| Dir : /home/ithome/mail/new/ |
| Server: Linux host100322.itwesthosting.com 3.10.0-1160.144.1.el7.tuxcare.els4.x86_64 #1 SMP Tue Apr 7 08:40:40 UTC 2026 x86_64 IP: 144.91.64.173 |
| Dir : /home/ithome/mail/new/1773870931.M926271P7623.host100322.itwesthosting.com,S=8152,W=8300 |
Return-Path: <reportmfpxqymq@ykdqrrye.cn>
Delivered-To: ithome@host100322.itwesthosting.com
Received: from host100322.itwesthosting.com
by host100322.itwesthosting.com with LMTP
id PpEVN1Mfu2nHHQAAp0YrwQ
(envelope-from <reportmfpxqymq@ykdqrrye.cn>)
for <ithome@host100322.itwesthosting.com>; Wed, 18 Mar 2026 22:55:31 +0100
Return-path: <reportmfpxqymq@ykdqrrye.cn>
Envelope-to: webmaster@geopars.com
Delivery-date: Wed, 18 Mar 2026 22:55:31 +0100
Received: from [101.47.76.180] (port=38681 helo=ykdqrrye.cn)
by host100322.itwesthosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.96.2)
(envelope-from <reportmfpxqymq@ykdqrrye.cn>)
id 1w2yrR-0001yl-1l
for webmaster@geopars.com;
Wed, 18 Mar 2026 22:55:31 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=mail; d=ykdqrrye.cn;
h=Date:From:To:Subject:Message-ID:Mime-Version:Content-Type;
i=reportmfpxqymq@ykdqrrye.cn;
bh=xc/Yj9SI+j1t8AimCkuBDOvBQ0o0HjFFcy0O9OVpvsc=;
b=lbEnembZbIq5Qlw5vNEBVM8Do7iRnNpjy0VIETWawOuHZWgs+X+q184eNVc8tsO3xSal+hPjIxnH
equQqRlQo82QSPtpXXukx7GtMD+PSHlwMLakP3oMvET+Tqei9mHHYpRsYuHQ4xp12NYxqZ9+YSfk
iC76tKGHq5ywWDygkaU=
Date: Thu, 19 Mar 2026 05:55:21 +0800
From: "Mastercard" <reportmfpxqymq@ykdqrrye.cn>
To: <webmaster@geopars.com>
Message-ID: <20260319055526477302@ykdqrrye.cn>
X-mailer: Foxmail 6, 13, 102, 15 [cn]
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="=====003_Dragon820684051140_====="
X-Spam-Status: Yes, score=16.7
X-Spam-Score: 167
X-Spam-Bar: ++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "host100322.itwesthosting.com",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: セキュリティ通知 カードセキュリティアップグレードのお知らせ
お客様のMasterカードに登録された携帯番号の本人確認が必要です。
本日中に認証� [...]
Content analysis details: (16.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: aini1.cn]
1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL
blocklist
[URIs: aini1.cn]
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
bl.spamcop.net
[Blocked - see <https://www.spamcop.net/bl.shtml?101.47.76.180>]
2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the Spamhaus
DBL blocklist
[URIs: ykdqrrye.cn]
1.0 HK_RANDOM_FROM From username looks random
0.5 FROM_LOCAL_NOVOWEL From: localpart has series of non-vowel
letters
0.0 HK_RANDOM_ENVFROM Envelope sender username looks random
3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[101.47.76.180 listed in zen.spamhaus.org]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[101.47.76.180 listed in bl.score.senderscore.com]
0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE:
The query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[101.47.76.180 listed in sa-trusted.bondedsender.org]
0.1 URIBL_SBL_A Contains URL's A record listed in the Spamhaus SBL
blocklist
[URIs: ykdqrrye.cn]
0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS
blocklist
[URIs: ykdqrrye.cn]
-0.0 SPF_PASS SPF: sender matches SPF record
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
2.0 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
2.0 MIXED_HREF_CASE Has href in mixed case
0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe
X-Spam-Flag: YES
Subject: ***SPAM*** =?utf-8?B?44CQ6YeN6KaB44CRTWFzdGVyY2FyZCDoqo3oqLzmiYvntprjgY0=?=
=?utf-8?B?5pyq5a6M5LqG44Gu44GK55+l44KJ44Gb?=
X-From-Rewrite: unmodified, forwarded message
This is a multi-part message in MIME format.
--=====003_Dragon820684051140_=====
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: base64
44K744Kt44Ol44Oq44OG44Kj6YCa55+lDQrjgqvjg7zjg4njgrvjgq3jg6Xjg6rjg4bjgqPjgqLj
g4Pjg5fjgrDjg6zjg7zjg4njga7jgYrnn6XjgonjgZsNCuOBiuWuouanmOOBrk1hc3RlcuOCq+OD
vOODieOBq+eZu+mMsuOBleOCjOOBn+aQuuW4r+eVquWPt+OBruacrOS6uueiuuiqjeOBjOW/heim
geOBp+OBmeOAgg0K5pys5pel5Lit44Gr6KqN6Ki844KS5a6M5LqG44GX44Gm44GP44Gg44GV44GE
44CCDQrmnKzkurrnorroqo3vvJrjgrvjgq3jg6Xjg6rjg4bjgqPkv53orbfjga7jgZ/jgoHjgIHj
gZTmnKzkurrnorroqo3jgYzlv4XopoHjgafjgZnjgIINCuS4i+iomOOBruODnOOCv+ODs+OCkuOC
r+ODquODg+OCr+OBl+OAgeeUu+mdouOBruaMh+ekuuOBq+W+k+OBo+OBpuaJi+e2muOBjeOCkuWu
jOS6huOBl+OBpuOBj+OBoOOBleOBhOOAgg0K56K66KqN5omL57aa44GN44KS6YCy44KB44KLDQrj
gZTkuI3mmI7jgarngrnjgYzjgZTjgZbjgYTjgb7jgZfjgZ/jgonjgIFNYXN0ZXLjgqvjgrnjgr/j
g57jg7zjgrXjg7zjg5Pjgrnjgb7jgafjgZTpgKPntaHjgY/jgaDjgZXjgYTjgIINCuacrOODoeOD
vOODq+OBr+mAgeS/oeWwgueUqOOBp+OBmeOBruOBp+OAgeebtOaOpeOBruOBlOi/lOS/oeOBr+OB
p+OBjeOBvuOBm+OCk+OAgiA=
--=====003_Dragon820684051140_=====
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: base64
PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv
L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0
Zi04IiBodHRwLWVxdWl2PUNvbnRlbnQtVHlwZT4NCjxNRVRBIG5hbWU9R0VORVJBVE9SIGNvbnRl
bnQ9Ik1TSFRNTCAxMS4wMC45NjAwLjE5MTgwIj48L0hFQUQ+DQo8Qk9EWT4NCjxQPuOCu+OCreOD
peODquODhuOCo+mAmuefpTwvUD4NCjxQPuOCq+ODvOODieOCu+OCreODpeODquODhuOCo+OCouOD
g+ODl+OCsOODrOODvOODieOBruOBiuefpeOCieOBmzwvUD4NCjxQPuOBiuWuouanmOOBrk1hc3Rl
cuOCq+ODvOODieOBq+eZu+mMsuOBleOCjOOBn+aQuuW4r+eVquWPt+OBruacrOS6uueiuuiqjeOB
jOW/heimgeOBp+OBmeOAgjxCUj7mnKzml6XkuK3jgavoqo3oqLzjgpLlrozkuobjgZfjgabjgY/j
gaDjgZXjgYTjgII8L1A+DQo8UD7mnKzkurrnorroqo3vvJrjgrvjgq3jg6Xjg6rjg4bjgqPkv53o
rbfjga7jgZ/jgoHjgIHjgZTmnKzkurrnorroqo3jgYzlv4XopoHjgafjgZnjgII8QlI+5LiL6KiY
44Gu44Oc44K/44Oz44KS44Kv44Oq44OD44Kv44GX44CB55S76Z2i44Gu5oyH56S644Gr5b6T44Gj
44Gm5omL57aa44GN44KS5a6M5LqG44GX44Gm44GP44Gg44GV44GE44CCPC9QPg0KPFA+PEEgaHJl
Zj0iaHR0cHM6Ly9iZWNvbWVhYmxlLmFpbmkxLmNuL3dhc2lkYXJlcy9iZXV0dGh5LyI+56K66KqN
5omL57aa44GN44KS6YCy44KB44KLPC9BPjwvUD4NCjxQPuOBlOS4jeaYjuOBqueCueOBjOOBlOOB
luOBhOOBvuOBl+OBn+OCieOAgU1hc3RlcuOCq+OCueOCv+ODnuODvOOCteODvOODk+OCueOBvuOB
p+OBlOmAo+e1oeOBj+OBoOOBleOBhOOAgjxCUj7mnKzjg6Hjg7zjg6vjga/pgIHkv6HlsILnlKjj
gafjgZnjga7jgafjgIHnm7TmjqXjga7jgZTov5Tkv6Hjga/jgafjgY3jgb7jgZvjgpPjgIIgDQo8
L1A+PC9CT0RZPjwvSFRNTD4NCg==
--=====003_Dragon820684051140_=====--