Detected 18 occurrence(s) of ‘Nmap scan report for’:

Sep 28 12:43:27 2012 -- 21 IP addresses (17 hosts up) scanned in 0.76 seconds

(b)
# Nmap 6.01 scan initiated Fri Sep 28 12:50:43 2012 as: nmap -sS -sV -A -F -oN u:\labb2\scan.txt -oX c:\docume~1\adsec22\locals~1\temp\zenmap-nzffsa.xml 130.235.200.183
Nmap scan report for pax-16.lab.eit.lth.se (130.235.200.183)
Host is up (0.00s latency).
Not shown: 96 filtered ports
PORT     STATE SERVICE        VERSION
135/tcp  open  msrpc          Microsoft Windows RPC
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds   Micro

Detected 4 occurrence(s) of ‘Received: from’:

pxlouI9hJunoz/elc1xdCucPL+sr9PTkJsLg
         z51qFXYGdvdYh0Q612twKE+MN3OyBxgnBjuKX6WekYmbP5c3Mxg+ZRvTPY/+GMduSNEw
         8Tgw==
Received: by 10.66.87.132 with SMTP id ay4mr31396621pab.82.1347448921375;
        Wed, 12 Sep 2012 04:22:01 -0700 (PDT)
Received: from PC-201207071038 ([119.131.129.36])
        by mx.google.com with ESMTPS id uj3sm11257019pbc.39.2012.09.12.04.21.56
        (version=TLSv1/SSLv3 cipher=OTHER);
        Wed, 12 Sep 2012 04:22:00 -0700 (PDT)
Message-ID: <50507058.23eb440a.53c5.1995@mx.go

Source: http://pastebin.com/raw.php?i=v6fXE1JT

Detected 2 occurrence(s) of ‘Received: from’:

ZV
         pQm6aP0/8AyBOnGR2JthiLK/1bTavHQPo/XD5YG0Y0x90hodRSMH2XRCPHHpfP3J0OHk
         rypQ==
Received: by 10.42.37.142 with SMTP id y14mr3667962icd.44.1348771627280;
        Thu, 27 Sep 2012 11:47:07 -0700 (PDT)
Return-Path: <justin@webfuel.org>
Received: from [10.0.1.27] (207-181-211-125.c3-0.hnc-ubr1.chi-hnc.il.cable.rcn.com. [207.181.211.125])
        by mx.google.com with ESMTPS id a10sm5919148igd.1.2012.09.27.11.47.04
        (version=SSLv3 cipher=OTHER);
        Thu, 27 Sep 2012 11:47:06 -0700 (PDT)
F

Source: http://pastebin.com/raw.php?i=5Df0b6ve

Detected 1 occurrence(s) of ‘Received: from’:

e.net>:
    host mailin-03.mx.aol.com [205.188.59.193]: 550 5.1.1
<ramagej@netscape.net>:
    Recipient address rejected: netscape.net

------ This is a copy of the message, including all the headers. ------

Return-path: <robin@bmpsupplies4u.com>
Received: from fixed-203-203-231.iusacell.net ([189.203.203.231]:46638
helo=bmpsupplies4u.com)
        by ecbiz124.inmotionhosting.com with esmtpa (Exim 4.77)
        (envelope-from <robin@bmpsupplies4u.com>)
        id 1TGvvB-0000Kt-VS; Wed, 26 Sep 2012 14:01:18 -0

Source: http://pastebin.com/raw.php?i=xLvJgRx9

Detected 2 occurrence(s) of ‘Received: from’:

9584)
        by sahinhosting.sahinhosting.com with esmtpsa (TLSv1:AES256-SHA:256)
        (Exim 4.77)
        (envelope-from <isbankasi@luxurysteps.com>)
        id 1THAeK-000251-Fc
        for cagriaras@hotmail.com; Thu, 27 Sep 2012 04:44:52 -0500
Received: from 88.238.125.91.dynamic.ttnet.com.tr
 (88.238.125.91.dynamic.ttnet.com.tr [88.238.125.91]) by
 webmail.luxurysteps.com (Horde Framework) with HTTP; Thu, 27 Sep 2012
 04:44:52 -0500
Message-ID: <20120927044452.203336mh8fs4yha8@webmail.luxurysteps.com>
D

Source: http://pastebin.com/raw.php?i=rdCrFvWF

Detected 1 occurrence(s) of ‘Received: from’:

/index.html

http://www.spamcop.net/w3m?i=z5854841537z2f7ecbb11a2fec2f9616ecdbf51204f4z

http://67.192.53.165/VNN4sbEH/index.html is 67.192.53.165; Wed, 26 Sep 2012 20:01:47 GMT

[ Offending message ]
"From 0B7D20AE@pptea.com Wed Sep 26 22:00:45 2012"
Received: from [120.56.221.246] (triband-del-59.177.161.141.bol.net.in [59.177.161.141] (may be forged))
by zeus.haveland.com (8.14.5/8.14.5) with ESMTP id q8QK0QIS023286
for <x>; Wed, 26 Sep 2012 22:00:35 +0200
Date: Thu, 27 Sep 2012 01:30:25 +0530
From: "Internal 

Source: http://pastebin.com/raw.php?i=8U5w3BDS