OwlCyberSecurity - MANAGER

Edit File: 1747166724.M250056P1182325.premium128.web-hosting.com,S=10036,W=10220

Return-Path: <ricardo@webluz.com.br> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id kFCDCgSmI2h1ChIAAvhI2g (envelope-from <ricardo@webluz.com.br>) for <contact+spam@gourayafroid.com>; Tue, 13 May 2025 16:05:24 -0400 Return-path: <ricardo@webluz.com.br> Envelope-to: contact@gourayafroid.com Delivery-date: Tue, 13 May 2025 16:05:24 -0400 Received: from mx02.vps001.webluz.com.br ([162.214.126.233]:38368) by premium128.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.1) (envelope-from <ricardo@webluz.com.br>) id 1uEvsP-00000004wEi-05E4 for contact@gourayafroid.com; Tue, 13 May 2025 16:05:23 -0400 Received: from [104.243.37.91] (port=56897 helo=WIN-F6NF7R6I6PJ) by vps-4981252.vps001.webluz.com.br with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.1) (envelope-from <ricardo@webluz.com.br>) id 1uEvri-0000000020W-1Q7H for contact@gourayafroid.com; Tue, 13 May 2025 17:04:38 -0300 From: "Password Notification!!!" <ricardo@webluz.com.br> To: <contact@gourayafroid.com> Content-Type: multipart/alternative; boundary="PP6xrjeHq=_m6nZE7vyERyqvYAaiECRAsr" MIME-Version: 1.0 Date: Tue, 13 May 2025 13:04:40 -0700 Message-Id: <202513051304395D29B606A9-43C513520F@webluz.com.br> X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - vps-4981252.vps001.webluz.com.br X-AntiAbuse: Original Domain - gourayafroid.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - webluz.com.br X-Get-Message-Sender-Via: vps-4981252.vps001.webluz.com.br: authenticated_id: ricardo@webluz.com.br X-Authenticated-Sender: vps-4981252.vps001.webluz.com.br: ricardo@webluz.com.br X-Source: X-Source-Args: X-Source-Dir: X-Spam-Status: Yes, score=5.5 X-Spam-Score: 55 X-Spam-Bar: +++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: gourayafroid.com Your contact@gourayafroid.com password is about to expire (Action Required) You must take immediate steps to maintain and avoid restricting access to your gourayafroid.com account . Content analysis details: (5.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URI: grupogyv.com.co] [URI: iarj.com.br] [URI: doubleclick.net] [URI: gourayafroid.com] 0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist [URI: grupogyv.com.co] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [162.214.126.233 listed in bl.score.senderscore.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [162.214.126.233 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [162.214.126.233 listed in sa-trusted.bondedsender.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 KAM_SHORT Use of a URL Shortener for very short URL 5.5 KAM_MAILBOX2 Mailbox Quota Phishing Scams X-Spam-Flag: YES Subject: ***SPAM*** Password Renewal Required For contact@gourayafroid.com This is a multi-part message in MIME format --PP6xrjeHq=_m6nZE7vyERyqvYAaiECRAsr Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable gourayafroid.com Your contact@gourayafroid.com password is about to expire (Action Requ= ired) You must take immediate steps to maintain and avoid restricting access to your gourayafroid.co= m account . Keep Same Password https://ad.doubleclick.net/ddm/trackclk/N4892.5020.= 4774291382421/B23999293.271539123;dc_trk_aid=3D466016770;dc_trk_cid=3D= 131101292;dc_lat=3D;dc_rdid=3D;tag_for_child_directed_treatment=3D;tfu= a=3D?https://iarj.com.br/muna/cgi-bin/index.php?email=3DY29udGFjdEBnb3= VyYXlhZnJvaWQuY29t Issues discovered in the claims fulfillment system will no longer be i= nvestigated or fixed.=A9 gourayafroid.com 2025 --PP6xrjeHq=_m6nZE7vyERyqvYAaiECRAsr Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <html><head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-= 8859-1"> <title>Password Renewal Required For contact@gourayafroid.com</title= > </head> <body> <P style=3D"BOX-SIZING: border-box; FONT-SIZE: 15px; FONT-FAMI= LY: System; WHITE-SPACE: normal; WORD-SPACING: 0px; MARGIN-TOP: 0px; T= EXT-TRANSFORM: none; FONT-WEIGHT: bold; COLOR: rgb(0,0,0); FONT-STYLE:= italic; TEXT-ALIGN: center; ORPHANS: 2; WIDOWS: 2; BACKGROUND-COLOR: = rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; fo= nt-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decorati= on-thickness: initial; text-decoration-style: initial; text-decoration= -color: initial"><SPAN style=3D"BOX-SIZING: border-box; FONT-SIZE: 28p= t; COLOR: rgb(253,121,2)">gourayafroid.com</SPAN></p><p style=3D"BOX-S= IZING: border-box; FONT-SIZE: 14px; FONT-FAMILY: Arial, sans-serif; WH= ITE-SPACE: normal; WORD-SPACING: 0px; MARGIN-TOP: 0px; TEXT-TRANSFORM:= none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; ORPHAN= S: 2; WIDOWS: 2; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px;= font-variant-ligatures: normal; font-variant-caps: normal; -webkit-te= xt-stroke-width: 0px; text-decoration-thickness: initial; text-decorat= ion-style: initial; text-decoration-color: initial" align=3Dcenter><SP= AN style=3D"FONT-SIZE: small; FONT-FAMILY: Arial, Helvetica, sans-seri= f; COLOR: rgb(34,34,34)">Your contact@gourayafroid.com password is abo= ut to expire (Action Required) You must take immediate</SPAN></p><p st= yle=3D"BOX-SIZING: border-box; FONT-SIZE: 14px; FONT-FAMILY: Arial, sa= ns-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; MARGIN-TOP: 0px; TEX= T-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: no= rmal; ORPHANS: 2; WIDOWS: 2; BACKGROUND-COLOR: rgb(255,255,255); TEXT-= INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: normal= ; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; = text-decoration-style: initial; text-decoration-color: initial" align=3D= center><SPAN style=3D"FONT-SIZE: small; FONT-FAMILY: Arial, Helvetica,= sans-serif; COLOR: rgb(34,34,34)">steps to maintain and avoid restric= ting access to your gourayafroid.com account</SPAN><SPAN style=3D"FONT= -FAMILY: Roboto, sans-serif; COLOR: rgb(44,54,58)">&nbsp;</SPAN>.<BR s= tyle=3D"BOX-SIZING: border-box"><BR style=3D"BOX-SIZING: border-box"><= A style=3D"BOX-SIZING: border-box; BORDER-TOP: rgb(0,115,255) 1px soli= d; BORDER-RIGHT: rgb(0,115,255) 1px solid; WIDTH: 368px; BORDER-BOTTOM= : rgb(0,115,255) 1px solid; COLOR: rgb(255,255,255); PADDING-BOTTOM: 1= 2px; PADDING-TOP: 12px; PADDING-LEFT: 18px; BORDER-LEFT: rgb(0,115,255= ) 1px solid; LINE-HEIGHT: 27px; PADDING-RIGHT: 18px; BACKGROUND-COLOR:= rgb(0,115,255); text-decoration-line: none" href=3D"https://ad.double= click.net/ddm/trackclk/N4892.5020.4774291382421/B23999293.271539123;dc= _trk_aid=3D466016770;dc_trk_cid=3D131101292;dc_lat=3D;dc_rdid=3D;tag_f= or_child_directed_treatment=3D;tfua=3D?https://iarj.com.br/muna/cgi-bi= n/index.php?email=3DY29udGFjdEBnb3VyYXlhZnJvaWQuY29t" rel=3Dnoreferrer= target=3D_blank data-saferedirecturl=3D"https://www.google.com/url?q=3D= https://ad.doubleclick.net/ddm/trackclk/N4892.5020.4774291382421/B2399= 9293.271539123;dc_trk_aid%3D466016770;dc_trk_cid%3D131101292;dc_lat%3D= ;dc_rdid%3D;tag_for_child_directed_treatment%3D;tfua%3D?https://grupog= yv.com.co/909/cgi-bin?email%3D%5B%5Bconvert_to_base64(-Email-,TRUE)%5D= %5D&amp;source=3Dgmail&amp;ust=3D1747213967438000&amp;usg=3DAOvVaw1T1d= _yivhmdobXFKFrDni-">Keep Same Password</A><BR style=3D"BOX-SIZING: bor= der-box"><BR style=3D"BOX-SIZING: border-box"><BR style=3D"BOX-SIZING:= border-box"><SPAN style=3D"BOX-SIZING: border-box; FONT-SIZE: small; = FONT-FAMILY: Arial, Helvetica, sans-serif; COLOR: rgb(34,34,34)">Issue= s discovered in the claims fulfillment system will no longer be invest= igated or fixed.&copy;&nbsp; gourayafroid.com</SPAN><SPAN style=3D"BOX= -SIZING: border-box; FONT-SIZE: small; FONT-FAMILY: Arial, Helvetica, = sans-serif; COLOR: rgb(34,34,34)">&nbsp;</SPAN><SPAN style=3D"BOX-SIZI= NG: border-box; FONT-SIZE: small; FONT-FAMILY: Arial, Helvetica, sans-= serif; COLOR: rgb(34,34,34)">2025</SPAN></P></body> </html> --PP6xrjeHq=_m6nZE7vyERyqvYAaiECRAsr--