You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Received: from mail-eopbgr1300103.outbound.protection.outlook.com ([40.107.130.103]:14955 helo=APC01-HK2-obe.outbound.protection.outlook.com)
by herod.dnsvine.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.94.2)
(envelope-from <[email protected]>)
id 1nBu9e-003ylP-F1; Mon, 24 Jan 2022 15:52:53 +0800
hi, received this spoofed email but tried using mailMeta, it did not give much info on this spoofed email.
mail.txt
Return-Path: [email protected]
Delivered-To: [email protected]
Received: from herod.dnsvine.com
Return-path: [email protected]
Envelope-to: [email protected]
Delivery-date: Mon, 24 Jan 2022 15:52:58 +0800
Received: from mail-eopbgr1300103.outbound.protection.outlook.com ([40.107.130.103]:14955 helo=APC01-HK2-obe.outbound.protection.outlook.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=JYIbzZAHAleksvQ0oRj5+CaWTupFy3jvMS4M8IAVSyep4qdUTysei6HYYrdRnlR4LAeTgkb0ySMDXIFrTAPLxuC4wRFLhoI8j+Q1HZg6eqrvojGG5BkGNnYraRLeJfAypf4UftcsXxnjDSzfkOkI0Z3VJpqMR3hh6wph4rczg8HoyEjjfTn6ofe8bASM+NIObFHihFK0QXsy5WKkPIxSuQUo231VbycMtwgNqCLyzSHU/TmdOQL+1mePG1wHyuor6EJXX23i4kdGoy82DrLc4ZeClCZpdQBR8N5LsAvmXH01unN8zY6AjYHTTbed6fK2WqH2LWn7jz1u9hqaYFoTHQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=pj1BvmZvSopomFS5uE7XvJZ1WgKbJ43tIkqpjqwRB9U=;
b=P0LpIS4skVuWmFbtgnX4eFXuj2MZ4LMgtxjY2aO2UiYNFJj2zbBetvXcUUAO9I8zcYlVONjqbTr15tdSi3dWi/HM2oE9AZ4MlcDTH9+6rMvwvwchVRCp5jM4BimUCmgqoLVvjjU+LaB5cprHL+9VjMWv5uLIOQCsDdYjU1MGUUI+heIGDzcrgCsXOSnjLcDOQzQilxagpTJE2f4fQS672YiNmrn7BspCVEVummsC6Pr6sfTi0NhOKQ7uQq6K8Y+ZgYPV1HXtqRH0w527VUJRALD3Stpoibh0rxP3eziCeXyIVhlxwCKL6ccY4BMw916g/WFbI8w1BHrSaNSZPMwDaw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=travel.onmicrosoft.com;
s=selector2-travel-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=pj1BvmZvSopomFS5uE7XvJZ1WgKbJ43tIkqpjqwRB9U=;
b=qzjZ7fIvq737g1o/kr8dtQV7Ruzb1lS1bDMd4CsF2KPeKci43zsmN2hsw/xMuDdTwhvxZPZxsIXn0szbDtpUX2uG/jI7/X4MCf8iZwxUHLDwo5BMViaIWzK+tfm+ZB+/uQJ2jetSMECu9pCuZK5Jj5AMiK4Zer6cRsUHlyfAT1k=
Received: from KL1PR03MB4935.apcprd03.prod.outlook.com (2603:1096:820:1c::23)
by HK0PR03MB3074.apcprd03.prod.outlook.com (2603:1096:203:4e::19) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.6; Mon, 24 Jan
2022 07:52:31 +0000
Received: from KL1PR03MB4935.apcprd03.prod.outlook.com
([fe80::6147:e8df:b5a6:6cb3]) by KL1PR03MB4935.apcprd03.prod.outlook.com
([fe80::6147:e8df:b5a6:6cb3%3]) with mapi id 15.20.4930.014; Mon, 24 Jan 2022
07:52:30 +0000
From: Frederick Teng [email protected]
Subject:
=?utf-8?B?Rlc6IEpIIFllZSAmIENvIOKAk3x8IFJFOiBQUk9KRUsgTE9KSSBNRU5DVUNJ?=
=?utf-8?B?IFBBU0lSIFNJTElLQSBESSBUQVBBSyBBVEFTIFNFQkFIQUdJQU4gS0FXQVNB?=
=?utf-8?B?TiBUQU5BSCBESSBMT1QgNDI0NSwgS0FXQVNBTiBCVUtJVCBTQUdBLCBQRU5H?=
=?utf-8?B?RVJBTkcgU0VMVUFTIDgwIEVLQVIgKOKAnFByb2playB0ZXJzZWJ1dOKAnSk=?=
Thread-Topic:
=?utf-8?B?Rlc6IEpIIFllZSAmIENvIOKAk3x8IFJFOiBQUk9KRUsgTE9KSSBNRU5DVUNJ?=
=?utf-8?B?IFBBU0lSIFNJTElLQSBESSBUQVBBSyBBVEFTIFNFQkFIQUdJQU4gS0FXQVNB?=
=?utf-8?B?TiBUQU5BSCBESSBMT1QgNDI0NSwgS0FXQVNBTiBCVUtJVCBTQUdBLCBQRU5H?=
=?utf-8?B?RVJBTkcgU0VMVUFTIDgwIEVLQVIgKOKAnFByb2playB0ZXJzZWJ1dOKAnSk=?=
Thread-Index: AdgH/hsPqCsgvw1rSi+pvzRPVZgXEw==
Date: Mon, 24 Jan 2022 07:52:29 +0000
Message-ID:
KL1PR03MB493530C5120256BA382CE231AD5E9@KL1PR03MB4935.apcprd03.prod.outlook.com
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=travel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 88c0e8cb-2116-4689-0ebc-08d9df0e7966
x-ms-traffictypediagnostic: HK0PR03MB3074:EE_
x-ld-processed: 9606303e-7a90-4753-aea9-1ec019ee766c,ExtAddr
x-microsoft-antispam-prvs:
HK0PR03MB3074311A5DB82CA3EA3952E3AD5E9@HK0PR03MB3074.apcprd03.prod.outlook.com
x-ms-oob-tlc-oobclassifiers: OLM:4125;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
MCcRhZEgzzMfYOPOa+GQFCYuDMSocJm7RbyfPXDELPFJZ12hQHUBl9yJGUP6nXlvqhPAdE7P9+8WSl9KOFAewg29zNFTv49GK3Wr+UUJeOSTyjni9jJkw2Rq0DSnDsur5jBs4Z8kwxIa9rfkch2CWpGixvycpzG6qtWg4oztWxg5dgTlhC2dNJKBMgLvmvP/bSfzGwjatKZbUeQavOctUN2Z/vQ83sXH9+/+jJghof+iqfrQ5fSgrm9dSDwhEkmvIw9xa/w/RyxNJSPRtaCAx6+hBU9gfGoda//BVsgYEtklLN5HWUKIhIV84f9p9SMlw4I6NnKTl9zBHXO9JCrqT90rFl3SJQ6C8ZX8Vgzf/DZZWOhF8+5PHLinzuEpr2LChc/WkZhUpbsNi3XIVkjavbSk++Qit5eOFjKfI92ECAwPQwzPrvuHrK7/zfurLN8jT3ryW9dtcqxQ2gydfXw7V/2/YMpv8IZGDiaMc2Qw7fTtcJi0uHrQfWiw092VD9lOiiiSdnrMYLUNM1RiILtYqEWzC3SXOjvWBqbq+CYChMQGaouYRz3uJvnW2XjgsfmZ9A2r0/6BeuXaidQ1AqXjnJoroAj4x3wTiEkNBDVdZ9BhD/8dshZsRx3tuRMCxCLcdXzGkJfqIj++JKEmf51Jyif4YBzdT6xRtBB5+eojYOuhATNdYNsnxe9GlkSj5MAA5mzQ2YNZZW4cCa2NpRMEu0vobaUvr13FbaoU/uxlE86AhlUDOi3y6LCTp4LCSjCbom7mUWtDUSLLdC8WeZ+rhQ==
x-forefront-antispam-report:
CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:KL1PR03MB4935.apcprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(316002)(2906002)(7366002)(7406005)(55016003)(7336002)(5660300002)(33656002)(86362001)(7276002)(7416002)(109986005)(71200400001)(66476007)(166002)(76116006)(122000001)(64756008)(99936003)(38070700005)(52536014)(66556008)(8936002)(66446008)(26005)(38100700002)(6506007)(9686003)(508600001)(7696005)(66946007)(186003)(65686005)(83380400001)(219773003)(20210929001);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0:
=?utf-8?B?dXVPWXlkTlZDS3FQeU04WnUxb1dPSGdxV0g3N1F0ajAzN3FuNWZjaUROcW12?=
=?utf-8?B?Z1pkaGVDc0xrMUhZSStJcUQ0elQ5eXVuRDRSaWtjdkloTWphT283dFFYejlq?=
=?utf-8?B?aUl6U0dtaW9xV1l4UG5ZSWM1WWZjaTBOeDE2T085OHB4NFNrQkVrd0ZUR1JV?=
=?utf-8?B?YlF5MWZsVTJQNUxBSjZWWE51cFRCbmw2TlhITjVmSUJudXRMUzZwdDNtZUNi?=
=?utf-8?B?TldxeDR0eThKUVR4cUtLQ0h4L2RxRk91Vkc5QmU2T3pOK2NoNnl1UXh1R3hz?=
=?utf-8?B?SGx0OVowMGRBVDV0ZmFIbWFrUXpYNzcxQU80dEVQWDdzZTBnK0hVWVk5Mjds?=
=?utf-8?B?WXlDM2wrSUFZdy9GU1I3ZXE1VGFzaU1JVmNMbFBwUkJNemxvaE1GeXJJT1I1?=
=?utf-8?B?dXlZemhkc0JsVkFwcEtzbUNZZ0JOZmtLQ3QxdnVEMUp6NEhSMDRpQUVkN2t5?=
=?utf-8?B?YTZYaStYSEdZWVF4SkQ0NTQ4WmM1Z0I5SmpwWHNsallubjdCL2p6d1dSb0ZB?=
=?utf-8?B?MjB3ZjhjNUl2OXh4b2M1a2c3aHJualplUktoLytQUE14VkRJcC8vY3JJYUow?=
=?utf-8?B?RzljTkNyMWF6VUxXUlQ5SFV5K1g5WVNZVWtqeUhzTFI3MkgyaWRmdVJjeW9L?=
=?utf-8?B?cXJSNXloMndDcWdQV0R3UFpXN1FJNWJ3UFgrdzZhK1VlVDJ0aW1iODNDY0J5?=
=?utf-8?B?ZW0vaVU4YURCTExDMEZIaXFmVWJ0VU05eUdZNk0xaWhLUklDRmw1MFh1NlFt?=
=?utf-8?B?WUE1NThlYmRXZEVBVDUrNTFJSitMZVVKeTZ0WGxad0IzcTBYY1NTcFRjeUJ2?=
=?utf-8?B?N0haYWpwelhkL0RBaUVkSytkay9hKzlFUm9qNzN5ekxnbnVNNm1JdUNseGJi?=
=?utf-8?B?MWZQQjhuQWdIYm4zTW90R1lwYStJUSttZVVpYzdGSGlmZ1FscVdIZ0NWaVg3?=
=?utf-8?B?VExHbFNPakQzVjlHMVJ0Yi85NFQwRWVzVnZ4UXlNZHlZZUlqQ2kyOVVVSWpx?=
=?utf-8?B?WDdVMFI1M0l6WkZYN3B5eHFFTTBOMnJsaFpWZ1NDTDZVTzdLRzdEZXRpV0Vo?=
=?utf-8?B?L3VMYXNRdXVSbjZORXRFeXhsV2J5ekZTcW5pKzZhbFUrRkFzTk9oTXVLZEx6?=
=?utf-8?B?ZmJtY0RaN0hCa2ExLzZWQjhsUm42RnpVYXh5RlZuVUo5d211SmxhVU4xeFdX?=
=?utf-8?B?d0hoSGQrdHA1SWpPNC91MkVQYzVDaGFOaVV5K3BlN093UUJtOVNIVTRBSjR2?=
=?utf-8?B?QzEvaE1wbmkrQXQ5NHdrZ2pHMUtvbmRZQkRzWjUvbkQwNlBKeDZuaXVhYUdB?=
=?utf-8?B?dU41anBuUTl5ZVpyWEYzZjYyeTVrTTNUVGhQNjVnZ2gzSjRPUjdtTlowbCtN?=
=?utf-8?B?Zm1IWGVJMGtkdUt1S0l4U1pjTWcwL2hnYW11Y00zYWp4RzhBRHljVExtNDd2?=
=?utf-8?B?cUFGQlZOdjlJeHpnVldONEZ1UmtHL3UyTkNtOXFKSlFma0M3UzJ6M2ZUYzlW?=
=?utf-8?B?RXA5VjV3Q3A5V1Y0dDlaUG9uMmdpZHpzV0N6Y2Q5Zk1GRCtjNGJ0RmRja1RD?=
=?utf-8?B?b2UzYTUyNDQ3UVBKL1R6VFVFeEJYN3VnRk1rWHBWajVmTXlmUGVWYjFKaG0w?=
=?utf-8?B?cGhyQVBxZDRYeDNYQ1ZuNzJWWVgzZ0FsK0xrNFlwTmRlLysrNUF0Z2R3eWEz?=
=?utf-8?B?TUNLY3dUakNxRUdCUnNDNDNmaFo0L0EyQUFwSjY2djV1TnFGd3d6NDNKLzdM?=
=?utf-8?B?NnVqZFJnQWNtVXBNaWYvU2R4ZU5QYmwyWjEySHFvSERkeGNZWGtGU0FNcUdG?=
=?utf-8?B?SGYvWlNHdzVRbVZ6VzJYVnFlSW1lbTE3RUdpYkVNWmlhT0V3TW9PTFpicUFt?=
=?utf-8?B?WUh4cHFBSGFoeEdVM3BFRDEvQm9FV3YrbVJxQ1hTNVNiZW1qd1hvK3plWEN6?=
=?utf-8?B?Rit5R0dibnlNRHRBcmcrNUtEc1Zkd2wvWmFyWVdwdW9uaTd0VGx6aDFSdU0w?=
=?utf-8?B?Y0dORTBwS0Ezb1hyZVVTcG53L3BMMDdPRXhmQlUzOHU3aVlBY1V4OUhYRnd2?=
=?utf-8?B?TXdoV0VmanJJMUlqNUdudGZQRlJBOU5rbS9oWGRvejhlMFlmTWVrUUUxNmpO?=
=?utf-8?B?d0F5bG55MVI5TDJUc3BDbjYveFMxT0hhdHRHWnNQdS9DTlJRRGVlV1RNeXp5?=
=?utf-8?B?MkE9PQ==?=
Content-Type: multipart/related;
MIME-Version: 1.0
X-OriginatorOrg: travel.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: KL1PR03MB4935.apcprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 88c0e8cb-2116-4689-0ebc-08d9df0e7966
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2022 07:52:29.7342
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9606303e-7a90-4753-aea9-1ec019ee766c
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Gtxw+KrQp4ZodPO2RABFEqEFP9eSXrcSA6XwCwk53AzJbgcl7izD8NWh6fH1MbZHM5ZlPzpfvnWbJ87ZSgzgxg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HK0PR03MB3074
X-Spam-Status: No, score=1.2
X-Spam-Score: 12
X-Spam-Bar: +
X-Ham-Report: Spam detection software, running on the system "herod.dnsvine.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root@localhost for details.
Content preview: [cid:[email protected]]https://travel.deskera.com/wb
Content analysis details: (1.2 points, 5.0 required)
pts rule name description
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
1.2 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
X-Spam-Flag: NO
The text was updated successfully, but these errors were encountered: