API tools faq
paste
wavellan

20190210_PHISHING_SCAM_2

wavellan
Feb 10th, 2019
258
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.75 KB | None | 0 0
raw download clone embed print report
  1. Received: from MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) by
  2. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  3. id 15.0.1367.3 via Mailbox Transport; Sun, 10 Feb 2019 18:37:09 -0600
  4. Received: from MBX04D-ORD1.mex08.mlsrvr.com (172.29.9.21) by
  5. MBX05D-ORD1.mex08.mlsrvr.com (172.29.9.24) with Microsoft SMTP Server (TLS)
  6. id 15.0.1367.3; Sun, 10 Feb 2019 18:37:09 -0600
  7. Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by
  8. MBX04D-ORD1.mex08.mlsrvr.com (172.29.9.21) with Microsoft SMTP Server (TLS)
  9. id 15.0.1367.3 via Frontend Transport; Sun, 10 Feb 2019 18:37:09 -0600
  10. Return-Path: <[email protected]>
  11. X-Spam-Threshold: 95
  12. X-Spam-Score: 0
  13. X-Spam-Flag: NO
  14. X-Virus-Scanned: OK
  15. X-Orig-To: [email protected]
  16. X-Originating-Ip: [185.241.4.7]
  17. Authentication-Results: smtp26.gate.ord1c.rsapps.net; iprev=pass policy.iprev="185.241.4.7"; spf=fail smtp.mailfrom="[email protected]" smtp.helo="were"; dkim=none (message not signed) header.d=none; dmarc=none (p=nil; dis=none) header.from=domain.org
  18. X-Suspicious-Flag: NO
  19. X-Classification-ID: 298d4bb4-2d95-11e9-b86d-b8ca3a5bd12c-1-1
  20. Received: from [185.241.4.7] ([185.241.4.7:32784] helo=were)
  21. by smtp26.gate.ord1c.rsapps.net (envelope-from <[email protected]>)
  22. (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
  23. id 18/D6-05125-5B3C06C5; Sun, 10 Feb 2019 19:37:09 -0500
  24. Received: from oofioceupdaetowa by were with local (Exim 4.91)
  25. (envelope-from <[email protected]>)
  26. id 1grgUI-0006GG-4V
  27. for [email protected]; Thu, 07 Feb 2019 05:00:54 -0500
  28. To: <[email protected]>
  29. Subject: IMPORTANT SECURITY ALERT
  30. X-PHP-Script: 185.241.4.37/inbox.php for 159.69.177.182
  31. X-PHP-Originating-Script: 1003:inbox.php
  32. Date: Thu, 7 Feb 2019 10:00:54 +0000
  33. From: domain Message Center <[email protected]>
  34. Message-ID: <[email protected]>
  35. X-Mailer: Microsoft Outlook Express 6.00.2600.0000
  36. MIME-Version: 1.0
  37. X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
  38. X-AntiAbuse: Primary Hostname - were
  39. X-AntiAbuse: Original Domain - domain.org
  40. X-AntiAbuse: Originator/Caller UID/GID - [1003 992] / [47 12]
  41. X-AntiAbuse: Sender Address Domain - domain.org
  42. X-Get-Message-Sender-Via: were: authenticated_id: oofioceupdaetowa/only user confirmed/virtual account not confirmed
  43. X-Authenticated-Sender: were: oofioceupdaetowa
  44. X-Source:
  45. X-Source-Args:
  46. X-Source-Dir:
  47. X-MS-Exchange-Organization-Network-Message-Id: 255e68a2-8017-449b-5652-08d68fb90e93
  48. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1480300;0;This mail has
  49. been scanned by Trend Micro ScanMail for Microsoft Exchange;
  50. X-MS-Exchange-Organization-SCL: 0
  51. X-MS-Exchange-Organization-AuthSource: MBX04D-ORD1.mex08.mlsrvr.com
  52. X-MS-Exchange-Organization-AuthAs: Anonymous
  53. Content-type: multipart/alternative;
  54. boundary="B_3632674070_2049477911"
  55.  
  56. > This message is in MIME format. Since your mail reader does not understand
  57. this format, some or all of this message may not be legible.
  58.  
  59. --B_3632674070_2049477911
  60. Content-type: text/plain;
  61. charset="UTF-8"
  62. Content-transfer-encoding: 7bit
  63.  
  64.  
  65.  
  66. This mail is from a trusted sender.
  67.  
  68.  
  69.  
  70. Dear [email protected] ,
  71.  
  72. Please confirm account [email protected] to enable a better service communication,
  73. and avoid mail delivery malfunction.
  74.  
  75. Confirm [email protected]
  76.  
  77. Note: Office will always keep you posted of security updates.
  78.  
  79. Thanks and Regards,
  80. [email protected] (C) 2019 Secured Service. - This email was sent to [email protected]
  81.  
  82.  
  83. --B_3632674070_2049477911
  84. Content-type: text/html;
  85. charset="UTF-8"
  86. Content-transfer-encoding: quoted-printable
  87.  
  88. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
  89. <html>
  90. <head>
  91. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
  92. <meta name=3D"GENERATOR" content=3D"MSHTML 11.00.10570.1001">
  93. </head>
  94. <body>
  95. <p><br class=3D"Apple-interchange-newline">
  96. <table class=3D"yiv6061570731ydp850c3b47yiv9171881082m_-8772752807624100762x_=
  97. ecxmyTable" style=3D"FONT-SIZE: 13px; FONT-FAMILY: new; WIDTH: 700px; WHITE-SP=
  98. ACE: normal; WORD-SPACING: 0px; BORDER-COLLAPSE: collapse; TEXT-TRANSFORM: n=
  99. one; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-ALIGN:=
  100. left; MIN-HEIGHT: 36px; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; LINE=
  101. -HEIGHT: 1.6em; BACKGROUND-COLOR: rgb(238,238,238); TEXT-INDENT: 0px; font-v=
  102. ariant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-wid=
  103. th: 0px; text-decoration-style: initial; text-decoration-color: initial">
  104. <tbody>
  105. <tr>
  106. <th style=3D"BORDER-TOP: rgb(0,0,0) 0px solid; BORDER-RIGHT: rgb(0,0,0) 0px s=
  107. olid; WIDTH: 2px; BORDER-BOTTOM: rgb(0,0,0) 0px solid; COLOR: white; PADDING=
  108. -BOTTOM: 4px; PADDING-TOP: 4px; PADDING-LEFT: 4px; BORDER-LEFT: rgb(0,0,0) 0=
  109. px solid; PADDING-RIGHT: 4px; BACKGROUND-COLOR: rgb(2,151,64)">
  110. <br>
  111. </th>
  112. <td style=3D"BORDER-TOP: rgb(0,0,0) 0px solid; BORDER-RIGHT: rgb(0,0,0) 0px s=
  113. olid; BORDER-BOTTOM: rgb(0,0,0) 0px solid; PADDING-BOTTOM: 4px; PADDING-TOP:=
  114. 4px; PADDING-LEFT: 4px; BORDER-LEFT: rgb(0,0,0) 0px solid; PADDING-RIGHT: 4=
  115. px; BACKGROUND-COLOR: rgb(243,255,248)">
  116. <div class=3D"yiv6061570731ydp850c3b47yiv9171881082m_-8772752807624100762x_ec=
  117. xms-font-weight-regular yiv6061570731ydp850c3b47yiv9171881082m_-877275280762=
  118. 4100762x_ecxms-font-s yiv6061570731ydp850c3b47yiv9171881082m_-87727528076241=
  119. 00762x_ecxInfobarImmediateTextContainer yiv6061570731ydp850c3b47yiv917188108=
  120. 2m_-8772752807624100762x_ecxms-font-color-neutralDark">
  121. <span style=3D"FONT-FAMILY: arial, helvetica, sans-serif"><span style=3D"FONT-S=
  122. IZE: 12px">This mail is from a trusted sender.</span></span></div>
  123. </td>
  124. </tr>
  125. </tbody>
  126. </table>
  127. </p>
  128. <div style=3D"FONT-SIZE: 13px; FONT-FAMILY: &quot;Helvetica Neue&quot;, Helve=
  129. tica, Arial, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSF=
  130. ORM: none; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-=
  131. ALIGN: left; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR=
  132. : rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
  133. ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: =
  134. initial; text-decoration-color: initial">
  135. <div>&nbsp;</div>
  136. <div>
  137. <div style=3D"FONT-SIZE: 13px; FONT-FAMILY: &quot;Helvetica Neue&quot;, Helve=
  138. tica, Arial, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSF=
  139. ORM: none; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-=
  140. ALIGN: left; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR=
  141. : rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
  142. ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: =
  143. initial; text-decoration-color: initial">
  144. &nbsp;</div>
  145. <div style=3D"FONT-SIZE: 13px; FONT-FAMILY: &quot;Helvetica Neue&quot;, Helve=
  146. tica, Arial, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSF=
  147. ORM: none; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-=
  148. ALIGN: left; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR=
  149. : rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
  150. ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: =
  151. initial; text-decoration-color: initial">
  152. <br>
  153. Dear&nbsp;[email protected]&nbsp;,<br>
  154. <br>
  155. Please confirm account <font color=3D"#00ff00">[email protected]</font> to ena=
  156. ble a better service communication,<br>
  157. and avoid mail delivery malfunction.<span>&nbsp;</span><br>
  158. <br>
  159. </div>
  160. <div style=3D"FONT-SIZE: 13px; FONT-FAMILY: &quot;Helvetica Neue&quot;, Helve=
  161. tica, Arial, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSF=
  162. ORM: none; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-=
  163. ALIGN: left; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR=
  164. : rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
  165. ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: =
  166. initial; text-decoration-color: initial">
  167. <table width=3D"393">
  168. <tbody>
  169. <tr>
  170. <td style=3D"FONT-SIZE: 14px; BORDER-TOP: rgb(0,120,215) 1px solid; FONT-FAMI=
  171. LY: &quot;Segoe UI Semibold&quot;, &quot;Segoe WP Semibold&quot;, &quot;Sego=
  172. e UI&quot;, &quot;Segoe WP&quot;, Segoe, Tahoma, &quot;Microsoft Sans Serif&=
  173. quot;, Verdana, sans-serif; BORDER-RIGHT: rgb(0,120,215) 1px solid; WIDTH: 2=
  174. 00px; VERTICAL-ALIGN: middle; WHITE-SPACE: nowrap; BORDER-BOTTOM: rgb(0,120,=
  175. 215) 1px solid; COLOR: rgb(255,255,255); TEXT-ALIGN: center; PADDING-LEFT: 2=
  176. 0px; MIN-HEIGHT: 30px; BORDER-LEFT: rgb(0,120,215) 1px solid; MARGIN: 0px; L=
  177. INE-HEIGHT: 20px; PADDING-RIGHT: 20px; BACKGROUND-COLOR: rgb(0,120,215)">
  178. <a style=3D"TEXT-DECORATION: none; COLOR: rgb(255,255,255)" href=3D"https://mye=
  179. mailsrvrupgraade.z13.web.core.windows.net/" rel=3D"noreferrer" target=3D"_blank"=
  180. ><strong><u>Confirm [email protected]</u></strong></a></td>
  181. </tr>
  182. </tbody>
  183. </table>
  184. </div>
  185. <br style=3D"FONT-SIZE: 13px; FONT-FAMILY: &quot;Helvetica Neue&quot;, Helvet=
  186. ica, Arial, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFO=
  187. RM: none; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-A=
  188. LIGN: left; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR:=
  189. rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-va=
  190. riant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: i=
  191. nitial; text-decoration-color: initial">
  192. <div style=3D"FONT-SIZE: 13px; FONT-FAMILY: &quot;Helvetica Neue&quot;, Helve=
  193. tica, Arial, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSF=
  194. ORM: none; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-=
  195. ALIGN: left; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR=
  196. : rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
  197. ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: =
  198. initial; text-decoration-color: initial">
  199. <strong>Note:</strong><span>&nbsp;</span>Office will always keep you posted=
  200. of security updates.</div>
  201. <div style=3D"FONT-SIZE: 13px; FONT-FAMILY: &quot;Helvetica Neue&quot;, Helve=
  202. tica, Arial, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSF=
  203. ORM: none; FONT-WEIGHT: 400; COLOR: rgb(38,40,42); FONT-STYLE: normal; TEXT-=
  204. ALIGN: left; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR=
  205. : rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
  206. ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-style: =
  207. initial; text-decoration-color: initial">
  208. <br>
  209. Thanks and Regards,<br>
  210. [email protected] (C) 2019 Secured Service. -<span>&nbsp;</span><span style=3D=
  211. "TEXT-DECORATION: none; COLOR: rgb(110,120,139)">This email was sent to
  212. <font color=3D"#26282a">[email protected]</font></span></div>
  213. </div>
  214. </div>
  215. </body>
  216. </html>
  217.  
  218.  
  219. --B_3632674070_2049477911--
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!