API tools faq
paste
Advertisement
wavellan

20180416_PHISHING_SCAM_3

wavellan
Apr 20th, 2018
394
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.01 KB | None | 0 0
raw download clone embed print report
  1. Received: from MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) by
  2. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  3. id 15.0.1293.2 via Mailbox Transport; Mon, 16 Apr 2018 08:30:11 -0500
  4. Received: from MBX03C-ORD1.mex08.mlsrvr.com (172.29.9.17) by
  5. MBX05C-ORD1.mex08.mlsrvr.com (172.29.9.23) with Microsoft SMTP Server (TLS)
  6. id 15.0.1293.2; Mon, 16 Apr 2018 08:30:10 -0500
  7. Received: from gate.forward.smtp.iad3a.emailsrvr.com (204.232.172.40) by
  8. MBX03C-ORD1.mex08.mlsrvr.com (172.29.9.17) with Microsoft SMTP Server (TLS)
  9. id 15.0.1293.2 via Frontend Transport; Mon, 16 Apr 2018 08:30:10 -0500
  10. Return-Path: <[email protected]>
  11. X-Spam-Threshold: 95
  12. X-Spam-Score: 100
  13. Precedence: junk
  14. X-Spam-Flag: YES
  15. Authentication-Results: smtp14.gate.iad3a.rsapps.net x-tls.subject="/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2"; auth=fail (cipher=DHE-RSA-AES256-GCM-SHA384)
  16. X-Virus-Scanned: OK
  17. X-Orig-To:
  18. X-Originating-Ip: [62.26.112.85]
  19. Authentication-Results: smtp14.gate.iad3a.rsapps.net; iprev=pass policy.iprev="62.26.112.85"; spf=neutral smtp.mailfrom="[email protected]" smtp.helo="webadmin.artatis.de"; dkim=none (message not signed) header.d=none; dmarc=none (p=nil; dis=none) header.from=lichtstueberl.de
  20. X-Suspicious-Flag: NO
  21. X-Classification-ID: 488a4128-417a-11e8-bb12-5254005d41e3-1-1
  22. Received: from [62.26.112.85] ([62.26.112.85:60575] helo=webadmin.artatis.de)
  23. by smtp14.gate.iad3a.rsapps.net (envelope-from <[email protected]>)
  24. (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384
  25. subject="/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2")
  26. id 5B/6F-15863-265A4DA5; Mon, 16 Apr 2018 09:30:10 -0400
  27. Received: from localhost (localhost [127.0.0.1])
  28. by webadmin.artatis.de (Postfix) with ESMTP id 3289233D748E
  29. for REMOVED; Mon, 16 Apr 2018 15:30:09 +0200 (CEST)
  30. X-Spam-Level: *********
  31. X-Spam-Status: Yes, score=9.503 tagged_above=2 required=6.31
  32. tests=[ALL_TRUSTED=-1, BAYES_99=3.5, BAYES_999=0.2,
  33. DIGEST_MULTIPLE=0.293, FORGED_MUA_MOZILLA=2.309, HTML_MESSAGE=0.001,
  34. PYZOR_CHECK=1.392, RAZOR2_CF_RANGE_51_100=1.886, RAZOR2_CHECK=0.922]
  35. autolearn=no
  36. Received: from webadmin.artatis.de ([127.0.0.1])
  37. by localhost (webadmin.artatis.de [127.0.0.1]) (amavisd-new, port 10024)
  38. with ESMTP id nA7X2zNl9TeA for REMOVED;
  39. Mon, 16 Apr 2018 15:30:06 +0200 (CEST)
  40. Received: from lichtstueberl.de (unknown [190.214.223.252])
  41. by webadmin.artatis.de (Postfix) with ESMTPA
  42. for REMOVED; Mon, 16 Apr 2018 15:30:06 +0200 (CEST)
  43. To: REMOVED
  44. From: Al Galaviz <[email protected]>
  45. Subject: Fw (5): Al Galaviz
  46. Message-ID: <[email protected]>
  47. Date: Mon, 16 Apr 2018 11:30:05 -0200
  48. User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101
  49. Thunderbird/52.5.2
  50. MIME-Version: 1.0
  51. Content-Language: en
  52. X-MS-Exchange-Organization-Network-Message-Id: 5260443f-a072-4824-42e9-08d5a39e2d81
  53. X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1419300;0;This mail has
  54. been scanned by Trend Micro ScanMail for Microsoft Exchange;
  55. X-MS-Exchange-Organization-SCL: 5
  56. X-MS-Exchange-Organization-AuthSource: MBX03C-ORD1.mex08.mlsrvr.com
  57. X-MS-Exchange-Organization-AuthAs: Anonymous
  58. Content-type: multipart/alternative;
  59. boundary="B_3607065107_970050187"
  60.  
  61. > This message is in MIME format. Since your mail reader does not understand
  62. this format, some or all of this message may not be legible.
  63.  
  64. --B_3607065107_970050187
  65. Content-type: text/plain;
  66. charset="UTF-8"
  67. Content-transfer-encoding: 7bit
  68.  
  69.  
  70.  
  71.  
  72.  
  73. Click here!
  74.  
  75.  
  76. --B_3607065107_970050187
  77. Content-type: text/html;
  78. charset="UTF-8"
  79. Content-transfer-encoding: quoted-printable
  80.  
  81. <html>
  82. <head>
  83. <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
  84. </head>
  85. <body text=3D"#000000" bgcolor=3D"#FFFFFF">
  86. <p><br>
  87. </p>
  88. <p><br>
  89. </p>
  90. <p><a href=3D"http://costa-rica-reservations.com/eqzvna.php?5wq7tlh">Click he=
  91. re!</a><br>
  92. </p>
  93. </body>
  94. </html>
  95.  
  96.  
  97. --B_3607065107_970050187--
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!