Germanic language phish
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 08 Apr 2024 04:20:26 -0600
Received: from [146.19.191.154] (port=61284 helo=tube-hosting.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.97.1 (FreeBSD))
(envelope-from)
id 1rtm6V-000000006jX-2Kuw
for dave@doctor.nl2k.ab.ca;
Mon, 08 Apr 2024 04:20:01 -0600
From: "Bitvavo";
To: dave@doctor.nl2k.ab.ca
Subject: Bij frequente meldingen van ons dient u direct actie te ondernemen
Date: 8 Apr 2024 13:17:59 +0300
Message-ID: <20240408131759.901EC05102580BC4@info.bitvavo.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 13.5
X-Spam_score_int: 135
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Geachte klant, U ontvangt dit bericht omdat uw Bitvavo registratie,
en daarbij ook uw inschrijving over 2 werkdagen op inactief zal staan geregistreerd.
Deze maatregel wordt toegepast omdat u enige tijd gebruik maak [...]
Content analysis details: (13.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URI: mashizadesigns.co.za]
0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist
[URI: mashizadesigns.co.za]
1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist
[URI: mashizadesigns.co.za]
1.6 RCVD_IN_MSPIKE_L3 RBL: Low reputation (-3)
[146.19.191.154 listed in bl.mailspike.net]
0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=tube-hosting.com;ip=146.19.191.154;r=doctor.nl2k.ab.ca]
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
0.1 TW_JV BODY: Odd Letter Triples with JV
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML only
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe
Subject: {SPAM?} Bij frequente meldingen van ons dient u direct actie te ondernemen
X-Antivirus: AVG (VPS 240404-6, 4/4/2024), Inbound message
X-Antivirus-Status: Clean
=20=20=20=20
=20=20=20=20
pse: separate; background-color: rgb(246, 246, 246);" bgcolor=3D"#f6f6f6" b=
order=3D"0" cellspacing=3D"0" cellpadding=3D"0">
p" style=3D"font-family: sans-serif; font-size: 14px; vertical-align: top;"=
>
argin: 0px auto; padding: 10px; width: 580px; font-family: sans-serif; font=
-size: 14px; vertical-align: top; display: block; max-width: 580px;">
display: block; max-width: 580px;">
=20=20=20=20=20=20=20=20=20=20=20=20
55, 255, 255); border-radius: 3px; width: 100%; border-collapse: separate;"=
>
nt-family: sans-serif; font-size: 14px; vertical-align: top;">
se: separate;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">=
cal-align: top;">
=09=09=09=09=09=20=20
14px; font-weight: normal;">
der-color: rgb(0, 0, 0); width: 211px; height: 94px;" src=3D"https://th.bin=
g.com/th/id/OIP.neTguRhgM9hJmWWsMGWqzwHaDS?rs=3D1&pid=3DImgDetMain"=
>
14px; font-weight: normal;">
font-weight: normal;">Geachte klant,
font-weight: normal;">U ontvangt dit bericht omdat uw Bitvavo registratie,=
en daarbij ook uw inschrijving over 2 werkdagen op inacti=
ef zal staan geregistreerd. Deze maatregel wordt toegepast omdat u enige ti=
jd gebruik maakt van verouderde registratiegegevens.
font-weight: normal;">Na meerdere contact pogingen hebben wij niets vanuit=
u vernomen en zijn wij daarom genoodzaakt om maatregelen uit te voeren. Hi=
ernaast riskeert de u ook een boete bedrag van €5.2=
00,-.
font-weight: normal;">Om te voorkomen dat uw registratie definitief w=
ordt uitgeschreven uit het Bitvavo register kunt u nog eenmalig&n=
bsp;gratis uw profiel gegev=
ens online actualiseren. Vanuit de Bitvavo is het voor consumente=
n verplicht hun gegevens up to date te houden.
font-weight: normal;">Wij vertrouwen erop u hiermee voldoende te hebben ge=
informeerd.
font-weight: normal;">
r-collapse: separate;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
ody>
nt-family: sans-serif; font-size: 14px; vertical-align: top;">
lspacing=3D"0" cellpadding=3D"0">
top" style=3D"border-radius: 5px; text-align: center; font-family: sans-ser=
if; font-size: 14px; vertical-align: top; background-color: rgb(52, 152, 21=
9);" bgcolor=3D"#3498db">
om_zimbra_url" role=3D"link">
5_com_zimbra_url" role=3D"link">
x solid rgb(52, 152, 219); border-image: none; color: rgb(255, 255, 255); t=
ext-transform: capitalize; font-size: 14px; font-weight: bold; text-decorat=
ion: none; display: inline-block; background-color: rgb(52, 152, 219);" hre=
f=3D"http://mashizadesigns.co.za/viv" target=3D"_blank" rel=3D"nofollow noo=
pener noreferrer">Ga naar Inloggen
ble>
font-weight: normal;">Hoogachtend,
nt-family: sans-serif; font-size: 14px; font-weight: normal;">
yle=3D"margin: 0px 0px 15px; font-family: sans-serif; font-size: 14px; font=
-weight: normal;">Bitvavo
t-size: 14px; font-weight: normal;'>
_DWT1428_com_zimbra_url" role=3D"link">
FIX_DWT1436_com_zimbra_url" role=3D"link">
4UCkVeuqplxJ1uioal2TasPv0xUNh7z8_fKNjuh7hjp5S3IiZgpxQw2AkYWEaq2tbFFrOWFkyw2=
C0A6gt2FqNg4OJbNMUxk1WyQWh7X2x9pfXnt-Sen98Xris-49b2bXT8nI9dFhhNYeo1O-e-e8oN=
5yZb1GUrYBOQJdSyvf7fIRIj3w8dgGd3N2yfS0TQtnIgM6vLo_Oe_KiUkwbeeJ8IMl4htlZMf6r=
sifVT6RwfkxZafUXAAD__4ZsT8I" target=3D"_blank" rel=3D"nofollow noopener nor=
eferrer">
=09=09=09=09=09=09
">
t: 10px;">
=20=20=20=20=20=20=20=20=20=20=20=20
margin-top: 10px;">
separate;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
align=3D"center" class=3D"content-block" valign=3D"top" style=3D"text-align=
: center; color: rgb(153, 153, 153); padding-top: 10px; padding-bottom: 10p=
x; font-family: sans-serif; font-size: 12px; vertical-align: top;">
color: rgb(153, 153, 153); font-size: 12px; font-weight: bold;">
s=3D"Object" id=3D"OBJ_PREFIX_DWT1430_com_zimbra_url" role=3D"link">
lass=3D"Object" id=3D"OBJ_PREFIX_DWT1438_com_zimbra_url" role=3D"link">
Wachtwoord vergeten?
OBJ_PREFIX_DWT1431_com_zimbra_url" role=3D"link">
=3D"OBJ_PREFIX_DWT1439_com_zimbra_url" role=3D"link">
text-decoration: underline;" href=3D"https://email.mailing.myhorsez.com/c/=
eJx00L1urDAQhuGrsbtF4D-gcMFqDzoKUqpUaSKDBzAy9sqeBO1efUQRKU3qeTSf9E4GYYnpoQM=
c2QMiJGq1ZKOioCvVNrJuqkrSVUthOTelkJzNU2PVOLaiVZVhDTOTNTV1mnVDqLbh-n_Al6N8fb=
5fkdfD2533nXX_lijTxjYViSi_9kuYM_V6RbxnwjvCesL64ziK_bHGlOFZTHEnrJ9jWiJaQON8J=
rz_zJCC2YHwm4_eEaZgN84TfjNhM0U2IUAgokTwEACLEeh5_3BWM97SpP9kqE94ORXqny6XX13O=
6fOP4kKW3wEAAP__reRnjw" target=3D"_blank" rel=3D"nofollow=20
noopener noreferrer">Nieuw wachtwoord aanvragen
an>.
Wil je geen e-mail van ons ontvangen?
=3D"Object" id=3D"OBJ_PREFIX_DWT1432_com_zimbra_url" role=3D"link">
ass=3D"Object" id=3D"OBJ_PREFIX_DWT1440_com_zimbra_url" role=3D"link">
text-decoration: underline;"=20
href=3D"https://email.mailing.myhorsez.com/c/eJxM0EFvsjAYwPFP094k8NRSPPSgrx=
LfkWzZ5g7bxbT0EYtQSFtH8NMvLluy-z_5J79aRWwGP0uHU-gwRvTUSA46pyizfFVwUWQZp2eZi=
lpoYwzTwojslJ6gMFBAwRkoA6CplbCuXNZWm30VH6b08faxiUxUh5GVa2N3zcB9C20-kGX62S_c=
KdBOnmMcA2FrAiWBcpqmpJ_Pgw94S-qhJ1B2yhnrmlE1SKC8unDVofZWI2HlNaA_WkPYNmdLnhL=
ILzgTtu3Nkx7e6n92LzbjzAus3Ptzdtm-vtwO_3e0V7Y7WiOBraiXyrUqCco5dGSZRuzQYUw00i=
jv4eJeRfnrtPjj9LOX3_OvAAAA___BpGt8" target=3D"_blank" rel=3D"nofollow noope=
ner noreferrer">Uitschrijven.
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 08 Apr 2024 04:20:26 -0600
Received: from [146.19.191.154] (port=61284 helo=tube-hosting.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.97.1 (FreeBSD))
(envelope-from
id 1rtm6V-000000006jX-2Kuw
for dave@doctor.nl2k.ab.ca;
Mon, 08 Apr 2024 04:20:01 -0600
From: "Bitvavo"
To: dave@doctor.nl2k.ab.ca
Subject: Bij frequente meldingen van ons dient u direct actie te ondernemen
Date: 8 Apr 2024 13:17:59 +0300
Message-ID: <20240408131759.901EC05102580BC4@info.bitvavo.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 13.5
X-Spam_score_int: 135
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Geachte klant, U ontvangt dit bericht omdat uw Bitvavo registratie,
en daarbij ook uw inschrijving over 2 werkdagen op inactief zal staan geregistreerd.
Deze maatregel wordt toegepast omdat u enige tijd gebruik maak [...]
Content analysis details: (13.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URI: mashizadesigns.co.za]
0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist
[URI: mashizadesigns.co.za]
1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist
[URI: mashizadesigns.co.za]
1.6 RCVD_IN_MSPIKE_L3 RBL: Low reputation (-3)
[146.19.191.154 listed in bl.mailspike.net]
0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=tube-hosting.com;ip=146.19.191.154;r=doctor.nl2k.ab.ca]
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
0.1 TW_JV BODY: Odd Letter Triples with JV
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML only
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe
Subject: {SPAM?} Bij frequente meldingen van ons dient u direct actie te ondernemen
X-Antivirus: AVG (VPS 240404-6, 4/4/2024), Inbound message
X-Antivirus-Status: Clean
=20=20=20=20
=20=20=20=20
pse: separate; background-color: rgb(246, 246, 246);" bgcolor=3D"#f6f6f6" b=
order=3D"0" cellspacing=3D"0" cellpadding=3D"0">
p" style=3D"font-family: sans-serif; font-size: 14px; vertical-align: top;"=
>
argin: 0px auto; padding: 10px; width: 580px; font-family: sans-serif; font=
-size: 14px; vertical-align: top; display: block; max-width: 580px;">
display: block; max-width: 580px;">
=20=20=20=20=20=20=20=20=20=20=20=20
55, 255, 255); border-radius: 3px; width: 100%; border-collapse: separate;"=
>
nt-family: sans-serif; font-size: 14px; vertical-align: top;">
se: separate;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
cal-align: top;">
=09=09=09=09=09=20=20
14px; font-weight: normal;">
der-color: rgb(0, 0, 0); width: 211px; height: 94px;" src=3D"https://th.bin=
g.com/th/id/OIP.neTguRhgM9hJmWWsMGWqzwHaDS?rs=3D1&pid=3DImgDetMain"=
>
14px; font-weight: normal;">
font-weight: normal;">Geachte klant,
font-weight: normal;">U ontvangt dit bericht omdat uw Bitvavo registratie,=
en daarbij ook uw inschrijving over 2 werkdagen op inacti=
ef zal staan geregistreerd. Deze maatregel wordt toegepast omdat u enige ti=
jd gebruik maakt van verouderde registratiegegevens.
font-weight: normal;">Na meerdere contact pogingen hebben wij niets vanuit=
u vernomen en zijn wij daarom genoodzaakt om maatregelen uit te voeren. Hi=
ernaast riskeert de u ook een boete bedrag van €5.2=
00,-.
font-weight: normal;">Om te voorkomen dat uw registratie definitief w=
ordt uitgeschreven uit het Bitvavo register kunt u nog eenmalig&n=
bsp;gratis uw profiel gegev=
ens online actualiseren. Vanuit de Bitvavo is het voor consumente=
n verplicht hun gegevens up to date te houden.
font-weight: normal;">Wij vertrouwen erop u hiermee voldoende te hebben ge=
informeerd.
font-weight: normal;">
r-collapse: separate;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
ody>
nt-family: sans-serif; font-size: 14px; vertical-align: top;">
lspacing=3D"0" cellpadding=3D"0">
top" style=3D"border-radius: 5px; text-align: center; font-family: sans-ser=
if; font-size: 14px; vertical-align: top; background-color: rgb(52, 152, 21=
9);" bgcolor=3D"#3498db">
om_zimbra_url" role=3D"link">
5_com_zimbra_url" role=3D"link">
x solid rgb(52, 152, 219); border-image: none; color: rgb(255, 255, 255); t=
ext-transform: capitalize; font-size: 14px; font-weight: bold; text-decorat=
ion: none; display: inline-block; background-color: rgb(52, 152, 219);" hre=
f=3D"http://mashizadesigns.co.za/viv" target=3D"_blank" rel=3D"nofollow noo=
pener noreferrer">Ga naar Inloggen
ble>
font-weight: normal;">Hoogachtend,
nt-family: sans-serif; font-size: 14px; font-weight: normal;">
yle=3D"margin: 0px 0px 15px; font-family: sans-serif; font-size: 14px; font=
-weight: normal;">Bitvavo
t-size: 14px; font-weight: normal;'>
_DWT1428_com_zimbra_url" role=3D"link">
FIX_DWT1436_com_zimbra_url" role=3D"link">
4UCkVeuqplxJ1uioal2TasPv0xUNh7z8_fKNjuh7hjp5S3IiZgpxQw2AkYWEaq2tbFFrOWFkyw2=
C0A6gt2FqNg4OJbNMUxk1WyQWh7X2x9pfXnt-Sen98Xris-49b2bXT8nI9dFhhNYeo1O-e-e8oN=
5yZb1GUrYBOQJdSyvf7fIRIj3w8dgGd3N2yfS0TQtnIgM6vLo_Oe_KiUkwbeeJ8IMl4htlZMf6r=
sifVT6RwfkxZafUXAAD__4ZsT8I" target=3D"_blank" rel=3D"nofollow noopener nor=
eferrer">
=09=09=09=09=09=09
">
t: 10px;">
=
=3D"link">
ole=3D"link">
BgZpSQ6dOXYocnWMbWwrStSJ5-uKh0P3nh-_qCG8xPSBgyRsSYWIelBw1QxDanpU5C6HYDFwai2=
KSXHjejtZqp9CrcWq9Ms5MyBaQ3RDEOlxeB3or_P35eaHGDB_3pu_88nKLKq1y1bFq-c9-ClNmG=
8xE91w1XSX7SvallHp_zDFlfNbXuLPdLdvX4kE2liVwYXV1diFgqFpOuGFAqkdkBEd4OiqCP9Lp=
H-k7Yzo-umkV_w0AAP__9gxPgQ" target=3D"_blank" rel=3D"nofollow noopener nore=
ferrer">
=20=20=20=20=20=20=20=20=20=20=20=20
margin-top: 10px;">
separate;" border=3D"0" cellspacing=3D"0" cellpadding=3D"0">
align=3D"center" class=3D"content-block" valign=3D"top" style=3D"text-align=
: center; color: rgb(153, 153, 153); padding-top: 10px; padding-bottom: 10p=
x; font-family: sans-serif; font-size: 12px; vertical-align: top;">
color: rgb(153, 153, 153); font-size: 12px; font-weight: bold;">
s=3D"Object" id=3D"OBJ_PREFIX_DWT1430_com_zimbra_url" role=3D"link">
lass=3D"Object" id=3D"OBJ_PREFIX_DWT1438_com_zimbra_url" role=3D"link">
Wachtwoord vergeten?
OBJ_PREFIX_DWT1431_com_zimbra_url" role=3D"link">
=3D"OBJ_PREFIX_DWT1439_com_zimbra_url" role=3D"link">
text-decoration: underline;" href=3D"https://email.mailing.myhorsez.com/c/=
eJx00L1urDAQhuGrsbtF4D-gcMFqDzoKUqpUaSKDBzAy9sqeBO1efUQRKU3qeTSf9E4GYYnpoQM=
c2QMiJGq1ZKOioCvVNrJuqkrSVUthOTelkJzNU2PVOLaiVZVhDTOTNTV1mnVDqLbh-n_Al6N8fb=
5fkdfD2533nXX_lijTxjYViSi_9kuYM_V6RbxnwjvCesL64ziK_bHGlOFZTHEnrJ9jWiJaQON8J=
rz_zJCC2YHwm4_eEaZgN84TfjNhM0U2IUAgokTwEACLEeh5_3BWM97SpP9kqE94ORXqny6XX13O=
6fOP4kKW3wEAAP__reRnjw" target=3D"_blank" rel=3D"nofollow=20
noopener noreferrer">Nieuw wachtwoord aanvragen
an>.
Wil je geen e-mail van ons ontvangen?
=3D"Object" id=3D"OBJ_PREFIX_DWT1432_com_zimbra_url" role=3D"link">
ass=3D"Object" id=3D"OBJ_PREFIX_DWT1440_com_zimbra_url" role=3D"link">
text-decoration: underline;"=20
href=3D"https://email.mailing.myhorsez.com/c/eJxM0EFvsjAYwPFP094k8NRSPPSgrx=
LfkWzZ5g7bxbT0EYtQSFtH8NMvLluy-z_5J79aRWwGP0uHU-gwRvTUSA46pyizfFVwUWQZp2eZi=
lpoYwzTwojslJ6gMFBAwRkoA6CplbCuXNZWm30VH6b08faxiUxUh5GVa2N3zcB9C20-kGX62S_c=
KdBOnmMcA2FrAiWBcpqmpJ_Pgw94S-qhJ1B2yhnrmlE1SKC8unDVofZWI2HlNaA_WkPYNmdLnhL=
ILzgTtu3Nkx7e6n92LzbjzAus3Ptzdtm-vtwO_3e0V7Y7WiOBraiXyrUqCco5dGSZRuzQYUw00i=
jv4eJeRfnrtPjj9LOX3_OvAAAA___BpGt8" target=3D"_blank" rel=3D"nofollow noope=
ner noreferrer">Uitschrijven.
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments