OwlCyberSecurity - MANAGER

Edit File: 1704502610.M591713P2327117.server237.web-hosting.com,S=10378,W=10583

Return-Path: <> Delivered-To: dev@ebaarchitects.org Received: from server237.web-hosting.com by server237.web-hosting.com with LMTP id MFzEIlKlmGVNgiMA7Ypugw (envelope-from <>) for <dev@ebaarchitects.org>; Fri, 05 Jan 2024 19:56:50 -0500 Return-path: <> Envelope-to: dev@ebaarchitects.org Delivery-date: Fri, 05 Jan 2024 19:56:50 -0500 Received: from mail-108-mta65.mxroute.com ([136.175.108.65]:42059) by server237.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96.1) id 1rLuzV-009rXC-2c for dev@ebaarchitects.org; Fri, 05 Jan 2024 19:56:50 -0500 Received: from filter006.mxroute.com ([136.175.111.2] filter006.mxroute.com) (Authenticated sender: mN4UYu2MZsgR) by mail-108-mta65.mxroute.com (ZoneMTA) with ESMTPSA id 18cdc4512d20003727.001 for <dev@ebaarchitects.org> (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384); Sat, 06 Jan 2024 00:56:03 +0000 X-Zone-Loop: 3ad299a871869d67f7e4370853ff318327e8866d0fff X-Originating-IP: [136.175.111.2] Message-ID: <98.D6.43269.D15A8956@mx2-ph2-sp4.mta.salesforce.com> Date: Sat, 06 Jan 2024 00:55:57 +0000 From: Mail Delivery System <mailer-daemon@mailerdaemon.mta.salesforce.com> To: SRS0=e19f=ip=ebaarchitects.org=dev@csmum.com Subject: Undeliverable: Uneasy about an strange charge on my account connected to your online shop - need your guidance X-SFDC-Binding: Bounce SpamTally: Final spam score: 0 X-Spam-Status: No, score=0.0 X-Spam-Score: 0 X-Spam-Bar: / X-Ham-Report: Spam detection software, running on the system "server237.web-hosting.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: This message was created automatically by the mail system. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: web-hosting.com] 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Spam-Flag: NO This message was created automatically by the mail system. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: >>> help@va54spboq3gwhy0t6ufv0yo6ze47ocx77vko0xn5eb6sd9gof.46-1xcdeam.na40.case.salesforce.com (Undelivered): 554 5.4.7 [internal] message timeout (exceeded max time, last transfail: 451 Temporarily unable to find 00D460000001XCd at NA124 originalInstance na40) ------ This is a copy of the original message, including all headers. ------ Return-Path: <SRS0=e19f=ip=ebaarchitects.org=dev@csmum.com> Authentication-Results: apex.salesforce.com; dkim=pass header.d=ebaarchitects.org; spf=pass smtp.mailfrom=csmum.com Received: from [136.175.108.8] ([136.175.108.8:32915] helo=mail-108-mta8.mxroute.com) by mx2-ph2-sp4.mta.salesforce.com (envelope-from <SRS0=e19f=ip=ebaarchitects.org=dev@csmum.com>) (ecelerity 4.4.1.20035 r(msys-ecelerity:4.4.1.0-salesforce)) with ESMTPS (cipher=ECDHE-RSA-AES128-GCM-SHA256) id 0D/F4-43269-E8357956; Fri, 05 Jan 2024 00:55:42 +0000 Received: from filter006.mxroute.com ([136.175.111.2] filter006.mxroute.com) (Authenticated sender: mN4UYu2MZsgR) by mail-108-mta8.mxroute.com (ZoneMTA) with ESMTPSA id 18cd71e50370003727.001 for <help@va54spboq3gwhy0t6ufv0yo6ze47ocx77vko0xn5eb6sd9gof.46-1xcdeam.na40.case.salesforce.com> (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384); Fri, 05 Jan 2024 00:55:37 +0000 X-Zone-Loop: 19a02de03c67c2d7990af5aec4daca807d60954dcb56 X-Originating-IP: [136.175.111.2] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ebaarchitects.org; s=default; h=Content-Type:MIME-Version:Date:Subject:To: From:Reply-To:Message-ID:Sender:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=leKcxzPuAv0jF5+auDgjv2649IOZVmv7vBvu/xwDtDk=; b=YdfnIpZ3IEzstnI/OHmy1D8eGA XX/eAgH1dSibBmUeqVeSYj9FMtsRMS7FJApnowXYEv0WGqbuRvY3LvZS0x3GuIQQ43Ca3Ey7f1BmK bbRK5AQUaYwA7wdfsBrRm1/cWJ708lZuguxhNJXCr7QhxbSzvkN/pQ9JKp1bvSsqOMV/jnMDzM83Y ZFyNpxtiZnYaqY9JOa+aEicg3sPcPqjTfz6T/saIRhTYR9HmX2zFeIaUWQJ14SWyRsofbn3NSi1Nl 0iOIiGTG23wqPdn5aXOB6Mb+kt/cFycYV559d5kEjV/sITWkoZBDvLJt7zJR8t1vhmXHmbXeGXWUa TNxkAtCQ==; Message-ID: <08125bf0389cb6b8cb61288363476d781a6250@ebaarchitects.org> Reply-To: michael <michael.thornton@primank.com> From: michael <dev@ebaarchitects.org> To: help@csmum.com Subject: Uneasy about an strange charge on my account connected to your online shop - need your guidance Date: Thu, 4 Jan 2024 16:53:15 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="a0b2fb50983c16186bc18823c3e7cdd80c8c78" X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - server237.web-hosting.com X-AntiAbuse: Original Domain - csmum.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - ebaarchitects.org X-Get-Message-Sender-Via: server237.web-hosting.com: authenticated_id: dev@ebaarchitects.org X-Authenticated-Sender: server237.web-hosting.com: dev@ebaarchitects.org X-Source: X-Source-Args: X-Source-Dir: X-From-Rewrite: unmodified, already matched X-DKIM: signer='ebaarchitects.org' status='pass' reason='' DKIMCheck: Server passes DKIM test, 0 Spam score X-Spam-Score: 12.5 (++++++++++++) X-Spam-Report: Spam detection software, running on the system "london.mxroute.com", has performed the tests listed below against this email. Information: https://mxroutedocs.com/directadmin/spamfilters/ --- Content analysis details: (12.5 points) --- pts rule name description ---- ---------------------- ----------------------------------------- 0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to DNSWL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [199.188.200.108 listed in list.dnswl.org] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URI: ebaarchitects.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 1.2 RCVD_HELO_IP_MISMATCH Received: HELO and IP do not match, but should 10 SPAMRATS RBL: At least one relay blacklisted on spamrats [SPAMRATS IP Addresses See: <http://www.spamrats.com/bl?84.15.212.88>] 1.5 HTML_MESSAGE BODY: HTML included in message -0.0 T_SCC_BODY_TEXT_LINE No description available. SpamTally: Final spam score: 125 X-SFDC-Interface: external X-SFDC-SPF: Pass X-SFDC-SENDERID: Pass X-SFDC-SENDERID-PRA: None X-SFDC-TLS-STATUS: true X-SFDC-TLS-CIPHER: ECDHE-RSA-AES128-GCM-SHA256 X-SFDC-TLS-VERIFIED: no X-SFDC-TLS-VERSION: TLSv1.2 X-SFDC-DOMAINKEYS: None X-SFDC-Binding: coremailprocessor X-SFDC-Original-RCPT: help@va54spboq3gwhy0t6ufv0yo6ze47ocx77vko0xn5eb6sd9gof.46-1xcdeam.na40.case.salesforce.com --a0b2fb50983c16186bc18823c3e7cdd80c8c78 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, I am writing to address a unexpected withdrawal that I've noticed on my c= redit card, which appears to be linked to a transaction on your website. This occurrence has caused me unease, especially since I do not recall ev= er using services on your service. I've already begun the investigation p= rocess with my financial institution. It would be of great help if you co= uld provide any details you have about this withdrawal, including specifi= cs like the transaction number. I have gathered considerable documentation, such as bank statements, to b= ack up my claim. Looking forward to your prompt response on this matter. --a0b2fb50983c16186bc18823c3e7cdd80c8c78 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable <html> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8"> </head> <body bgColor=3D"#ffffff"><font size=3D2 face=3DArial> <div><br>Hello,</div> <div>&nbsp;</div> <div>I am writing to address a unexpected withdrawal that I've noticed on= my credit card, which appears to be linked to a transaction on your webs= ite.</div> <div>&nbsp;</div> <div>This occurrence has caused me unease, especially since I do not reca= ll ever using services on your service. I've already begun the investigat= ion process with my financial institution. It would be of great help if y= ou could provide any details you have about this withdrawal, including sp= ecifics like the transaction number.</div> <div>&nbsp;</div> <div>I have gathered considerable documentation, such as bank statements,= to back up my claim.</div> <div>&nbsp;</div> <div>Looking forward to your prompt response on this matter.<br></font></= div> <div align=3Dleft><font size=3D2 face=3DArial></font></div></body></html> --a0b2fb50983c16186bc18823c3e7cdd80c8c78--