/home/arranoyd/mail/.spam/cur/1687792157.M634144P44630.nl53.altushost.com,S=11090,W=11320:2,
Return-Path: <darko.orelj@jagma.hr>
Delivered-To: arranoyd+spam@nl53.altushost.com
Received: from nl53.altushost.com
	by nl53.altushost.com with LMTP
	id kKGPJR2qmWRWrgAAmQ2V0w
	(envelope-from <darko.orelj@jagma.hr>)
	for <arranoyd+spam@nl53.altushost.com>; Mon, 26 Jun 2023 17:09:17 +0200
Return-path: <darko.orelj@jagma.hr>
Envelope-to: darko.orelj@jagma.hr
Delivery-date: Mon, 26 Jun 2023 17:09:17 +0200
Received: from [176.230.200.185] (port=48832 helo=176-230-200-185.orange.net.il)
	by nl53.altushost.com with esmtp (Exim 4.96)
	(envelope-from <darko.orelj@jagma.hr>)
	id 1qDnq8-000Bq4-1Q
	for darko.orelj@jagma.hr;
	Mon, 26 Jun 2023 17:09:17 +0200
From: <darko.orelj@jagma.hr>
To: <darko.orelj@jagma.hr>
Date: 26 Jun 2023 20:03:35 +0200
Message-ID: <002201d9a859$0529dfcf$4a54b587$@jagma.hr>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_001F_01D9A859.05268038"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Acx9lm6qbp7idy9sx9lm6qbp7idy9s==
Content-Language: en
x-cr-hashedpuzzle: 2D4= lm6q bp7i dy9s x9lm 6qbp 7idy 9sx9 lm6q bp7i dy9s x9lm 6qbp 7idy 9sx9 lm6q;1;bp7idy9sx9lm6qbp7idy9sx9lm6qbp7idy9sx9lm6qbp7idy;Sosha1_v1;7;\{32554E76-4E29-6D76-110A-320A6D293255\};ZQB3AGUAZglm6qbp7idy9sx9lm6qbp7idy9sx9lm6qbp7idy;26 Jun 2023 20:03:35 +0200;o6snfr29v885ryo6
x-cr-puzzleid: \{32554E76-4E29-6D76-110A-320A6D293255\}
X-Spam-Status: Yes, score=21.3
X-Spam-Score: 213
X-Spam-Bar: +++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "nl53.altushost.com",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Pozdrav,ja sam haker i uspje&#353;no sam dobio pristup va&#353;em
    operativnom sustavu.Tako&#273;er imam potpuni pristup va&#353;em ra&#269;unu.Gledam
    vas ve&#263; nekoliko mjeseci.&#268;injenica je da [...] 
 Content analysis details:   (21.3 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was
                             blocked.  See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URIs: ajem.to]
  1.3 RCVD_IN_VALIDITY_RPBL  RBL: Relay in Validity RPBL,
                             https://senderscore.org/blocklistlookup/
                           [176.230.200.185 listed in bl.score.senderscore.com]
  4.0 SPF_FAIL               SPF: sender does not match SPF record (fail)
 [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=darko.orelj%40jagma.hr;ip=176.230.200.185;r=nl53.altushost.com]
  0.0 HTML_EXTRA_CLOSE       BODY: HTML contains far too many close tags
  0.0 HTML_MESSAGE           BODY: HTML included in message
  3.5 BITCOIN_MALF_HTML      Bitcoin + malformed HTML
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  3.9 HELO_DYNAMIC_IPADDR2   Relay HELO'd using suspicious hostname (IP
                             addr 2)
  1.5 KAM_DMARC_QUARANTINE   DKIM has Failed or SPF has failed on the
                             message and the domain has a DMARC
                             quarantine policy
 -0.0 T_SCC_BODY_TEXT_LINE   No description available.
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  0.0 RATWARE_NO_RDNS        Suspicious MsgID and MIME boundary + no rDNS
  0.0 PDS_BTC_ID             FP reduced Bitcoin ID
  0.7 TO_EQ_FM_DIRECT_MX     To == From and direct-to-MX
  3.0 BITCOIN_SPAM_07        BitCoin spam pattern 07
  1.4 DOS_OUTLOOK_TO_MX      Delivered direct to MX with Outlook headers
  0.0 TO_EQ_FM_SPF_FAIL      To == From and external SPF failed
  0.0 TO_EQ_FM_DOM_SPF_FAIL  To domain == From domain and external SPF
                             failed
  0.0 NO_FM_NAME_IP_HOSTN    No From name + hostname using IP address
X-Spam-Flag: YES
Subject:  ***SPAM***  =?utf-8?B?VmHFoSByYcSNdW4gamUgaGFraXJhbi4gVmHFoWkgc3UgcG9kYWNpIHVrcmFkZW5pLiBTYXpuYWp0ZSBr?= =?utf-8?B?YWtvIHZyYXRpdGkgcHJpc3R1cC4=?=
X-From-Rewrite: unmodified, forwarded message

This is a multi-part message in MIME format.

------=_NextPart_000_001F_01D9A859.05268038
Content-Type: text/plain;
	charset="windows-1250"
Content-Transfer-Encoding: quoted-printable

Pozdrav,ja sam haker i uspje&#353;no sam dobio pristup va&#353;em =
operativnom sustavu.Tako&#273;er imam potpuni pristup va&#353;em =
ra&#269;unu.Gledam vas ve&#263; nekoliko mjeseci.&#268;injenica je da je =
va&#353;e ra&#269;unalo zara&#382;eno zlonamjernim softverom preko =
stranice za odrasle koju ste posjetili.Ako vam to nije poznato, objasnit =
&#263;u.Trojanski virus daje mi potpuni pristup ra&#269;unalu i kontrolu =
nad njim ili drugim ure&#273;ajem.To zna&#269;i da mogu vidjeti sve na =
va&#353;em zaslonu, uklju&#269;iti kameru i mikrofon, ali vi za to ne =
znate.Tako&#273;er imam pristup svim va&#353;im kontaktima i svoj =
va&#353;oj korespondenciji.Za&#353;to va&#353; antivirus nije otkrio =
zlonamjerni softver?Odgovor: Zlonamjerni softver koji sam upotrijebio =
temelji se na upravlja&#269;kom programu, a&#382;uriram njegove potpise =
svaka 4 sata. Stoga va&#353; antivirusni program ne mo&#382;e otkriti =
njegovu prisutnost.Napravio sam videozapis koji prikazuje kako se =
zadovoljavate u lijevoj polovici zaslona, a desna polovica prikazuje =
videozapis koji ste u tom trenutku gledali.Jednim klikom mi&#353;a mogu =
poslati taj videozapis na sve va&#353;e adrese e-po&#353;te i kontakte =
na va&#353;im dru&#353;tvenim mre&#382;ama.Tako&#273;er mogu objaviti =
svu va&#353;u korespondenciju putem e-po&#353;te i povijest razgovora na =
aplikacijama za razmjenu poruka kojima se koristite.Ako ne &#382;elite =
da se to dogodi, prebacite 1250&#8364; u ekvivalentu Bitcoina na moju =
adresu za Bitcoin (ako ne znate kako to u&#269;initi, samo =
pretra&#382;ite &#8222;kupi bitcoin&#8220; na Googleu).Moja adresa za =
Bitcoin (BTC nov&#269;anik) =
glasi:12rDSbjXgEKuYMtiXKwHQUpf4jkm2vjvtgNakon potvrde uplate, odmah =
&#263;u izbrisati videozapis i to je to. Nikad vam se vi&#353;e =
ne&#263;u obratiti.Dat &#263;u vam 50 sati (vi&#353;e od 2 dana) za =
pla&#263;anje. Dobit &#263;u obavijest kad otvorite ovu e-poruku i =
pokrenut &#263;e se mjera&#269; vremena.Podno&#353;enje pritu&#382;be =
negdje nema smisla jer se ova e-po&#353;ta ne mo&#382;e pratiti, kao ni =
moja adresa za Bitcoin.Nikad ne grije&#353;im.Ako ustanovim da ste =
podijelili ovu poruku s nekim drugim, videozapis &#263;e odmah biti =
distribuiran.Lijep pozdrav!
------=_NextPart_000_001F_01D9A859.05268038
Content-Type: text/html;
	charset="windows-1250"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META =
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 12 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
=09{font-family:"Cambria Math";
=09panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
=09{font-family:Calibri;
=09panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
=09{margin:0in;
=09margin-bottom:.0001pt;
=09font-size:11.0pt;
=09font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
=09{mso-style-priority:99;
=09color:blue;
=09text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
=09{mso-style-priority:99;
=09color:purple;
=09text-decoration:underline;}
span.EmailStyle17
=09{mso-style-type:personal-compose;
=09font-family:"Calibri","sans-serif";
=09color:windowtext;}
.MsoChpDefault
=09{mso-style-type:export-only;}
@page WordSection1
=09{size:8.5in 11.0in;
=09margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
=09{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p =
class=3DMsoNormal>Pozdrav,</br>
</br>
ja sam haker i uspje&#353;no sam dobio pristup va&#353;em operativnom =
sustavu.</br>
Tako&#273;er imam potpuni pristup va&#353;em ra&#269;unu.</br>
</br>
Gledam vas ve&#263; nekoliko mjeseci.</br>
</br>
&#268;injenica je da je va&#353;e ra&#269;unalo zara&#382;eno =
zlonamjernim softverom preko stranice za odrasle koju ste =
posjetili.</br>
Ako vam to nije poznato, objasnit &#263;u.</br>
Trojanski virus daje mi potpuni pristup ra&#269;unalu i kontrolu nad =
njim ili drugim ure&#273;ajem.</br>
To zna&#269;i da mogu vidjeti sve na va&#353;em zaslonu, uklju&#269;iti =
kameru i mikrofon, ali vi za to ne znate.</br>
Tako&#273;er imam pristup svim va&#353;im kontaktima i svoj va&#353;oj =
korespondenciji.</br>
</br>
Za&#353;to va&#353; antivirus nije otkrio zlonamjerni softver?</br>
Odgovor: Zlonamjerni softver koji sam upotrijebio temelji se na =
upravlja&#269;kom programu, a&#382;uriram njegove potpise svaka 4 sata. =
</br>
Stoga va&#353; antivirusni program ne mo&#382;e otkriti njegovu =
prisutnost.</br>
Napravio sam videozapis koji prikazuje kako se zadovoljavate u lijevoj =
polovici zaslona, </br>
a desna polovica prikazuje videozapis koji ste u tom trenutku =
gledali.</br>
</br>
Jednim klikom mi&#353;a mogu poslati taj videozapis na sve va&#353;e =
adrese e-po&#353;te i kontakte na va&#353;im dru&#353;tvenim =
mre&#382;ama.</br>
Tako&#273;er mogu objaviti svu va&#353;u korespondenciju putem =
e-po&#353;te i povijest razgovora na aplikacijama za razmjenu poruka =
kojima se koristite.</br>
</br>
Ako ne &#382;elite da se to dogodi, prebacite 1250&#8364; u ekvivalentu =
Bitcoina na moju adresu za Bitcoin </br>
(ako ne znate kako to u&#269;initi, samo pretra&#382;ite &#8222;kupi =
bitcoin&#8220; na Googleu).</br>
</br>
Moja adresa za Bitcoin (BTC nov&#269;anik) =
glasi:12rDSbjXgEKuYMtiXKwHQUpf4jkm2vjvtg</br>
</br>
Nakon potvrde uplate, odmah &#263;u izbrisati videozapis i to je to. =
Nikad vam se vi&#353;e ne&#263;u obratiti.</br>
Dat &#263;u vam 50 sati (vi&#353;e od 2 dana) za pla&#263;anje. Dobit =
&#263;u obavijest kad otvorite ovu e-poruku i pokrenut &#263;e se =
mjera&#269; vremena.</br>
Podno&#353;enje pritu&#382;be negdje nema smisla jer se ova e-po&#353;ta =
ne mo&#382;e pratiti, kao ni moja adresa za Bitcoin.</br>
</br>
Nikad ne grije&#353;im.</br>
Ako ustanovim da ste podijelili ovu poruku s nekim drugim, videozapis =
&#263;e odmah biti distribuiran.</br>
</br>
Lijep pozdrav!<o:p></o:p></p></div></body></html>
------=_NextPart_000_001F_01D9A859.05268038--
Path: home/arranoyd/mail/.spam/cur