20180219_Phishing_1

https://goo.gl/KozZ6K

Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by
 MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
 id 15.0.1293.2 via Mailbox Transport; Mon, 19 Feb 2018 10:49:37 -0600
Received: from MBX03D-ORD1.mex08.mlsrvr.com (172.29.9.18) by
 MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
 id 15.0.1293.2; Mon, 19 Feb 2018 10:49:37 -0600
Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by
 MBX03D-ORD1.mex08.mlsrvr.com (172.29.9.18) with Microsoft SMTP Server (TLS)
 id 15.0.1293.2 via Frontend Transport; Mon, 19 Feb 2018 10:49:37 -0600
Return-Path: <jolynn56468@monchera.com.br>
X-Spam-Threshold: 95
X-Spam-Score: 100
Precedence: junk
X-Spam-Flag: YES
X-Virus-Scanned: OK
X-Orig-To: REMOVED
X-Originating-Ip: [201.76.49.171]
Authentication-Results: smtp25.gate.ord1c.rsapps.net; iprev=pass policy.iprev="201.76.49.171"; spf=pass smtp.mailfrom="jolynn56468@monchera.com.br" smtp.helo="hm1480-40.locaweb.com.br"; dkim=none (message not signed) header.d=none; dmarc=none (p=nil; dis=none) header.from=monchera.com.br
X-Classification-ID: ddfa0c78-1594-11e8-9b17-0026b952bd60-1-1
Received: from [201.76.49.171] ([201.76.49.171:1429] helo=hm1480-40.locaweb.com.br)
	by smtp25.gate.ord1c.rsapps.net (envelope-from <jolynn56468@monchera.com.br>)
	(ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTP
	id B0/76-14786-0200B8A5; Mon, 19 Feb 2018 11:49:36 -0500
Received: from mcbain0016.correio.biz (201.76.49.39) by hm1480-1.locaweb.com.br id hhc020169rkf for <REMOVED>; Mon, 19 Feb 2018 13:49:35 -0300 (envelope-from <jolynn56468@monchera.com.br>)
Received: from proxy.email-ssl.com.br (bartr0002.email.locaweb.com.br [10.30.70.45])
	by mcbain0016.correio.biz (Postfix) with ESMTP id 10F4EAA0341
	for <REMOVED>; Mon, 19 Feb 2018 13:49:35 -0300 (BRT)
x-locaweb-id: _yT_bR3mXTKAFWv_oFdUIENTFvuA4cpA2j8185u_j2j2iCk3PIADNluxPiNEdJNbnjYtCibkd-Xm5zD4AM5xvyh8x4jnZ6KgZXNpst7VuZJTwAzim-mq8lGyeZ8LQCAlRP9iuoQh01DN0rqEJAK_7xhduAPpgBcp9Ue9pKzJ68PY_NXHJvZXCcY0wZmcCn2oMg0ZPCrdvIkG5_AphtpjJ0G64-VfXqpMb6yWHoJmJ7Q= NmQ2MTc1NzI2ZjYyNjk2ZTY5NDA2ZDZmNmU2MzY4NjU3MjYxMmU2MzZmNmQyZTYyNzI=
X-LocaWeb-COR: locaweb_2009_x-mail
X-AuthUser: maurobini@monchera.com.br
Received: from smtp.monchera.com.br (177-104-241-250.provecom.com.br [177.104.241.250])
	(Authenticated sender: maurobini@monchera.com.br)
	by proxy.email-ssl.com.br (Postfix) with ESMTPSA id 5C1A04C056D
	for <REMOVED>; Mon, 19 Feb 2018 13:49:32 -0300 (BRT)
From: jolynn56468 <jolynn56468@monchera.com.br>
To: <REMOVED>
Subject:
Date: Mon, 19 Feb 2018 16:51:33 +0000
Message-ID: <7759801xepk0$k8by4qmy$cw1hkn3m$@monchera.com.br>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: Xm0jNDApbnApKCpudzBtLTY1XnJleQ==
Content-Language: en-us
X-MS-Exchange-Organization-Network-Message-Id: f656ec2c-c0e4-43d9-8796-08d577b8c2f4
X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1397500;0;This mail has
 been scanned by Trend Micro ScanMail for Microsoft Exchange;
X-MS-Exchange-Organization-SCL: 5
X-MS-Exchange-Organization-AuthSource: MBX03D-ORD1.mex08.mlsrvr.com
X-MS-Exchange-Organization-AuthAs: Anonymous
Content-type: multipart/alternative;
	boundary="B_3601915953_1203068143"

> This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--B_3601915953_1203068143
Content-type: text/plain;
	charset="UTF-8"
Content-transfer-encoding: 7bit

Hi REMOVED


https://goo.gl/KozZ6K


Thank you!


--B_3601915953_1203068143
Content-type: text/html;
	charset="UTF-8"
Content-transfer-encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsof=
t-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" xmlns:m=
=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http://www.w3.org=
/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:#954F72;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span lang=3D"EN-US" style=3D"font-size:10.3pt;font-family=
:Verdana">Hi REMOVED</p>
<p class=3D"MsoNormal"><span lang=3D"EN-US" style=3D"font-size:10.3pt;font-family=
:Verdana"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US" style=3D"font-size:10.3pt;font-family=
:Verdana"><a href=3D"https://goo.gl/KozZ6K">https://goo.gl/KozZ6K</a><o:p></o:=
p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.3pt;font-family:Verdana"><o:=
p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.3pt;font-family:Verdana"><o:=
p>&nbsp;</o:p></span></p>
Thank you!<br>
<o:p></o:p></span>
<p></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.3pt;font-family:Verdana"><o:=
p></o:p></span></p>
</div>
</body>
</html>


--B_3601915953_1203068143--