Sunday, September 3, 2017

Notification(1) (PayPal Phishing Attempt)

ΡayΡal

PayΡal Security Center !
Hello Customer,
We've Iimited access tο yοur accοunt, because yοur accοunt was recently lοgged intο frοm a new brοwser οr device.
Was that yοu ?

Whаt dο i need tο dο ?

In οrder tο аccess yοur accοunt again, yοu need tο verify yοur identity by fοllοwing sοme οf οur security steps.

Click here to update your paypaI account
Please dο nοt reply tο this email. Tο get in touch, gο tο the PayΡal website and click Help.
Cοpyright © 1999-2017 PayΡal Support. All rights reserved.

[Νotice]: If this email was sent to your junk or spаm box please mаke sure to tick it as not spаm due to our new security updаte ! аnd we аre sorry аbout thаt.

Email analysis :

NOTE : email@pay.com
NOTE : hargakac@wp.eazysmart.com
NOTE : client-ip=192.252.214.196;


Screenshot of the Phishing :


Phishing analysis :

CLICK : Click here to update your paypaI account
OPEN : https://www.jackpad.com.au/-/Found/
RESULT : PayPal Phishing Attempt

Thursday, August 24, 2017

Your PayPal account has been temporarily Locked! (PayPal Phishing)

paypal

Welcome

Dear *@*,

Your paypal account has been blocked temporarily . It usually means that we need some more information about your account or recent transactions please Activate your account so we can confirm that you own the account
To activate your account, just confirm your information.(It only takes a minute.)

Activate

Once you've activated your account, you can shop online without exposing your financial information. PayPal is accepted worldwide at millions of sites - including some of your favorites, like Dell.com, iTunes, and more.

Yours sincerely,
PayPalYours sincerely,
PayPal

Email analysis :

NOTE : service@paypal.coml
NOTE : Received : from MSSQL-HP3
NOTE : (aazo117.neoplus.adsl.tpnet.pl. [83.6.152.117])


Phishing analysis :

CLICK : the activate button
OPEN : https://www.balharbourshops.com/images/ujn///
REDIRECT : http://www.antichitachiossone.com/bn/
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/websrc
SCREENSHOT :


TEST : FAKE ACCOUNT
REDIRECT : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :


CLICK : Try again.
OPEN : http://www.antichitachiossone.com/bn/home/webapps/72dfb/webscr?cmd=_login-run&dispatch=*
SCREENSHOT :


CLICK : CONTINUE
REDIRECT : http://www.antichitachiossone.com/bn/home/myaccount/28eb3/websrc?cmd=_update-information&account_address=*&session=*
SCREENSHOT :

Tuesday, July 11, 2017

Rappel : mettez à jour vos informations de carte sur PayPal

PayPal

Informations concernant votre compte:

Dans le cadre de nos mesures de sécurité, Nous vérifions régulièrement l'activité de l'écran PayPal. Nous avons demandé des informations à vous pour la raison suivante:

Notre système a détecté des charges inhabituelles à une carte de crédit liée à votre compte PayPal.

Numéro de Référence: PP-259-187-991

C'est le dernier rappel pour vous connecter à PayPal, le plus tôt possible. Une fois que vous serez connecter. PayPal vous fournira des mesures pour rétablir l'accès à votre compte.

une fois connecté, suivez les étapes pour activer votre compte . Nous vous remercions de votre compréhension pendant que nous travaillons à assurer la sécurité compte.

Cliquer ici pour vérifier votre compte

Nous vous remercions de votre grande attention à cette question. S’il vous plaît comprenez que c'est une mesure de sécurité destinée à vous protéger ainsi que votre compte. Nous nous excusons pour tout inconvénient..

Département de revue des comptes PayPal
Copyright © 2017 PayPal. Tous droits réservés.

PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par
Actions Siège social : 5ème étage 22-24 Boulevard Royal L-2449,
Luxembourg RCS Luxembourg B 118 349

Email PayPal n° PP059

Protégez votre compte
Assurez-vous de ne jamais donner votre mot de passe pour les sites Web frauduleux.

Toute sécurité d'accès au site PayPal ou à votre compte, ouvrez une fenêtre de navigateur Web (Internet Explorer ou Netscape) et tapez dans la page de connexion de PayPal (http://paypal.fr/) afin de vous assurer que vous êtes sur le véritable PayPal Site.

Pour plus d'informations sur la protection contre la fraude, s’il vous plaît consulter nos conseils de sécurité
Protégez votre mot de passe
Vous ne devriez jamais donner votre mot de passe PayPal à personne.

Phishing screenshot :


Email analysis :

NOTE : Paypal@contact.ca
NOTE : Received : from User ([105.73.26.254])
NOTE : by mail.xinyiglass.com with Microsoft SMTPSVC(6.0.3790.3959);

Phishing analysis :

CLICK : Cliquer ici pour vérifier votre compte
OPEN : http://lelogisbranche.fr/js/mage/adminhtml/wysiwyg/tiny_mce/plugins/magentovariable/img/Notification-servier-compte-demande.php
REDIRECT : http://www.sagarparaptti.org.in/cgi-sys/suspendedpage.cgi
NOTE : Phishing was removed.

Tuesday, May 23, 2017

Confirme your account ! (PayPal Phishing)

Important Notification : We Need To Validate Your ΡΑΥΡΑL Information

If you are seeing the messages this means that your account has been visited from an unusual place given below :

IP : 67.86.204.244
Country : United States
City : New York, Ossining
As a security measure, your account has been Iimited.
Case id : PP-801-707-047
Don't worry, you will be able to get your account back just after finishing this steps.

Continue

Email analysis :NOTE :

NOTE : Received : from d793.dinaserver.com (d793.dinaserver.com. [82.98.157.143])

82.98.157.143

NOTE : firstsunmallorca@d793.dinaserver.com
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : firstsunmallorca@d793.dinaserver.com designates 82.98.157.143 as permitted sender)

82.98.157.143

Phishing screenshot :

Paypal
Phishing analysis :

CLICK : Continue
OPEN : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update
REDIRECT : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update/myaccount/signin/
PayPal
NOTE : VALIDATE FORM
REDIRECT : https://dhartiagro.net/aspnet_client/system_web/4_0_30319/HTTPS/Myaccount/home/new/Update/myaccount/settings/?verify_account=session=NL&*&dispatch=*
SCREENSHOT :

PayPal Phishing


PayPal

Informations concernant votre compte:

Dans le cadre de nos mesures de sécurité, Nous vérifions régulièrement l'activité de l'écran PayPal. Nous avons demandé des informations à vous pour la raison suivante:

Notre système a détecté des charges inhabituelles à une carte de crédit liée à votre compte PayPal.

Numéro de Référence: PP-259-187-991

C'est le dernier rappel pour vous connecter à PayPal, le plus tôt possible. Une fois que vous serez connecter. PayPal vous fournira des mesures pour rétablir l'accès à votre compte.

une fois connecté, suivez les étapes pour activer votre compte . Nous vous remercions de votre compréhension pendant que nous travaillons à assurer la sécurité compte.

Cliquer ici pour vérifier votre compte

Nous vous remercions de votre grande attention à cette question. S’il vous plaît comprenez que c'est une mesure de sécurité destinée à vous protéger ainsi que votre compte. Nous nous excusons pour tout inconvénient..

Département de revue des comptes PayPal
Copyright © 2017 PayPal. Tous droits réservés.

PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par
Actions Siège social : 5ème étage 22-24 Boulevard Royal L-2449,
Luxembourg RCS Luxembourg B 118 349

Email PayPal n° PP059

Protégez votre compte
Assurez-vous de ne jamais donner votre mot de passe pour les sites Web frauduleux.

Toute sécurité d'accès au site PayPal ou à votre compte, ouvrez une fenêtre de navigateur Web (Internet Explorer ou Netscape) et tapez dans la page de connexion de PayPal (http://paypal.fr/) afin de vous assurer que vous êtes sur le véritable PayPal Site.

Pour plus d'informations sur la protection contre la fraude, s’il vous plaît consulter nos conseils de sécurité
Protégez votre mot de passe
Vous ne devriez jamais donner votre mot de passe PayPal à personne.
--
This email was Virus checked by Astaro Security Gateway. http://www.sophos.com

Email analysis :

NOTE : Paypal@contact.ca
NOTE : Received : from [200.107.238.35] (port=2757 helo=User) by mx1.shary.com.sa
NOTE : client-ip=94.77.230.169;


Phishing screenshot :


Phishing analysis :

CLICK : Cliquer ici pour vérifier votre compte
OPEN : http://mir-pchelovoda.ru/components/com_acepolls/views/poll/tmpl/Notifications-service-demande-compte-ca.php
REDIRECT : http://www.sunshinetravel.az/js/tinymce/plugins/autoresize/ooo412312aaaa/Notifications-compte-Canada-quebec-verified-moi-information.ca/comfirmetions-service-information-compte-demande.ca/
SCREENSHOT :


CLICK : CONNEXION
RESULT : BAD PASSWORD...
REDIRECT : http://www.sunshinetravel.az/js/tinymce/plugins/autoresize/ooo412312aaaa/Notifications-compte-Canada-quebec-verified-moi-information.ca/comfirmetions-service-information-compte-demande.ca/error.php


The website sunshinetravel was used to store this PayPal phishing :

Friday, May 12, 2017

Update Your Account Information Now !! (PayPal Phishing Attempt)

PayPal

Warning : Account Issue !
Your account is limited untill you update your information because some one requested acces to your account, here is the infos :
Location : Russia
IP adress : 176.96.80.140
Navigator : Mozilla Firefox 48.0 on Windows
The restore the access to your account please click on the link below :

Update My Account

This is an email sent automatically. Please do not reply to this letter, because the e-mail address is only configured to send but not to receive e-mails.
Copyright © 2017 All rights reserved.

Phishing screenshot :

PayPal Phishing Screenshot

Email analysis :

NOTE : morag@g-p-t.co.uk
NOTE : Received : from RDT.spectra.local (unknown [80.229.37.167])

IP 80.229.37.167

NOTE : by cust-smtp-auth2.fasthosts.net.uk (Postfix)
NOTE : client-ip=213.171.216.60;

IP 213.171.216.60

Phishing analysis :

CLICK : Update my Account
OPEN : http://sadagatismayilova.com/update-your-account-information-now/myaccount/
SCREENSHOT :

PayPal Phishing Attempt

NOTE : Phishing was removed.

Friday, February 17, 2017

Important Message from PayPal ! (PayPal Phishing)

Your PayPaI Account logged form another device !

If you are seeing the messages this means that your account has been visited from an another place given below :

IP : 176.97.103.90

Country : Ukrania

Ville : Odessa

As a security measure, your account has been Iimited.

Case id : PP-801-707-057

Don't worry, you will be able to get your account back just after finishing this steps.

To continue follow this link : :Click Here✔

Notice :If you receive this email in the SPAM folder,click on "Not Spam" button to fix it

Email analysis :

NOTE : Received : from cptweb02 ([77.95.37.80])


NOTE : PayPal@service.com

Phishing analysis :

CLICK : Click Here✔
OPEN : https://jasper.nswebhost.com/~brainrec/paypal-support/
REDIRECT : https://jasper.nswebhost.com/~brainrec/paypal-support/paypal/login.php
SCREENSHOT :

Tuesday, November 29, 2016

PayPal & Bank - haccking Transfer (+10.000 usd daily)

Western Union, Bank, Paypal transfer - Haacking and Caarding transfer. Maximum 9.999$ daily.

More details on our underground market:
http://***.cc/showthread.php?tid=1201

Email analysis :

NOTE : X-Msmail-Priority : Normal
NOTE : Return-Path : < admin@black-hack.su >
NOTE : X-Mimeole : Produced By Microsoft MimeOLE V15.4.3538.513
NOTE : X-Remote : 66.42.85.200 (keevan.fire2wire.com)
NOTE : Organization : DarkMarket
NOTE : Mime-Version : 1.0
NOTE : X-Priority : 3
NOTE : X-Mailer : Microsoft Windows Live Mail 15.4.3538.513
NOTE : Received : from keevan.fire2wire.com (66.42.85.200)


NOTE : Received : from [155.133.82.113] (helo=155.133.82.113)


NOTE : by keevan.fire2wire.com with esmtpsa (TLSv1:AES256-SHA:256)
NOTE : (Exim 4.69) (envelope-from < admin@black-hack.su >)
NOTE : PayPal & Bank - haccking Transfer (+10.000 usd daily)

Tuesday, August 2, 2016

[Alert] Account Notification ( PayPal Phishing )

PayPal

Access a new device

A device or website that we do not know request access to your account :

Location : Ukraine
IP adress : 176.97.101.83
Navigator : Chrome (Windows)

If you were not please update your account information from the link below:

Update My Account

If you are not responsible for this operation, contact us support@paypal.com.

© PayPal 2016

Email screenshot :


Email analysis :

NOTE : servi@updat.admin.com
NOTE : Received : from sagitta by serwer.hosting-desire.pl with local (Exim 4.87)
NOTE : (envelope-from < sagitta@serwer.hosting-desire.pl >)
NOTE : X-Php-Originating-Script : 1168:rebels.php
NOTE : client-ip=176.112.79.50;

Phishing analysis :

CLICK : Update My Account
OPEN : http://antikytheramech.culture.gr/sites/default/files/Redirect.php
NOTE : Phishing was removed...

Thursday, July 28, 2016

Security update regarding your account (PayPal Phishing)


This is an automated email, please do not reply

Dear User
(*@* ),

Our advanced security system detected that your account information has been compromised, We need to verify your account in order to continue using your Paypal services, Please understand that this is a security measure to protect you & your account. We apologize for any inconvenience.

Check your account

Thanks for choosing us,
PayPal Team

© 1999-2016 PayPal. All rights reserved.
Email ID: 865009
2016/07/28 00:15:00

Email analysis :

NOTE : support@estet.az
NOTE : Mime-Version : 1.0
NOTE : Authentication-Results : support@estet.az designates 94.20.30.223
NOTE : X-Priority : 1
NOTE : Content-Transfer-Encoding : 8bit
NOTE : X-Mailer : PHPMailer 5.2.8Wahib Priv8 Mailer
NOTE : X-Php-Script : estet.az/aa.php for 117.244.23.108


NOTE : X-Get-Message-Sender-Via : ns001.datacenter.az: authenticated_id: estet/from_h
NOTE : X-Authenticated-Sender : ns001.datacenter.az: support@estet.az
NOTE : Received-Spf : client-ip=94.20.30.223;


NOTE : Security update regarding your account

Phishing analysis :

CLICK : Check your account
OPEN : http://cirt.mx//images/Secure//
REDIRECT : http://cirt.mx/images/Secure//MGen/*/?dispatch=*
SCREENSHOT :


CLICK : Log In
SCREENSHOT :

Tuesday, June 28, 2016

During your last purchase (Phishing Paypal)

Header Image

Privacy Policy for PayPal Services Copyright ©2016

PayPal fraud prevention set standards by presenting the best security solution in the industry that make your business more secure.If you do not renew your paypal account will be limited or closed permanently

Update Your Account Info. Please click below.

Thank you for choosing PayPal

border

Copyright ©2016 All rights reserved.

Email analysis :NOTE :

NOTE : Return-Path : < *@sendgrid.net >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : quoted-printable
NOTE : X-Mailer : ColdFusion 9 Application Server
NOTE : client-ip=50.31.42.127;
NOTE : Received : from o1.email.britishsoapawards.tv ([50.31.42.127])
NOTE : Received : by filter0036p1las1.sendgrid.net
NOTE : Received : from vaya-backend09-optusrts (unknown [103.1.216.177])
NOTE : by ismtpd0018p1sin1.sendgrid.net (SG)
NOTE : During your last purchase

Phishing analysis :

CLICK : THE BUTTON
OPEN : https://bit.ly/1RFlDg4
REDIRECT : http://64.71.78.238/CFIDE/web.html
REDIRECT : http://horseridingholidaysgb.co.uk/php/update_info*/True-Login/*/signin.php
SCREENSHOT :


CLICK : Log In
REDIRECT http://horseridingholidaysgb.co.uk/php/update_info*/True-Login/*/signin.php?error_login_id=*#


NOTE : THE LOGIN ASK FOR A VALID PASSWORD...
NOTE : SHORT THE URI TO http://horseridingholidaysgb.co.uk/php/update_info/
SCREENSHOT :


NOTE : FUNNY...
NOTE : CHANGE IP
SCREENSHOT :


NOTE : LAUGHT...

Monday, April 25, 2016

PayPal : User Agreement Changed (PayPal Phishing)

logo

Welcome

Some information on your account appears to be missing or incorrect. Please update your information promptly so that you can continue to enjoy all the benefits of your PayPal account. If you don't update your information within 2 days, we'll limit what you can do with your PayPal account.

Resolve the Security Issue.

If you need help logging in, go to our Help Center by clicking the Help link located in the upper right-hand corner of any PayPal page. .

Paypal
orth San Jose. 2211 N 1st St (btwn Charcot & Karina)

Paypal Co.
Phishing analysis :

CLICK : Resolve the Security Issue.
OPEN : http://www.tripidipi.cz/css
REDIRECT : http://www.tripidipi.cz/css/*/login.php?run=_login&session=*&access=*
SCREENSHOT :


VALIDATE : FORM
SCREENSHOT :

REDIRECT : AGAIN
SCREENSHOT :


VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :


VALIDATE : FORM
REDIRECT : AGAIN
SCREENSHOT :


REDIRECT : AGAIN
SCREENSHOT :


REDIRECT : https://secure.opinionlab.com/ccc01/comment_card.asp?time1=1402969318872&time2=1402969372567&prev=&referer=https:%2F%2FUS%2Epaypal%2Ecom%2Fen%5FUS%2F00%2FLog%5FIn%2Epage&height=768&width=1366&custom_var=kx3fhVVgW8gMa0n7M3NIPcBg7XZ2KBu2BcI5nN2fD2%252fd%252ffvYhBp7rQ%253d%253d_146aca2e3e4|Unknown|Log%20In|US|en_US|Unknown|Unknown|Unknown|Unknown

SCREENSHOT :

Email analysis :

NOTE : ersbys1@viagogo.com
NOTE : john2001barton@hotmail.com does not designate 94.126.40.172
NOTE : X-Canit-Geo : ip=94.126.40.140;
NOTE : country=GB;
NOTE : region=England;
NOTE : city=Stevenage;
NOTE : latitude=51.9022; longitude=-0.2026;
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : Received : from smarthost.hostingweb.co.uk (webpool1.lcn.com [94.126.40.140])
NOTE : by outscan2.ai270.net
NOTE : X-Php-Originating-Script : 317960:sm.php

Wednesday, April 6, 2016

Auto Sales Scam

Scam Report



Using the report form :

Will send you an text message asking if your car is still available. Then after some unnecessary chit chat she will tell you the price is ok for her and she will send you the money via PayPal. She will send you more then the price you wanted so you can pay the shipping costs since she wants the car to be shipped somewhere. You will get 2 fake PayPal messages (she even says they can be in your spam folder ) telling you the money arrived. Then you should go to western union as fast as possible and pay the shipping costs. I guess she will take the money she sent via PayPal back and you are the idiot who payed for nothing. Wasn´t stupid enough to go to western union so i can just guess about what she would do if you pay. Im sure its a scam tho since she didnt even want to see the car nor talk about the price.


Extracted from the dzurekova.adriana02@gmail.com search :

Hola a todos! Gracias por vuestros comentarios que nos ayudan a todos. A mi me contactó ayer una tal adriana por sms pidiendome que contactase con ella por mail si la furgo aun estaba en venta. A este mail dzurekova.adriana02@gmail.com. me pareció raro pero contacté. Y me escribió preguntándome el precio final y que estaba de acuerdo que enviaría una empresa a recogerlo y me pagaría por PayPal pero que necesitaba mis datos. Me seguía oliendo mal y le pedí sus datos y tener una conversación por teléfono. Me dijo que no podía hablar por teléfono en el trabajo...ja! Que mala excusa ni que trabajase 24 horas. Y también me envió un pasaporte escaneado con su nombre. Ya no le voy a escribir más porque apesta a timo que no veas! Se puso en contacto conmigo por autoscout. Id con ojo! Y suerte con las ventas!

Email analysis :

NOTE : dzurekova.adriana02@gmail.com

Sunday, March 13, 2016

PayPal Limited Your Account (PayPal phishing)

Dear Customer:

Our 24-7 monitoring security system indicates that someone could be trying to use your account without your knowledge of approval.

PayPal may limit your account as a security measure to protect you and your account. It is part of our safeguard plan.
To lift a limitation, you usually need to provide information to PayPal. We'll ask you to fill in a form that could verify your account as part of our Resolution Center plan.

PayPal Case ID: PP-310-910-479-534
By downloading and filling in the form that we have provided in the 'attachment', you may proceed to verifying your account to remove these limitations.

Our sophisticated technology, well-engineered processes and top notch fraud intelligence remain vigilant 24-7 to safeguard your account and money at no additional cost.
Please do understand that this is a security measure intended to protect your account.

Thank you,

PayPal Security Team
2016 PayPal Inc. Our team of dedicated security professionals works vigilantly to help keep customer information secure.

Email analysis :

NOTE : members7@accounts.net
NOTE : Mime-Version : 1.0
NOTE : Remote : 64.34.208.23 ()
NOTE : Received : from unknown (HELO mail.freshfooddelivered.net) (64.34.208.23)


NOTE : Received : from 64.34.208.23 ([123.1.181.134])
NOTE : by freshfooddelivered.net
NOTE : PayPal Limited Your Account

PayPal phishing analysis :

- The phishing was an html page.
- The page is available for download : http://megabitload.com/download/index/55253876/
- The page is also available as a raw file : http://pastebin.com/raw/v4rPN5mF

Thursday, March 10, 2016

Account Notification (PayPal Phishing)

PayPal Case ID: PP-799-230-585-604

Dear Valued Customer,

Our account review team have currently set a limitation on your account. This may mean someone has used your PayPal account without your knowledge or approval. From time to time, limitations may be placed on accounts when unusual or suspicious activities are detected, to safeguard you from potential losses. We know this can be frustrating, but limitations were set to protect you and your account. To lift the limitations, please download the attached material that we have provided in this email. You may then fill in the form that we have supplied. After PayPal verifies your information, the limitations will be lifted. However, if we request more information, continue to respond promptly to speed up the resolution process. Please do understand that this is a security measure intended to protect your account.

Thank you,
PayPal Security Team

Please do not reply to this email because we are not monitoring this inbox. To get in touch with us, you may download the attachment and follow the steps.

Email analysis :

NOTE : Mime-Version : 1.0
NOTE : Return-Path : < staff2@reports.com >
NOTE : X-Remote : 173.244.162.229


NOTE : (e5.a2.f4.static.xlhost.com)
NOTE : (HELO WIN-38GA3HC4B51.domain.com)
NOTE : Received : from 173.244.162.229 ([140.117.156.191])


NOTE : Account Notification

Phishing analysis :

- The phishing was an html page.
- The page is available here : http://pastebin.com/raw/1BsLNUUu

Monday, February 22, 2016

Limitation ! (Don't Ignore This E-mail )


Hello Client, Your Account logged from another device
IP Address Of Device : 180.151.40.175
Country : India

Fix It : http://tinyurl.com/PayTeam

Signed,
Security Team

all copyrights reserved ,call us at 65-6510-4584, 7:00 WIB to 21:00 WIB from Monday to Friday.

Phishing analysis :

CLICK : http://tinyurl.com/PayTeam
REDIRECT : http://just-eat.pk/Verification/Update/
SCREENSHOT :


CLICK : Log In
SCREENSHOT :


Email analysis :

NOTE : paypal@team.com
NOTE : X-Source : /usr/bin/php
NOTE : Sender Address Domain - server.bargainistascloset.com
NOTE : X-Source-Args : /usr/bin/php
NOTE : Return-Path : bargaini@server.bargainistascloset.com
NOTE : Mime-Version : 1.0
NOTE : X-Source-Dir : bargainistascloset.com:/public_html/barksdalemarine
NOTE : X-Priority : 1
NOTE : Message-Id : < *@barksdalemarine.com >
NOTE : X-Mailer : PHPMailer (phpmailer.sourceforge.net) [version ]
NOTE : X-Authenticated-Sender : server.bargainistascloset.com: bargaini
NOTE : Content-Transfer-Encoding : 8bit
NOTE : X-Get-Message-Sender-Via : server.bargainistascloset.com:
NOTE : authenticated_id: bargaini/only user confirmed/virtual account not confirmed
NOTE : Content-Type : text/html; charset="iso-8859-1"
NOTE : client-ip=162.144.77.64;
NOTE : Received : from bargaini
NOTE : by server.bargainistascloset.com with local (Exim 4.86)
NOTE : Limitation ! (Don't Ignore This E-mail )

just-eat.pk whois :

Contact Person : Enhance Technologies - eteck Imran Imran
Address : Rawalpindi
Country : Pakistan
Registered On : 11/12/2010
Expired On : 11/12/2016
Agent Name : eteck
Organization : Enhance Technologies - eteck
Name : Imran Faryad Imran Faryad
Address : Rawalpindi Punjab46000
Company : Enhance Technologies - eteck Imran Imran
Hosting Server Address : dns.site5.com
Hosting Server Address : dns2.site5.com