OwlCyberSecurity - MANAGER

Edit File: 1667325711.M366426P1284391.premium69.web-hosting.com,S=9408,W=9615:2,

Return-Path: <r.darzimanov@mailcorp.info> Delivered-To: contact@homeimportance.com Received: from premium69.web-hosting.com by premium69.web-hosting.com with LMTP id UFwlFQ9fYWMnmRMAQpcCZw (envelope-from <r.darzimanov@mailcorp.info>) for <contact@homeimportance.com>; Tue, 01 Nov 2022 14:01:51 -0400 Return-path: <r.darzimanov@mailcorp.info> Envelope-to: contact@homeimportance.com Delivery-date: Tue, 01 Nov 2022 14:01:51 -0400 Received: from mail.mailcorp.info ([94.79.55.230]:57532) by premium69.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <r.darzimanov@mailcorp.info>) id 1opva5-006Igt-Nc for contact@homeimportance.com; Tue, 01 Nov 2022 14:01:51 -0400 Received: from purpose-driven-entrepreneurship.com (216.24.216.251) by mailbox.wayko.local (192.168.66.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.529.5; Tue, 1 Nov 2022 21:01:03 +0300 Message-ID: <af6c55fe0acee4efc8a2eb40b4616b604085b405@mailcorp.info> Reply-To: "r.darzimanov@mailcorp.info" <r.darzimanov@mailcorp.info> From: "r.darzimanov@mailcorp.info" <r.darzimanov@mailcorp.info> To: <contact@homeimportance.com> Subject: Your Databases Has Been Extracted Date: Tue, 1 Nov 2022 11:01:02 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0a357cd723e7cdc2218bc2698c68424a426764" Disposition-Notification-To: <r.darzimanov@mailcorp.info> X-Originating-IP: [216.24.216.251] X-ClientProxiedBy: mailbox.wayko.local (192.168.66.111) To mailbox.wayko.local (192.168.66.111) X-Spam-Status: No, score=3.4 X-Spam-Score: 34 X-Spam-Bar: +++ X-Ham-Report: Spam detection software, running on the system "premium69.web-hosting.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Your Databases Has Been HackedY0ur Site Has Been Hacked PLEASE FoRWARD THIS EMAIL To S0MEoNE IN YoUR C0MPANY WH0 iS ALL0WED T0 MAKE IMPORTANT DECISI0NS! We have hacked your website https://www.homeimportance.com and extracted your databases. Content analysis details: (3.4 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: homeimportance.com] -0.0 SPF_PASS SPF: sender matches SPF record 0.1 TRACKER_ID BODY: Incorporates a tracking ID number 0.0 HTML_MESSAGE BODY: HTML included in message 0.8 KAM_INFOUSMEBIZ Prevalent use of .info|.us|.me|.me.uk|.biz|xyz|id|rocks|life domains in spam/malware 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.5 PDS_BTC_ID FP reduced Bitcoin ID 1.0 GB_BITCOIN_CP Localized Bitcoin scam 1.0 BITCOIN_DEADLINE BitCoin with a deadline X-Spam-Flag: NO --0a357cd723e7cdc2218bc2698c68424a426764 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Your Databases Has Been HackedY0ur Site Has Been Hacked PLEASE FoRWARD THIS EMAIL To S0MEoNE IN YoUR C0MPANY WH0 iS ALL0WED T0 MA= KE IMPORTANT DECISI0NS! We have hacked your website https://www.homeimportance.com and extracted = your databases. How did this happen? our team has found a vulnerability within your site that we were able to = exploit. After finding the vulnerability we were able to get your databas= e credentials and extract your entire database and m0ve the informati0n t= o an 0ffshore server. What does this mean? We will systematically g0 thr0ugh a series 0f steps 0f totally damaging y= our reputation. First your database will be leaked or sold to the highest= bidder which they will use with whatever their intentions are. Next if t= here are e-mails f0und they will be e-mailed that their information has b= een s0ld or leaked and y0ur site https://www.homeimportance.com was at fa= ult thusly damaging your reputation and having angry cust0mers/ass0ciates= with whatever angry customers/associates do. Lastly any links that y0u h= ave indexed in the search engines will be de-indexed based 0ff 0f blackha= t techniques that we used in the past to de-index 0ur targets. How do i stop this? We are willing t0 refrain fr0m destr0ying y0ur site=E2=80=99s reputation = for a small fee. The current fee is $3000 in bitcoins (0.15 BTC). Please send the bitcoin to the f0llowing Bitcoin address (Copy and paste = as it is case sensitive): 32USBLsEGNBvyo4hWTT1Wq2m6ZQK6uD9aF =C2=A0once you have paid we will aut0matically get inf0rmed that it was y= 0ur payment. Please note that you have to make payment within 3 days afte= r opening this e-mail 0r the database leak, e-mails dispatched, and de-in= dex of your site WiLL start! How do i get Bitcoins? You can easily buy bitcoins via several websites or even 0ffline from a B= itcoin-ATM. What if i don=E2=80=99t pay? if you decide not t0 pay, we will start the attack at the indicated date = and uph0ld it until you d0, there=E2=80=99s no counter measure t0 this, y= ou will only end up wasting m0re money trying to find a s0luti0n. We will= c0mpletely destr0y your reputati0n am0ngst go0gle and y0ur customers. This is not a h0ax, d0 not reply to this email, don=E2=80=99t try to reas= 0n 0r neg0tiate, we will n0t read any replies. once you have paid we will= st0p what we were d0ing and y0u will never hear fr0m us again! Please n0te that Bitcoin is an0nymous and no 0ne will find 0ut that you h= ave complied. Finally don't reply as this email is unm0nit0red. --0a357cd723e7cdc2218bc2698c68424a426764 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable <html> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8"> </head> <body bgColor=3D"#ffffff"> <div>Your Databases Has Been HackedY0ur Site Has Been Hacked</div> <div>&nbsp;</div> <div>PLEASE FoRWARD THIS EMAIL To S0MEoNE IN YoUR C0MPANY WH0 iS ALL0WED = T0 MAKE IMPORTANT DECISI0NS!</div> <div>&nbsp;</div> <div>We have hacked your website https://www.homeimportance.com and extra= cted your databases.</div> <div>&nbsp;</div> <div>How did this happen?</div> <div>&nbsp;</div> <div>our team has found a vulnerability within your site that we were abl= e to exploit. After finding the vulnerability we were able to get your da= tabase credentials and extract your entire database and m0ve the informat= i0n to an 0ffshore server.</div> <div>&nbsp;</div> <div>What does this mean?</div> <div>&nbsp;</div> <div>We will systematically g0 thr0ugh a series 0f steps 0f totally damag= ing your reputation. First your database will be leaked or sold to the hi= ghest bidder which they will use with whatever their intentions are. Next= if there are e-mails f0und they will be e-mailed that their information = has been s0ld or leaked and y0ur site https://www.homeimportance.com was = at fault thusly damaging your reputation and having angry cust0mers/ass0c= iates with whatever angry customers/associates do. Lastly any links that = y0u have indexed in the search engines will be de-indexed based 0ff 0f bl= ackhat techniques that we used in the past to de-index 0ur targets.</div> <div>&nbsp;</div> <div>How do i stop this?</div> <div>&nbsp;</div> <div>We are willing t0 refrain fr0m destr0ying y0ur site=E2=80=99s reputa= tion for a small fee. The current fee is $3000 in bitcoins (0.15 BTC).</d= iv> <div>&nbsp;</div> <div>Please send the bitcoin to the f0llowing Bitcoin address (Copy and p= aste as it is case sensitive): </div> <div>&nbsp;</div> <div>32USBLsEGNBvyo4hWTT1Wq2m6ZQK6uD9aF</div> <div>&nbsp;</div> <div>&nbsp;once you have paid we will aut0matically get inf0rmed that it = was y0ur payment. Please note that you have to make payment within 3 days= after opening this e-mail 0r the database leak, e-mails dispatched, and = de-index of your site WiLL start!</div> <div>&nbsp;</div> <div>How do i get Bitcoins?</div> <div>&nbsp;</div> <div>You can easily buy bitcoins via several websites or even 0ffline fro= m a Bitcoin-ATM. </div> <div>&nbsp;</div> <div>What if i don=E2=80=99t pay?</div> <div>&nbsp;</div> <div>if you decide not t0 pay, we will start the attack at the indicated = date and uph0ld it until you d0, there=E2=80=99s no counter measure t0 th= is, you will only end up wasting m0re money trying to find a s0luti0n. We= will c0mpletely destr0y your reputati0n am0ngst go0gle and y0ur customer= s.</div> <div>&nbsp;</div> <div>This is not a h0ax, d0 not reply to this email, don=E2=80=99t try to= reas0n 0r neg0tiate, we will n0t read any replies. once you have paid we= will st0p what we were d0ing and y0u will never hear fr0m us again!</div= > <div>&nbsp;</div> <div>Please n0te that Bitcoin is an0nymous and no 0ne will find 0ut that = you have complied. Finally don't reply as this email is unm0nit0red.</div= ></body></html> --0a357cd723e7cdc2218bc2698c68424a426764--