OwlCyberSecurity - MANAGER

Edit File: 1705563806.M271151P1732166.premium69.web-hosting.com,S=6862,W=6988

Return-Path: <demi@ecoseatravel.com> Delivered-To: contact@homeimportance.com Received: from premium69.web-hosting.com by premium69.web-hosting.com with LMTP id QIWPD57WqGVGbhoAQpcCZw (envelope-from <demi@ecoseatravel.com>) for <contact@homeimportance.com>; Thu, 18 Jan 2024 02:43:26 -0500 Return-path: <demi@ecoseatravel.com> Envelope-to: contact@homeimportance.com Delivery-date: Thu, 18 Jan 2024 02:43:26 -0500 Received: from secus.ecoseatravel.com ([185.222.163.73]:55226) by premium69.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96.1) (envelope-from <demi@ecoseatravel.com>) id 1rQN3Y-007Kbs-0j for contact@homeimportance.com; Thu, 18 Jan 2024 02:43:26 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=dkim; d=ecoseatravel.com; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding; i=demi@ecoseatravel.com; bh=4v3SDlqke9+jvsLauR7DbDBfErQ=; b=BykdfiVkQ0kS9qFg8+3/di7rAF4OYCU/H+7gkBhRRaX/oDm8PjWseXf/xJjtfJ44S8MfO516+Ftg gDt8qxW8gwwPq6t1nRnw7ULQRaY3VUtbxVXWTtIZvYPb56O82DvrzuGgT8BTRlArGKw8WU4mn491 Bwix6tUBTe73udlXRwGLT3vN37rC7uKah9TPvvHWIUEPHcPfcSk+JGevq7McQh/iow8mIHw3tkw9 tgAQKqp3IpTPXqfo3sGajuMeB5HXmQvwqlCo74l91YUZj27kukNDl+AaYKGoBuNqLFgA+jx3b/3F nm0kUl7v5859zGGBoIfoBE98Ryla40ioTsiBdQ== DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=dkim; d=ecoseatravel.com; b=dre1wJND2Cko1brCYG8ycxuIT1KSs95vKjBiVXNKDeuHn0s65tEQTKiY8ZGXQe2/aWlwESNJQ6Jz lGNXQjhVpdXfdG7IhqZ4efAMGzcUvqbAAfBEjHfgazF6jzSCJb3Mu//c5zB5iT5Br7i2XD4XHJLv PoP/7WKZ9ePCNxZZx35MwwUD1ueVyub2ew0FyF/XB+GCD3vApF+JLnoaaEQXYsNUpp9aWRE+VO2A jLlslEsbWyUoFNNgKxjfiqiSYJINvVJhvTNMs6mKKgOEbb+lg9QRX1DI62uuRMLZtE6qHUxJ8ZFD 9XNz+8Nii9F8WFkxNw4SpPZK+TPHSLgZJ34RpA==; From: homeimportance.com <demi@ecoseatravel.com> To: contact@homeimportance.com Date: 18 Jan 2024 07:42:36 +0000 Message-ID: <20240118074236.2FEC11E1C235A108@ecoseatravel.com> MIME-Version: 1.0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=16.3 X-Spam-Score: 163 X-Spam-Bar: ++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium69.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Mail Service Notification Dear Account Holder, This is a compulsory monthly exercise to help us secure your account. Follow the link below to update your account. Please note that if you fail to update your account this will cause total email shut [...] Content analysis details: (16.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist [URIs: mitinc.net] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: mitinc.net] 2.5 URIBL_DBL_MALWARE Contains a malware URL listed in the Spamhaus DBL blocklist [URIs: ecoseatravel.com] 0.1 URIBL_SBL_A Contains URL's A record listed in the Spamhaus SBL blocklist [URIs: ecoseatravel.com] 0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS blocklist [URIs: ecoseatravel.com] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to background 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 2.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] 1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) -0.0 T_SCC_BODY_TEXT_LINE No description available. 0.0 TVD_PH_BODY_ACCOUNTS_PRE The body matches phrases such as "accounts suspended", "account credited", "account verification" 1.2 PDS_FROM_NAME_TO_DOMAIN From:name looks like To:domain 0.0 PDS_FRNOM_TODOM_NAKED_TO Naked to From name equals to Domain 2.4 TVD_PH_BODY_META_ALL No description available. 4.0 URI_PHISH Phishing using web form X-Spam-Flag: YES Subject: ***SPAM*** Account Update Notification Alert !!! <HTML><BODY><BR><SPAN style=3D'FONT-SIZE: 41px; FONT-FAMILY: "Segoe UI Ligh= t", "Segoe UI", "Helvetica Neue Medium", Arial, sans-serif; WHITE-SPACE: no= rmal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FLOAT: none; FONT-WEIGHT: 40= 0; COLOR: rgb(38,114,236); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; DISPL= AY: inline !important; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,25= 5,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps= : normal; -webkit-text-stroke-width: 0px; text-decoration-style: initial; t= ext-decoration-color: initial'>Mail Service Notification </SPAN><BR> <TABLE> <TBODY> <TR> <TD width=3D20></TD> <TD><FONT size=3D2 face=3Dverdana><BR>Dear Account Holder, <BR><BR>This is = a compulsory monthly exercise to help us secure your account. Follow the li= nk below to update your account.<BR>Please note that if you fail to update = your account this will cause total email shutdown or data loss.<BR><BR><BR>= <TABLE style=3D"BACKGROUND: #084b8a; border-radius: 5px; -moz-border-radius= : 5px; -webkit-border-radius: 5px" height=3D45 width=3D300> <TBODY> <TR> <TD> <DIV align=3Dcenter><A style=3D"TEXT-DECORATION: none" href=3D"http://kamel= library.mitinc.net/bbbb/eeee/tomato.php?email=3Dcontact@homeimportance.com"= ><FONT color=3D#ffffff size=3D4 face=3Dcalibri>Update your Mailbox Now </FO= NT></A></DIV></TD></TR></TBODY></TABLE> <br> <P>Thanks for your compliance mail service security team! </FONT><BR><BR></= P></TD></TR></TBODY></TABLE></BODY></HTML>