OwlCyberSecurity - MANAGER

Edit File: 1752525758.M279054P3720214.cloudbhc.clouditzone.com,S=5483,W=5585

Return-Path: <fired@undertaksbutiken.net> Delivered-To: info@onebox.pk Received: from cloudbhc.clouditzone.com by cloudbhc.clouditzone.com with LMTP id SDabDr5rdWgWxDgAZAThIw (envelope-from <fired@undertaksbutiken.net>) for <info@onebox.pk>; Tue, 15 Jul 2025 01:42:38 +0500 Return-path: <fired@undertaksbutiken.net> Envelope-to: info@onebox.pk Delivery-date: Tue, 15 Jul 2025 01:42:38 +0500 Received: from [117.221.227.162] (port=34911 helo=memoire57ri.fr) by cloudbhc.clouditzone.com with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from <fired@undertaksbutiken.net>) id 1ubQ0Q-0000000Fbof-2ooQ for info@onebox.pk; Tue, 15 Jul 2025 01:42:38 +0500 Received-SPF: none (mx.onebox.pk: domain of noreply@undertaksbutiken.net does not provide an SPF record) client-ip=193.186.4.5; envelope-from=fired@undertaksbutiken.net; helo=memoire57ri.fr; Authentication-Results: mx.onebox.pk; spf=none (mx.qtv.onebox.pk: domain of undertaksbutiken.net does not provide an SPF record) smtp.mailfrom=fired@undertaksbutiken.net smtp.helo=memoire57ri.fr; Received: by blfzehznZC.bzve-memoire57ri.fr (memoire57ri.fr, from userid DZU) id DX0F543D2; Mon, 14 Jul 2025 23:42:20 +0300 From: Wynter Mercer <geneluca@ix.netcom.com> To: info@onebox.pk Message-ID: <287b3295b5be949b48e2ab1511d4e42f9106@undertaksbutiken.net> Subject: =?utf-8?B?8J+YmCAgSGkgIHlvdSEgIEdvdCB0aW1lICBzb29u?= MIME-Version: 1.0 X-Ricteezjvjrsqu: qqgdmspzcfgzdlwu Date: Mon, 14 Jul 2025 23:42:20 +0300 X-Priority: 3 X-MSMail-Priority: Normal X-Mailru-Msgtype: letter-14-07-2025 Content-Type: multipart/alternative; boundary="2983c6b982466893b01a461de8368786f4" Content-Transfer-Encoding: base64 X-Spam-Status: No, score=4.3 X-Spam-Score: 43 X-Spam-Bar: ++++ X-Ham-Report: Spam detection software, running on the system "cloudbhc.clouditzone.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Good Da sweet one 💄💄💄 Not sure why, but this lingered — and I wanted you to see it It’s a small peek, but that’s what stays with us Content analysis details: (4.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query to zen.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [117.221.227.162 listed in zen.spamhaus.org] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [117.221.227.162 listed in sa-accredit.habeas.com] 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to background 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.2 KAM_DMARC_NONE DKIM has Failed or SPF has failed on the message and the domain has no DMARC policy 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 1.0 URI_GOOGDRAWPREVIEW Link to image at Google Docs, possible phishing X-Spam-Flag: NO --2983c6b982466893b01a461de8368786f4 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 R29vZCBEYSBzd2VldCBvbmUg8J+ShPCfkoTwn5KEDQoNCk5vdCBzdXJlIHdoeSwgYnV0IHRoaXMg bGluZ2VyZWQg4oCUIGFuZCBJIHdhbnRlZCB5b3UgdG8gc2VlIGl0DQoNCkl04oCZcyBhIHNtYWxs IHBlZWssIGJ1dCB0aGF04oCZcyB3aGF0IHN0YXlzIHdpdGggdXMNCg0KTGV04oCZcyBtZWUgDQoN Ckxvb2tpbmcgZm9yd2FyZCB0byB1cw0KDQpXeW50ZXIgTWVyY2VyIPCfjY/wn42PDQo= --2983c6b982466893b01a461de8368786f4 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PCFET0NUWVBFIGh0bWw+DQo8aHRtbCBsYW5nPSJlbiI+DQo8aGVhZD4NCjxtZXRhIGNoYXJzZXQ9 InV0Zi04Ij48L2hlYWQ+PGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiBBcmlhbCwgc2Fucy1zZXJp ZjsgY29sb3I6ICMwMDA7IG1hcmdpbjogMjBweDsiPg0KPHA+R29vZCBEYSBzd2VldCBvbmUgICDw n5KE8J+ShPCfkoQgPC9wPg0KPHA+Tm90IHN1cmUgd2h5LCBidXQgdGhpcyBsaW5nZXJlZCDigJQg YW5kIEkgd2FudGVkIHlvdSB0byBzZWUgaXQ8L3A+DQo8cD5JdOKAmXMgYSBzbWFsbCBwZWVrLCBi dXQgdGhhdOKAmXMgd2hhdCBzdGF5cyB3aXRoIHVzPC9wPg0KPHA+DQo8YSBocmVmPWh0dHBzOi8v ZG9jcy5nb29nbGUuY29tL2RyYXdpbmdzL2QvMXZnZ1lhLTc0U3RPenZuOE04Tzk1RmdidkozZnZ5 WU1KMjMwQXJMZ0pNSmcvcHJldmlldyM/c291cmNlMjYyZmImcmFuZD1lOEYxNTExYzggdGFyZ2V0 PSJfYmxhbmsiIHN0eWxlPSJiYWNrZ3JvdW5kOiMyMTk2RjM7IGNvbG9yOiNmZmY7IHBhZGRpbmc6 MTBweCAxNXB4OyB0ZXh0LWRlY29yYXRpb246bm9uZTsgYm9yZGVyLXJhZGl1czoycHg7IGRpc3Bs YXk6aW5saW5lLWJsb2NrOyI+TGV04oCZcyBtZWU8L2E+DQo8L3A+DQo8cD5Mb29raW5nIGZvcndh cmQgdG8gdXM8L3A+DQo8cD5XeW50ZXIgTWVyY2VyIPCfjY/wn42PPC9wPg0KPC9ib2R5Pg0KPC9o dG1sPiANCg0K --2983c6b982466893b01a461de8368786f4--