API tools faq
paste
Advertisement
Guest User

wetransfer-phish-001

a guest
Jul 17th, 2018
1,288
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.05 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Return-Path: <bita@bita.co.id>
  3. Delivered-To: vf_1s@indo.net.id
  4. Received: from pop01.indo.net.id ([10.54.9.210])
  5. by pop01.indo.net.id (Dovecot) with LMTP id bMnwGEEOSFvddAAA6UW4AQ
  6. for <vf_1s@indo.net.id>; Fri, 13 Jul 2018 09:28:18 +0700
  7. Received: from pop01.indo.net.id
  8. by pop01.indo.net.id (Dovecot) with LMTP id WiHDKIUNSFuKaQAA6UW4AQ
  9. ; Fri, 13 Jul 2018 09:28:18 +0700
  10. Received: from pop01.indo.net.id (localhost [127.0.0.1])
  11. by pop01.indo.net.id (Postfix) with ESMTP id 41RcDL0BSfzsRZZ
  12. for <vf_1s@indo.net.id>; Fri, 13 Jul 2018 09:28:18 +0700 (WIB)
  13. X-Virus-Scanned: Debian amavisd-new at pop01.indo.net.id
  14. Authentication-Results: pop01.indo.net.id (amavisd-new);
  15. dkim=fail (1024-bit key) reason="fail (message has been altered)"
  16. header.d=bita.co.id
  17. Received: from pop01.indo.net.id
  18. by pop01.indo.net.id (amavisd-new, unix socket) with LMTP
  19. id UvaY_JtVYQki for <vf_1s@indo.net.id>;
  20. Fri, 13 Jul 2018 09:28:17 +0700 (WIB)
  21. Received: from sea1.indo.net.id (sea1.indo.net.id [117.54.121.29])
  22. by pop01.indo.net.id (Postfix) with ESMTPS id 41RcDK66MBzsR5j
  23. for <vf_1s@indo.net.id>; Fri, 13 Jul 2018 09:28:12 +0700 (WIB)
  24. Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
  25. by localhost (Email Security Appliance) with ESMTP id A5653ED88E5_B480E3CB
  26. for <vf_1s@indo.net.id>; Fri, 13 Jul 2018 02:28:12 +0000 (GMT)
  27. Received: from unknown-host
  28. by sea1.indo.net.id with queue id 1146653
  29. for vf_1s@indo.net.id; Fri, 13 Jul 2018 02:28:12 GMT
  30. Received: from mail.bita.co.id (mail.bdg.bita.co.id [202.138.233.202])
  31. (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
  32. (Client did not present a certificate)
  33. by sea1.indo.net.id (Sophos Email Appliance) with ESMTPS id E6BD2ED44B6_B480E13F;
  34. Fri, 13 Jul 2018 02:27:31 +0000 (GMT)
  35. Received: from mail.bita.co.id (localhost [127.0.0.1])
  36. by mail.bita.co.id (Postfix) with ESMTPS id E996F49C041;
  37. Fri, 13 Jul 2018 09:27:10 +0700 (WIT)
  38. Received: from localhost (localhost [127.0.0.1])
  39. by mail.bita.co.id (Postfix) with ESMTP id 3EAAC49C03C;
  40. Fri, 13 Jul 2018 09:27:10 +0700 (WIT)
  41. DKIM-Filter: OpenDKIM Filter v2.9.2 mail.bita.co.id 3EAAC49C03C
  42. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bita.co.id; s=mail;
  43. t=1531448830; bh=ytM23xqvaAXGSo22z5Br2hvjFjcUYCTu2xUXNNS9N/M=;
  44. h=Date:From:Message-ID:Subject:MIME-Version:Content-Type;
  45. b=g5RPp1TH7/zRsS1fVJy+hokmfE7jKfkE7y7sSMJ9GZK3k4dCNCv5qdA7tbCP4kmb0
  46. 44YP9zxrd7RFmPRt4oIazSlDRKzbvJAMZFxPWfswUK+2+1FGpV4KqYBMrrIAeRC1E2
  47. ZUx7ebmxf5gaviJIIEmmwTzwoKILDuEF4bSqgx98=
  48. Received: from mail.bita.co.id ([127.0.0.1])
  49. by localhost (mail.bita.co.id [127.0.0.1]) (amavisd-new, port 10026)
  50. with ESMTP id qOKS6_RIhNmt; Fri, 13 Jul 2018 09:27:09 +0700 (WIT)
  51. Received: from mail.bita.co.id (mail.bita.co.id [192.168.0.9])
  52. by mail.bita.co.id (Postfix) with ESMTP id 13CD849C038;
  53. Fri, 13 Jul 2018 09:27:09 +0700 (WIT)
  54. Date: Fri, 13 Jul 2018 09:27:09 +0700 (WIB)
  55. From: WeTransfer <bita@bita.co.id>
  56. Subject: You received a files via WeTransfer
  57. MIME-Version: 1.0
  58. Content-Type: multipart/alternative;
  59. boundary="----=_Part_2833122_1981025157.1531448829005"
  60. X-Priority: 1
  61. Importance: high
  62. X-Originating-IP: [41.190.12.178]
  63. X-Mailer: Zimbra 8.6.0_GA_1211 (ZimbraWebClient - GC67 (Win)/8.6.0_GA_1211)
  64. Thread-Topic: You received a files via WeTransfer
  65. Thread-Index: IQkVPhpra6waXjgnf+X2XjAzPmCkWw==
  66. X-Sophos-SenderHistory: ip=202.138.233.202,fs=12874565,da=24248030,mc=666,sc=2,hc=664,sp=0,fso=24222511,re=5,sd=0,hd=14
  67. X-Sophos-ESA: [sea1.indo.net.id] 4.4.0.0, Antispam-Engine: 2018050300.03.03.000, Antispam-Data: 2018.7.13.21216
  68. X-SASI-RCODE: 200
  69. X-SEA-Spam: Gauge=XXIIIIIIII, Probability=28%, Report='
  70. FRAUD_IP_ANY 2.5, FRAUD_IP_XOIP 0.5, HTML_90_100 0.1, HTML_95_100 0.1, FROM_NAME_ONE_WORD 0.05, BODYTEXTH_SIZE_3000_MORE 0, BODYTEXTP_SIZE_3000_LESS 0, BODYTEXTP_SIZE_400_LESS 0, BODY_SIZE_10000_PLUS 0, DKIM_SIGNATURE 0, DQ_S_H 0, FONT_STYLE_1PT 0, IMPORTANCE_HIGH 0, MISSING_HEADERS 0, NO_URI_HTTPS 0, SPF_UNKNOWN 0, TO_MALFORMED 0, URI_ENDS_IN_PHP 0, URI_WITH_PATH_ONLY 0, WEBMAIL_SOURCE 0, WEBMAIL_XOIP 0, WEBMAIL_X_IP_HDR 0, X_PRIORITY_HIGH 0, __ANY_URI 0, __CT 0, __CTYPE_HAS_BOUNDARY 0, __CTYPE_MULTIPART 0, __CTYPE_MULTIPART_ALT 0, __DQ_IP_FSO_LARGE 0, __DQ_S_HIST_1 0, __DQ_S_HIST_2 0, __DQ_S_IP_MC_100_P 0, __DQ_S_IP_MC_10_P 0, __DQ_S_IP_MC_5_P 0, __DQ_S_IP_SC_1_P 0, __HAS_FROM 0, __HAS_HTML 0, __HAS_MSGID 0, __HAS_XOIP 0, __HAS_X_MAILER 0, __HAS_X_PRIORITY 0, __HTML_AHREF_TAG 0, __HTML_FONT_BLUE 0, __HTML_TAG_CENTER 0, __HTML_TAG_DIV 0, __HTML_TAG_TABLE 0, __LINES_OF_YELLING 0,
  71. __MIME_HTML 0, __MIME_TEXT_H 0, __MIME_TEXT_H1 0, __MIME_TEXT_H2 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_TEXT_P2 0, __MIME_VERSION 0, __MULTIPLE_URI_HTML 0, __MULTIPLE_URI_TEXT 0, __PHISH_SPEAR_STRUCTURE_1 0, __SANE_MSGID 0, __SUBJ_ALPHA_END 0, __TAG_EXISTS_HTML 0, __URI_IN_BODY 0, __URI_NOT_IMG 0, __URI_NO_WWW 0, __URI_NS , __URI_WITH_PATH 0'
  72. Message-Id: <20180713022812.A5653ED88E5_B480E3CB@sea1.indo.net.id>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!