MOON
Server: Apache
System: Linux kvm.asjudinet.com 5.14.0-611.54.6.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Fri May 15 04:23:18 EDT 2026 x86_64
User: asjudine (1001)
PHP: 8.0.30
Disabled: exec,passthru,shell_exec,system
Upload Files
File: /home/asjudine/mail/.spam/new/1695551504.H33578P16847.server.asjudinet.com,S=6820
Return-path: <asjudine@server.asjudinet.com>
Envelope-to: asjudine@server.asjudinet.com
Delivery-date: Sun, 24 Sep 2023 05:31:44 -0500
Received: from [41.106.174.32] (port=32742)
	by server.asjudinet.com with esmtp (Exim 4.87)
	(envelope-from <asjudine@server.asjudinet.com>)
	id 1qkMOm-0004K0-15
	for asjudine@server.asjudinet.com; Sun, 24 Sep 2023 05:31:43 -0500
Message-ID: <5D784080AE65B86E4B73B39D568B5D78@259TXDW>
From: <asjudine@server.asjudinet.com>
To: <asjudine@server.asjudinet.com>
Date: 24 Sep 2023 12:13:53 +0100
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_004C_01D9EEDA.011F9F33"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-Spam-Status: Yes, score=11.7
X-Spam-Score: 117
X-Spam-Bar: +++++++++++
X-Spam-Report: Spam detection software, running on the system "server.asjudinet.com",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 
 Content preview:  Hi. I have very bad news for you. Unfortunately, your private
    data was compromised. Your password was compromised through a legitimate
   website, and that led to events that I will explain to you now. Using your
    password, our team gained access to your email. We analyzed all data and
   after going through found a vector for an attack. That attack was a success.
    The result was that your machine was infected with a virus/backdoor. Our
   team uses individual approach to every victim, our success rate is very high.
    [...] 
 
 Content analysis details:   (11.7 points, 5.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.8 BAYES_50               BODY: Bayes spam probability is 40 to 60%
                             [score: 0.5000]
  2.7 RCVD_IN_PSBL           RBL: Received via a relay in PSBL
                             [41.106.174.32 listed in psbl.surriel.com]
 -5.0 RCVD_IN_DNSWL_HI       RBL: Sender listed at https://www.dnswl.org/, high
                             trust
                             [41.106.174.32 listed in list.dnswl.org]
  0.0 HTML_MESSAGE           BODY: HTML included in message
  0.0 HDR_ORDER_FTSDMCXX_NORDNS Header order similar to spam
                             (FTSDMCXX/boundary variant) + no rDNS
  1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
                             anti-forgery methods
  1.0 KAM_HTMLNOISE          Spam containing useless HTML padding
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  0.0 BITCOIN_VISTA          Bitcoin + old MSFT msgid format
  0.0 PDS_BTC_MSGID          Bitcoin ID with T_MSGID_NOFQDN2
  4.2 BITCOIN_EXTORT_01      Extortion spam, pay via BitCoin
  0.5 BITCOIN_XPRIO          Bitcoin + priority
  0.0 PDS_BTC_ID             FP reduced Bitcoin ID
  0.0 MIMEOLE_DIRECT_TO_MX   MIMEOLE + direct-to-MX
  0.0 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
                             (FTSDMCXX/boundary variant) + direct-to-MX
  0.0 BITCOIN_TOEQFM         Bitcoin + To same as From
  2.0 TO_EQ_FM_DIRECT_MX     To == From and direct-to-MX
  0.0 BITCOIN_SPAM_07        BitCoin spam pattern 07
  2.5 DOS_OE_TO_MX           Delivered direct to MX with OE headers
  0.0 XPRIO                  Has X-Priority header
X-Spam-Flag: YES
Subject:    =?UTF-8?B?Q2FyZWZ1bCwgaXQncyBpbXBvcnRhbnQ=?=

This is a multi-part message in MIME format.

------=_NextPart_000_004C_01D9EEDA.011F9F33
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi.
I have very bad news for you. Unfortunately, your private data was =
compromised.

Your password was compromised through a legitimate website, and that led =
to events that I will explain to you now.
Using your password, our team gained access to your email. We analyzed =
all data and after going through found a vector for an attack.
That attack was a success. The result was that your machine was infected =
with a virus/backdoor. Our team uses individual approach to every =
victim, our success rate is very high.

We have gained access to the data, but the most interesting part that we =
are able to control your webcam and microphone.=20

And you are correct. We have a nice archive with exploding video =
content.
It's all good, but we are here to make money. So if you don't want those =
videos to be leaked, please follow the instructions.

You pay $750 USD, and there will be nothing to worry about. No chats, no =
photos, nothing. Every single file will be deleted and virus removed =
from your machine

Use Bitcoin to make the transfer. Wallet address is =
1J7RYCYp8D7zYoAAR4HQDXujaRU6D9tDbf , it's unique and we will know that =
you made the payment immediately.
You have 2 days to make the transfer, that's reasonable.
Take care.

------=_NextPart_000_004C_01D9EEDA.011F9F33
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.5512" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
Hi.<br>
I have very bad news for you. Unfortunately, your private data was =
compromised.<br><br>
Your password was compromised through a legitimate website, and that led =
to events that I will explain to you now.<br>
Using your password, our team gained access to your email. We analyzed =
all data and after going through found a vector for an attack.<br>
That attack was a success. The result was that your machine was infected =
with a virus/backdoor. Our team uses individual approach to every =
victim, our success rate is very high.<br><br>
We have gained access to the data, but the most interesting part that we =
are able to control your webcam and microphone. <br><br>
And you are correct. We have a nice archive with exploding video =
content.<br>
It's all good, but we are here to make money. So if you don't want those =
videos to be leaked, please follow the instructions.<br><br>
You pay $750 USD, and there will be nothing to worry about. No chats, no =
photos, nothing. Every single file will be deleted and virus removed =
from your machine<br><br>
Use Bitcoin to make the transfer. Wallet address is =
1J7RYCYp8D7zYoAAR4HQDXujaRU6D9tDbf , it's unique and we will know that =
you made the payment immediately.<br>
You have 2 days to make the transfer, that's reasonable.<br>
Take care.<br></BODY></HTML>
------=_NextPart_000_004C_01D9EEDA.011F9F33--