OwlCyberSecurity - MANAGER

Edit File: 1742827042.M115370P437012.server254.web-hosting.com,S=5019,W=5117

Return-Path: <annabelle.weberschmidt@gmail.com> Delivered-To: info+spam@sportspesatips.com Received: from server254.web-hosting.com by server254.web-hosting.com with LMTP id SMRgBiJu4WcUqwYAUzp1tw (envelope-from <annabelle.weberschmidt@gmail.com>) for <info+spam@sportspesatips.com>; Mon, 24 Mar 2025 10:37:22 -0400 Return-path: <annabelle.weberschmidt@gmail.com> Envelope-to: info@sportspesatips.com Delivery-date: Mon, 24 Mar 2025 10:37:22 -0400 Received: from [41.180.13.189] (port=54405 helo=gmail.com) by server254.web-hosting.com with esmtp (Exim 4.98.1) (envelope-from <annabelle.weberschmidt@gmail.com>) id 1twivU-00000001tJW-0A6W for info@sportspesatips.com; Mon, 24 Mar 2025 10:37:21 -0400 Reply-To: tallmanlee65@gmail.com From: annabelle.weberschmidt@gmail.com To: info@sportspesatips.com Date: 24 Mar 2025 16:33:06 +0200 Message-ID: <20250324163305.F6C8BA28F25ECE15@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=17.8 X-Spam-Score: 178 X-Spam-Bar: +++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "server254.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Attn: Do you have any project that requires funding, we are a group of private investors that provides funding for projects and loans irrespective of the sector at a 2% interest rate and a 1-year grace peri [...] Content analysis details: (17.8 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL [41.180.13.189 listed in psbl.surriel.com] 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see <https://www.spamcop.net/bl.shtml?41.180.13.189>] 4.7 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL [41.180.13.189 listed in zen.spamhaus.org] 1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is CUSTOM_MED 1.5 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail) 0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit [tallmanlee65[at]gmail.com] 1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received' headers 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [annabelle.weberschmidt[at]gmail.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [41.180.13.189 listed in bl.score.senderscore.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [41.180.13.189 listed in sa-accredit.habeas.com] 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 0.2 KAM_DMARC_NONE DKIM has Failed or SPF has failed on the message and the domain has no DMARC policy 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different freemails 0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS 1.2 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list 0.0 SPOOFED_FREEMAIL No description available. 0.4 SPOOF_GMAIL_MID From Gmail but it doesn't seem to be... 0.0 SPOOFED_FREEM_REPTO Forged freemail sender with freemail reply-to X-Spam-Flag: YES Subject: ***SPAM*** Do you need a business Funding? Attn: Do you have any project that requires funding, we are a group of=20 private investors that provides funding for projects and loans=20 irrespective of the sector at a 2% interest rate and a 1-year=20 grace period, we also offer equity funding and joint ventures. If=20 you would like more details, NO UPFRONT PAYMENT. Please feel free=20 to write back. Yours Faithfully, Mrs.Sherry=20