Email scam asking for money, spoofed email from address. IP from mail headers has a default page on http:80 so Im guessing they used an unprotected server of a 3rd party to send the email.
mail headers:_x000D_
Received: from vps75075.whmpanels.com.bv01 (93.115.53.177)_x000D_
Received: from vps75075.whmpanels.com.bv01 (localhost [127.0.0.1])_x000D_
by vps75075.whmpanels.com.bv01 (8.15.2/8.15.2/Debian-10)