API tools faq
paste
spamreports

paypal scam phishing email

spamreports
Apr 10th, 2020
406
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.91 KB | None | 0 0
raw download clone embed print report
  1.  
  2. 💳🎣
  3. 🎯 @paypal
  4.  
  5. ⚠ mobiletournament­.online/xBananaV3/
  6.  
  7. ☣ AS46606 [192.185.129.21] 🇺🇸
  8. 🖧 @hgsupport
  9. 🌐 #PublicDomainRegistry @Endurance_Group
  10. 🔐 @letsencrypt
  11. The scammers exfil email:
  12. <?php
  13. //XBANANA V3.3 Paypal Scama !!
  14.  
  15.  
  16. $xBanana_EMAIL = "boy973097@gmail.com"; // PUT UR FUCKING E-MAIL BRO
  17. $ChulSooRezHtml = "on"; // if do you want rezultaa text in html file, make "on" do you not want, make "off"
  18. ?>
  19.  
  20.  
  21. From - Fri Apr 10 10:10:46 2020
  22. X-Account-Key: account3
  23. X-UIDL: 1042748947.57292
  24. X-Mozilla-Status: 1001
  25. X-Mozilla-Status2: 00000000
  26. X-Mozilla-Keys:
  27. Return-Path: <webmaster@sponsk.ru>
  28. Received: from mx2.mail.bg ([unix socket])
  29. by stor3 (Cyrus 2.5.10-Debian-2.5.10-3) with LMTPA;
  30. Fri, 10 Apr 2020 09:22:12 +0300
  31. X-Sieve: CMU Sieve 2.4
  32. X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on stor3.stor3
  33. X-Spam-Level: *
  34. X-Spam-Status: No, score=1.8 required=5.0 tests=BAYES_50,FROM_EXCESS_BASE64,
  35. HTML_FONT_LOW_CONTRAST,HTML_MESSAGE,SPF_PASS,T_TVD_MIME_NO_HEADERS
  36. shortcircuit=no autolearn=no autolearn_force=no version=3.4.2
  37. Received-SPF: pass (sponsk.ru: 80.78.245.227 is authorized to use 'webmaster@sponsk.ru' in 'mfrom' identity (mechanism 'ip4:80.78.245.227' matched)) receiver=mx3.mail.bg; identity=mailfrom; envelope-from="webmaster@sponsk.ru"; helo=vm5178.vps.agava.net; client-ip=80.78.245.227
  38. Received: from vm5178.vps.agava.net (vm5178.vps.agava.net [80.78.245.227])
  39. (using TLSv1 with cipher AES256-SHA (256/256 bits))
  40. (No client certificate requested)
  41. by mx2.mail.bg (Postfix) with ESMTPS id 86B7F40EE6CF
  42. for <urmum@mail.bg>; Fri, 10 Apr 2020 09:22:11 +0300 (EEST)
  43. Received: from sponsk by vm5178.vps.agava.net with local (Exim 4.72)
  44. (envelope-from <webmaster@sponsk.ru>)
  45. id 1jMn3K-0001OZ-LG
  46. for urmum@mail.bg; Fri, 10 Apr 2020 13:22:10 +0700
  47. Date: Fri, 10 Apr 2020 13:22:10 +0700
  48. Message-Id: <E1jMn3K-0001OZ-LG@vm5178.vps.agava.net>
  49. To: urmum@mail.bg
  50. Subject: =?UTF-8?B?WW91ciBBY2NvdW50IFBheVBhbCBIYXMgQmVlbiBMaW1pdGVkICEh?=
  51. X-PHP-Script: sponsk.ru/files/flib/alexusMailer_v2.0.php for 196.89.59.80
  52. From: =?UTF-8?B?UGF5UGFs?= <supportcustomer@support.com>
  53. MIME-Version: 1.0;
  54. Content-type: multipart/mixed; boundary="--TxACpNE1Lm"
  55.  
  56. ----TxACpNE1Lm
  57. Content-type: text/html; charset="utf-8"
  58. Content-Transfer-Encoding: 8bit
  59.  
  60. <table border="0" width="100%" cellspacing="10" cellpadding="0" bgcolor="#e6e7e8" style="font-family: &quot;Times New Roman&quot;;"><tbody><tr><td align="left" valign="top"><table class="resize_table320" border="0" width="600" cellspacing="0" cellpadding="0" align="center"><tbody><tr><td class="border_line" align="left" valign="top" bgcolor="#ffffff"><table border="0" width="100%" cellspacing="1" cellpadding="0"><tbody><tr><td class="nomob" align="left" valign="top" width="600" height="25">&nbsp;</td></tr><tr><td align="left" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tbody><tr><td align="left" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tbody><tr><td align="left" valign="top"><table border="0" cellspacing="0" cellpadding="0"><tbody><tr><td align="left" valign="top" width="97" height="27">&nbsp; &nbsp; &nbsp;<span style="font-weight: bold; font-style: italic; font-size: xx-large; font-family: &quot;Arial Black&quot;;"
  61. ><span style="padding: 0px; margin: 0px; color: rgb(130, 130, 130);"><span style="padding: 0px; margin: 0px;"><span style="padding: 0px; margin: 0px; color: rgb(0, 48, 132);"><span style="padding: 0px; margin: 0px; vertical-align: inherit;"><span style="padding: 0px; margin: 0px; vertical-align: inherit;">Pay</span></span></span><span style="padding: 0px; margin: 0px; color: rgb(0, 152, 219);"><span style="padding: 0px; margin: 0px; vertical-align: inherit;"><span style="padding: 0px; margin: 0px; vertical-align: inherit;">Pal</span></span></span></span></span><span style="padding: 0px; margin: 0px; color: rgb(130, 130, 130);">&nbsp;</span></span></td></tr><tr><td align="left" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tbody><tr><td align="left" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tbody><tr><td align="left" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tbody><tr><td align="left"
  62. valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tbody><tr><td class="align_left" align="center" valign="top" style="font-family: Arial, Helvetica, sans-serif; font-size: 16px; line-height: 20px; color: rgb(0, 121, 193);"><br><p dir="ltr" align="left">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span style="font-family: Arial;">Dear customer,</span></p></td></tr><tr><td class="resize_h18" align="center" valign="top" height="22"><p align="left"><span style="font-family: Arial;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span style="font-size: 14px;">Your account has been limited because we've noticed significant changes in your account &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;activity. As your payment processor, we need to understand these changes better.</span></span></p><p align="left"><span style="font-size: 14px;"><span style="color: rgb(0, 156, 222); font-family: Arial;"><strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Why my account access is Limited ?<br></strong></span><span style="font-family:
  63. Arial;"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;We noticed some unusual log in activity with your account. Please confirm your account to &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;help us check that no one has logged into your account without your permission.</span></span></p><ul><li style="padding: 0px;"><p align="left"><span style="font-family: Arial;"><span style="font-size: 14px;">Provide the information associated with your account.</span></span></p></li><li style="padding: 0px;"><p align="left"><span style="font-family: Arial;"><span style="font-size: 14px;">The sooner your provide the information we need, the sooner we can resolve the situation.</span></span></p></li></ul></td></tr><tr><td align="center" valign="top"><table class="full_width" border="0" width="185" cellspacing="0" cellpadding="0"><tbody><tr><td align="left" valign="top"><table class="bg_image" border="0" width="100%" cellspacing="0" cellpadding="0" bgcolor="#0091e6" style="height: 26px; background-image: url(&quot;https://ima
  64. ge.paypal-communication.com/paypal_na/2014/20140221_Merchant_Welcome_Stream_Trigger_Update_26248/img_bg1.gif&quot;);"><tbody><tr><td class="resize_btn1" valign="top" width="10">&nbsp;</td><td class="resizeh34" align="center" valign="middle" height="26"><table border="0" width="163" cellspacing="0" cellpadding="0" style="height: 30px;"><tbody><tr><td class="resizeh31" align="center" valign="middle" height="23" style="font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: rgb(255, 255, 255); width: 159px;"><span class="resizeh31"><span class="resizeh31"><strong><a class="resizeh31" href="https://mobiletournament.online/xBananaV3/" target="_blank" rel="noopener" style="font-family: Arial; color: rgb(255, 255, 255); text-decoration-line: none;">Confirm My Account</a></strong></span></span></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr><tr><td align="center" valign="top" height="29"><p align="left"><span style="color: rgb(0, 156, 222);
  65. font-family: Arial; font-size: 14px;"><strong><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;What you do ?</strong></span></p><p align="left"><span style="font-size: 14px; font-family: Arial;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;C</span><span style="font-family: Arial;"><span style="font-size: 14px;">onfirm your account&nbsp;</span></span><span style="font-size: 14px; font-family: Arial;">t</span><span style="font-family: Arial;"><span style="font-size: 14px;">o help protect your account, your account will remain limited until you &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;complete the necessary steps.&nbsp;</span></span></p><p align="left"><span style="font-family: Arial;"><span style="font-size: 14px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The security of your PayPal account is a top priority for us and we want to work together to &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;help protect it.&nbsp;</span></span></p><p align="left"><span style="font-family: Arial;"><span style="font-size: 14px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;If you nee
  66. d help or have any questions, call us for free on 0800 358 7911.</span></span></p><p align="left"><span style="font-family: Arial;"><span style="font-size: 14px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;We're open from 8am to 10pm Monday to Friday, from 8am to 9pm on Saturday and from &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;9am to 9pm on Sunday.</span></span></p><p align="left"><span style="font-family: Arial;"><span style="font-size: 14px;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Yours sincerely, PayPal<br><br></span></span></p></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr><tr><td align="left" valign="top">&nbsp;</td></tr><tr><td align="left" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tbody><tr><td align="left" valign="top"><p align="left"><span style="font-size: 12px;">This email was sent by an automated system, Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in
  67. to your PayPal account and click Help in the top right corner of any PayPal page.</span></p><p align="left"><span style="font-size: 12px;">Copyright .1999-2020PayPaI. All rights reserved. PayPaI (Europe) S.. r.l. et Cie, S.C.A., Soci.t. en Commandite par Actions. Registered office: 22-24 Boulevard Royal, L-2449, Luxembourg, R.C.S. Luxembourg B 118 349.</span></p><p align="right"><span style="font-size: 12px;">PPC000372:AS849EU154842515</span></p></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table></td></tr></tbody></table>
  68. ----TxACpNE1Lm
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!