23 Feb 2018 03:22:37 -0600
9. Received: from gate.forward.smtp.ord1a.emailsrvr.com (173.203.2.22) by
10. MBX10C-ORD1.mex08.mlsrvr.com (172.29.9.35) with Microsoft SMTP Server (TLS)
11. id 15.0.1293.2 via Frontend Transport; Fri, 23 Feb 2018 03:22:37 -0600
12. Return-Path: <musicmusicmusic@themis.ocn.ne.jp>
13. X-Spam-Threshold: 95
14. X-Spam-Score: 100
15. Precedence: junk
16. X-Spam-Flag: YES
17. X-Virus-Scanned: OK
18. X-Orig-To: REMOVED
19. X-Originating-Ip: [153.149.229.21]
20. Authentication-Results: smtp55.gate.ord1a.rsapps.net; iprev=pass policy.iprev="153.149.229.21"; spf=pass smtp.mailfrom="musicmusicmusic@themis.ocn.ne.jp" smtp.helo="mogw1120.ocn.ad.jp"; dkim=none (message not signed) header.d=none; dmarc=none (p=nil; dis=none) header.from=themis.ocn.ne.jp
21. X-Classification-ID: 163b66a2-187b-11e8-a542-a4badb2864f3-1-1
22. Received: from [153.149.229.21] ([153.149.229.21:55476] helo=mogw1120.ocn.ad.jp)
23. by smtp55.gate.ord1a.rsapps.net (envelope-from <musicmusicmusic@themis.ocn.ne.jp>)
24. (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTP
25. id 0A/6F-02884-D5DDF8A5; Fri, 23 Feb 2018 04:22:37 -0500
26. Received: from mf-smf-ucb033c3 (mf-smf-ucb033c3.ocn.ad.jp [153.153.66.226])
27. by mogw1120.ocn.ad.jp (Postfix) with ESMTP id 4DC31F0024C;
28. Fri, 23 Feb 2018 18:22:36 +0900 (JST)
29. Received: from ntt.pod01.mv-mta-ucb025 ([153.149.142.99])
30. by mf-smf-ucb033c3 with ESMTP
31. id p9YpeTX3Q6BEVp9Yqe3PCC; Fri, 23 Feb 2018 18:22:36 +0900
32. Message-ID: <1519377756.p9YpeTX3Q6BEVp9Yqe3PCC@mf-smf-ucb033c3>
33. Received: from smtp.ocn.ne.jp ([153.149.227.133])
34. by ntt.pod01.mv-mta-ucb025 with
35. id E9NX1x00H2tKTyH019NXWT; Fri, 23 Feb 2018 09:22:36 +0000
36. Received: from smtp.ocn.ne.jp (unknown [14.177.157.171])
37. by smtp.ocn.ne.jp (Postfix) with ESMTPA;
38. Fri, 23 Feb 2018 18:22:31 +0900 (JST)
39. MIME-Version: 1.0
40. To: REMOVED
41. From: David Flores <musicmusicmusic@themis.ocn.ne.jp>
42. Subject:
43. Date: Fri, 23 Feb 2018 00:22:25 -0900
44. Importance: normal
45. X-Priority: 3
46. X-MS-Exchange-Organization-Network-Message-Id: 632973c5-b648-498c-ec64-08d57a9efaf3
47. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1398300;0;This mail has
48. been scanned by Trend Micro ScanMail for Microsoft Exchange;
49. X-MS-Exchange-Organization-SCL: 5
50. X-MS-Exchange-Organization-AuthSource: MBX10C-ORD1.mex08.mlsrvr.com
51. X-MS-Exchange-Organization-AuthAs: Anonymous
52. Content-type: multipart/alternative;
53. boundary="B_3602216393_1658279157"
54.  
55. > This message is in MIME format. Since your mail reader does not understand
56. this format, some or all of this message may not be legible.
57.  
58. --B_3602216393_1658279157
59. Content-type: text/plain;
60. charset="UTF-8"
61. Content-transfer-encoding: 7bit
62.  
63. http://assess.candoproducts.info
64.  
65.  
66.  
67. David Flores
68.  
69.  
70.  
71.  
72. --B_3602216393_1658279157
73. Content-type: text/html;
74. charset="UTF-8"
75. Content-transfer-encoding: quoted-printable
76.  
77. <html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:schema=
78. s-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/office/20=
79. 04/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40">
80. <head>
81. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
82. <meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
83. <style><!--
84. /* Font Definitions */
85. @font-face
86. {font-family:"Cambria Math";
87. panose-1:2 4 5 3 5 4 6 3 2 4;}
88. @font-face
89. {font-family:Calibri;
90. panose-1:2 15 5 2 2 2 4 3 2 4;}
91. /* Style Definitions */
92. p.MsoNormal, li.MsoNormal, div.MsoNormal
93. {margin:0in;
94. margin-bottom:.0001pt;
95. font-size:11.0pt;
96. font-family:"Calibri",sans-serif;}
97. a:link, span.MsoHyperlink
98. {mso-style-priority:99;
99. color:#0563C1;
100. text-decoration:underline;}
101. a:visited, span.MsoHyperlinkFollowed
102. {mso-style-priority:99;
103. color:#954F72;
104. text-decoration:underline;}
105. ..MsoChpDefault
106. {mso-style-type:export-only;}
107. @page WordSection1
108. {size:8.5in 11.0in;
109. margin:1.0in 1.0in 1.0in 1.0in;}
110. div.WordSection1
111. {page:WordSection1;}
112. --></style>
113. </head>
114. <body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72">
115. <div class=3D"WordSection1">
116. <p class=3D"MsoNormal" style=3D"line-height:150%"><a href=3D"http://assess.candop=
117. roducts.info">http://assess.candoproducts.info</a><span style=3D"color:black">=
118. <o:p></o:p></span></p>
119. <p class=3D"MsoNormal" style=3D"line-height:150%"><span style=3D"color:black"><o:=
120. p>&nbsp;</o:p></span></p>
121. <p class=3D"MsoNormal" style=3D"line-height:150%"><span style=3D"color:black">Dav=
122. id Flores<o:p></o:p></span></p>
123. <p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
124. </div>
125. </body>
126. </html>
127.  
128.  
129. --B_3602216393_1658279157--