OwlCyberSecurity - MANAGER

Edit File: 1659061040.M226473P1355801.premium128.web-hosting.com,S=8014,W=8123:2,

Return-Path: <Cliff.Claven@imdranthony.com> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id yHuRDDBD42IZsBQAAvhI2g (envelope-from <Cliff.Claven@imdranthony.com>) for <contact+spam@gourayafroid.com>; Thu, 28 Jul 2022 22:17:20 -0400 Return-path: <Cliff.Claven@imdranthony.com> Envelope-to: contact@gourayafroid.com Delivery-date: Thu, 28 Jul 2022 22:17:20 -0400 Received: from [192.232.236.114] (port=41584 helo=192-232-236-114.unifiedlayer.com) by premium128.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <Cliff.Claven@imdranthony.com>) id 1oHFYx-005gII-1l for contact@gourayafroid.com; Thu, 28 Jul 2022 22:17:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=imdranthony.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Message-ID:Reply-To:From:Date:Subject:To:Sender:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gn7l7JuwYWQmBALMygmRsHCv01rm+T6ENcjPqpYZ0Mw=; b=kM9ma7M2pZa/37dDRO8Ra8R96g CT/ZSjWxCCc0yKQ7n1GGkafda04JjwukXGBGqF1RESycyY67WCBAagr8Heha0NUas2ycbIcE9wAcZ HyX8nwrg7xfjFFJYzPB2vT0jTHvErM7vs+ODmOZ6xZqc4zotn0+yb+5K5cM+z9ciAfrz6550sWi9J xM/+h+h1NG0QswHo2asybq+RACzNQycnuQr6DxecYaBFXdztZ4+BLKji2k8b+fknCpaFCCdBNKqPL vdjlAzEYuPLyBQS9uqPJsjYeQO5MCtVyKA165RZAjBMVQJiwiM8QDJ+wVqNkJK726VZXyqfgAdjSj I0Co6dYQ==; Received: from wwwimdrant by imd.imdranthony.com with local (Exim 4.94.2) (envelope-from <Cliff.Claven@imdranthony.com>) id 1oHFYI-00072p-An for contact@gourayafroid.com; Fri, 29 Jul 2022 02:16:34 +0000 To: contact@gourayafroid.com X-PHP-Script: imdranthony.com/wp-content/plugins/apikey/leaf99.php for 103.163.220.44 X-PHP-Originating-Script: 1001:leaf99.php Date: Fri, 29 Jul 2022 02:16:34 +0000 From: Cliff Claven <Cliff.Claven@imdranthony.com> Reply-To: emmy.marty@onet.eu Message-ID: <42978b7ae2a81701ae76bfa85e8d1266@imdranthony.com> X-Priority: 1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - imd.imdranthony.com X-AntiAbuse: Original Domain - gourayafroid.com X-AntiAbuse: Originator/Caller UID/GID - [1001 994] / [47 12] X-AntiAbuse: Sender Address Domain - imdranthony.com X-Get-Message-Sender-Via: imd.imdranthony.com: authenticated_id: wwwimdrant/from_h X-Authenticated-Sender: imd.imdranthony.com: Cliff.Claven@imdranthony.com X-Source: /opt/cpanel/ea-php74/root/usr/bin/php-cgi X-Source-Args: /opt/cpanel/ea-php74/root/usr/bin/php-cgi X-Source-Dir: imdranthony.com:/public_html/wp-content/plugins/apikey X-Spam-Status: Yes, score=17.7 X-Spam-Score: 177 X-Spam-Bar: +++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Hello First I must solicit your confidence in this transaction; this is by virtue of its nature as being utterly confidential and top secret. Though I know that a transaction of this magnitude will make any [...] Content analysis details: (17.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: wikipedia.org] 1.6 MILLION_HUNDRED BODY: Million "One to Nine" Hundred 1.0 REPTO_419_FRAUD Reply-To is known advance fee fraud collector mailbox -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 2.2 PHP_SCRIPT Sent by PHP script 0.0 LOTS_OF_MONEY Huge... sums of money 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 6.0 KAM_INVEST Investment Scams 0.0 T_MONEY_PERCENT X% of a lot of money for you 2.0 MONEY_FRAUD_8 Lots of money and very many fraud phrases 3.0 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money X-Spam-Flag: YES Subject: ***SPAM*** RE: Russia-Ukraine war Sanctions updates Hello First I must solicit your confidence in this transaction; this is by virtue of its nature as being utterly confidential and top secret. Though I know that a transaction of this magnitude will make any one apprehensive and worried, I am assuring that this is real and genuine. My name is Mr. Cliff Marty Claven. I am a financial consultant. I came to know you in my private search for a reliable and reputable person to handle this Confidential Transaction, which involves the transfer of a huge sum of money to a foreign account requiring maximum confidence. MY PROPOSITION: I am the financial adviser to Sergey Viktorovich Chemezov is the CEO of Rostec Corporation, a Russian Oligarch. https://en.wikipedia.org/wiki/Sergey_Chemezov . Unfortunately, he is one of Russian president Putin's strong allies sanctioned by the United States government over the Russian invasion of Ukraine. He has an abandoned sum of $ 35,320,000.00 (Thirty Five MillionThree Hundred and Twenty Thousand United States Dollars) in a US Bank account which he intends to move out because of the sanctions placed on Putin and his allies by the United States government and NATO. As a matter of fact, the fund was deposited in an escrow account with Bank. This fund cannot be released from this escrow account unless someone applies for claim as a business partner indicated in deposit terms and banking guidelines. Unfortunately, my client is on the sanction list of the United States of America and he cannot front for this fund. The fund can also not be remitted to him. Remember that Russia has been sanctioned aggressively and Russian banks were sanctioned from the SWIFT messaging system and can´t operate or access International Transactions within the US and Europe. Even VISA and Master Cards did also suspend Russia from using their cards / services. I now seek your consent to have you stand as beneficiary / partner to the fund so that the fund to the sum of $ 35,320,000.00 (Thirty Five Million Three Hundred and Twenty Thousand United States Dollars) can be released and paid into your account as the beneficiary , otherwise in less than no time, the account / fund will also be sanctioned. All documents to enable you to receive this fund will be carefully worked out. Please acknowledge receipt of my letter in acceptance of our mutual business endeavor. This calls for an urgent action. On the final conclusion of this project, 30% of this will be rewarded for your participation in this deal. Please do not take undue advantage of the trust I bestow in you. I have worked out all modality to complete the transaction successfully, be rest assured that the transaction is 100% legal and risk free. Once again, if my proposal is acceptable to you, Kindly reply via my email for further details. Best Regards, Cliff Claven