malware-jar

1. X-Antiabuse: ⁨This header was added to track abuse, please include it with any abuse report⁩
2. X-Antiabuse: ⁨Primary Hostname - server2.vweb.be⁩
3. X-Antiabuse: ⁨Original Domain - xxx.com
4. X-Antiabuse: ⁨Originator/Caller UID/GID - [47 12] / [47 12]⁩
5. X-Antiabuse: ⁨Sender Address Domain - tntexpress.net⁩
6. X-Spam-Report: ⁨Spam detection software, running on the system "phx.hn.cl", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: fyi. Kindly check document for your reference. View Download Many thanks and kind regards Customer Services TNT Express. 0BThis email, together with any attachments, is for the exclusive and confident Content analysis details: (5.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.5 KAM_NUMSUBJECT Subject ends in numbers 1.6 SUBJ_ALL_CAPS Subject is all capitals 0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words 0.0 HTML_MESSAGE BODY: HTML included in message 1.6 MISSING_MID Missing Message-Id: header 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods⁩
7. X-Spam-Bar: ⁨+++++⁩
8. X-Source-Args: ⁨⁩
9. Return-Path: ⁨<customer_service@tntexpress.net>⁩
10. Return-Path: ⁨<customer_service@tntexpress.net>⁩
11. Mime-Version: ⁨1.0⁩
12. X-Source-Dir: ⁨⁩
13. Delivery-Date: ⁨Sun, 24 Feb 2019 22:08:01 -0300⁩
14. X-Authenticated-Sender: ⁨server2.vweb.be: pieterjan@de-feestfabriek.be⁩
15. X-Spam-Score: ⁨55⁩
16. X-Get-Message-Sender-Via: ⁨server2.vweb.be: authenticated_id: pieterjan@de-feestfabriek.be⁩
17. X-Spam-Flag: ⁨YES⁩
18. X-Spam-Status: ⁨Yes, score=5.5⁩
19. Content-Type: ⁨multipart/alternative; boundary="===============0469067969=="⁩
20. Delivered-To: ⁨user@xxx.com
21. X-Source: ⁨⁩
22. Received: ⁨from phx.hn.cl by phx.hn.cl with LMTP id wEISHfE/c1w63B0ArMImTg for <user@xxx.com>; Sun, 24 Feb 2019 22:08:01 -0300⁩
23. Received: ⁨from server2.vweb.be ([199.223.212.169]:37328) by phx.hn.cl with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <customer_service@tntexpress.net>) id 1gy4kO-008DOP-Ku for user@xxx.com; Sun, 24 Feb 2019 22:08:01 -0300⁩
24. Received: ⁨from [104.211.157.67] (port=51702 helo=lunaallee78.yp0ax5uhpq1uvfxcr1dlqimdae.sx.internal.cloudapp.net) by server2.vweb.be with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from <customer_service@tntexpress.net>) id 1gy4jE-0001Dt-CQ; Mon, 25 Feb 2019 02:06:44 +0100