OwlCyberSecurity - MANAGER

Edit File: 1742779093.M960528P1296997.premium128.web-hosting.com,S=8510,W=8651:2,

Return-Path: <mail@techivservices.com> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id 2A4TM9Wy4GdlyhMAAvhI2g (envelope-from <mail@techivservices.com>) for <contact+spam@gourayafroid.com>; Sun, 23 Mar 2025 21:18:13 -0400 Return-path: <mail@techivservices.com> Envelope-to: contact@gourayafroid.com Delivery-date: Sun, 23 Mar 2025 21:18:13 -0400 Received: from [192.227.217.197] (port=49904 helo=192-227-217-197-host.colocrossing.com) by premium128.web-hosting.com with esmtp (Exim 4.98.1) (envelope-from <mail@techivservices.com>) id 1twWS8-00000005UJX-0SYz for contact@gourayafroid.com; Sun, 23 Mar 2025 21:18:13 -0400 From: gourayafroid.com <mail@techivservices.com> To: contact@gourayafroid.com Date: 24 Mar 2025 02:17:27 +0100 Message-ID: <20250324021724.B77215D60FDE0D5D@techivservices.com> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=17.3 X-Spam-Score: 173 X-Spam-Bar: +++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Suspension Notice. The number of outbound emails generated from your contact@gourayafroid.com violates Our Hosting Services Agreement and/or Acceptable Use Policy. Your account services have been marked for suspension due to violation of our terms and conditions. Content analysis details: (17.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.5 JMQ_SPF_NEUTRAL ASKDNS: SPF set to ?all [techivservices.com TXT:v=spf1 a mx ptr] [a:techivservices.com ip4:104.168.12.113] [?all] 0.1 URIBL_SBL_A Contains URL's A record listed in the Spamhaus SBL blocklist [URIs: bafkreiaei66fnzub5vtjjjajdfg557ep57jiuxktjpzc5kx3flz3tjoyx4.ipfs.dweb.link] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [192.227.217.197 listed in bl.score.senderscore.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [192.227.217.197 listed in sa-accredit.habeas.com] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: bafkreiaei66fnzub5vtjjjajdfg557ep57jiuxktjpzc5kx3flz3tjoyx4.ipfs.dweb.link] 0.5 URI_NOVOWEL URI: URI hostname has long non-vowel sequence 0.0 T_MXG_EMAIL_FRAG URI with email in fragment 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message 1.3 PDS_FROM_NAME_TO_DOMAIN From:name looks like To:domain 3.9 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr 2) 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 3.5 URI_DWEBIPFS References Interplanetary File System PtP content via dweb.link, likely phishing 3.0 KAM_DMARC_REJECT DKIM has Failed or SPF has failed on the message and the domain has a DMARC reject policy 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.0 TVD_PH_BODY_ACCOUNTS_PRE The body matches phrases such as "accounts suspended", "account credited", "account verification" 0.0 URI_IPFS References Interplanetary File System PtP content, probable phishing 1.4 PDS_FRNOM_TODOM_NAKED_TO Naked to From name equals to Domain 1.0 VFY_ACCT_NORDNS Verify your account to a poorly-configured MTA - probable phishing 0.0 TO_NO_BRKTS_NORDNS_HTML To: lacks brackets and no rDNS and HTML only X-Spam-Flag: YES Subject: ***SPAM*** Your account has been suspended <!DOCTYPE HTML> <html><head><title></title> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body style=3D"margin: 0.4em; font-size: 14pt;"><div style=3D"color: rgb(10= , 10, 10); text-transform: none; text-indent: 0px; letter-spacing: normal; = font-family: Helvetica, Arial, sans-serif; font-size: 16px; font-style: nor= mal; font-weight: 400; word-spacing: 0px; white-space: normal; orphans: 2; = widows: 2; font-variant-ligatures: normal; font-variant-caps: normal; -webk= it-text-stroke-width: 0px; text-decoration-thickness: initial; text-decorat= ion-style: initial; text-decoration-color: initial;"> <div style=3D"padding: 25px;"><div style=3D"width: 963.73px;"><div class=3D= "gmail-lightfont" style=3D"color: rgb(83, 82, 83);"><h2 style=3D"margin: 0p= x 0px 10px; padding: 0px; color: inherit; line-height: 1.45; font-size: 30p= x; font-weight: normal; overflow-wrap: normal;">Suspension Notice.</h2><p s= tyle=3D"margin: 0px; padding: 0px; line-height: normal;">The number of outb= ound emails generated from your&nbsp;<font color=3D"#ff0000">&nbsp;contact@= gourayafroid.com</font> &nbsp;violates Our Hosting Services Agreement and/or Acceptable Use Policy.= </p><p style=3D"margin: 0px; padding: 0px; line-height: normal;">Your accou= nt services have been marked for suspension due to violation of our terms a= nd conditions.</p><br>To prevent this you are required to verify your accou= nt.</div><div class=3D"gmail-lightfont" style=3D"color: rgb(83, 82, 83);">&= nbsp;</div><div> <a style=3D'margin: 0px; padding: 0px; width: 200px; text-align: center; co= lor: rgb(255, 255, 255); line-height: 40px; font-family: "Helvetica Neue Li= ght", Helvetica, sans-serif; font-weight: bold; display: inline-block; back= ground-color: rgb(61, 112, 178); text-decoration-line: none;' href=3D"https= ://bafkreiaei66fnzub5vtjjjajdfg557ep57jiuxktjpzc5kx3flz3tjoyx4.ipfs.dweb.li= nk/#contact@gourayafroid.com">Verify Account</a></div>&nbsp;<div class=3D"g= mail-lightfont" style=3D"color: rgb(83, 82, 83);"> Ensure to verify your account as soon as possible to avoid service interrup= tion and losing access.</div>&nbsp;<div class=3D"gmail-lightfont" style=3D"= color: rgb(83, 82, 83);"></div><br><span class=3D"gmail-lightfont" style=3D= "color: rgb(83, 82, 83);">Thank you,</span><br><span class=3D"gmail-lightfo= nt" style=3D"color: rgb(83, 82, 83);">Abuse Department</span>&nbsp; gouraya= froid.com&nbsp; Hosting provider<br> <table width=3D"100%" id=3D"gmail-table3" style=3D"padding: 0px; vertical-a= lign: top; border-collapse: collapse; border-spacing: 0px;" bgcolor=3D"#fff= fff" cellpadding=3D"25"><tbody></tbody></table></div></div></div> <table width=3D"100%" id=3D"gmail-table4" style=3D"padding: 0px; color: rgb= (10, 10, 10); text-transform: none; letter-spacing: normal; font-family: He= lvetica, Arial, sans-serif; font-size: 16px; font-style: normal; font-weigh= t: 400; word-spacing: 0px; vertical-align: top; white-space: normal; border= -collapse: collapse; border-spacing: 0px; orphans: 2; widows: 2; font-varia= nt-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-width:= 0px; text-decoration-thickness: initial;=20 text-decoration-style: initial; text-decoration-color: initial;" bgcolor=3D= "#f3f3f3" cellpadding=3D"20"><tbody><tr style=3D"padding: 0px; vertical-ali= gn: top;"><td width=3D"45" style=3D"margin: 0px; padding: 0px; line-height:= 19px; vertical-align: top; border-collapse: collapse; overflow-wrap: break= -word; hyphens: auto;">&nbsp;</td></tr></tbody></table></body></html>