OwlCyberSecurity - MANAGER

Edit File: 1712886987.M727775P1489474.premium128.web-hosting.com,S=5907,W=6018:2,

Return-Path: <mail@haytham.site> Delivered-To: faouzi.berroua+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id KCmAKcuUGGZCuhYAAvhI2g (envelope-from <mail@haytham.site>) for <faouzi.berroua+spam@gourayafroid.com>; Thu, 11 Apr 2024 21:56:27 -0400 Return-path: <mail@haytham.site> Envelope-to: faouzi.berroua@gourayafroid.com Delivery-date: Thu, 11 Apr 2024 21:56:27 -0400 Received: from [185.171.91.187] (port=37922 helo=netweb.com.tr) by premium128.web-hosting.com with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from <mail@haytham.site>) id 1rv69H-006HYk-0c for faouzi.berroua@gourayafroid.com; Thu, 11 Apr 2024 21:56:27 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=izmiratavinc.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Message-ID:Date:Subject:To:From:Reply-To:Sender:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=HbpvnunTUtLxRkMpDJaT9nEg1vDoLt2aIUQh3VlW9Mo=; b=nBj2ltT6vVFd6vY08IXy7N5j0y xskmcKKF+YVr+NI4Mx2Xmb/njN+vdg02q9jc6F70a67mWjs+asdnJ2EDIYjgDUb+48jxiRcmXQ95O Z1tcMPmbycgkAKvwPhUNYHUUZ9vfUDnukaGcPaQ4rAX+m6KOghlbxzIQjVTaZYdnhUYE92ciXJQYw zRs7B/Ad8KECpXPWEoeuGRbh49lqsuilwn9WF8svh5zrAj+uhhJl7B/NIKh/j8NSNfPe5Ttcl9f2z bA06h+9ik22QPdTKdWGDQYpb48bTc3ym8y0hTVUxAmylZ5L59spXeYaQxuPzp+iFtRtgpS0mO79/p LBNO0QeQ==; Received: from [84.38.132.42] (port=59022) by srv1.dijitio.net with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from <mail@haytham.site>) id 1rv6A2-00HP8j-1Q for faouzi.berroua@gourayafroid.com; Fri, 12 Apr 2024 04:55:33 +0300 Reply-To: petrovevan931@gmail.com From: "Petrov Evan " <mail@haytham.site> To: faouzi.berroua@gourayafroid.com Date: 12 Apr 2024 04:55:31 +0300 Message-ID: <20240412045531.DFFB536F5E21961D@haytham.site> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - srv1.dijitio.net X-AntiAbuse: Original Domain - gourayafroid.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - haytham.site X-Get-Message-Sender-Via: srv1.dijitio.net: authenticated_id: info@izmiratavinc.com X-Authenticated-Sender: srv1.dijitio.net: info@izmiratavinc.com X-Source: X-Source-Args: X-Source-Dir: X-Spam-Status: Yes, score=10.4 X-Spam-Score: 104 X-Spam-Bar: ++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Hello Dear, My name is Petrov Evan from Ukraine. I have tried to reach you but find it difficult due to internet scarcity here in this town. I am contacting you because I want to come over to your country, I have [...] Content analysis details: (10.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: izmiratavinc.com] 0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit [petrovevan931[at]gmail.com] 1.5 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail) 1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From 2.5 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419) X-Spam-Flag: YES Subject: ***SPAM*** I will visit you soon. <!DOCTYPE HTML> <html><head> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body><p>Hello Dear,<br><br>My name is Petrov Evan from Ukraine. I have tri= ed to reach you but find it difficult due to internet scarcity here in this= town. I am contacting you because I want to come over to your country, I h= ave some funds I plan to invest in your country because I want to relocate = my Late Father business due to the ongoing war in my country Ukraine and vi= sit your country to set up a new industrial manufacturing investment busine= ss you may advise profitable in your area.</p><p> I also have some millions of euros I want to invest and 995kg of 24carat go= ld I want to ship to your country and establish a gold jewelry manufacturin= g company. Tell me what it will cost to establish the jewelry manufacturing= company, I will offer you good monetary rewards for your guidance and coop= eration, due to how Russian drones bombards my town frequently, phone netwo= rks are disrupted because of attacks on network installations, please for f= ast discussion, you can provide me with your=20 WhatsApp</p><p>Thanking you as I wait to hear from you soon so we can discu= ss. Thanks for your care.</p><p>Regards,<br>P.Evan</p></body></html>