OwlCyberSecurity - MANAGER

Edit File: 1745161765.M64257P301166.cloudbhc.clouditzone.com,S=4694,W=4786

Return-Path: <fxhfjptcd@agmh.net> Delivered-To: info+spam@onebox.pk Received: from cloudbhc.clouditzone.com by cloudbhc.clouditzone.com with LMTP id L4/bAiUOBWhumAQAZAThIw (envelope-from <fxhfjptcd@agmh.net>) for <info+spam@onebox.pk>; Sun, 20 Apr 2025 20:09:25 +0500 Return-path: <fxhfjptcd@agmh.net> Envelope-to: info@onebox.pk Delivery-date: Sun, 20 Apr 2025 20:09:25 +0500 Received: from [175.175.162.129] (port=2760 helo=agmh.net) by cloudbhc.clouditzone.com with esmtp (Exim 4.98.1) (envelope-from <fxhfjptcd@agmh.net>) id 1u6WIK-00000001GKp-3kt8 for info@onebox.pk; Sun, 20 Apr 2025 20:09:24 +0500 Message-ID: <095DCAE68A34E1C908BC55292B0F038C@agmh.net> From: "mkd" <fxhfjptcd@agmh.net> To: <info@onebox.pk> Date: Sun, 20 Apr 2025 23:09:13 +0800 MIME-Version: 1.0 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512 X-Spam-Status: Yes, score=22.7 X-Spam-Score: 227 X-Spam-Bar: ++++++++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "cloudbhc.clouditzone.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Nice to meet you. Can I be your friend? http://www.wen-hy.com/ Content analysis details: (22.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: wen-hy.com] 0.0 HK_RANDOM_ENVFROM Envelope sender username looks random 1.0 HK_RANDOM_FROM From username looks random 0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to dbl.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [URIs: wen-hy.com] 0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query to zen.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [175.175.162.129 listed in zen.spamhaus.org] 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_MESSAGE BODY: HTML included in message 2.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] 1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) 2.0 PYZOR_CHECK Listed in Pyzor (https://pyzor.readthedocs.io/en/latest/) 1.9 HDR_ORDER_FTSDMCXX_NORDNS Header order similar to spam (FTSDMCXX/boundary variant) + no rDNS 0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 2.0 MIXED_HREF_CASE Has href in mixed case 0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe 2.0 MIMEOLE_DIRECT_TO_MX MIMEOLE + direct-to-MX 1.1 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam (FTSDMCXX/boundary variant) + direct-to-MX 3.1 DOS_OE_TO_MX Delivered direct to MX with OE headers 2.4 XPRIO_VISTA X-Priority + old MSFT msgid format X-Spam-Flag: YES Subject: ***SPAM*** Nice to meet you. Can I be your friend? PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0 Zi04IiBodHRwLWVxdWl2PUNvbnRlbnQtVHlwZT4NCjxNRVRBIG5hbWU9R0VORVJBVE9SIGNvbnRl bnQ9Ik1TSFRNTCAxMS4wMC4xMDU3MC4xMDAxIj48L0hFQUQ+DQo8Qk9EWT4NCjxQPk5pY2UgdG8g bWVldCB5b3UuIENhbiBJIGJlIHlvdXIgZnJpZW5kPzwvUD4NCjxQPiZuYnNwOzwvUD4NCjxQPjxB IGhyZWY9Imh0dHA6Ly93d3cud2VuLWh5LmNvbS8iPmh0dHA6Ly93d3cud2VuLWh5LmNvbS88L0E+ PC9QPg0KPFA+Jm5ic3A7PC9QPjwvQk9EWT48L0hUTUw+DQo=