SkyGroup Finance <[email protected]>

Header Analysis Quick Report
Originating IP: 212.82.98.118
Originating ISP: Yahoo! Europe
City: n/a
Country of Origin: United Kingdom
* For a complete report on this email header goto ipTRACKERonline

X-Apparently-To: <snipped>; Tue, 25 Nov 2014 00:44:30 +0000
Return-Path: <[email protected]>
X-YahooFilteredBulk: 212.82.97.2
Received-SPF: none (domain of yahoo.pt does not designate permitted sender hosts)
X-YMailISG: <snipped>
X-Originating-IP: [212.82.97.2]
Authentication-Results: mta1307.mail.ne1.yahoo.com from=yahoo.pt; domainkeys=pass (ok); from=yahoo.pt; dkim=pass (ok)
Received: from 127.0.0.1 (EHLO nm21-vm5.bullet.mail.ir2.yahoo.com) (212.82.97.2)
by mta1307.mail.ne1.yahoo.com with SMTPS; Tue, 25 Nov 2014 00:44:30 +0000
DKIM-Signature: <snipped>
DomainKey-Signature: <snipped>;
Received: from [212.82.98.55] by nm21.bullet.mail.ir2.yahoo.com with NNFMP; 25 Nov 2014 00:44:18 -0000
Received: from [212.82.98.81] by tm8.bullet.mail.ir2.yahoo.com with NNFMP; 25 Nov 2014 00:44:18 -0000
Received: from [127.0.0.1] by omp1018.mail.ir2.yahoo.com with NNFMP; 25 Nov 2014 00:44:18 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
Received: by 212.82.98.118; Tue, 25 Nov 2014 00:44:17 +0000
Date: Tue, 25 Nov 2014 00:44:16 +0000 (UTC)
From: SkyGroup Finance <[email protected]>
Reply-To: SkyGroup Finance <[email protected]>
Message-ID: <886733063.581399.1416876256921.JavaMail.yahoo@jws11158.mail.ir2.yahoo.com>
Subject: loans
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_581398_1986083529.1416876256919"
Content-Length: 1180

Are you looking for Personal/Business loan? We offer loan without hassle or fax. To get your desired loan amount, contact SkyGroup FinAid via: [email protected] and get your loan sanctioned within 24 hours.

[different script]

Return-path: <[email protected]>
Envelope-to:
Delivery-date: Wed, 15 Jul 2015 23:43:19 -0700
Received: from mail-hk2apc01hn0216.outbound.protection.outlook.com ([104.47.124.216]:1120 helo=APC01-HK2-obe.outbound.protection.outlook.com)
by with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.80)
(envelope-from <[email protected]>)
id 1ZFct4-000412-BT
for ; Wed, 15 Jul 2015 23:43:19 -0700
Authentication-Results: burgoyne.com; dkim=none (message not signed)
header.d=none;
Received: from [182.67.99.68] (182.67.99.68) by
SG2PR0199MB0646.apcprd01.prod.exchangelabs.com (10.162.198.28) with Microsoft
SMTP Server (TLS) id 15.1.213.14; Thu, 16 Jul 2015 06:51:00 +0000
Content-Type: multipart/alternative; boundary="===============1880215427=="
MIME-Version: 1.0
Subject: RE
To: Recipients <[email protected]>
From: SKY GROUP FINANCIAL <[email protected]>
Date: Thu, 16 Jul 2015 12:20:52 +0530
Reply-To: <[email protected]>
X-Originating-IP: [182.67.99.68]
X-ClientProxiedBy: HK2PR0201CA0040.apcprd02.prod.outlook.com (25.162.206.50)
To SG2PR0199MB0646.apcprd01.prod.exchangelabs.com (25.162.198.28)
Message-ID: <SG2PR0199MB0646FD82BDD4651B1E559926EE990@SG2PR0199MB0646.apcprd01.prod.exchangelabs.com>
X-Microsoft-Exchange-Diagnostics: 1;SG2PR0199MB0646;2:DvlNsl1WKA45rOtX0G9QYEVHjL1pjrRPtZMpFXgimFw2S3h39druCl7TnExDejB9;3:nB7LBETpLB8Wlzfr+sD1R5whH4lHxZQkj0SRD7hPFuQ37zbe62yh79FqM8eOZm3IMKLP6vPYqse+oMVQbir4mc3F5wkg7yfJKeQv2o4NmwT49hrbFstEX+IgwyBJHyyQhQaG4wu4ubknutNr/r9P6Q==;25:E3uYfXnsLTYVdiOsuZDAkYA1RBdZlElnemuFVCQlD+i5CDrflbQQ78UKZaofyqUBOzfZ1SOqmTEjmtfTtJWduyInX5Y3xBYNkrZ5Eek3HhsGsmL3xIYR/lZcLXTxNZ7oi2Jio+mwuji3RlJzdZ4maqxCrs0/RBoFNVJmgoweVrHlIGMN9D8fphwLg5VGlvfjABnU5ZOQgLNzwxrDw9sqlI1k8xylSLqLOJ1HKzjsH5rIzriGnCCvG6WtYREffBDc;4:MswCn/WJ/K/bLhKuT2FaKiftQ5JIFQNwcdf/y0rYYk+IV6uEh2qfpXxUu6QWjKGF8lEAgOjPhiKW0mdQjPSBtHMEgHV93gpAjBNdYL+onD4ekN2mblTw+Fp7jP24tTz1L4XZ8J2m1QtTVXfaCLiBRpZ9sqAR+QsQnJpUOXwu/qmasLhihCWJPx59G8SZgIzON14+vLU0uQw1uq3WlMM7PiFOZd5HkgTY/PS3lX9h9zZpz3VeXZY0KO8ambfTZu22o+/nfz0THu6xt34SKvmDMXtY50kFXxTKb+6nyOBi39g=
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SG2PR0199MB0646;
X-Microsoft-Antispam-PRVS: <SG2PR0199MB064640ACAEA092A26471194CEE990@SG2PR0199MB0646.apcprd01.prod.exchangelabs.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(5005006)(3002001);SRVR:SG2PR0199MB0646;BCL:0;PCL:0;RULEID:;SRVR:SG2PR0199MB0646;
X-Forefront-PRVS: 0639027A9E
X-Forefront-Antispam-Report: SFV:SPM;SFS:(10019020)(6049001)(6009001)(42186005)(86362001)(86442001)(33656002)(87976001)(5000100001)(106356001)(81956001)(84326002)(43066003)(6200100001)(4001600100001)(46102003)(512934002)(221173001)(86632001)(74316001)(19580395003)(77156002)(19580405001)(50986999)(221733001)(5001960100002)(64872006)(86902001)(62966003)(250100001)(229853001)(53806999)(40100003)(110136002)(122386002)(107886002)(189998001)(77096005)(54356999)(89136004)(221843001)(66066001)(82596007);DIR:OUT;SFP:1501;SCL:5;SRVR:SG2PR0199MB0646;H:[182.67.99.68];FPR:;SPF:None;MLV:spm;PTR:InfoNoRecords;LANG:en;
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;SG2PR0199MB0646;23:0jjtb8MBxJVlYQ3KSbTxpG4tcqCqlk9EPTay2YJ?=
=?us-ascii?Q?gVVYYBNXfkFHVYaVrhlyorKe/mFfNEwtUmVe8eaUGTjuGVsFnhAvstRneEtj?=
=?us-ascii?Q?9YQGBepBbcNAgcqefch5kGqiRd6kqKes+lk3vvQbVid/siFwqs0AoF4+p7tI?=
=?us-ascii?Q?bYuQCVPJXhRNf8pNRYdEBjlycxPL6aIMdW2+Bwc/rKZ7VQLm9I7KRsERJfDA?=
=?us-ascii?Q?r5dPlGJomlcaGIU6S9NkfmanasxO3mdklmu+dNkGc3fakjtp+sR7qTQIblub?=
=?us-ascii?Q?NERF3AGNq6fXxJ/gbSCYS0OgXVaam8Bf2IKz8WnMVmdCkwR0J/dpHGzxCa9A?=
=?us-ascii?Q?tifmHhDNigH4F3+F/ISm/07RES968DGvD+Ju5136xI5efpSxrg4qMVsIr9KE?=
=?us-ascii?Q?kFesE5VzfMysRbbu0rRUzsrrJ8LL+OKuFQsuF64y5TCd2f/7EXWJVk3H4R/w?=
=?us-ascii?Q?4V4EEiGjVlGZ4y0Qq1HaC10MEg8jGFD+SaKlRT+2DlkYIc4HO6wMDADTQO5v?=
=?us-ascii?Q?iwtMTtn+FTTvqD1Ea+4ipEMS/fNmFjhIlEd9eN1pDecG94NMfdvmex2bLg2u?=
=?us-ascii?Q?d11L1gg9o02vnJqIt0G3Yns8T4lhPZtv4UZwSE8H5oFNwMVjKkjwplwZdBgX?=
=?us-ascii?Q?hR0dVlR1g+81JW0pG/HmlDIQXrf2P0Y/BwZUTTrCg+U3HEzjinh3cOBFRF3D?=
=?us-ascii?Q?tBpqWv2owyF30ciwEbtDD23Lli4r7fvnNSoDZYwSaF+NyZa6YI4REf0qWlc5?=
=?us-ascii?Q?pGTJ1rEd1UQmhJeSUM/OWHpBQ9CxgqFIxYQ+szopfmj58RbTjK/VfgZh31Kh?=
=?us-ascii?Q?CP71gwxWqgGtrVzK9zxNYVaVVbJQGu0Uq3QbnjRDDhNersflyvuM9L0tspbE?=
=?us-ascii?Q?07T1Vomqeprc1AiM5MMfoWbGTPIU9pTXrAYkv+FqNLpPrYqNCU7DyBw8iyqJ?=
=?us-ascii?Q?tTQBujUJolH3CFaozACSoWV7vVrJG42+HUvsqWi235xRfvzN8bowYQJb0NWy?=
=?us-ascii?Q?EBo9Q8FeMXT6sDIBbR5MtwV61JkcwNoVUhgfniWXAHjbX+uHqVF+9qdjYlvv?=
=?us-ascii?Q?FQ1T7t612ER8K40cODps1WgL0M0I7n3Osi/OmeoFHkfHXd5EaRA=3D=3D?=
X-Microsoft-Exchange-Diagnostics: 1;SG2PR0199MB0646;5:cBaUmTJuh6uORqWOQuC1D0bmHuINqp5eQvWs/zob6tMIaItI0KxjAT5C8Bk3L3sN27TpuzR4dQk+9H+aPSyQkfULbiRWCWKucofrTlj+bO2A25g5wVPu0L39gQDee2jZ25NAMz+/klC/CKS8izrRaA==;24:ghl+hzICH8FvUeNTcHJ9h0BYonJP2dGqZM1b+y6VR//bjhRca4lWrZHzeLs4NRB7JBcADpsS2suy3+WhBW9d2A==;20:M4Ce2APXwTr66/HyMxRZDINALuuXB5jdV47qA0+Pg7vEsYnmKgJV4JhTFdpyxOwa/QFPW0WpgeHRBP6CxdRYaQ==
SpamDiagnosticOutput: 1:22
SpamDiagnosticMetadata: 00000000%2D0000%2D0000%2D0000%2D000000000000
X-OriginatorOrg: joymonn.onmicrosoft.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jul 2015 06:51:00.2882
(UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SG2PR0199MB0646
X-Spam-Status: No, score=1.8
X-Spam-Score: 18
X-Spam-Bar: +
X-Ham-Report: Spam detection software, running on the system "", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.

Content preview: We are reliable, trustworthy lender, We lender loans to companies
and individuals at low and affordable interest rate of 1%. Are you looking
for a business loan, personal loan, debt consolidation loan, unsecured loan,
venture capital. Contact us with Name,Country, Loan Amount,Duration- Number#Contact
us now on: [email protected] We are reliable, trustworthy lender,
We lender loans to companies and individuals at low and affordable interest
rate of 1%. Are you looking for a business loan, personal loan, debt consolidation
loan, unsecured loan, venture capital. Contact us with Name,Country, Loan
Amount,Duration&Phone Number#Contact us now on: [email protected]
[...]

Content analysis details: (1.8 points, 7.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.5 AXB_X_FF_SEZ_S Forefront sez this is spam
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(joymonn22[at]joymonn.onmicrosoft.com)
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (joymonn22[at]joymonn.onmicrosoft.com)
0.0 HTML_MESSAGE BODY: HTML included in message
-0.0 BAYES_20 BODY: Bayes spam probability is 5 to 20%
[score: 0.1312]
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information
X-Spam-Flag: NO

--===============1880215427==
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body

We are reliable, trustworthy lender, We lender loans to companies and individuals at low and affordable interest rate of 1%. Are you looking for a business loan, personal loan, debt consolidation loan, unsecured loan, venture capital. Contact us with Name,Country, Loan Amount,Duration- Number#Contact us now on: [email protected]