OwlCyberSecurity - MANAGER

Edit File: 1744804764.M556662P3862492.premium128.web-hosting.com,S=5605,W=5709

Return-Path: <petrovevan331@gmail.com> Delivered-To: faouzi.berroua+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id CHe6G5yb/2fc7zoAAvhI2g (envelope-from <petrovevan331@gmail.com>) for <faouzi.berroua+spam@gourayafroid.com>; Wed, 16 Apr 2025 07:59:24 -0400 Return-path: <petrovevan331@gmail.com> Envelope-to: faouzi.berroua@gourayafroid.com Delivery-date: Wed, 16 Apr 2025 07:59:24 -0400 Received: from [172.245.92.235] (port=46188 helo=dshcgw78asgsc7g8h.windowsvps.host) by premium128.web-hosting.com with esmtp (Exim 4.98.1) (envelope-from <petrovevan331@gmail.com>) id 1u51QI-0000000GDGx-3OVa for faouzi.berroua@gourayafroid.com; Wed, 16 Apr 2025 07:59:23 -0400 Received: from [45.88.91.178] (localhost [IPv6:::1]) by dshcgw78asgsc7g8h.windowsvps.host (Postfix) with ESMTP id 1A48F719A3 for <faouzi.berroua@gourayafroid.com>; Wed, 16 Apr 2025 06:31:59 -0400 (EDT) Reply-To: pa823657@gmail.com From: "Petrov .I.E" <petrovevan331@gmail.com> To: faouzi.berroua@gourayafroid.com Date: 16 Apr 2025 03:31:59 -0700 Message-ID: <20250416033159.01CECDFB8865F0BB@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=12.6 X-Spam-Score: 126 X-Spam-Bar: ++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Good morning, I approach you with honesty, I want to relocate to your country as soon as peace is secured here in my country Ukraine. I plan to have peace of mind and settle down overseas for now whil [...] Content analysis details: (12.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is CUSTOM_MED 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [172.245.92.235 listed in bl.score.senderscore.com] 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.2 KAM_DMARC_NONE DKIM has Failed or SPF has failed on the message and the domain has no DMARC policy 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [172.245.92.235 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [172.245.92.235 listed in sa-trusted.bondedsender.org] 0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit [pa823657(at)gmail.com] 1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received' headers 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit [petrovevan331(at)gmail.com] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [petrovevan331(at)gmail.com] 0.8 GB_FREEMAIL_NUM Freemail spammy address 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 1.2 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list 2.0 GB_GMAIL_NUM Spam from random Gmail address 0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS 0.0 LOTS_OF_MONEY Huge... sums of money 1.1 MONEY_FREEMAIL_REPTO Lots of money from someone using free email? 1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different freemails 0.0 SPOOFED_FREEMAIL No description available. 0.5 MONEY_NOHTML Lots of money in plain text 0.4 SPOOFED_FREEM_REPTO Forged freemail sender with freemail reply-to 0.4 SPOOF_GMAIL_MID From Gmail but it doesn't seem to be... 0.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money X-Spam-Flag: YES Subject: ***SPAM*** I will come to your Country Good morning, I approach you with honesty, I want to relocate to your country as soon as peace is secured here in my country Ukraine. I plan to have peace of mind and settle down overseas for now while I invest in multi-million dollar projects available in your country to build business that will generate good income to re-invest back home in few years to come when there is permanent peace in Ukraine. Send me your private email and mobile/whatsapp let us discuss. With regards, Petrov Ivan.E Tankistiv St, 175, Kramatorsk, Donetsk Oblast, Ukraine, 84326