More DHL Phish from Amazon
Posted by Dave Yadallee onEnvelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sat, 30 Apr 2022 00:57:30 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1nkh0s-0007mU-Hd
for dave@doctor.nl2k.ab.ca;
Sat, 30 Apr 2022 00:55:30 -0600
Resent-From: The Doctor
Resent-Date: Sat, 30 Apr 2022 00:55:30 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from ec2-35-72-201-243.ap-northeast-1.compute.amazonaws.com ([35.72.201.243]:33912 helo=multiweb.sdpi)
by doctor.nl2k.ab.ca with esmtp (Exim 4.95 (FreeBSD))
(envelope-from
id 1nkgwW-00075c-Ev
for doctor@nl2k.ab.ca;
Sat, 30 Apr 2022 00:51:05 -0600
Received: by multiweb.sdpi (Postfix, from userid 48)
id 835D61292E76; Sat, 30 Apr 2022 15:44:49 +0900 (JST)
To: doctor@nl2k.ab.ca
Subject: =?UTF-8?B?Q29uZmlybWF0aW9uIDog4pyU77iPIEFib3V0IFlvdXIgUGFyY2Vs?=
X-PHP-Originating-Script: 48:Mailer8768790324SQDSQDSSQDSSQDSQDDSQDSQDSD.php
From: =?UTF-8?B?REhMIC0gT25saW5l?=
MIME-Version: 1.0;
Content-type: multipart/mixed; boundary="--YMev472z8I"
Message-Id: <20220430064449.835D61292E76@multiweb.sdpi>
Date: Sat, 30 Apr 2022 15:44:49 +0900 (JST)
X-Spam_score: 13.5
X-Spam_score_int: 135
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello, Your package N [54246452-AV] is waiting for delivery.
Please confirm the payment (1,65 CAD) on the link below, the online verification
needs to be done in the next 14 days before it expires.​
Content analysis details: (13.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
DNSWL was blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[35.72.201.243 listed in list.dnswl.org]
0.4 NO_DNS_FOR_FROM DNS: Envelope sender has no MX or A DNS records
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[35.72.201.243 listed in bl.score.senderscore.com]
1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: aplusonline.online (online)]
0.0 T_TVD_MIME_NO_HEADERS BODY: No description available.
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or
identical to background
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.0 URI_TRY_3LD URI: "Try it" URI, suspicious hostname
0.4 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily
3.5 BOGUS_MIME_VERSION Mime version header is bogus
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: aplusonline.online]
Subject: {SPAM?} =?UTF-8?B?Q29uZmlybWF0aW9uIDog4pyU77iPIEFib3V0IFlvdXIgUGFyY2Vs?=
----YMev472z8I
Content-type: text/html; charset="utf-8"
Content-Transfer-Encoding: 8bit
Hello,
Your package N [54246452-AV] is waiting for delivery.
Please confirm the payment
face="sans-serif, Arial, Verdana, Trebuchet MS" style="box-sizing: border-box; line-height: 1.4em;" t="">(1,65 CAD) on the link below, the online verification needs to be done in the next 14 days before it expires.​
AN SMS VERIFICATION WILL BE REQUESTED. IN ORDER TO ENSURE YOUR IDENTITY.
2022 @ DHL International GmbH. All rights reserved.
Rehabilitation work planned for Dartford Bridge
Northumberland County has retained the services of Willis Kerr Contracting Ltd. to complete the rehabilitation of the Dartford Bridge located on County Road 24, 1.7km West of County Rd. 25 in the Village of Dartford. HP Engineering Inc. has developed design details for the rehabilitation and will be assisting the County with on-site inspection of the work as it progresses.
This construction work will consist of rehabilitation work on the south side of the bridge. The work will involve an east-bound lane closure, using temporary traffic signals to controle flow of fic through the work areas. A single lane for through traffic will be in place for the duration of the work.
The anticipated start date is May 2, 2022 and work is expected to be completed in early August 2022.
If you have any questions relating to the project or temporary lane closure, please contact the following:
Brandon Brooker
Site Supervisor, Willis Kerr
1077 County Rd. 1
Mountain, ON. K0E 1S0
T: 613-258-0223
Cell: 613-802-9920
F: 613-258-0229
Tashi Dwivedi, P.Eng.
Principal, HP Engineering Inc.
Suite 400, 2039 Robertson Road
Ottawa, Ontario K2H 8R2
T: 613-695-3737
Cell: 613-222-8520
F: 613-680-3636
Brunilda Tena, P.Eng.
Project Engineer, Engineering
Northumberland County
555 Courthouse Road
Cobourg, Ontario K9A 5J6
T: 905-372-3329 ext. 2355
Toll Free: 1-800-354-7050 ext. 2355
Email
----YMev472z8I