API tools faq
paste
Advertisement
wavellan

2018080120_PHISHING_SCAM_1

wavellan
Aug 20th, 2018
620
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.53 KB | None | 0 0
raw download clone embed print report
  1. Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by
  2. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  3. id 15.0.1367.3 via Mailbox Transport; Sat, 18 Aug 2018 19:01:06 -0500
  4. Received: from MBX10D-ORD1.mex08.mlsrvr.com (172.29.9.40) by
  5. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  6. id 15.0.1367.3; Sat, 18 Aug 2018 19:01:05 -0500
  7. Received: from gate.forward.smtp.ord1d.emailsrvr.com (161.47.34.7) by
  8. MBX10D-ORD1.mex08.mlsrvr.com (172.29.9.40) with Microsoft SMTP Server (TLS)
  9. id 15.0.1367.3 via Frontend Transport; Sat, 18 Aug 2018 19:01:06 -0500
  10. Return-Path: <[email protected]>
  11. X-Spam-Threshold: 95
  12. X-Spam-Score: 0
  13. X-Spam-Flag: NO
  14. X-Virus-Scanned: OK
  15. X-Orig-To:
  16. X-Originating-Ip: [96.125.164.173]
  17. Authentication-Results: smtp31.gate.ord1d.rsapps.net; iprev=pass policy.iprev="96.125.164.173"; spf=fail smtp.mailfrom="[email protected]" smtp.helo="pra.practicemarketer.com"; dkim=none (message not signed) header.d=none; dmarc=none (p=nil; dis=none) header.from=mypulp.eu
  18. X-Suspicious-Flag: NO
  19. X-Classification-ID: f7fb1306-a342-11e8-a3d7-525400b3ac8c-1-1
  20. Received: from [96.125.164.173] ([96.125.164.173:51516] helo=pra.practicemarketer.com)
  21. by smtp31.gate.ord1d.rsapps.net (envelope-from <[email protected]>)
  22. (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
  23. id 1F/1C-19348-243B87B5; Sat, 18 Aug 2018 20:01:06 -0400
  24. Received: from dcplaybook by pra.practicemarketer.com with local (Exim 4.89_1)
  25. (envelope-from <[email protected]>)
  26. id 1frB9R-00014y-Nc
  27. for ; Sat, 18 Aug 2018 18:01:02 -0600
  28. To: <>
  29. Subject: Shared Interest
  30. X-PHP-Script: mychiropractors.info/functionality/Gmailsmtp.php for 66.187.71.78
  31. X-PHP-Originating-Script: 504:class.phpmailer.php
  32. Date: Sun, 19 Aug 2018 00:00:39 +0000
  33. From: Christine Mei <[email protected]>
  34. Reply-To: <[email protected]>
  35. Message-ID: <[email protected]>
  36. X-Priority: 3
  37. X-Mailer: PHPMailer 5.2.16 (https://github.com/PHPMailer/PHPMailer)
  38. MIME-Version: 1.0
  39. Sender: <[email protected]>
  40. X-OutGoing-Spam-Status: No, score=4.2
  41. X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
  42. X-AntiAbuse: Primary Hostname - pra.practicemarketer.com
  43. X-AntiAbuse: Original Domain -
  44. X-AntiAbuse: Originator/Caller UID/GID - [504 496] / [47 12]
  45. X-AntiAbuse: Sender Address Domain - mypulp.eu
  46. X-Get-Message-Sender-Via: pra.practicemarketer.com: authenticated_id: dcplaybook/only user confirmed/virtual account not confirmed
  47. X-Authenticated-Sender: pra.practicemarketer.com: dcplaybook
  48. X-Source: /opt/cpanel/ea-php71/root/usr/bin/php-cgi
  49. X-Source-Args: /opt/cpanel/ea-php71/root/usr/bin/php-cgi /home/dcplaybook/public_html/functionality/Gmailsmtp.php
  50. X-Source-Dir: mychiropractors.info:/public_html/functionality
  51. X-MS-Exchange-Organization-Network-Message-Id: e1dcac59-514d-47b4-fffe-08d60566dc2e
  52. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1444900;0;This mail has
  53. been scanned by Trend Micro ScanMail for Microsoft Exchange;
  54. X-MS-Exchange-Organization-SCL: 0
  55. X-MS-Exchange-Organization-AuthSource: MBX10D-ORD1.mex08.mlsrvr.com
  56. X-MS-Exchange-Organization-AuthAs: Anonymous
  57. Content-type: multipart/alternative;
  58. boundary="B_3617604986_955240629"
  59.  
  60. > This message is in MIME format. Since your mail reader does not understand
  61. this format, some or all of this message may not be legible.
  62.  
  63. --B_3617604986_955240629
  64. Content-type: text/plain;
  65. charset="UTF-8"
  66. Content-transfer-encoding: 7bit
  67.  
  68. Nice to meet you, My name is Christine Leng from Singapore. I work with the United overseas Bank (Singapore) as a professional finance regional Head.
  69.  
  70. Due to our shared interest on linkedlin, it is my desire to know you because i will like to share a benefiting business opportunity with you.
  71.  
  72.  
  73. Let me know if you might be of interest.
  74.  
  75.  
  76. Regards
  77. Christine Mei Leng
  78.  
  79.  
  80. --B_3617604986_955240629
  81. Content-type: text/html;
  82. charset="UTF-8"
  83. Content-transfer-encoding: quoted-printable
  84.  
  85. <html>
  86. <head>
  87. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
  88. </head>
  89. <body>
  90. <p>Nice to meet you, My name is Christine Leng from Singapore. I work with =
  91. the United overseas Bank (Singapore) as a professional finance regional Head=
  92. .</p>
  93. <p>Due to our shared interest on linkedlin, it is my desire to know you bec=
  94. ause i will like to share a benefiting business opportunity with you.</p>
  95. <p><br>
  96. Let me know if you might be of interest.</p>
  97. <p><br>
  98. Regards<br>
  99. Christine Mei Leng</p>
  100. </body>
  101. </html>
  102.  
  103.  
  104. --B_3617604986_955240629--
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!