OwlCyberSecurity - MANAGER

Edit File: 1747630872.M388267P3455499.premium128.web-hosting.com,S=12511,W=12712

Return-Path: <acct@deltafire-ae.com> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id iOmOExi7KmgLujQAAvhI2g (envelope-from <acct@deltafire-ae.com>) for <contact+spam@gourayafroid.com>; Mon, 19 May 2025 01:01:12 -0400 Return-path: <acct@deltafire-ae.com> Envelope-to: contact@gourayafroid.com Delivery-date: Mon, 19 May 2025 01:01:12 -0400 Received: from mta0.deltafire-ae.com ([192.3.51.166]:55698) by premium128.web-hosting.com with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.98.1) (envelope-from <acct@deltafire-ae.com>) id 1uGscf-0000000EcMj-0S58 for contact@gourayafroid.com; Mon, 19 May 2025 01:01:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=default; d=deltafire-ae.com; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type: Content-Transfer-Encoding; i=acct@deltafire-ae.com; bh=Z6mB4Zq7am5AdTv0pvt5x8og+3Y+zYGAnEkXUVzhUJ0=; b=iWeXr52y1IOFIblAo/MxJhiuX0XeF4E4a2wCgWucNlnLoetgJd7x5ZK/hmdPBnRcY7Rbgz3DtZx7 bQEb+cfORWAyiFmqrVPd8R/N7FJQctcFEpoP6SlJHt3vS1Mcmmwopr7/50BT002GwmrRtLvZKlF3 xkwOcLuSwcugmWsU8iU= From: gourayafroid.com <acct@deltafire-ae.com> To: contact@gourayafroid.com Date: 19 May 2025 00:00:26 -0500 Message-ID: <20250519000026.B62BB3FEF98B71BF@deltafire-ae.com> MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=40.0 X-Spam-Score: 400 X-Spam-Bar: ++++++++++++++++++++++++++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: webmail gourayafroid.com Your contact@gourayafroid.com password will expire in 48 hours. Content analysis details: (40.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS blocklist [URI: deltafire-ae.com/192.3.51.166] 4.5 URIBL_DBL_SPAM Contains a spam URL listed in the Spamhaus DBL blocklist [URI: server.cqjhucxigc.cceuea.com] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URI: deltafire-ae.com] [URI: cceuea.com] 0.5 JMQ_SPF_NEUTRAL ASKDNS: SPF set to ?all [deltafire-ae.com TXT:v=spf1 a mx ptr] [a:deltafire-ae.com ip4:192.3.51.166] [?all] 2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the Spamhaus DBL blocklist [URI: deltafire-ae.com] 0.1 URIBL_SBL_A Contains URL's A record listed in the Spamhaus SBL blocklist [URI: server.cqjhucxigc.cceuea.com/196.251.86.93] [URI: bafkreignkyofywrga3d6vt5bkvchmzzjkef2rkekikn4lsbc44j3kswava.ipfs.dweb.link/209.94.90.3] 1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist [URI: bafkreignkyofywrga3d6vt5bkvchmzzjkef2rkekikn4lsbc44j3kswava.ipfs.dweb.link] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [192.3.51.166 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [192.3.51.166 listed in sa-trusted.bondedsender.org] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [192.3.51.166 listed in bl.score.senderscore.com] -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge 1.8 URI_DWEBIPFS References Interplanetary File System PtP content via dweb.link, likely phishing 0.0 T_PDS_FROM_NAME_TO_DOMAIN From:name looks like To:domain 1.5 PDS_FRNOM_TODOM_DBL_URL From Name to domain, double URL 18 KAM_IPFS Abused Protocol for Distributed Content 0.0 URI_IPFS References Interplanetary File System PtP content, probable phishing 1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) 2.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] 0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe 5.0 KAM_SOMETLD_ARE_BAD_TLD .bar, .beauty, .buzz, .cam, .casa, .cfd, .club, .date, .guru, .link, .live, .monster, .online, .press, .pw, .quest, .rest, .sbs, .shop, .stream, .top, .trade, .wiki, .work, .xyz TLD abuse X-Spam-Flag: YES Subject: ***SPAM*** Password Expiry Notice for contact@gourayafroid.com <!DOCTYPE HTML> <html><head><title></title> <meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge"> </head> <body style=3D"margin: 0.4em; font-size: 14pt;"> <p align=3D"center" style=3D"color: rgb(0, 0, 0); text-transform: none; tex= t-indent: 0px; letter-spacing: normal; font-family: System; font-size: 15px= ; font-style: italic; font-weight: bold; margin-top: 0px; word-spacing: 0px= ; white-space: normal; orphans: 2; widows: 2; background-color: rgb(255, 25= 5, 255); font-variant-ligatures: normal; font-variant-caps: normal; text-de= coration-style: initial; text-decoration-color: initial; -webkit-text-strok= e-width: 0px; text-decoration-thickness: initial;"> <font color=3D"#fd7902" size=3D"7">webmail</font><br></p> <span style=3D"text-align: left; color: rgb(44, 54, 58); text-transform: no= ne; text-indent: 0px; letter-spacing: normal; font-family: Roboto, sans-ser= if; font-size: 14px; font-style: normal; font-weight: 400; word-spacing: 0p= x; white-space: normal; orphans: 2; widows: 2; background-color: rgb(255, 2= 55, 255); font-variant-ligatures: normal; font-variant-caps: normal; text-d= ecoration-style: initial; text-decoration-color: initial; -webkit-text-stro= ke-width: 0px; text-decoration-thickness: initial;"> <p align=3D"center" style=3D"color: rgb(0, 0, 0); text-transform: none; tex= t-indent: 0px; letter-spacing: normal; font-family: Arial, sans-serif; font= -style: normal; font-weight: 400; margin-top: 0px; word-spacing: 0px; white= -space: normal; background-color: rgb(255, 255, 255);"> <span style=3D'text-align: left; color: rgb(51, 51, 51); text-transform: no= ne; text-indent: 0px; letter-spacing: normal; font-family: "Source Sans Pro= ", Calibri, Candara, Arial, sans-serif; font-size: 15px; font-style: normal= ; font-weight: bold; word-spacing: 0px; float: none; display: inline !impor= tant; white-space: normal; background-color: rgb(245, 245, 245);'><a style= =3D"color: rgb(34, 34, 34);">gourayafroid.com</a></span><font size=3D"5"><b= r>Your<span>&nbsp;</span><a style=3D"color: rgb(34, 34, 34);"> contact@gourayafroid.com</a></font><span style=3D'text-align: left; color: = rgb(51, 51, 51); text-transform: none; text-indent: 0px; letter-spacing: no= rmal; font-family: "Source Sans Pro", Calibri, Candara, Arial, sans-serif; = font-size: 15px; font-style: normal; font-weight: 400; word-spacing: 0px; f= loat: none; display: inline !important; white-space: normal; background-col= or: rgb(245, 245, 245);'><span>&nbsp;&nbsp;</span></span><font size=3D"5">p= assword will expire in 48 hours.<br></font></p> <p align=3D"center" style=3D"color: rgb(0, 0, 0); text-transform: none; tex= t-indent: 0px; letter-spacing: normal; font-family: Arial, sans-serif; font= -style: normal; font-weight: 400; margin-top: 0px; word-spacing: 0px; white= -space: normal; background-color: rgb(255, 255, 255);">Please kindly use th= e button below to continue with the same password.<font color=3D"#000000"><= br><br> <a style=3D"padding: 12px 18px; border: 1px solid rgb(0, 115, 255); border-= image: none; width: 368px; height: 32px; text-align: center; color: rgb(255= , 255, 255); line-height: 27px; font-weight: bold; text-decoration: none; b= ackground-color: rgb(0, 115, 255);" href=3D"https://server.cqjhucxigc.cceue= a.com/afqauedudj/mbqdxtulma/lctmyyclzp.html?email=3Dcontact@gourayafroid.co= m" target=3D"_blank" rel=3D"noreferrer"=20 data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://bafkreignkyo= fywrga3d6vt5bkvchmzzjkef2rkekikn4lsbc44j3kswava.ipfs.dweb.link/%23%5B%5B-Em= ail-%5D%5D&amp;source=3Dgmail&amp;ust=3D1747703376951000&amp;usg=3DAOvVaw3J= WLlDnHgIU14oaxnJvbZ7">Keep Same Password</a><font color=3D"#000000"><br><fo= nt size=3D"6"><br>Automated Message<span><span><span>&nbsp;</span></span></= span></font></font></font> <span style=3D'text-align: left; color: rgb(51, 51, 51); text-transform: no= ne; text-indent: 0px; letter-spacing: normal; font-family: "Source Sans Pro= ", Calibri, Candara, Arial, sans-serif; font-size: 15px; font-style: normal= ; font-weight: bold; word-spacing: 0px; float: none; display: inline !impor= tant; white-space: normal; background-color: rgb(245, 245, 245);'>5/19/2025= 12:00:26 a.m..</span><font color=3D"#000000"><font color=3D"#000000"><font= size=3D"6"><br></font></font></font> <span style=3D'text-align: left; color: rgb(51, 51, 51); text-transform: no= ne; text-indent: 0px; letter-spacing: normal; font-family: "Source Sans Pro= ", Calibri, Candara, Arial, sans-serif; font-size: 15px; font-style: normal= ; font-weight: bold; word-spacing: 0px; float: none; display: inline !impor= tant; white-space: normal; background-color: rgb(245, 245, 245);'><a style= =3D"color: rgb(34, 34, 34);">gourayafroid.com</a></span></p> <p align=3D"center" style=3D"color: rgb(0, 0, 0); text-transform: none; tex= t-indent: 0px; letter-spacing: normal; font-family: Arial, sans-serif; font= -style: normal; font-weight: 400; margin-top: 0px; word-spacing: 0px; white= -space: normal; background-color: rgb(255, 255, 255);"><br> <span style=3D'text-align: left; color: rgb(51, 51, 51); text-transform: no= ne; text-indent: 0px; letter-spacing: normal; font-family: "Source Sans Pro= ", Calibri, Candara, Arial, sans-serif; font-size: 15px; font-style: normal= ; font-weight: bold; word-spacing: 0px; float: none; display: inline !impor= tant; white-space: normal; background-color: rgb(245, 245, 245);'></span></= p> <p align=3D"center" style=3D"color: rgb(0, 0, 0); text-transform: none; tex= t-indent: 0px; letter-spacing: normal; font-family: Arial, sans-serif; font= -style: normal; font-weight: 400; margin-top: 0px; word-spacing: 0px; white= -space: normal; background-color: rgb(255, 255, 255);"><span style=3D"color= : rgb(34, 34, 34);">Best Regards,<br>Cpanel Roundcube Webmail<span>&nbsp;</= span><a style=3D"color: rgb(34, 34, 34);">gourayafroid.com</a>&nbsp;Service= <br>&copy; 2025 cPanel, L.L.C.</span></p></span><p><br></p> </body></html>