20230205_PHISHING_SCAM_1

1. YOUR_NAME_HERE https://bit.ly/3YFOqvV YOUR_FRIENDS_NAME_HERE
2.  
3.  
4.  
5.  
6. Received: from DM4PR05MB10270.namprd05.prod.outlook.com (::1) by
7. MWHPR0501MB3899.namprd05.prod.outlook.com with HTTPS; Sun, 5 Feb 2023
8. 10:49:20 +0000
9. Received: from DM6PR03CA0021.namprd03.prod.outlook.com (2603:10b6:5:40::34) by
10. DM4PR05MB10270.namprd05.prod.outlook.com (2603:10b6:8:180::11) with Microsoft
11. SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
12. 15.20.6064.32; Sun, 5 Feb 2023 10:49:18 +0000
13. Received: from DM6NAM12FT059.eop-nam12.prod.protection.outlook.com
14. (2603:10b6:5:40:cafe::da) by DM6PR03CA0021.outlook.office365.com
15. (2603:10b6:5:40::34) with Microsoft SMTP Server (version=TLS1_2,
16. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6064.34 via Frontend
17. Transport; Sun, 5 Feb 2023 10:49:18 +0000
18. Authentication-Results: spf=pass (sender IP is 79.171.34.102)
19. smtp.mailfrom=daybreakerexpress.com; dkim=pass (signature was verified)
20. header.d=daybreakerexpress.com;dmarc=bestguesspass action=none
21. header.from=daybreakerexpress.com;compauth=pass reason=109
22. Received-SPF: Pass (protection.outlook.com: domain of daybreakerexpress.com
23. designates 79.171.34.102 as permitted sender)
24. receiver=protection.outlook.com; client-ip=79.171.34.102;
25. helo=18.smtpout.hostinguk.net; pr=C
26. Received: from 18.smtpout.hostinguk.net (79.171.34.102) by
27. DM6NAM12FT059.mail.protection.outlook.com (10.13.179.1) with Microsoft SMTP
28. Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
29. 15.20.6086.11 via Frontend Transport; Sun, 5 Feb 2023 10:49:17 +0000
30. Received: from gamma.xssl.net ([72.249.26.34])
31. by hukstafilt03.hostinguk.net with esmtps (TLSv1:AES128-SHA:128)
32. (Exim 4.92)
33. (envelope-from <[email protected]>)
34. id 1pOca9-0005WH-Nx
35. for ; Sun, 05 Feb 2023 10:49:15 +0000
36. DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
37. d=daybreakerexpress.com; s=default; h=To:From:Subject:Message-ID:Date:
38. MIME-Version:Content-Type:Sender:Reply-To:Cc:Content-Transfer-Encoding:
39. Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
40. Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:
41. List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
42. bh=MccxmnaH6kURtsfESKi/r7mknIW9LPZ++su2YCYZ4w0=; b=k7f8HVAADNbA1LWZC5S/WzyPD
43. D4yarhIakH4cVQjM0hnkxYVu0Yc4VbYsq1G629i3GXk2rXU0G1NeLRTr1EyVbqZALeoGIXX+4nvR/
44. BFuPMHOh5Pr721z4rrH2IEZGh7m125KjdfOLuPFuVnWJFiONj/1i4GCLsV8ktn/d1fSXYJ9X7NPQN
45. +QHJmGQZNYJoRZKqcnmHa08jVYocrNNeGjGMYpkzwXIJqH8p1mYQ/K1LbL3a/WNc07yWuLsbpMHBI
46. qFcJ5GAGtTdBcmPO3m9kIvJLBzRc+lV7V7sVGu4W0WZHHVOxjZ/6R3DZ1rL/YLhAZpnN9fi11HrD7
47. PKNt/pJ9w==;
48. Received: from [222.252.48.92] (port=60846 helo=mail.daybreakerexpress.com)
49. by gamma.xssl.net with esmtpsa (TLSv1:DHE-RSA-AES128-SHA:128)
50. (Exim 4.87)
51. (envelope-from <[email protected]>)
52. id 1pOca7-001znJ-GI
53. for ; Sun, 05 Feb 2023 04:49:12 -0600
54. MIME-Version: 1.0
55. Date: Sun, 5 Feb 2023 13:48:35 +0300
56. Message-ID: <Mailbird-41gbkzme-rh8g-tqqy-6ct1-n5m41n7fwyrg@daybreakerexpress.com>
57. Subject: how are =?UTF-8?B?eW91Pw==?=
58. From: "Luis A Fajardo" <[email protected]>
59. To:
60. User-Agent: Mailbird/2.9.95.0
61. X-Mailbird-ID: Mailbird-41gbkzme-rh8g-tqqy-6ct1-n5m41n7fwyrg@daybreakerexpress.com
62. X-Get-Message-Sender-Via: gamma.xssl.net: authenticated_id: dmiddleton/from_h
63. X-Authenticated-Sender: gamma.xssl.net: [email protected]
64. X-Originating-IP: 72.249.26.34
65. X-HostingUK-Domain: gamma.xssl.net
66. X-HostingUK-Username: 72.249.26.34
67. Authentication-Results-Original: hostinguk.net; auth=pass
68. [email protected]
69. X-HostingUK-Outgoing-Class: unsure
70. X-HostingUK-Outgoing-Evidence: Combined (0.90)
71. X-Recommended-Action: accept
72. X-Filter-ID: Pt3MvcO5N4iKaDQ5O6lkdGlMVN6RH8bjRMzItlySaT/cybaycs5GCcZO1aggq+BoPUtbdvnXkggZ
73. 3YnVId/Y5jcf0yeVQAvfjHznO7+bT5xzXtdplyzc6UawryaMmYeK/0R7IumZkcZ+2Go+J2WkOKWN
74. y1e6wsmJXNjzPajbyF8k4Ndu06h2Q8QP5GQeNUYfxURo0D1KOZunb5ZBA6Lu17Jv5JWrPEcoUCJt
75. ztKp7SuTqrHKXzsQKVJSaJGiYc0ZBVisGv8MyVI5ms3guyJnGidAM+GKwIVuPD/Mr2fKQh0UOled
76. bu+r9+W9cDXvzL3ST5UbNY13MvZuA5SXT97Nc1nYl+184aBa6/m5pvzHAJlhn6sps0oXop0Wpl2m
77. +lnlkAgifmVmOKQjBwHh/5CYYPeSke0O1o6Obc2XZu4Q9rUMoOLjGsRz/MUE6aIZoCcUNXR4aVG4
78. tVHU1Zldyy+zfbnrM5aYo0PL7jUsZY4sbPZdjx85xQq9VD42UbTRudBo31/E3ahF5MMcDI7KdpjQ
79. KTeWZ1gDBk7Wa24d9lRfRE0uQ6GGWuZu276urM9S2PN4IK/1NH5THMtlYvyHAYGOGqz2oidVuoQM
80. okQutY3pHcCHFzboKDhGx0chVC6Uo5u4n3/KWfbq3t5NmLSY+EPGe7g0OsgliUi6O0WHX09TVd+V
81. TN8kjV8l2OB/iKErcpLJf6BEEqVh/hzbyY2vOiGLZuGtijkNoEy+s7FAcBwAkHjhaQop6Nvvif3X
82. 57C6u7LFlKJ7jrNRXsNt/cBtRLSZF4IDwdv4gSPRojeAn6kWYJxgCdkcx5PsMtIqmwR2O3FQr7nn
83. sXAWqdd2sUsn6DRLxligUy0GL3FSdC1wImfrRU9mMRr+w2X69ygMahiTQMBdAMkUml3pVW3MxC6z
84. gJYCnsOpyKA69LF1Ge2GaGfxmfpUbzE9z/TRUwyIbiX8xcZ0N+ep68jd4te9bfJfaPjtUtms7vmH
85. oDxOWjZSMu6mkY/AuWi2fMJNLA8ETVT8z/gZpjAyJql3SqRcDkoj/tWY9qn42g0QjxDWy3y+gOkB
86. bCZn5s9N3/cH9U3H+rzoGJjB
87. X-Report-Abuse-To: [email protected]
88. Return-Path: [email protected]
89. X-MS-Exchange-Organization-ExpirationStartTime: 05 Feb 2023 10:49:17.3217
90. (UTC)
91. X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
92. X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
93. X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
94. X-MS-Exchange-Organization-Network-Message-Id:
95. 4357fd02-acbe-46ba-ce16-08db0766a10e
96. X-EOPAttributedMessage: 0
97. X-EOPTenantAttributedMessage: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a:0
98. X-MS-Exchange-Organization-MessageDirectionality: Incoming
99. X-MS-PublicTrafficType: Email
100. X-MS-TrafficTypeDiagnostic: DM6NAM12FT059:EE_|DM4PR05MB10270:EE_
101. X-MS-Exchange-Organization-AuthSource:
102. DM6NAM12FT059.eop-nam12.prod.protection.outlook.com
103. X-MS-Exchange-Organization-AuthAs: Anonymous
104. X-MS-Office365-Filtering-Correlation-Id: 4357fd02-acbe-46ba-ce16-08db0766a10e
105. X-MS-Exchange-Organization-SCL: 5
106. X-Forefront-Antispam-Report:
107. CIP:79.171.34.102;CTRY:GB;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:18.smtpout.hostinguk.net;PTR:18.smtpout.hostinguk.net;CAT:SPM;SFS:(13230025)(451199018)(10202899006)(6916009)(8676002)(1096003)(9786002)(3480700007)(22186003)(36756003)(564344004)(5660300002)(7636003)(7596003)(336012)(6666004)(966005)(6966003)(58800400005)(2616005)(956004)(26005)(7696005)(356005)(33964004)(94036010)(85006041);DIR:INB;
108. X-Microsoft-Antispam: BCL:0;
109. X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Feb 2023 10:49:17.1655
110. (UTC)
111. X-MS-Exchange-CrossTenant-Network-Message-Id: 4357fd02-acbe-46ba-ce16-08db0766a10e
112. X-MS-Exchange-CrossTenant-Id: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a
113. X-MS-Exchange-CrossTenant-AuthSource:
114. DM6NAM12FT059.eop-nam12.prod.protection.outlook.com
115. X-MS-Exchange-CrossTenant-AuthAs: Anonymous
116. X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
117. X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR05MB10270
118. X-MS-Exchange-Transport-EndToEndLatency: 00:00:03.6135598
119. X-MS-Exchange-Processed-By-BccFoldering: 15.20.6043.022
120. X-Microsoft-Antispam-Mailbox-Delivery:
121. ucf:0;jmr:0;auth:0;dest:J;OFR:SpamFilterAuthJ;ENG:(910001)(944506478)(944626604)(920097)(930097)(3100021);RF:JunkEmail;
122. X-Microsoft-Antispam-Message-Info:
123.  
124. Content-type: multipart/alternative;
125. boundary="B_3758476482_169141481"
126.  
127. > This message is in MIME format. Since your mail reader does not understand
128. this format, some or all of this message may not be legible.
129.  
130. --B_3758476482_169141481
131. Content-type: text/plain;
132. charset="UTF-8"
133. Content-transfer-encoding: 7bit
134.