OwlCyberSecurity - MANAGER

Edit File: 1721384637.M213838P1398995.premium128.web-hosting.com,S=9857,W=10041:2,

Return-Path: <info@immresion.com> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id xCptBL0+mmbTWBUAAvhI2g (envelope-from <info@immresion.com>) for <contact+spam@gourayafroid.com>; Fri, 19 Jul 2024 06:23:57 -0400 Return-path: <info@immresion.com> Envelope-to: contact@gourayafroid.com Delivery-date: Fri, 19 Jul 2024 06:23:57 -0400 Received: from [195.19.93.217] (port=47348 helo=mail.immresion.com) by premium128.web-hosting.com with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.96.2) (envelope-from <info@immresion.com>) id 1sUkmG-005rDp-1M for contact@gourayafroid.com; Fri, 19 Jul 2024 06:23:56 -0400 Received: from semule1 (unknown [20.172.162.168]) (Authenticated sender: info@immresion.com) by mail.immresion.com (Postfix) with ESMTPSA id EF01CBA4E4 for <contact@gourayafroid.com>; Fri, 19 Jul 2024 09:07:55 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=immresion.com; s=default; t=1721369277; bh=OSW1qpAGpUQwJQ+MSMe53Ua/4ewrgXhtnGtEn9XFztk=; h=From:Subject:To:Date:From; b=d8jvZkLe9zmiFwf1gMVya/vaE9Y06WcP7kL+HWcThzEB95LYoeKVCs2/cxyF3vyDP klvsRpxeYRs6hqXSDf9vgq3gRKuzA7g7JFlYAaXSykITaUB3Lfgbpd8T+gqT/kpZE6 0ryq6gvG9Wa0ROaVD4p1bmSO0Xkr/z0duXxqOKEmuAcxiwIo6dwEqqwhEtagii0vDh odSc1FCItXf52oD48ckvgfyKymxUk6RmeS4uu9TsbIRPt8sU6zLAnyeFda2KNmI/Hp pvmEYUEdTcOvias3skb4qBmxf2OxEfXtJTZ/LfE589/xq8yfUtwhkAb3rRADk/+x42 qia0/3OgTIEvw== From: "Security alert" <info@immresion.com> To: <contact@gourayafroid.com> Content-Type: multipart/alternative; boundary="sPEl1m=_GOalYPDbLbowAkXeUGDqtNgxrl" MIME-Version: 1.0 Date: Fri, 19 Jul 2024 02:07:55 -0400 Message-Id: <1954202407070265EE2B8354-436F44C95B@immresion.com> X-Spam-Status: Yes, score=8.9 X-Spam-Score: 89 X-Spam-Bar: ++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: A new sign-in on contact@gourayafroid.com We noticed a new sign-in to your gourayafroid.com Account on a Windows device. If this was you, you don’t need to do anything. If not, we’ll help you secure your account. Content analysis details: (8.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: oortech.com] 2.5 URIBL_DBL_MALWARE Contains a malware URL listed in the Spamhaus DBL blocklist [URIs: oortech.com] 2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the Spamhaus DBL blocklist [URIs: oortech.com] 0.5 JMQ_SPF_NEUTRAL ASKDNS: SPF set to ?all [immresion.com TXT:v=spf1 mx a ptr] [ip4:195.19.93.217 a:power.immresion.com] [a:mail.immresion.com ?all] 0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS blocklist [URIs: immresion.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [195.19.93.217 listed in sa-trusted.bondedsender.org] 1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date -0.0 SPF_PASS SPF: sender matches SPF record 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Flag: YES Subject: ***SPAM*** Important Notice - New Device Signed In This is a multi-part message in MIME format --sPEl1m=_GOalYPDbLbowAkXeUGDqtNgxrl Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable A new sign-in on contact@gourayafroid.com We noticed a new sign-in to your gourayafroid.com Account on a Windows= device. If this was you, you don=E2=80=99t need to do anything. If no= t, we=E2=80=99ll help you secure your account.=20 Check activity https://apst.standard.us-east-1.oortech.com/apst/engg.n= et?signature=3Dce16195c6923d7a0bd4101286bc97cd8cf57f30690684b51de00702= d9d539e3e7a772d6d79bbced2fd0be64d22ce254c55520c7f698fcb9f51d5d99358145= e9c8b4d133764690873b75ab3e2f8e90acf84152152e25973187c63980efa48309b1f8= e21cdb8485f66d01a71c9d034602e&provider=3D#contact@gourayafroid.com You can also see security activity at You received this email to let you know about important changes to you= r contact@gourayafroid.com Account and services. =C2=A9 2024 gourayafroid.com LLC,=20 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA --sPEl1m=_GOalYPDbLbowAkXeUGDqtNgxrl Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable <html><head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-= 8"> <title>Important Notice - New Device Signed In</title> </head> <body style=3D"MARGIN: 0.4em"> <DIV style=3D"FONT-SIZE: small; BORDER= -TOP: rgb(218,220,224) thin solid; FONT-FAMILY: Arial, Helvetica, sans= -serif; BORDER-RIGHT: rgb(218,220,224) thin solid; WHITE-SPACE: normal= ; WORD-SPACING: 0px; BORDER-BOTTOM: rgb(218,220,224) thin solid; TEXT-= TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(34,34,34); PADDING-BOTTO= M: 40px; FONT-STYLE: normal; PADDING-TOP: 40px; PADDING-LEFT: 20px; BO= RDER-LEFT: rgb(218,220,224) thin solid; ORPHANS: 2; WIDOWS: 2; LETTER-= SPACING: normal; PADDING-RIGHT: 20px; TEXT-INDENT: 0px; border-radius:= 8px; font-variant-ligatures: normal; font-variant-caps: normal; -webk= it-text-stroke-width: 0px; text-decoration-thickness: initial; text-de= coration-style: initial; text-decoration-color: initial" align=3Dcente= r><BR> <DIV style=3D"FONT-FAMILY: 'Google Sans', Roboto, RobotoDraft, = Helvetica, Arial, sans-serif; BORDER-BOTTOM: rgb(218,220,224) thin sol= id; COLOR: ; PADDING-BOTTOM: 24px; LINE-HEIGHT: 32px"> <DIV style=3D"F= ONT-SIZE: 24px">A new sign-in on contact@gourayafroid.com</DIV><table = style=3D"MARGIN-TOP: 8px" align=3Dcenter> </TABLE></DIV> <DIV style=3D= "FONT-SIZE: 14px; FONT-FAMILY: Roboto-Regular, Helvetica, Arial, sans-= serif; COLOR: ; PADDING-TOP: 20px; LINE-HEIGHT: 20px">We noticed a new= sign-in to your gourayafroid.com Account on a Windows device. If this= was you, you don=E2=80=99t need to do anything. If not, we=E2=80=99ll= help you secure your account. <DIV style=3D"PADDING-TOP: 32px"><A sty= le=3D"FONT-FAMILY: 'Google Sans', Roboto, RobotoDraft, Helvetica, Aria= l, sans-serif; MIN-WIDTH: 90px; COLOR: rgb(255,255,255); PADDING-BOTTO= M: 10px; PADDING-TOP: 10px; PADDING-LEFT: 24px; DISPLAY: inline-block;= LINE-HEIGHT: 16px; PADDING-RIGHT: 24px; BACKGROUND-COLOR: rgb(65,132,= 243); border-radius: 5px; text-decoration-line: none" href=3D"https://= apst.standard.us-east-1.oortech.com/apst/engg.net?signature=3Dce16195c= 6923d7a0bd4101286bc97cd8cf57f30690684b51de00702d9d539e3e7a772d6d79bbce= d2fd0be64d22ce254c55520c7f698fcb9f51d5d99358145e9c8b4d133764690873b75a= b3e2f8e90acf84152152e25973187c63980efa48309b1f8e21cdb8485f66d01a71c9d0= 34602e&amp;provider=3D#contact@gourayafroid.com" target=3D_blank data-= saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://accounts.goo= gle.com/AccountChooser?Email%3Disabellarobert738@gmail.com%26continue%= 3Dhttps://myaccount.google.com/alert/nt/1720184184000?rfn%253D325%2526= rfnc%253D1%2526eid%253D2628527717757152787%2526et%253D0&amp;source=3Dg= mail&amp;ust=3D1721439532336000&amp;usg=3DAOvVaw17JgRVy4XDIbl69Ise1IbB= ">Check activity</A></DIV></DIV> <DIV style=3D"FONT-SIZE: 12px; COLOR:= rgb(95,99,104); PADDING-TOP: 20px; LETTER-SPACING: 0px; LINE-HEIGHT: = 16px">You can also see security activity at<BR><BR></DIV></DIV> <DIV s= tyle=3D"FONT-SIZE: small; FONT-FAMILY: Arial, Helvetica, sans-serif; W= HITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIG= HT: 400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:= 2; LETTER-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: = normal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; tex= t-decoration-thickness: initial; text-decoration-style: initial; text-= decoration-color: initial"> <DIV style=3D"FONT-SIZE: 11px; FONT-FAMILY= : Roboto-Regular, Helvetica, Arial, sans-serif; COLOR: ; TEXT-ALIGN: c= enter; PADDING-TOP: 12px; LINE-HEIGHT: 18px"> <DIV>You received this e= mail to let you know about important changes to your contact@gourayafr= oid.com Account and services.</DIV> <DIV style=3D"DIRECTION: ltr">&cop= y; 2024 gourayafroid.com LLC,&nbsp;<A style=3D"PADDING-TOP: 12px; LINE= -HEIGHT: 18px">1600 Amphitheatre Parkway, Mountain View, CA 94043, USA= </A></DIV></DIV></DIV></body> </html> --sPEl1m=_GOalYPDbLbowAkXeUGDqtNgxrl--