OwlCyberSecurity - MANAGER

Edit File: 1712886176.M689480P1418759.premium128.web-hosting.com,S=5901,W=6012:2,

Return-Path: <mail@haytham.site> Delivered-To: atmane.kessai+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id 6BdaKKCRGGYHphUAAvhI2g (envelope-from <mail@haytham.site>) for <atmane.kessai+spam@gourayafroid.com>; Thu, 11 Apr 2024 21:42:56 -0400 Return-path: <mail@haytham.site> Envelope-to: atmane.kessai@gourayafroid.com Delivery-date: Thu, 11 Apr 2024 21:42:56 -0400 Received: from [185.171.91.187] (port=53218 helo=netweb.com.tr) by premium128.web-hosting.com with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from <mail@haytham.site>) id 1rv5wD-0066dg-1R for atmane.kessai@gourayafroid.com; Thu, 11 Apr 2024 21:42:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=izmiratavinc.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Message-ID:Date:Subject:To:From:Reply-To:Sender:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=HbpvnunTUtLxRkMpDJaT9nEg1vDoLt2aIUQh3VlW9Mo=; b=NZzYYFUppPqKhGPjViqDAk4L6x JarOv0wLlvsgFg1ywiSZ9osiQcnbOd8ZE/zX0Jkgp8PDt7QIYk8pTFHOiuEQFN3yiMazpUVX9Kq0m bPCfmWCQlIhdwOfEQ6rU0Y+p0gsEWo6wSIyQBKDxfqsf0tsFMA15ZTalvxVR3GGMQDZPK9NaPwXz5 54eSzupO0MoWgjf9Qab3Xc5VhFFWLOe1c4TcvdU4zZ51zrBINLYOi2vStWdMWlgoyuSEK/lnr9R5O zI7nd62BbBtAo0eDUd176jUrcVxqPZLU9U+I5OX4IYd2+xBVTtKaPpjICk4T3t92YmZvmy3katn67 eamTkNpg==; Received: from [84.38.132.42] (port=49516) by srv1.dijitio.net with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from <mail@haytham.site>) id 1rv5wy-00Goxg-1D for atmane.kessai@gourayafroid.com; Fri, 12 Apr 2024 04:42:02 +0300 Reply-To: petrovevan931@gmail.com From: "Petrov Evan " <mail@haytham.site> To: atmane.kessai@gourayafroid.com Date: 12 Apr 2024 04:42:01 +0300 Message-ID: <20240412044201.765E0B9BC9F57019@haytham.site> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - srv1.dijitio.net X-AntiAbuse: Original Domain - gourayafroid.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - haytham.site X-Get-Message-Sender-Via: srv1.dijitio.net: authenticated_id: info@izmiratavinc.com X-Authenticated-Sender: srv1.dijitio.net: info@izmiratavinc.com X-Source: X-Source-Args: X-Source-Dir: X-Spam-Status: Yes, score=10.4 X-Spam-Score: 104 X-Spam-Bar: ++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Hello Dear, My name is Petrov Evan from Ukraine. I have tried to reach you but find it difficult due to internet scarcity here in this town. I am contacting you because I want to come over to your country, I have [...] Content analysis details: (10.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: izmiratavinc.com] 0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit [petrovevan931[at]gmail.com] 1.5 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail) 1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From 2.5 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419) X-Spam-Flag: YES Subject: ***SPAM*** I will visit you soon. <!DOCTYPE HTML> <html><head> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body><p>Hello Dear,<br><br>My name is Petrov Evan from Ukraine. I have tri= ed to reach you but find it difficult due to internet scarcity here in this= town. I am contacting you because I want to come over to your country, I h= ave some funds I plan to invest in your country because I want to relocate = my Late Father business due to the ongoing war in my country Ukraine and vi= sit your country to set up a new industrial manufacturing investment busine= ss you may advise profitable in your area.</p><p> I also have some millions of euros I want to invest and 995kg of 24carat go= ld I want to ship to your country and establish a gold jewelry manufacturin= g company. Tell me what it will cost to establish the jewelry manufacturing= company, I will offer you good monetary rewards for your guidance and coop= eration, due to how Russian drones bombards my town frequently, phone netwo= rks are disrupted because of attacks on network installations, please for f= ast discussion, you can provide me with your=20 WhatsApp</p><p>Thanking you as I wait to hear from you soon so we can discu= ss. Thanks for your care.</p><p>Regards,<br>P.Evan</p></body></html>