CAA Emergancy Car phish from OVH

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 12 Oct 2024 07:47:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1szcSA-00000000Cs4-3cB4

for dave@doctor.nl2k.ab.ca;

Sat, 12 Oct 2024 07:46:42 -0600

Resent-From: The Doctor

Resent-Date: Sat, 12 Oct 2024 07:46:42 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from m191.bnc.offertedidegustazione.com ([51.178.222.191]:35667)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1szXoa-000000004FH-05cy

for root@nk.ca;

Sat, 12 Oct 2024 02:51:00 -0600

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=emailer; d=pphosted.com;

h=Subject:From:To:Content-Type:Message-ID:Date; i=CAARewards@pphosted.com;

bh=NQDFbGAc7+RaGiSetzhqrunURqg=;

b=JkgpYT4Pl9Ox4oZXmGBjI6I7u1BAxlso7WzKsxq5+SmXJdCGteEzsuZXaVkwJmpncw858gEIsSRj

CqtpZdaFnuCKGeg/xLwUIG1KSTXw5YRxFc13lnmzKjkTqAZmgaU+Wde9jkHVpjrsdwAIEXpdNIUd

eJvlKdBvAhcbNSz7WN7jRnLyvGEh2ByTyoZBiqKtiLgreJI48qICUFgb+M9fwLaPEXUKRfrc0bvq

isg8P8RsBk0EXxvTZ4IoCojD78a/XcvO1ebKg4fTJE+Fi9y25YYPOPzMY9K87xReApKBdrp+TP30

NeI7xksIzfiLBiTI4zRJ/k0pS4jB4BMrm+rvcQ==

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=emailer; d=pphosted.com;

b=YE5Od+THLD303rbHbPxfhKK/aSbs1KrPqTJZO6RDLmC4u3fdMg5FM/T+LYFUm+0fTo28n8tqNwuo

P0LnGxnZuMLHcCGsTFomKy+QOTCo+S8hog9Z5oGi+VrBQYc3vQuwGw+8hQhZeJ8Ow7aldnxX2mfr

fbevHchF8yMMccwOWyx5SoXdMtk2ihGk+TPHouvSYlizxOfbWpHj10aOu7sxDGo0cGU9fwh7J9iC

FWhci61LvpZoHe8UIAJYkskji7xRnouIItxeR3SulBs4YbJZOHe2vWGyGTEVj7ZXdyx8Hlw4wiXU

lbnvZfuDlHwneNKOhpTFWUmTluydNkoGAcZ+ZA==;

Subject:You have won a Car Emergency Kit

From: CAA

To: root@nk.ca

Content-Type: text/html; charset="utf-8"

Message-ID: <375274687.565789.1526855633755.LOsImfzM110fWD@lva1-app2869.LOsImfzM110fWD.com>

Date: Sat, 12 Oct 2024 01:26:44 +0200

X-Spam_score: 15.5

X-Spam_score_int: 155

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: CAA - Loyalty Program Congratulations!



Content analysis details: (15.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[51.178.222.191 listed in will-spam-for-food.eu.org]

[51.178.222.191 listed in will-spam-for-food.eu.org]

[51.178.222.191 listed in will-spam-for-food.eu.org]

[51.178.222.191 listed in will-spam-for-food.eu.org]

[51.178.222.191 listed in will-spam-for-food.eu.org]

[51.178.222.191 listed in will-spam-for-food.eu.org]

[51.178.222.191 listed in will-spam-for-food.eu.org]

[51.178.222.191 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[51.178.222.191 listed in dnsbl.ahbl.org]

[51.178.222.191 listed in dnsbl.ahbl.org]

[51.178.222.191 listed in dnsbl.ahbl.org]

[51.178.222.191 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[51.178.222.191 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[51.178.222.191 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[51.178.222.191 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[51.178.222.191 listed in dnsbl.ahbl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[51.178.222.191 listed in wl.mailspike.net]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

1.1 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text to image area

2.0 MIME_HEADER_CTYPE_ONLY 'Content-Type' found without required MIME

headers

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

2.5 HDRS_MISSP Misspaced headers

3.0 HOSTED_IMG_MULTI_PUB_01 Multiple hosted images at public site

Subject: {SPAM?} You have won a Car Emergency Kit













CAA - Loyalty Program





























Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA 1CAPTCHA 2CAPTCHA 3CAPTCHA 4CAPTCHA 5


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA 1CAPTCHA 2CAPTCHA 3CAPTCHA 4CAPTCHA 5