LittleDemon WebShell


Linux server.clickboxgo.com 3.10.0 #1 SMP Mon Sep 30 15:36:27 MSK 2024 x86_64
Path : /home/clickboxgo/mail/new/
File Upload :
Command :
Current File : /home/clickboxgo/mail/new/1739224980.M234870P14306.server.clickboxgo.com,S=9665,W=9887

Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from server.clickboxgo.com
	by server.clickboxgo.com with LMTP
	id EP6jDJR3qmfiNwAA2xCSNQ
	(envelope-from <[email protected]>)
	for <[email protected]>; Mon, 10 Feb 2025 17:03:00 -0500
Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Mon, 10 Feb 2025 17:03:00 -0500
Received: from [170.233.239.117] (port=59965 helo=170.233.239.117.evolutioninternet.com.br)
	by server.clickboxgo.com with esmtp (Exim 4.96.2)
	(envelope-from <[email protected]>)
	id 1thbrg-0003i8-16
	for [email protected];
	Mon, 10 Feb 2025 17:03:00 -0500
Date: Mon, 10 Feb 2025 14:40:11 -0400
From: "richie evelyn" <[email protected]>
Message-ID: <[email protected]>
To: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="----------A02E950D-85111.6931DA63E382"
X-Mailer: The Bat! (10.1.12); Enterprise Edition
X-Spam-Status: Yes, score=38.4
X-Spam-Score: 384
X-Spam-Bar: ++++++++++++++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "server.clickboxgo.com",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Good day. Your system has been hacked with a Trojan virus.
    It has penetrated your device through adult portals which you sometimes =
    visit. Some spicy videos contain malicious code that activates afte [...]
    
 Content analysis details:   (38.4 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
                             bl.spamcop.net
             [Blocked - see <https://www.spamcop.net/bl.shtml?170.233.239.117>]
  1.0 BAYES_999              BODY: Bayes spam probability is 99.9 to 100%
                             [score: 1.0000]
  5.0 BAYES_99               BODY: Bayes spam probability is 99 to 100%
                             [score: 1.0000]
  1.9 KAM_THEBAT             Abused X-Mailer Header for The Bat! MUA
  3.5 HELO_DYNAMIC_SPLIT_IP  Relay HELO'd using suspicious hostname
                             (Split IP)
  0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
                             query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                           [170.233.239.117 listed in bl.score.senderscore.com]
  0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE:
                             The query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                        [170.233.239.117 listed in sa-trusted.bondedsender.org]
  1.6 DATE_IN_PAST_03_06     Date: is 3 to 6 hours before Received: date
  0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
                             provider
                             [coniferousstopover[at]mail2alan.com]
  0.0 HTML_MESSAGE           BODY: HTML included in message
  1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
                             anti-forgery methods
  1.5 BITCOIN_SPAM_09        BitCoin spam pattern 09
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  8.5 KAM_CRIM               Extortion Email
  3.4 FORGED_MUA_THEBAT_BOUN Mail pretending to be from The Bat!
                             (boundary)
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  0.5 PDS_BTC_ID             FP reduced Bitcoin ID
  3.0 BITCOIN_DEADLINE       BitCoin with a deadline
  2.5 BITCOIN_SPAM_02        BitCoin spam pattern 02
  0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
  0.0 SPOOFED_FREEMAIL       No description available.
  1.7 BITCOIN_SPAM_05        BitCoin spam pattern 05
X-Spam-Flag: YES
Subject:  ***SPAM***  Think twice.

------------A02E950D-85111.6931DA63E382
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Good day.
Your system has been hacked with a Trojan virus.
It has penetrated your device through adult portals which you sometimes =
visit.
Some spicy videos contain malicious code that activates after being =
turned on. Your entire information has already been copied to my =
servers.
&nbsp;
&nbsp;
I possess complete control over your device which you use to access the =
Internet.
I can see your screen, I can use a microphone and a camera in a way that =
you never notice anything.&nbsp;
&nbsp;
I've already made a screen recording.
A video was edited with a pornographic movie that you were watching at =
that time and masturbating.
&nbsp;
Your face is perfectly visible and I don&rsquo;t think that this kind of =
content will have a positive impact on your reputation.
&nbsp;
I have an overall access to your list of contacts and the social media =
profiles. I can send this video from your E-mail or the messengers.
&nbsp;
&nbsp;
If you don't want to let this happen, then you only need to take one =
simple step.
&nbsp;
Just transfer 1300 USD (US dollars) to Bitcoin wallet: =
bc1qkl28a8q0y408zye9z9d4x9qhyhpmrah2l7uyah
&nbsp;
(In a Bitcoin equivalent at the exchange rate for the time of transfer)
You can find the detailed instructions in Google.
&nbsp;
After the payment I will remove the video and the virus from your device =
and no one will bother you anymore.
&nbsp;
If I won&rsquo;t receive the payment in due time, all of your data and =
the videos will become publicly available.
&nbsp;
I give you 2 days.
&nbsp;
I shall receive a notification that you have read the letter.
The timer starts immediately.
&nbsp;
Any complain somewhere, including the police, is useless. My wallet and =
an E-mail cannot be tracked.
&nbsp;
If I find out that you have shared this message with someone else, the =
video will become publicly available at once.
I will destroy your reputation forever and all your data will go public.
&nbsp;
Everyone will learn about your passion for the porn sites and more. =
Changing the passwords will be useless either as all the data is already =
on my servers.
&nbsp;
Don't forget that reputation is very important and be prudent!

------------A02E950D-85111.6931DA63E382
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html><head>            <style type=3D"text/css" title=3D"rt_noDelete">
    blockquote.rt {
    margin: 0 0 15px;
    border-left: 2px solid #D17652;
    padding: 0 0 0 25px;
    display: block;
    }
    p { margin: 0 0 0 0 }
.email-signature {font-family:"Arial"; font-size: 59pt; }
    </style></head><body>
<p>Good day.</p>
<p>Your system has been hacked with a Trojan virus.</p>
<p>It has penetrated your device through adult portals which you =
sometimes visit.</p>
<p>Some spicy videos contain malicious code that activates after being =
turned on. Your entire information has already been copied to my =
servers.</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>I possess complete control over your device which you use to access =
the Internet.</p>
<p>I can see your screen, I can use a microphone and a camera in a way =
that you never notice anything.&nbsp;</p>
<p>&nbsp;</p>
<p>I've already made a screen recording.</p>
<p>A video was edited with a pornographic movie that you were watching =
at that time and masturbating.</p>
<p>&nbsp;</p>
<p>Your face is perfectly visible and I don&rsquo;t think that this kind =
of content will have a positive impact on your reputation.</p>
<p>&nbsp;</p>
<p>I have an overall access to your list of contacts and the social =
media profiles. I can send this video from your E-mail or the =
messengers.</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>If you don't want to let this happen, then you only need to take one =
simple step.</p>
<p>&nbsp;</p>
<p>Just transfer 1300 USD (US dollars) to Bitcoin wallet: =
bc1qkl28a8q0y408zye9z9d4x9qhyhpmrah2l7uyah</p>
<p>&nbsp;</p>
<p>(In a Bitcoin equivalent at the exchange rate for the time of =
transfer)</p>
<p>You can find the detailed instructions in Google.</p>
<p>&nbsp;</p>
<p>After the payment I will remove the video and the virus from your =
device and no one will bother you anymore.</p>
<p>&nbsp;</p>
<p>If I won&rsquo;t receive the payment in due time, all of your data =
and the videos will become publicly available.</p>
<p>&nbsp;</p>
<p>I give you 2 days.</p>
<p>&nbsp;</p>
<p>I shall receive a notification that you have read the letter.</p>
<p>The timer starts immediately.</p>
<p>&nbsp;</p>
<p>Any complain somewhere, including the police, is useless. My wallet =
and an E-mail cannot be tracked.</p>
<p>&nbsp;</p>
<p>If I find out that you have shared this message with someone else, =
the video will become publicly available at once.</p>
<p>I will destroy your reputation forever and all your data will go =
public.</p>
<p>&nbsp;</p>
<p>Everyone will learn about your passion for the porn sites and more. =
Changing the passwords will be useless either as all the data is already =
on my servers.</p>
<p>&nbsp;</p>
<p>Don't forget that reputation is very important and be =
prudent!</p></body>
------------A02E950D-85111.6931DA63E382--

LittleDemon - FACEBOOK
[ KELUAR ]