Return-Path: <>
Delivered-To: saktitech@pr1-cpanel.8.8.8.8
Received: from pr1-cpanel.8.8.8.8
	by pr1-cpanel.8.8.8.8 with LMTP
	id oF9iJVJQF2XF7AYAQbMf3w
	(envelope-from <>)
	for <saktitech@pr1-cpanel.8.8.8.8>; Sat, 30 Sep 2023 05:31:46 +0700
Return-path: <>
Envelope-to: ksu-nuari@koperindo.com
Delivery-date: Sat, 30 Sep 2023 05:31:46 +0700
Received: from mailnull by pr1-cpanel.8.8.8.8 with local (Exim 4.96)
	id 1qlz2K-000wdN-1i
	for ksu-nuari@koperindo.com;
	Fri, 29 Sep 2023 04:59:08 +0700
X-Failed-Recipients: saktitech@pr1-cpanel.8.8.8.8
Auto-Submitted: auto-replied
From: Mail Delivery System <Mailer-Daemon@pr1-cpanel.8.8.8.8>
To: ksu-nuari@koperindo.com
References: <691676009.202309281458@koperindo.com>
Content-Type: multipart/report; report-type=delivery-status; boundary=1695938348-eximdsn-1567430663
MIME-Version: 1.0
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1qlz2K-000wdN-1i@pr1-cpanel.8.8.8.8>
Date: Fri, 29 Sep 2023 04:59:08 +0700

--1695938348-eximdsn-1567430663
Content-type: text/plain; charset=us-ascii

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  saktitech@pr1-cpanel.8.8.8.8
    (generated from ksu-nuari@koperindo.com)
    The mail server could not deliver mail to saktitech@pr1-cpanel.8.8.8.8.  The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.

--1695938348-eximdsn-1567430663
Content-type: message/delivery-status

Reporting-MTA: dns; pr1-cpanel.8.8.8.8

Action: failed
Final-Recipient: rfc822;ksu-nuari@koperindo.com
Status: 5.0.0

--1695938348-eximdsn-1567430663
Content-type: message/rfc822

Return-path: <ksu-nuari@koperindo.com>
Received: from [186.189.95.229] (port=17134)
	by pangrango-cpanel with esmtp (Exim 4.96)
	(envelope-from <ksu-nuari@koperindo.com>)
	id 1qlz2F-000wd3-24
	for ksu-nuari@koperindo.com;
	Fri, 29 Sep 2023 04:59:08 +0700
Date: 28 Sep 2023 14:34:19 -0400
From: <ksu-nuari@koperindo.com>
X-Priority: 3
Message-ID: <691676009.202309281458@koperindo.com>
To: <ksu-nuari@koperindo.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----------762C6F5DFF351EC"
X-Spam-Status: Yes, score=13.3
X-Spam-Score: 133
X-Spam-Bar: +++++++++++++
X-Spam-Report: Spam detection software, running on the system "pangrango-cpanel",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Hi. I have very bad news for you. Unfortunately, your private
    data was compromised. Your password was compromised through a legitimate
   website, and that led to events that I will explain to you now. Using your
    password, our team gained access to your email. We analyzed all data and
   a [...] 
 Content analysis details:   (13.3 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query
                              to zen.spamhaus.org was blocked due to
                             usage of an open resolver. See
                             https://www.spamhaus.org/returnc/pub/
                             [186.189.95.229 listed in zen.spamhaus.org]
  1.5 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
  1.1 DATE_IN_PAST_03_06     Date: is 3 to 6 hours before Received: date
  0.0 HTML_MESSAGE           BODY: HTML included in message
  2.0 PYZOR_CHECK            Listed in Pyzor
                             (https://pyzor.readthedocs.io/en/latest/)
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  0.5 BITCOIN_XPRIO          Bitcoin + priority
  4.2 BITCOIN_EXTORT_01      Extortion spam, pay via BitCoin
  0.0 FSL_BULK_SIG           Bulk signature with no Unsubscribe
  0.0 PDS_BTC_ID             FP reduced Bitcoin ID
  2.0 TO_EQ_FM_DIRECT_MX     To == From and direct-to-MX
  0.0 BITCOIN_TOEQFM         Bitcoin + To same as From
  0.0 BITCOIN_SPAM_07        BitCoin spam pattern 07
X-Spam-Flag: YES
Subject:  ***SPAM***  =?UTF-8?B?Q2FyZWZ1bCwgaXQncyBpbXBvcnRhbnQ=?=

------------762C6F5DFF351EC
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi.
I have very bad news for you. Unfortunately, your private data was =
compromised.

Your password was compromised through a legitimate website, and that led =
to events that I will explain to you now.
Using your password, our team gained access to your email. We analyzed =
all data and after going through found a vector for an attack.
That attack was a success. The result was that your machine was infected =
with a virus/backdoor. Our team uses individual approach to every =
victim, our success rate is very high.

We have gained access to the data, but the most interesting part that we =
are able to control your webcam and microphone.=20

And you are correct. We have a nice archive with exploding video =
content.
It's all good, but we are here to make money. So if you don't want those =
videos to be leaked, please follow the instructions.

You pay $750 USD, and there will be nothing to worry about. No chats, no =
photos, nothing. Every single file will be deleted and virus removed =
from your machine

Use Bitcoin to make the transfer. Wallet address is =
1J7RYCYp8D7zYoAAR4HQDXujaRU6D9tDbf , it's unique and we will know that =
you made the payment immediately.
You have 2 days to make the transfer, that's reasonable.
Take care.

------------762C6F5DFF351EC
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html><head><title>=3D?UTF-8?B?Q2FyZWZ1bCwgaXQncyBpbXBvcnRhbnQ=3D?=3D</ti=
tle>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
</head>
<body>
Hi.<br>
I have very bad news for you. Unfortunately, your private data was =
compromised.<br><br>
Your password was compromised through a legitimate website, and that led =
to events that I will explain to you now.<br>
Using your password, our team gained access to your email. We analyzed =
all data and after going through found a vector for an attack.<br>
That attack was a success. The result was that your machine was infected =
with a virus/backdoor. Our team uses individual approach to every =
victim, our success rate is very high.<br><br>
We have gained access to the data, but the most interesting part that we =
are able to control your webcam and microphone. <br><br>
And you are correct. We have a nice archive with exploding video =
content.<br>
It's all good, but we are here to make money. So if you don't want those =
videos to be leaked, please follow the instructions.<br><br>
You pay $750 USD, and there will be nothing to worry about. No chats, no =
photos, nothing. Every single file will be deleted and virus removed =
from your machine<br><br>
Use Bitcoin to make the transfer. Wallet address is =
1J7RYCYp8D7zYoAAR4HQDXujaRU6D9tDbf , it's unique and we will know that =
you made the payment immediately.<br>
You have 2 days to make the transfer, that's reasonable.<br>
Take care.<br></body>
------------762C6F5DFF351EC--



--1695938348-eximdsn-1567430663--