Google
Edit File: 1772258730.M205032P1484927.server-619288.prediksijaya.com,S=4806,W=4894
Return-Path: <JohnBlue@hola.com> Delivered-To: angker+spam@server-619288.prediksijaya.com Received: from server-619288.prediksijaya.com by server-619288.prediksijaya.com with LMTP id bx2KCqqFoml/qBYAf7/9AQ (envelope-from <JohnBlue@hola.com>) for <angker+spam@server-619288.prediksijaya.com>; Sat, 28 Feb 2026 13:05:30 +0700 Return-path: <JohnBlue@hola.com> Envelope-to: vavadainua@ponjosonek.com Delivery-date: Sat, 28 Feb 2026 13:05:30 +0700 Received: from 2.133.197.88.dynamic.telecom.kz ([2.133.197.88]:62678) by server-619288.prediksijaya.com with esmtp (Exim 4.99.1) (envelope-from <JohnBlue@hola.com>) id 1vwDSB-00000006EES-1haz for vavadainua@ponjosonek.com; Sat, 28 Feb 2026 13:05:30 +0700 Received: from yphdifz ([38.127.25.53]) by 85005.com with MailEnable ESMTP; Sat, 28 Feb 2026 12:05:32 +0600 Received: (qmail 15717 invoked by uid 157); 28 Feb 2026 12:05:30 +0600 From: John Blue <JohnBlue@hola.com> To: vavadainua@ponjosonek.com Date: Sat, 28 Feb 2026 12:05:32 +0600 Message-ID: <157176.157176@85005.com> Mime-Version: 1.0 Content-type: text/plain; X-Spam-Status: Yes, score=25.1 X-Spam-Score: 251 X-Spam-Bar: +++++++++++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "server-619288.prediksijaya.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Hello, Your computer was hacked, and I am aware of your password: 6#oPhad45oI During routine monitoring, illegal files and activity have been detected on your computer. Content analysis details: (25.1 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.1 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [2.133.197.88 listed in sa-trusted.bondedsender.org] 0.7 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [2.133.197.88 listed in sa-accredit.habeas.com] 0.4 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [2.133.197.88 listed in bl.score.senderscore.com] 1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 1.5 KAM_DMARC_QUARANTINE DKIM has Failed or SPF has failed on the message and the domain has a DMARC quarantine policy 2.9 HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname (Split IP) 0.0 TVD_RCVD_IP Message was received from an IP address 8.0 BTC_HASHBL_BLACK Message contains BTC address found on BTC blocklist [1acblbbnmehcjcduurdgvhfc4gsdjbikyc] 4.7 GB_HASHBL_BTC Message contains BTC address found on BTCBL [1acblbbnmehcjcduurdgvhfc4gsdjbikyc] 2.6 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS 0.0 PDS_RDNS_DYNAMIC_FP RDNS_DYNAMIC with FP steps 0.9 TO_NO_BRKTS_DYNIP To: lacks brackets and dynamic rDNS 0.9 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin X-Spam-Flag: YES Subject: Your computer was hacked! Hello, Your computer was hacked, and I am aware of your password: 6#oPhad45oI During routine monitoring, illegal files and activity have been detected on your computer. These files violate applicable laws and regulations. To resolve this matter discreetly, you are required to make a payment of $2400 in Bitcoins to the following wallet address: 1ACbLBbnmehCJCdUUrdGvHFC4gsDJbiKYc Please note that this is how the wallet looks; copy the address exactly as shown, as it is case-sensitive. Failure to comply within 48 hours will result in all identified information, including evidence of the illegal activity, being forwarded to the appropriate law enforcement authorities for further investigation and action.