IDShield / LegalShield Phish from Microsoft

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 14:06:04 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxtzU-000000006af-0hrC

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 14:06:00 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 14:05:59 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-dm6nam12hn2228.outbound.protection.outlook.com ([52.100.166.228]:57184 helo=NAM12-DM6-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

id 1sxrfI-00000000LRa-2gHx

for Mailer-Daemon@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 11:37:07 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=o0b3Yjdw7VBNexjoUQg/m0/kRvsjgg5HC7ujX1LR6opq0wjsrxamkJpDxG1vEPUwVks8l8XPwb+I2WuW0pZzBTo3hySZeYQvcUUhbuDW4r5hGUQ5koVp7ODSP8uDDNLefyTrycdyh1LFPscAv9ailfbvxC/nNm5p+zeD31w+KxxB80VeQK7Yd96dz2hn143gPkSBwGW/CFV2hWVNsACqQZCYbj3kfSIruW03mkQfu1m6tQX89Kt8ggv/xRHml0q3cA8sCc2hTnX4XpYSiDr7x6CYaSg8V3KOvj9d+9ykHLMZmBTjsIRLB/Xop4PN+N8zDs6ZXBVt1zrn7Al7NILpaQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=25WIiKV8mwGQc9WM+a4oa3YNie8BgPQ7sYRusC3aS50=;

b=cLAmwpGCZ5p3r3FN0EP5y+IK9w9iSMsyl3i695UM6tmyeTLdt0VHtDvnLv0xbDfdVJXesyJ6eRso/8qLH96DW/B4jk0BKzAVuX9eRpSXNG8++T9oB/L0mcqm0gDvjWtic+CCgkUHZctSAHCNCKkxbTVJWA2Bgk2VUrkNcIKO4KQzucAMD62pJYTiyxovf7vEYqN39ve4pl45Z9uPHgQ9IRwKIwDoerS0vSnvGVMa/fPwOSUvXKXqxCgPwfjAC0sjd9iZo3JynQwxHadr3UsL/1zF+sYY36mig6rFktpWg66Mh1w7jnQXg9wZDSxLrBTiecN4f5N1v+cMw7CTp4dz2Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=pass

action=none header.from=legalshield.com; dkim=pass header.d=legalshield.com;

arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=legalshieldcorp.onmicrosoft.com;

s=selector2-legalshieldcorp-onmicrosoft-com;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=25WIiKV8mwGQc9WM+a4oa3YNie8BgPQ7sYRusC3aS50=;

b=l7aOTFmBxjY3H6M3CBqoMum3gCyBEG7lg2WW4TIwPzKulZsMPX1k1ftyoC7HdaRcE0mYQ61eWDsKWyJVklhnOwX/Az6f8P3vN0y76QGZyeNIMQKVKT1swhD5txBaqjWl+cA9ImjHDHzIhB3pRlIGmYGQcsGGb/0iImD9naa0s2U=

Received: from SA1PR16MB6436.namprd16.prod.outlook.com (2603:10b6:806:3e7::5)

by IA3PR16MB6773.namprd16.prod.outlook.com (2603:10b6:208:528::12) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8005.30; Mon, 7 Oct

2024 17:35:00 +0000

Received: from SA1PR16MB6436.namprd16.prod.outlook.com ([::1]) by

SA1PR16MB6436.namprd16.prod.outlook.com ([fe80::a390:e990:7202:9095%4]) with

Microsoft SMTP Server id 15.20.8005.029; Mon, 7 Oct 2024 17:35:00 +0000

From: noreply

To: Mail Delivery System

Subject: Automatic reply: Mail delivery failed: returning message to sender

Thread-Topic: Mail delivery failed: returning message to sender

Thread-Index: AQHbGN87cncjt47ZjECHQ+Fkb2T2vLJ7jLlo

Date: Mon, 7 Oct 2024 17:35:00 +0000

Message-ID:



References:

In-Reply-To:

X-MS-Has-Attach:

X-Auto-Response-Suppress: All

X-MS-Exchange-Inbox-Rules-Loop: noreply@legalshield.com

X-MS-TNEF-Correlator:

authentication-results: dkim=none (message not signed)

header.d=none;dmarc=none action=none header.from=legalshield.com;

x-ms-exchange-parent-message-id:

auto-submitted: auto-generated

x-ms-exchange-generated-message-source: Mailbox Rules Agent

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SA1PR16MB6436:EE_|IA3PR16MB6773:EE_

x-ms-office365-filtering-correlation-id: 0160692e-c777-492a-9476-08dce6f65e7f

x-ms-exchange-senderadcheck: 1

x-ms-exchange-antispam-relay: 0

x-microsoft-antispam:

BCL:0;ARA:13230040|50650200027|376014|1800799024|366016|1930700014|10070799003|80100003;

x-microsoft-antispam-message-info:

=?us-ascii?Q?yDEHEOlM5wm5piWmD6FpHKoRf/0zwSmvFEiyNANDb/DGe0I+NdQw4VJA8+Bl?=

=?us-ascii?Q?5n1pqos+ygW3NlAjQaVl6AnRibPwhYJjwfMM5wbasK7lrbQ87jHSFmGNrtGh?=

=?us-ascii?Q?8tMXNFtqD2PfD1LPpGuzJRun+800RYH3lkXfWTCD9p2OpnPnQUdJMf+Uujds?=

=?us-ascii?Q?gXkey8TNvgPn5wIEhYWVW9fAQperQX3bP5AZhH7lw2hJS2uuaZKSjvBEp2vv?=

=?us-ascii?Q?HGl25/3jl17tPPzwMT7rXAAgU2AJC8I2mbrayEOoyL31nydqi+Z1fGRykFFi?=

=?us-ascii?Q?Liw51YoQHuBnqLQyXzx5Ws8T3scjREqpp2H9oFraZniT/yHG0oOLFE2BbwF5?=

=?us-ascii?Q?/573sTxWhKxmwTSgRfgj96h1l9RdYB+BPJOg18slXRfDIhEZaVmroeL2x/nG?=

=?us-ascii?Q?RymKsMw/MliE+mkUcLRRRyX3h4kBu8Ldmsim6biEg2yxtXK4oaqkee2XKCI8?=

=?us-ascii?Q?UBZ54bBJCiuCvhjxW1QJUT5AlK9h+vVNZ5PZR7l2kEbLZWML3St9t1BQ7aBU?=

=?us-ascii?Q?CMjOxsWj91vqdBvI7e0jn1gfEw02nBe8i2tYK5bTdDamoxusvZnvqdHsabsJ?=

=?us-ascii?Q?Mx+o5G/Xqthe3ELtT4CoKp/A1b/HHt5/lCnWUbsT0SV3F+vtFXLHXBCBoqB6?=

=?us-ascii?Q?ciAFM4YsDsfVmprAp/PvHndtyMtByWDWQVecNwuxqXlsgpByxpB5A4ICIQix?=

=?us-ascii?Q?KCyoKdeemRkDE0SwuOgMYZU33bjyTSY6JVqtg1cQn0Wpbi0rMfDInqYFukAA?=

=?us-ascii?Q?99pDofJgugE3ixrWalhApv/C4lKho8P/d4tUrp3+bLnOKmyP0C98EB/L4xzV?=

=?us-ascii?Q?Ph536t/0oX2HkNg55VLAT9/PnwI2SSSZ5JC1ItHIxIj9p5s8CQhSqp4NJRR4?=

=?us-ascii?Q?CCz3cB8FgWhwXj9woMgYpRc+MkHzv13CTOWj8UVbq5peLtR5Yd3sTX/X/mUj?=

=?us-ascii?Q?pJO7HhqNbCR5qHrsrYmm3n9Ryu+1K5wBDkHcoLnFA2P6T2Gfiofm0ibGZQab?=

=?us-ascii?Q?C8hYNU/ObFkVX5+FRx1as5CGo0DCnMMbg62jHBYXjTgfYkvP1DtXioDXycup?=

=?us-ascii?Q?0UZF9LsaZpKgtnIVMiGXu2iSVbztZVeoPcMvwepsJgWHvIclC16uKMPB2HEn?=

=?us-ascii?Q?1l/ln4cXD8UY20TKWkIKqQqDxH+nu6YRGC84MyZ2lxa3BoQYyr0n3GUP6gcl?=

=?us-ascii?Q?3ulU33SAakcVSp9ye0cNwIzdupiRkPCSE1SN8C+I7bUUnJue145MRSeFYfB0?=

=?us-ascii?Q?Pk1VTcY3lT/nnkUkALITqe7vqDYGCw8JmNNcP9I6pA=3D=3D?=

x-forefront-antispam-report:

CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SA1PR16MB6436.namprd16.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(50650200027)(376014)(1800799024)(366016)(1930700014)(10070799003)(80100003);DIR:OUT;SFP:1501;

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

krxgMW8SjeZo8/tDweJlMxO8uqKdGaAZEXmCUvTU92wkF3rCgC07dIkXQ6wEddHvuNG11dnlvypLQs5xmGbmhnupOwYtn8AuahY/Q+DRk6+IoFM5jIDibCL8YaWj6NXhqCv3n071mez5PJR3NijWDVXvNwat7cpSR6u4mkjj1VTTBpTnShQg6+FSjYqdT1RHrCXEvxDf9P7lNOP5pcys6yAeVcV/8edHt/uCI3L5iWohNgCzsRrsUm/NLIbIkzUswYVWRGcpU9o3fW0GDzBGrVboIFYfiKh6LH1MQr01AH7GKvM149cB5X0DxANN8dAK

Content-Type: multipart/alternative;

boundary="_000_ae9ec463d9034232893c981602fddaecSA1PR16MB6436namprd16pr_"

MIME-Version: 1.0

X-OriginatorOrg: LegalShield.Com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SA1PR16MB6436.namprd16.prod.outlook.com

X-MS-Exchange-CrossTenant-Network-Message-Id: 0160692e-c777-492a-9476-08dce6f65e7f

X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Oct 2024 17:35:00.1357

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: b4edc9f8-801a-47b2-841c-0e14544448fa

X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA3PR16MB6773

X-Spam_score: 5.6

X-Spam_score_int: 56

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Thank you for contacting LegalShield. This email inbox is

not monitored. To contact us please visit https://www.legalshield.com/contact.

Thank you for contacting LegalShield. This email inbox is not monitored.

To contact us please visit https://www.legalshield.com/contact.



Content analysis details: (5.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

[52.100.166.228 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.100.166.228 listed in dnsbl.ahbl.org]

[52.100.166.228 listed in dnsbl.ahbl.org]

[52.100.166.228 listed in dnsbl.ahbl.org]

[52.100.166.228 listed in dnsbl.ahbl.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:10b6:806:3e7:0:0:0:5 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.100.166.228 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.100.166.228 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.100.166.228 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.100.166.228 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.100.166.228 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.100.166.228 listed in wl.mailspike.net]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

0.7 FORGED_SPF_HELO No description available.

Subject: {SPAM?} Automatic reply: Mail delivery failed: returning message to sender



--_000_ae9ec463d9034232893c981602fddaecSA1PR16MB6436namprd16pr_

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable



Thank you for contacting LegalShield. This email inbox is not monitored. To=

contact us please visit https://www.legalshield.com/contact.



--_000_ae9ec463d9034232893c981602fddaecSA1PR16MB6436namprd16pr_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable








>










:#000000; font-family:Calibri,Helvetica,sans-serif">


rt">
Thank you for contacting LegalShield. This email inbox is =

not monitored. To contact us please visit https://www.legalshield.com/conta=

ct.













--_000_ae9ec463d9034232893c981602fddaecSA1PR16MB6436namprd16pr_--

CAA Phish from Ukraine

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 09:39:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxpoZ-000000008eo-3OqI

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 09:38:27 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 09:38:27 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [46.175.149.14] (port=50027 helo=i15er1s6sa51as5e.it)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxoa0-00000000CsT-29Zo

for doctor@netknow.ca;

Mon, 07 Oct 2024 08:20:14 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1728310241;

s=s1; d=tutamail.com;

h=From:From:To:To:Subject:Subject:Content-Description:Content-ID:Content-Type:Content-Type:Content-Transfer-Encoding:Cc:Date:Date:In-Reply-To:MIME-Version:MIME-Version:Message-ID:Message-ID:Reply-To:References:Sender;

bh=nwQgL+cF0mG4OcMQtYnzt/gaMX7YUiPH2Kc2Uhpc0Pk=;

b=UGtEf5/eb2QSzXumGxpDX6msc+kLVN/eJVBKtKsZZEQ15eTxLqALOSK5NKL6yKxV

C4eD6C2b+w7HFZ5PF4hrK3v18HMSy0i84gALKHhraz9KhiVhymtt8Ua/Dnp9QZyzaRk

xQHRgO5JLf0Hc22SlQVdchNlEzLSIHhc+EUm7Scz3bJh5/1OIVwca54OirmQ5BsBUJ1

HUFYVMKWm0Vw4Udd01dS7Z/oFSElQd/hpexnRpsYjc4M6rd4mo7AMp2+HB/UxHhWXkv

p30aU5ainzzvv3V7ZyHP8OO3eMG8m3LX+ejTj/ZE4LWz8aNtXjDU6ZEJv0nGSAeMz8q

ZF6xJgUJlA==

Date: Mon, 7 Oct 2024 16:10:41 +0200 (CEST)

From: CAA Customer Care

To: Utgolovep

Message-ID:

Subject: Stay Safe with This Kit

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_Part_18536_1776140653.1728310241634"

X-Spam_score: 10.2

X-Spam_score_int: 102

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Be Road-Ready: The Kit You Need for Emergencies
[...]



Content analysis details: (10.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[46.175.149.14 listed in will-spam-for-food.eu.org]

[46.175.149.14 listed in will-spam-for-food.eu.org]

[46.175.149.14 listed in will-spam-for-food.eu.org]

[46.175.149.14 listed in will-spam-for-food.eu.org]

[46.175.149.14 listed in will-spam-for-food.eu.org]

[46.175.149.14 listed in will-spam-for-food.eu.org]

[46.175.149.14 listed in will-spam-for-food.eu.org]

[46.175.149.14 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[46.175.149.14 listed in dnsbl.ahbl.org]

[46.175.149.14 listed in dnsbl.ahbl.org]

[46.175.149.14 listed in dnsbl.ahbl.org]

[46.175.149.14 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[46.175.149.14 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[46.175.149.14 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[46.175.149.14 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[46.175.149.14 listed in dnsbl.ahbl.org]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

0.3 HTML_SHORT_LINK_IMG_3 HTML is very short with a linked image

3.0 GOOG_STO_NOIMG_HTML Apparently using google content hosting to avoid

URIBL

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} Stay Safe with This Kit



------=_Part_18536_1776140653.1728310241634

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable



Be Road-Ready: The Kit You Need for Emergencies <=

https://firebasestorage.googleapis.com/v0/b/project-30-z8l210.appspot.com/o=

/10_07_24%2FCAA%20Emergency%20Kit.html?alt=3Dmedia&token=3Df2005754-22ce-47=

0c-b300-1b1ba6b130b3>
googleapis.com/v0/b/project-30-z8l210.appspot.com/o/10_07_24%2FCAA%20Emerge=

ncy%20Kit.html?alt=3Dmedia&token=3Df2005754-22ce-470c-b300-1b1ba6b130b3> =

Discover More About Your Car Kit Offer
rebasestorage.googleapis.com/v0/b/project-30-z8l210.appspot.com/o/10_07_24%=

2FCAA%20Emergency%20Kit.html?alt=3Dmedia&token=3Df2005754-22ce-470c-b300-1b=

1ba6b130b3> =C2=A0 =20

------=_Part_18536_1776140653.1728310241634

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit





























------=_Part_18536_1776140653.1728310241634--

Nigerian spam from Google Gmail

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 08:12:04 -0600

Received: from mail-lj1-f180.google.com ([209.85.208.180]:49400)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxoSa-000000009hK-0kDk

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 08:11:57 -0600

Received: by mail-lj1-f180.google.com with SMTP id 38308e7fff4ca-2fabe5c8c26so39909301fa.2

for ; Mon, 07 Oct 2024 07:09:49 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1728310182; x=1728914982; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=cnMvs9V3kl/eny3RyPgSGJ9sKgHXs5vAyHbakMrL72c=;

b=VvEUX1Lu/USBDjalHwU9uIX36P6ynfGi1kk1cY0A1VfZx9RuIAUJQ/k0X9JXUfTX59

67uj9mAarU6lYBPgWTbqUh6DFW2DH7k4h1xAgBoM7n1EJxSfbS6XbV+oe9S0Jyj1vO9c

LWDncRD9eps+0UXZl19EOagl68cBeQ6Dr6y89aaNAg2fBBaICZQgwZRjYUQPq7nNbQn7

fyVi7L815pL5oribbkjUpKo31OiNTC3t+osPb3PWGu9x2SjRrR3wsZodToL3dwVszvFQ

5753UpZAB2hYac7EAjDbUhQkiQCz8+FPaHeG5K9BQ+2SJMp8bheAwpjoyWSJyAdVfs9M

D0Rw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1728310182; x=1728914982;

h=to:subject:message-id:date:from:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=cnMvs9V3kl/eny3RyPgSGJ9sKgHXs5vAyHbakMrL72c=;

b=sKFgjDgl3Qw2eVVmOMUVis5sCf7iVPESiDIZ4XcmA464wDOgw0JGyC65tp/iHZbaDb

HZWT/UUqX2OyjLvtLs7V/UYm7/xfS50bUAZScrxs/9SEb+ZHCmLZvbZwV2ajpY3rmZcl

2vrpUuLBmQpQbzAMEgUQaI8QnRtwD8qwi2zgP8M6RVRw1xi85jq/letSNZ763NxBTFzc

6x2YrPet3MW/GUS7FGuAm0D3SthsQg9mCBeUnctxqd2LbEYqDBH1kvzyLHmlDRsyWT5/

E3Ct/K+aMFa98MbttjvwKTEsIoiMM+c1dcq1PHNsBGObNoPNSEp0T+XQ2lPQ6o7YBHZo

VK1Q==

X-Forwarded-Encrypted: i=1; AJvYcCXafddz4qaOZNYNGgiT36JsGZAatUTw+iZclY+GaQD9136IKagJeEY/Dkk8sMVemIXdMVXn@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YwdcQjOJ5ToDN9c6GzImibsmPoMrvff7Ja75uimlq2XmmXQFUFt

XqE4kaiHS82aJ1eCg9/rMJmuHTcQU6szHyV2UyJeDgX/ma4uFY7faDHuMhXsUURaBzcl+M0274g

TnI51MN/eP1qzgMcmlsyFEoVV94Q=

X-Google-Smtp-Source: AGHT+IHGOeWURrmJas0GVJYuOVVto2KQayrUgSVTr+WDfaIoDzOOPPNYcpcKN+ej/ELh4tOS0snnNsMmgy9vjUbS+2w=

X-Received: by 2002:a2e:a7ca:0:b0:2fb:b59:816a with SMTP id

38308e7fff4ca-2fb0b598349mr8378641fa.45.1728310181707; Mon, 07 Oct 2024

07:09:41 -0700 (PDT)

MIME-Version: 1.0

From: Mrs Aisha Al-Gaddafi

Date: Mon, 7 Oct 2024 08:09:22 -0600

Message-ID:

Subject: I need your assistance

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000007146c80623e392fd"

Bcc: dave@doctor.nl2k.ab.ca

X-Spam_score: 22.9

X-Spam_score_int: 229

X-Spam_bar: ++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Greetings Dear Partner, I came across your e-mail contact

prior to a private search while in need of your assistance. My name is Aisha

Al-Gaddafi, a single Mother and a Widow with four Children. I am the only

biological Daughter of late Libyan President (Late Colonel Muammar Gaddafi).I

have investment funds worth Twenty Seven Million Five Hundred Thousand United

State Dollar ($27.500.000.00 ) [...]



Content analysis details: (22.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.180 listed in will-spam-for-food.eu.org]

[209.85.208.180 listed in will-spam-for-food.eu.org]

[209.85.208.180 listed in will-spam-for-food.eu.org]

[209.85.208.180 listed in will-spam-for-food.eu.org]

[209.85.208.180 listed in will-spam-for-food.eu.org]

[209.85.208.180 listed in will-spam-for-food.eu.org]

[209.85.208.180 listed in will-spam-for-food.eu.org]

[209.85.208.180 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.180 listed in dnsbl.ahbl.org]

[209.85.208.180 listed in dnsbl.ahbl.org]

[209.85.208.180 listed in dnsbl.ahbl.org]

[209.85.208.180 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.180 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.180 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.180 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.180 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.180 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.180 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[fffc4242(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[mrsaishaalgaddafi5(at)gmail.com]

0.0 MILLION_HUNDRED BODY: Million "One to Nine" Hundred

0.9 URG_BIZ BODY: Contains urgent matter

2.5 MILLION_USD BODY: Talks about millions of dollars

2.7 HK_SCAM_N1 BODY: No description available.

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

1.5 HK_NAME_FM_MR_MRS No description available.

3.7 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money

1.4 UNDISC_MONEY Undisclosed recipients + money/fraud signs

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

0.0 FORM_FRAUD_5 Fill a form and many fraud phrases

1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form

Subject: {SPAM?} I need your assistance



--0000000000007146c80623e392fd

Content-Type: text/plain; charset="UTF-8"



Greetings Dear Partner,







I came across your e-mail contact prior to a private search while in need

of your assistance. My name is Aisha Al-Gaddafi, a single Mother and a

Widow with four Children.







I am the only biological Daughter of late Libyan President (Late

Colonel Muammar Gaddafi).I have investment funds worth Twenty Seven Million

Five Hundred Thousand United State Dollar ($27.500.000.00 ) and i need a

trusted investment Manager/Partner because of my current refugee status,

however,







I am interested in you for investment project assistance in your country,

may be from there, we can build business relationship in the nearest future.







Your Urgent Reply Will Be Appreciated if really this transaction interests

you. Contact me at this my private email address







Best Regards



Mrs Aisha Al-Gaddafi



--0000000000007146c80623e392fd

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




al;background-position:initial;background-size:initial;background-repeat:in=

itial;background-origin:initial;background-clip:initial;font-size:12pt;font=

-family:"Times New Roman","serif"">
:rgb(38,40,42)">Greetings Dear Partner,






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">=

=C2=A0






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">I=

came across your e-mail contact

prior to a private search while in=C2=A0need of your assistance. My name is=

Aisha

Al-Gaddafi, a single Mother and a Widow with four Children.






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">=

=C2=A0






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">I=

am the only biological Daughter

of late Libyan President (Late Colonel=C2=A0Muammar Gaddafi).I have investm=

ent

funds worth Twenty Seven=C2=A0Million Five Hundred Thousand United State Do=

llar

($27.500.000.00 )=C2=A0and i need a trusted investment Manager/Partner beca=

use

of my current=C2=A0refugee status, however,






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">=

=C2=A0






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">I=

am interested in you for

investment project assistance in your=C2=A0country, may be from there, we c=

an

build business relationship in the nearest future.






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">=

=C2=A0






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">Y=

our Urgent Reply Will Be

Appreciated if really this transaction interests you.=C2=A0Contact me at th=

is

my private email address=C2=A0






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">=

=C2=A0






ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial;font-size:12pt;font-family:"Tim=

es New Roman","serif"">B=

est Regards






tial;background-size:initial;background-repeat:initial;background-origin:in=

itial;background-clip:initial;margin-right:0in;margin-left:0in;font-size:12=

pt;font-family:"Times New Roman","serif"">
=3D"color:rgb(38,40,42)">Mrs Aisha Al-Gaddafi






ize:11pt;font-family:Calibri,"sans-serif"">=C2=A0






ize:11pt;font-family:Calibri,"sans-serif"">=C2=A0





--0000000000007146c80623e392fd--

French language Paypal Phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 07:34:06 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxnrZ-00000000NgU-3zhI

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 07:33:25 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 07:33:25 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.80.215.157] (port=53866 helo=managergram.com.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxkIZ-00000000HPO-2OO4

for doctor@nl2k.ab.ca;

Mon, 07 Oct 2024 03:45:18 -0600

Received: by managergram.com.com (Postfix, from userid 33)

id 234C85B0EE; Mon, 7 Oct 2024 07:33:14 +0000 (UTC)

To: doctor@nl2k.ab.ca

Subject: =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=

Date: Mon, 7 Oct 2024 07:32:37 +0000

From: =?UTF-8?B?UGF5UGFs?=

Message-ID: <7bab4f775e95229f21250d944f6e406d@compte.fr>

List-Unsubscribe: mailto:bounce395-lYl8gSaS9CCHRx9@compte.fr?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1a79db978737e0ef7ffe78ae99130ab2a"

X-Spam_score: 8.9

X-Spam_score_int: 89

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:   Bonjour,Une mise à jour de notre serveur a

été effectuée afin de vous garantir un meilleur service

et une meilleur sécurité.Pour terminer le processus de cell

[...]



Content analysis details: (8.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=www-data%40managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

Subject: {SPAM?} =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=



This is a multi-part message in MIME format.



--1a79db978737e0ef7ffe78ae99130ab2a

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: base64



DQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw0KDQoNCg0KQm9uam91cixVbmUgbWlzZSAmYWdy

YXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZldXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVh

Y3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJhbnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBt

ZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZlYWN1dGU7LlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3Vz

IGRlIGNlbGxlLWNpLHZvdXMgZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdy

YXZlOyBqb3VyIHZvcyBpbmZvcm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRl

O3JpZmllciBxdSdpbCBzJ2FnaXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9j

aXJjO3QgYmxvcXUmZWFjdXRlOyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuDQoNCg0KDQptZXR0

cmUgJmFncmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zDQoNCg0KDQombmJzcDsNCg0KDQoNCiZj

b3B5O1BheXBhbCAyMDI0TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdyYXZlOyBj

ZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7cG9uZHJl

IGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNzZS4gUG91

ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFncmF2ZTsg

dm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1YW50IHN1

ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEgeVBhbCBv

dSBwYXIgZS1tYWlsLg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw==





--1a79db978737e0ef7ffe78ae99130ab2a

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: base64



PHRhYmxlIGJvcmRlcj0iMCIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGlu

Zz0iMCI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InZlcnRpY2FsLWFsaWduOiB0b3A7IGJh

Y2tncm91bmQtY29sb3I6ICNmZmZmZmY7IHBhZGRpbmc6IDBweDsiIGFsaWduPSJjZW50ZXIiPg0K

PHRhYmxlIHN0eWxlPSJtaW4td2lkdGg6IDQ4MHB4OyIgYm9yZGVyPSIwIiB3aWR0aD0iNDgwIiBj

ZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHN0eWxl

PSJ2ZXJ0aWNhbC1hbGlnbjogdG9wOyBtaW4td2lkdGg6IDQ4MHB4OyBwYWRkaW5nOiAwcHg7IiBh

bGlnbj0ibGVmdCI+PGltZyBzcmM9Imh0dHBzOi8vaGVpbmJhdmViLWY4Y2RjZi5pbmdyZXNzLWJh

cm9ubi5ld3AubGl2ZS93cC1jb250ZW50L3BsdWdpbnMvcHAxNDQucG5nIiBhbHQ9IiIgd2lkdGg9

IjE1MCIgaGVpZ2h0PSI5NCIgLz48YnIgLz4NCjx0YWJsZSBzdHlsZT0iaGVpZ2h0OiAyNTRweDsg

YmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsiIGJvcmRlcj0iMCIgd2lkdGg9IjQ4MCIgY2VsbHNw

YWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiBhbGlnbj0iY2VudGVyIj4NCjx0Ym9keT4NCjx0ciBz

dHlsZT0iaGVpZ2h0OiA1cHg7Ij4NCjx0ZCBzdHlsZT0iaGVpZ2h0OiA1cHg7IHdpZHRoOiA0Nzcu

MzMzcHg7IHZlcnRpY2FsLWFsaWduOiB0b3A7IiBhbGlnbj0ibGVmdCI+Jm5ic3A7PC90ZD4NCjwv

dHI+DQo8dHIgc3R5bGU9ImhlaWdodDogMjA2cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

M3B4OyBib3JkZXItdG9wOiAxcHggc29saWQgI2U2ZTZlNjsgaGVpZ2h0OiAyMDZweDsgZm9udC1m

YW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IHdpZHRoOiA0MzcuMzMzcHg7IHZl

cnRpY2FsLWFsaWduOiB0b3A7IGNvbG9yOiAjMDAwMDAwOyBwYWRkaW5nLXRvcDogMjBweDsgcGFk

ZGluZy1sZWZ0OiAyMHB4OyBwYWRkaW5nLXJpZ2h0OiAyMHB4OyIgYWxpZ249ImxlZnQiPg0KPHA+

Qm9uam91ciw8YnIgLz48YnIgLz5VbmUgbWlzZSAmYWdyYXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZl

dXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVhY3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJh

bnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBtZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZl

YWN1dGU7LjxiciAvPlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3VzIGRlIGNlbGxlLWNpLHZvdXMg

ZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdyYXZlOyBqb3VyIHZvcyBpbmZv

cm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRlO3JpZmllciBxdSdpbCBzJ2Fn

aXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9jaXJjO3QgYmxvcXUmZWFjdXRl

OyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuPGJyIC8+PGJyIC8+PC9wPg0KPHRhYmxlIGNsYXNz

PSJtXzMwMTg0MDgwMjM2MTU5Nzk3NDJzbS13LWZ1bGwiIHN0eWxlPSJ3aWR0aDogMjMycHg7IGZv

bnQtZmFtaWx5OiAnT3BlbiBTYW5zJywgUm9ib3RvLCB1aS1zYW5zLXNlcmlmLCAnU2Vnb2UgVUkn

LCBBcmlhbCwgLWFwcGxlLXN5c3RlbSwgc2Fucy1zZXJpZjsgaGVpZ2h0OiAzNXB4OyBtYXJnaW4t

bGVmdDogMTAwcHg7IiByb2xlPSJwcmVzZW50YXRpb24iIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFk

ZGluZz0iMCI+DQo8dGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiAnT3BlbiBTYW5zJyxSb2JvdG8s

dWktc2Fucy1zZXJpZiwnU2Vnb2UgVUknLEFyaWFsLC1hcHBsZS1zeXN0ZW0sc2Fucy1zZXJpZjsi

Pg0KPHRyIHN0eWxlPSJmb250LWZhbWlseTogJ09wZW4gU2FucycsUm9ib3RvLHVpLXNhbnMtc2Vy

aWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMtc2VyaWY7Ij4NCjx0aCBzdHls

ZT0iYm9yZGVyLXJhZGl1czogOTk5OXB4OyBmb250LWZhbWlseTogJ09wZW4gU2FucycsIFJvYm90

bywgdWktc2Fucy1zZXJpZiwgJ1NlZ29lIFVJJywgQXJpYWwsIC1hcHBsZS1zeXN0ZW0sIHNhbnMt

c2VyaWY7IGJhY2tncm91bmQtY29sb3I6IGJsdWU7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc0NjE7

IHdpZHRoOiAyMjkuMzMzcHg7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBkaXNw

bGF5OiBibG9jazsgcGFkZGluZy10b3A6IDE4cHg7IHBhZGRpbmctYm90dG9tOiAxOHB4OyBmb250

LXNpemU6IDE0cHg7IGxpbmUtaGVpZ2h0OiAxMDAlOyBmb250LWZhbWlseTogJ09wZW4gU2Fucycs

Um9ib3RvLHVpLXNhbnMtc2VyaWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMt

c2VyaWY7IGNvbG9yOiAjZmZmZmZmOyIgaHJlZj0iaHR0cHM6Ly9zaXRlcy5nb29nbGUuY29tL3Zp

ZXcvenJldGVyL2hvbWUiIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vb3BlbmVyIj5tZXR0cmUgJmFn

cmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zPC9hPjwvdGg+DQo8L3RyPg0KPC90Ym9keT4NCjwv

dGFibGU+DQo8cCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPiZuYnNwOzwvcD4NCjwvdGQ+DQo8

L3RyPg0KPHRyIHN0eWxlPSJoZWlnaHQ6IDQ4cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

MnB4OyBoZWlnaHQ6IDQzcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNl

cmlmOyB3aWR0aDogNDE3LjMzM3B4OyB2ZXJ0aWNhbC1hbGlnbjogdG9wOyBjb2xvcjogIzAwMDAw

MDsgYmFja2dyb3VuZC1jb2xvcjogI2VkZWRlZDsgcGFkZGluZzogMjBweCAzMHB4IDIzcHg7IiBh

bGlnbj0ibGVmdCI+PHNwYW4gaWQ9InAyOCI+PHNwYW4gaWQ9IjMxIj4mY29weTtQYXlwYWw8L3Nw

YW4+IDIwMjQ8L3NwYW4+PGJyIC8+TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdy

YXZlOyBjZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7

cG9uZHJlIGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNz

ZS4gUG91ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFn

cmF2ZTsgdm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1

YW50IHN1ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEg

eVBhbCBvdSBwYXIgZS1tYWlsLjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L3Rk

Pg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90

YWJsZT4NCjxwPiZuYnNwOzwvcD4=







--1a79db978737e0ef7ffe78ae99130ab2a--

French language Paypal Phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 07:34:06 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxnrn-00000000Nh6-3h9K

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 07:33:39 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 07:33:39 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.80.215.157] (port=37358 helo=managergram.com.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxlpn-00000000K31-3v0z

for games@nl2k.ab.ca;

Mon, 07 Oct 2024 05:24:04 -0600

Received: by managergram.com.com (Postfix, from userid 33)

id 1CCEF46258; Mon, 7 Oct 2024 07:33:14 +0000 (UTC)

To: games@nl2k.ab.ca

Subject: =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=

Date: Mon, 7 Oct 2024 07:32:37 +0000

From: =?UTF-8?B?UGF5UGFs?=

Message-ID: <7c71a4e803ee170ef36ebf5cc0cb145a@compte.fr>

List-Unsubscribe: mailto:bounce395-lYl8gSaS9CCHRx9@compte.fr?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1099daa186988336b909c4951856f5eef"

X-Spam_score: 8.0

X-Spam_score_int: 80

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:   Bonjour,Une mise à jour de notre serveur a

été effectuée afin de vous garantir un meilleur service

et une meilleur sécurité.Pour terminer le processus de cell

[...]



Content analysis details: (8.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

Subject: {SPAM?} =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=



This is a multi-part message in MIME format.



--1099daa186988336b909c4951856f5eef

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: base64



DQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw0KDQoNCg0KQm9uam91cixVbmUgbWlzZSAmYWdy

YXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZldXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVh

Y3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJhbnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBt

ZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZlYWN1dGU7LlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3Vz

IGRlIGNlbGxlLWNpLHZvdXMgZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdy

YXZlOyBqb3VyIHZvcyBpbmZvcm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRl

O3JpZmllciBxdSdpbCBzJ2FnaXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9j

aXJjO3QgYmxvcXUmZWFjdXRlOyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuDQoNCg0KDQptZXR0

cmUgJmFncmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zDQoNCg0KDQombmJzcDsNCg0KDQoNCiZj

b3B5O1BheXBhbCAyMDI0TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdyYXZlOyBj

ZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7cG9uZHJl

IGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNzZS4gUG91

ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFncmF2ZTsg

dm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1YW50IHN1

ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEgeVBhbCBv

dSBwYXIgZS1tYWlsLg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw==





--1099daa186988336b909c4951856f5eef

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: base64



PHRhYmxlIGJvcmRlcj0iMCIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGlu

Zz0iMCI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InZlcnRpY2FsLWFsaWduOiB0b3A7IGJh

Y2tncm91bmQtY29sb3I6ICNmZmZmZmY7IHBhZGRpbmc6IDBweDsiIGFsaWduPSJjZW50ZXIiPg0K

PHRhYmxlIHN0eWxlPSJtaW4td2lkdGg6IDQ4MHB4OyIgYm9yZGVyPSIwIiB3aWR0aD0iNDgwIiBj

ZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHN0eWxl

PSJ2ZXJ0aWNhbC1hbGlnbjogdG9wOyBtaW4td2lkdGg6IDQ4MHB4OyBwYWRkaW5nOiAwcHg7IiBh

bGlnbj0ibGVmdCI+PGltZyBzcmM9Imh0dHBzOi8vaGVpbmJhdmViLWY4Y2RjZi5pbmdyZXNzLWJh

cm9ubi5ld3AubGl2ZS93cC1jb250ZW50L3BsdWdpbnMvcHAxNDQucG5nIiBhbHQ9IiIgd2lkdGg9

IjE1MCIgaGVpZ2h0PSI5NCIgLz48YnIgLz4NCjx0YWJsZSBzdHlsZT0iaGVpZ2h0OiAyNTRweDsg

YmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsiIGJvcmRlcj0iMCIgd2lkdGg9IjQ4MCIgY2VsbHNw

YWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiBhbGlnbj0iY2VudGVyIj4NCjx0Ym9keT4NCjx0ciBz

dHlsZT0iaGVpZ2h0OiA1cHg7Ij4NCjx0ZCBzdHlsZT0iaGVpZ2h0OiA1cHg7IHdpZHRoOiA0Nzcu

MzMzcHg7IHZlcnRpY2FsLWFsaWduOiB0b3A7IiBhbGlnbj0ibGVmdCI+Jm5ic3A7PC90ZD4NCjwv

dHI+DQo8dHIgc3R5bGU9ImhlaWdodDogMjA2cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

M3B4OyBib3JkZXItdG9wOiAxcHggc29saWQgI2U2ZTZlNjsgaGVpZ2h0OiAyMDZweDsgZm9udC1m

YW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IHdpZHRoOiA0MzcuMzMzcHg7IHZl

cnRpY2FsLWFsaWduOiB0b3A7IGNvbG9yOiAjMDAwMDAwOyBwYWRkaW5nLXRvcDogMjBweDsgcGFk

ZGluZy1sZWZ0OiAyMHB4OyBwYWRkaW5nLXJpZ2h0OiAyMHB4OyIgYWxpZ249ImxlZnQiPg0KPHA+

Qm9uam91ciw8YnIgLz48YnIgLz5VbmUgbWlzZSAmYWdyYXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZl

dXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVhY3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJh

bnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBtZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZl

YWN1dGU7LjxiciAvPlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3VzIGRlIGNlbGxlLWNpLHZvdXMg

ZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdyYXZlOyBqb3VyIHZvcyBpbmZv

cm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRlO3JpZmllciBxdSdpbCBzJ2Fn

aXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9jaXJjO3QgYmxvcXUmZWFjdXRl

OyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuPGJyIC8+PGJyIC8+PC9wPg0KPHRhYmxlIGNsYXNz

PSJtXzMwMTg0MDgwMjM2MTU5Nzk3NDJzbS13LWZ1bGwiIHN0eWxlPSJ3aWR0aDogMjMycHg7IGZv

bnQtZmFtaWx5OiAnT3BlbiBTYW5zJywgUm9ib3RvLCB1aS1zYW5zLXNlcmlmLCAnU2Vnb2UgVUkn

LCBBcmlhbCwgLWFwcGxlLXN5c3RlbSwgc2Fucy1zZXJpZjsgaGVpZ2h0OiAzNXB4OyBtYXJnaW4t

bGVmdDogMTAwcHg7IiByb2xlPSJwcmVzZW50YXRpb24iIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFk

ZGluZz0iMCI+DQo8dGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiAnT3BlbiBTYW5zJyxSb2JvdG8s

dWktc2Fucy1zZXJpZiwnU2Vnb2UgVUknLEFyaWFsLC1hcHBsZS1zeXN0ZW0sc2Fucy1zZXJpZjsi

Pg0KPHRyIHN0eWxlPSJmb250LWZhbWlseTogJ09wZW4gU2FucycsUm9ib3RvLHVpLXNhbnMtc2Vy

aWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMtc2VyaWY7Ij4NCjx0aCBzdHls

ZT0iYm9yZGVyLXJhZGl1czogOTk5OXB4OyBmb250LWZhbWlseTogJ09wZW4gU2FucycsIFJvYm90

bywgdWktc2Fucy1zZXJpZiwgJ1NlZ29lIFVJJywgQXJpYWwsIC1hcHBsZS1zeXN0ZW0sIHNhbnMt

c2VyaWY7IGJhY2tncm91bmQtY29sb3I6IGJsdWU7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc0NjE7

IHdpZHRoOiAyMjkuMzMzcHg7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBkaXNw

bGF5OiBibG9jazsgcGFkZGluZy10b3A6IDE4cHg7IHBhZGRpbmctYm90dG9tOiAxOHB4OyBmb250

LXNpemU6IDE0cHg7IGxpbmUtaGVpZ2h0OiAxMDAlOyBmb250LWZhbWlseTogJ09wZW4gU2Fucycs

Um9ib3RvLHVpLXNhbnMtc2VyaWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMt

c2VyaWY7IGNvbG9yOiAjZmZmZmZmOyIgaHJlZj0iaHR0cHM6Ly9zaXRlcy5nb29nbGUuY29tL3Zp

ZXcvenJldGVyL2hvbWUiIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vb3BlbmVyIj5tZXR0cmUgJmFn

cmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zPC9hPjwvdGg+DQo8L3RyPg0KPC90Ym9keT4NCjwv

dGFibGU+DQo8cCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPiZuYnNwOzwvcD4NCjwvdGQ+DQo8

L3RyPg0KPHRyIHN0eWxlPSJoZWlnaHQ6IDQ4cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

MnB4OyBoZWlnaHQ6IDQzcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNl

cmlmOyB3aWR0aDogNDE3LjMzM3B4OyB2ZXJ0aWNhbC1hbGlnbjogdG9wOyBjb2xvcjogIzAwMDAw

MDsgYmFja2dyb3VuZC1jb2xvcjogI2VkZWRlZDsgcGFkZGluZzogMjBweCAzMHB4IDIzcHg7IiBh

bGlnbj0ibGVmdCI+PHNwYW4gaWQ9InAyOCI+PHNwYW4gaWQ9IjMxIj4mY29weTtQYXlwYWw8L3Nw

YW4+IDIwMjQ8L3NwYW4+PGJyIC8+TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdy

YXZlOyBjZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7

cG9uZHJlIGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNz

ZS4gUG91ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFn

cmF2ZTsgdm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1

YW50IHN1ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEg

eVBhbCBvdSBwYXIgZS1tYWlsLjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L3Rk

Pg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90

YWJsZT4NCjxwPiZuYnNwOzwvcD4=







--1099daa186988336b909c4951856f5eef--

French language Paypal Phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 07:34:06 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxnrk-00000000Ngz-1SmW

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 07:33:36 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 07:33:36 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.80.215.157] (port=49636 helo=managergram.com.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxl2G-00000000Igy-0Ej1

for root@nl2k.ab.ca;

Mon, 07 Oct 2024 04:32:24 -0600

Received: by managergram.com.com (Postfix, from userid 33)

id 9318581291; Mon, 7 Oct 2024 07:33:14 +0000 (UTC)

To: root@nl2k.ab.ca

Subject: =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=

Date: Mon, 7 Oct 2024 07:32:37 +0000

From: =?UTF-8?B?UGF5UGFs?=

Message-ID: <63287d0c444551d776f41f4006b89c3f@compte.fr>

List-Unsubscribe: mailto:bounce395-lYl8gSaS9CCHRx9@compte.fr?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1edefb6dcbd2054593c8c32550fc2b2de"

X-Spam_score: 8.9

X-Spam_score_int: 89

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:   Bonjour,Une mise à jour de notre serveur a

été effectuée afin de vous garantir un meilleur service

et une meilleur sécurité.Pour terminer le processus de cell

[...]



Content analysis details: (8.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=www-data%40managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

Subject: {SPAM?} =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=



This is a multi-part message in MIME format.



--1edefb6dcbd2054593c8c32550fc2b2de

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: base64



DQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw0KDQoNCg0KQm9uam91cixVbmUgbWlzZSAmYWdy

YXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZldXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVh

Y3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJhbnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBt

ZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZlYWN1dGU7LlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3Vz

IGRlIGNlbGxlLWNpLHZvdXMgZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdy

YXZlOyBqb3VyIHZvcyBpbmZvcm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRl

O3JpZmllciBxdSdpbCBzJ2FnaXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9j

aXJjO3QgYmxvcXUmZWFjdXRlOyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuDQoNCg0KDQptZXR0

cmUgJmFncmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zDQoNCg0KDQombmJzcDsNCg0KDQoNCiZj

b3B5O1BheXBhbCAyMDI0TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdyYXZlOyBj

ZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7cG9uZHJl

IGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNzZS4gUG91

ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFncmF2ZTsg

dm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1YW50IHN1

ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEgeVBhbCBv

dSBwYXIgZS1tYWlsLg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw==





--1edefb6dcbd2054593c8c32550fc2b2de

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: base64



PHRhYmxlIGJvcmRlcj0iMCIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGlu

Zz0iMCI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InZlcnRpY2FsLWFsaWduOiB0b3A7IGJh

Y2tncm91bmQtY29sb3I6ICNmZmZmZmY7IHBhZGRpbmc6IDBweDsiIGFsaWduPSJjZW50ZXIiPg0K

PHRhYmxlIHN0eWxlPSJtaW4td2lkdGg6IDQ4MHB4OyIgYm9yZGVyPSIwIiB3aWR0aD0iNDgwIiBj

ZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHN0eWxl

PSJ2ZXJ0aWNhbC1hbGlnbjogdG9wOyBtaW4td2lkdGg6IDQ4MHB4OyBwYWRkaW5nOiAwcHg7IiBh

bGlnbj0ibGVmdCI+PGltZyBzcmM9Imh0dHBzOi8vaGVpbmJhdmViLWY4Y2RjZi5pbmdyZXNzLWJh

cm9ubi5ld3AubGl2ZS93cC1jb250ZW50L3BsdWdpbnMvcHAxNDQucG5nIiBhbHQ9IiIgd2lkdGg9

IjE1MCIgaGVpZ2h0PSI5NCIgLz48YnIgLz4NCjx0YWJsZSBzdHlsZT0iaGVpZ2h0OiAyNTRweDsg

YmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsiIGJvcmRlcj0iMCIgd2lkdGg9IjQ4MCIgY2VsbHNw

YWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiBhbGlnbj0iY2VudGVyIj4NCjx0Ym9keT4NCjx0ciBz

dHlsZT0iaGVpZ2h0OiA1cHg7Ij4NCjx0ZCBzdHlsZT0iaGVpZ2h0OiA1cHg7IHdpZHRoOiA0Nzcu

MzMzcHg7IHZlcnRpY2FsLWFsaWduOiB0b3A7IiBhbGlnbj0ibGVmdCI+Jm5ic3A7PC90ZD4NCjwv

dHI+DQo8dHIgc3R5bGU9ImhlaWdodDogMjA2cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

M3B4OyBib3JkZXItdG9wOiAxcHggc29saWQgI2U2ZTZlNjsgaGVpZ2h0OiAyMDZweDsgZm9udC1m

YW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IHdpZHRoOiA0MzcuMzMzcHg7IHZl

cnRpY2FsLWFsaWduOiB0b3A7IGNvbG9yOiAjMDAwMDAwOyBwYWRkaW5nLXRvcDogMjBweDsgcGFk

ZGluZy1sZWZ0OiAyMHB4OyBwYWRkaW5nLXJpZ2h0OiAyMHB4OyIgYWxpZ249ImxlZnQiPg0KPHA+

Qm9uam91ciw8YnIgLz48YnIgLz5VbmUgbWlzZSAmYWdyYXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZl

dXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVhY3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJh

bnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBtZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZl

YWN1dGU7LjxiciAvPlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3VzIGRlIGNlbGxlLWNpLHZvdXMg

ZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdyYXZlOyBqb3VyIHZvcyBpbmZv

cm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRlO3JpZmllciBxdSdpbCBzJ2Fn

aXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9jaXJjO3QgYmxvcXUmZWFjdXRl

OyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuPGJyIC8+PGJyIC8+PC9wPg0KPHRhYmxlIGNsYXNz

PSJtXzMwMTg0MDgwMjM2MTU5Nzk3NDJzbS13LWZ1bGwiIHN0eWxlPSJ3aWR0aDogMjMycHg7IGZv

bnQtZmFtaWx5OiAnT3BlbiBTYW5zJywgUm9ib3RvLCB1aS1zYW5zLXNlcmlmLCAnU2Vnb2UgVUkn

LCBBcmlhbCwgLWFwcGxlLXN5c3RlbSwgc2Fucy1zZXJpZjsgaGVpZ2h0OiAzNXB4OyBtYXJnaW4t

bGVmdDogMTAwcHg7IiByb2xlPSJwcmVzZW50YXRpb24iIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFk

ZGluZz0iMCI+DQo8dGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiAnT3BlbiBTYW5zJyxSb2JvdG8s

dWktc2Fucy1zZXJpZiwnU2Vnb2UgVUknLEFyaWFsLC1hcHBsZS1zeXN0ZW0sc2Fucy1zZXJpZjsi

Pg0KPHRyIHN0eWxlPSJmb250LWZhbWlseTogJ09wZW4gU2FucycsUm9ib3RvLHVpLXNhbnMtc2Vy

aWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMtc2VyaWY7Ij4NCjx0aCBzdHls

ZT0iYm9yZGVyLXJhZGl1czogOTk5OXB4OyBmb250LWZhbWlseTogJ09wZW4gU2FucycsIFJvYm90

bywgdWktc2Fucy1zZXJpZiwgJ1NlZ29lIFVJJywgQXJpYWwsIC1hcHBsZS1zeXN0ZW0sIHNhbnMt

c2VyaWY7IGJhY2tncm91bmQtY29sb3I6IGJsdWU7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc0NjE7

IHdpZHRoOiAyMjkuMzMzcHg7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBkaXNw

bGF5OiBibG9jazsgcGFkZGluZy10b3A6IDE4cHg7IHBhZGRpbmctYm90dG9tOiAxOHB4OyBmb250

LXNpemU6IDE0cHg7IGxpbmUtaGVpZ2h0OiAxMDAlOyBmb250LWZhbWlseTogJ09wZW4gU2Fucycs

Um9ib3RvLHVpLXNhbnMtc2VyaWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMt

c2VyaWY7IGNvbG9yOiAjZmZmZmZmOyIgaHJlZj0iaHR0cHM6Ly9zaXRlcy5nb29nbGUuY29tL3Zp

ZXcvenJldGVyL2hvbWUiIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vb3BlbmVyIj5tZXR0cmUgJmFn

cmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zPC9hPjwvdGg+DQo8L3RyPg0KPC90Ym9keT4NCjwv

dGFibGU+DQo8cCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPiZuYnNwOzwvcD4NCjwvdGQ+DQo8

L3RyPg0KPHRyIHN0eWxlPSJoZWlnaHQ6IDQ4cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

MnB4OyBoZWlnaHQ6IDQzcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNl

cmlmOyB3aWR0aDogNDE3LjMzM3B4OyB2ZXJ0aWNhbC1hbGlnbjogdG9wOyBjb2xvcjogIzAwMDAw

MDsgYmFja2dyb3VuZC1jb2xvcjogI2VkZWRlZDsgcGFkZGluZzogMjBweCAzMHB4IDIzcHg7IiBh

bGlnbj0ibGVmdCI+PHNwYW4gaWQ9InAyOCI+PHNwYW4gaWQ9IjMxIj4mY29weTtQYXlwYWw8L3Nw

YW4+IDIwMjQ8L3NwYW4+PGJyIC8+TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdy

YXZlOyBjZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7

cG9uZHJlIGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNz

ZS4gUG91ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFn

cmF2ZTsgdm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1

YW50IHN1ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEg

eVBhbCBvdSBwYXIgZS1tYWlsLjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L3Rk

Pg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90

YWJsZT4NCjxwPiZuYnNwOzwvcD4=







--1edefb6dcbd2054593c8c32550fc2b2de--

French language Paypal Phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 07:34:06 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxnrW-00000000NgM-2TrL

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 07:33:22 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 07:33:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.80.215.157] (port=49078 helo=managergram.com.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxjVI-00000000G7Y-0AbU

for doctor@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 02:54:21 -0600

Received: by managergram.com.com (Postfix, from userid 33)

id E8786578F3; Mon, 7 Oct 2024 07:33:14 +0000 (UTC)

To: doctor@doctor.nl2k.ab.ca

Subject: =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=

Date: Mon, 7 Oct 2024 07:32:37 +0000

From: =?UTF-8?B?UGF5UGFs?=

Message-ID: <2c1175ce14e5e5c977b9855b886d47c4@compte.fr>

List-Unsubscribe: mailto:bounce395-lYl8gSaS9CCHRx9@compte.fr?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1b68383d20275024656730c17e32a3496"

X-Spam_score: 8.9

X-Spam_score_int: 89

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:   Bonjour,Une mise à jour de notre serveur a

été effectuée afin de vous garantir un meilleur service

et une meilleur sécurité.Pour terminer le processus de cell

[...]



Content analysis details: (8.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=www-data%40managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

Subject: {SPAM?} =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=



This is a multi-part message in MIME format.



--1b68383d20275024656730c17e32a3496

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: base64



DQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw0KDQoNCg0KQm9uam91cixVbmUgbWlzZSAmYWdy

YXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZldXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVh

Y3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJhbnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBt

ZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZlYWN1dGU7LlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3Vz

IGRlIGNlbGxlLWNpLHZvdXMgZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdy

YXZlOyBqb3VyIHZvcyBpbmZvcm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRl

O3JpZmllciBxdSdpbCBzJ2FnaXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9j

aXJjO3QgYmxvcXUmZWFjdXRlOyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuDQoNCg0KDQptZXR0

cmUgJmFncmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zDQoNCg0KDQombmJzcDsNCg0KDQoNCiZj

b3B5O1BheXBhbCAyMDI0TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdyYXZlOyBj

ZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7cG9uZHJl

IGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNzZS4gUG91

ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFncmF2ZTsg

dm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1YW50IHN1

ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEgeVBhbCBv

dSBwYXIgZS1tYWlsLg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw==





--1b68383d20275024656730c17e32a3496

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: base64



PHRhYmxlIGJvcmRlcj0iMCIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGlu

Zz0iMCI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InZlcnRpY2FsLWFsaWduOiB0b3A7IGJh

Y2tncm91bmQtY29sb3I6ICNmZmZmZmY7IHBhZGRpbmc6IDBweDsiIGFsaWduPSJjZW50ZXIiPg0K

PHRhYmxlIHN0eWxlPSJtaW4td2lkdGg6IDQ4MHB4OyIgYm9yZGVyPSIwIiB3aWR0aD0iNDgwIiBj

ZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHN0eWxl

PSJ2ZXJ0aWNhbC1hbGlnbjogdG9wOyBtaW4td2lkdGg6IDQ4MHB4OyBwYWRkaW5nOiAwcHg7IiBh

bGlnbj0ibGVmdCI+PGltZyBzcmM9Imh0dHBzOi8vaGVpbmJhdmViLWY4Y2RjZi5pbmdyZXNzLWJh

cm9ubi5ld3AubGl2ZS93cC1jb250ZW50L3BsdWdpbnMvcHAxNDQucG5nIiBhbHQ9IiIgd2lkdGg9

IjE1MCIgaGVpZ2h0PSI5NCIgLz48YnIgLz4NCjx0YWJsZSBzdHlsZT0iaGVpZ2h0OiAyNTRweDsg

YmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsiIGJvcmRlcj0iMCIgd2lkdGg9IjQ4MCIgY2VsbHNw

YWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiBhbGlnbj0iY2VudGVyIj4NCjx0Ym9keT4NCjx0ciBz

dHlsZT0iaGVpZ2h0OiA1cHg7Ij4NCjx0ZCBzdHlsZT0iaGVpZ2h0OiA1cHg7IHdpZHRoOiA0Nzcu

MzMzcHg7IHZlcnRpY2FsLWFsaWduOiB0b3A7IiBhbGlnbj0ibGVmdCI+Jm5ic3A7PC90ZD4NCjwv

dHI+DQo8dHIgc3R5bGU9ImhlaWdodDogMjA2cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

M3B4OyBib3JkZXItdG9wOiAxcHggc29saWQgI2U2ZTZlNjsgaGVpZ2h0OiAyMDZweDsgZm9udC1m

YW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IHdpZHRoOiA0MzcuMzMzcHg7IHZl

cnRpY2FsLWFsaWduOiB0b3A7IGNvbG9yOiAjMDAwMDAwOyBwYWRkaW5nLXRvcDogMjBweDsgcGFk

ZGluZy1sZWZ0OiAyMHB4OyBwYWRkaW5nLXJpZ2h0OiAyMHB4OyIgYWxpZ249ImxlZnQiPg0KPHA+

Qm9uam91ciw8YnIgLz48YnIgLz5VbmUgbWlzZSAmYWdyYXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZl

dXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVhY3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJh

bnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBtZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZl

YWN1dGU7LjxiciAvPlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3VzIGRlIGNlbGxlLWNpLHZvdXMg

ZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdyYXZlOyBqb3VyIHZvcyBpbmZv

cm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRlO3JpZmllciBxdSdpbCBzJ2Fn

aXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9jaXJjO3QgYmxvcXUmZWFjdXRl

OyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuPGJyIC8+PGJyIC8+PC9wPg0KPHRhYmxlIGNsYXNz

PSJtXzMwMTg0MDgwMjM2MTU5Nzk3NDJzbS13LWZ1bGwiIHN0eWxlPSJ3aWR0aDogMjMycHg7IGZv

bnQtZmFtaWx5OiAnT3BlbiBTYW5zJywgUm9ib3RvLCB1aS1zYW5zLXNlcmlmLCAnU2Vnb2UgVUkn

LCBBcmlhbCwgLWFwcGxlLXN5c3RlbSwgc2Fucy1zZXJpZjsgaGVpZ2h0OiAzNXB4OyBtYXJnaW4t

bGVmdDogMTAwcHg7IiByb2xlPSJwcmVzZW50YXRpb24iIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFk

ZGluZz0iMCI+DQo8dGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiAnT3BlbiBTYW5zJyxSb2JvdG8s

dWktc2Fucy1zZXJpZiwnU2Vnb2UgVUknLEFyaWFsLC1hcHBsZS1zeXN0ZW0sc2Fucy1zZXJpZjsi

Pg0KPHRyIHN0eWxlPSJmb250LWZhbWlseTogJ09wZW4gU2FucycsUm9ib3RvLHVpLXNhbnMtc2Vy

aWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMtc2VyaWY7Ij4NCjx0aCBzdHls

ZT0iYm9yZGVyLXJhZGl1czogOTk5OXB4OyBmb250LWZhbWlseTogJ09wZW4gU2FucycsIFJvYm90

bywgdWktc2Fucy1zZXJpZiwgJ1NlZ29lIFVJJywgQXJpYWwsIC1hcHBsZS1zeXN0ZW0sIHNhbnMt

c2VyaWY7IGJhY2tncm91bmQtY29sb3I6IGJsdWU7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc0NjE7

IHdpZHRoOiAyMjkuMzMzcHg7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBkaXNw

bGF5OiBibG9jazsgcGFkZGluZy10b3A6IDE4cHg7IHBhZGRpbmctYm90dG9tOiAxOHB4OyBmb250

LXNpemU6IDE0cHg7IGxpbmUtaGVpZ2h0OiAxMDAlOyBmb250LWZhbWlseTogJ09wZW4gU2Fucycs

Um9ib3RvLHVpLXNhbnMtc2VyaWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMt

c2VyaWY7IGNvbG9yOiAjZmZmZmZmOyIgaHJlZj0iaHR0cHM6Ly9zaXRlcy5nb29nbGUuY29tL3Zp

ZXcvenJldGVyL2hvbWUiIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vb3BlbmVyIj5tZXR0cmUgJmFn

cmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zPC9hPjwvdGg+DQo8L3RyPg0KPC90Ym9keT4NCjwv

dGFibGU+DQo8cCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPiZuYnNwOzwvcD4NCjwvdGQ+DQo8

L3RyPg0KPHRyIHN0eWxlPSJoZWlnaHQ6IDQ4cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

MnB4OyBoZWlnaHQ6IDQzcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNl

cmlmOyB3aWR0aDogNDE3LjMzM3B4OyB2ZXJ0aWNhbC1hbGlnbjogdG9wOyBjb2xvcjogIzAwMDAw

MDsgYmFja2dyb3VuZC1jb2xvcjogI2VkZWRlZDsgcGFkZGluZzogMjBweCAzMHB4IDIzcHg7IiBh

bGlnbj0ibGVmdCI+PHNwYW4gaWQ9InAyOCI+PHNwYW4gaWQ9IjMxIj4mY29weTtQYXlwYWw8L3Nw

YW4+IDIwMjQ8L3NwYW4+PGJyIC8+TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdy

YXZlOyBjZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7

cG9uZHJlIGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNz

ZS4gUG91ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFn

cmF2ZTsgdm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1

YW50IHN1ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEg

eVBhbCBvdSBwYXIgZS1tYWlsLjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L3Rk

Pg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90

YWJsZT4NCjxwPiZuYnNwOzwvcD4=







--1b68383d20275024656730c17e32a3496--

French language Paypal Phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 07:34:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxnrg-00000000Ngo-1DI7

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 07:33:32 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 07:33:32 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.80.215.157] (port=46894 helo=managergram.com.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxkw5-00000000IVg-1h9v

for root@mail.nl2k.ab.ca;

Mon, 07 Oct 2024 04:26:02 -0600

Received: by managergram.com.com (Postfix, from userid 33)

id A7A1A6BECC; Mon, 7 Oct 2024 07:33:14 +0000 (UTC)

To: root@mail.nl2k.ab.ca

Subject: =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=

Date: Mon, 7 Oct 2024 07:32:37 +0000

From: =?UTF-8?B?UGF5UGFs?=

Message-ID:

List-Unsubscribe: mailto:bounce395-lYl8gSaS9CCHRx9@compte.fr?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1054e9f84412c5557f5215f35ae8d8cc0"

X-Spam_score: 8.9

X-Spam_score_int: 89

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:   Bonjour,Une mise à jour de notre serveur a

été effectuée afin de vous garantir un meilleur service

et une meilleur sécurité.Pour terminer le processus de cell

[...]



Content analysis details: (8.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=www-data%40managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

Subject: {SPAM?} =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=



This is a multi-part message in MIME format.



--1054e9f84412c5557f5215f35ae8d8cc0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: base64



DQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw0KDQoNCg0KQm9uam91cixVbmUgbWlzZSAmYWdy

YXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZldXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVh

Y3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJhbnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBt

ZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZlYWN1dGU7LlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3Vz

IGRlIGNlbGxlLWNpLHZvdXMgZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdy

YXZlOyBqb3VyIHZvcyBpbmZvcm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRl

O3JpZmllciBxdSdpbCBzJ2FnaXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9j

aXJjO3QgYmxvcXUmZWFjdXRlOyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuDQoNCg0KDQptZXR0

cmUgJmFncmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zDQoNCg0KDQombmJzcDsNCg0KDQoNCiZj

b3B5O1BheXBhbCAyMDI0TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdyYXZlOyBj

ZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7cG9uZHJl

IGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNzZS4gUG91

ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFncmF2ZTsg

dm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1YW50IHN1

ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEgeVBhbCBv

dSBwYXIgZS1tYWlsLg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw==





--1054e9f84412c5557f5215f35ae8d8cc0

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: base64



PHRhYmxlIGJvcmRlcj0iMCIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGlu

Zz0iMCI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InZlcnRpY2FsLWFsaWduOiB0b3A7IGJh

Y2tncm91bmQtY29sb3I6ICNmZmZmZmY7IHBhZGRpbmc6IDBweDsiIGFsaWduPSJjZW50ZXIiPg0K

PHRhYmxlIHN0eWxlPSJtaW4td2lkdGg6IDQ4MHB4OyIgYm9yZGVyPSIwIiB3aWR0aD0iNDgwIiBj

ZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHN0eWxl

PSJ2ZXJ0aWNhbC1hbGlnbjogdG9wOyBtaW4td2lkdGg6IDQ4MHB4OyBwYWRkaW5nOiAwcHg7IiBh

bGlnbj0ibGVmdCI+PGltZyBzcmM9Imh0dHBzOi8vaGVpbmJhdmViLWY4Y2RjZi5pbmdyZXNzLWJh

cm9ubi5ld3AubGl2ZS93cC1jb250ZW50L3BsdWdpbnMvcHAxNDQucG5nIiBhbHQ9IiIgd2lkdGg9

IjE1MCIgaGVpZ2h0PSI5NCIgLz48YnIgLz4NCjx0YWJsZSBzdHlsZT0iaGVpZ2h0OiAyNTRweDsg

YmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsiIGJvcmRlcj0iMCIgd2lkdGg9IjQ4MCIgY2VsbHNw

YWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiBhbGlnbj0iY2VudGVyIj4NCjx0Ym9keT4NCjx0ciBz

dHlsZT0iaGVpZ2h0OiA1cHg7Ij4NCjx0ZCBzdHlsZT0iaGVpZ2h0OiA1cHg7IHdpZHRoOiA0Nzcu

MzMzcHg7IHZlcnRpY2FsLWFsaWduOiB0b3A7IiBhbGlnbj0ibGVmdCI+Jm5ic3A7PC90ZD4NCjwv

dHI+DQo8dHIgc3R5bGU9ImhlaWdodDogMjA2cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

M3B4OyBib3JkZXItdG9wOiAxcHggc29saWQgI2U2ZTZlNjsgaGVpZ2h0OiAyMDZweDsgZm9udC1m

YW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IHdpZHRoOiA0MzcuMzMzcHg7IHZl

cnRpY2FsLWFsaWduOiB0b3A7IGNvbG9yOiAjMDAwMDAwOyBwYWRkaW5nLXRvcDogMjBweDsgcGFk

ZGluZy1sZWZ0OiAyMHB4OyBwYWRkaW5nLXJpZ2h0OiAyMHB4OyIgYWxpZ249ImxlZnQiPg0KPHA+

Qm9uam91ciw8YnIgLz48YnIgLz5VbmUgbWlzZSAmYWdyYXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZl

dXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVhY3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJh

bnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBtZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZl

YWN1dGU7LjxiciAvPlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3VzIGRlIGNlbGxlLWNpLHZvdXMg

ZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdyYXZlOyBqb3VyIHZvcyBpbmZv

cm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRlO3JpZmllciBxdSdpbCBzJ2Fn

aXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9jaXJjO3QgYmxvcXUmZWFjdXRl

OyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuPGJyIC8+PGJyIC8+PC9wPg0KPHRhYmxlIGNsYXNz

PSJtXzMwMTg0MDgwMjM2MTU5Nzk3NDJzbS13LWZ1bGwiIHN0eWxlPSJ3aWR0aDogMjMycHg7IGZv

bnQtZmFtaWx5OiAnT3BlbiBTYW5zJywgUm9ib3RvLCB1aS1zYW5zLXNlcmlmLCAnU2Vnb2UgVUkn

LCBBcmlhbCwgLWFwcGxlLXN5c3RlbSwgc2Fucy1zZXJpZjsgaGVpZ2h0OiAzNXB4OyBtYXJnaW4t

bGVmdDogMTAwcHg7IiByb2xlPSJwcmVzZW50YXRpb24iIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFk

ZGluZz0iMCI+DQo8dGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiAnT3BlbiBTYW5zJyxSb2JvdG8s

dWktc2Fucy1zZXJpZiwnU2Vnb2UgVUknLEFyaWFsLC1hcHBsZS1zeXN0ZW0sc2Fucy1zZXJpZjsi

Pg0KPHRyIHN0eWxlPSJmb250LWZhbWlseTogJ09wZW4gU2FucycsUm9ib3RvLHVpLXNhbnMtc2Vy

aWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMtc2VyaWY7Ij4NCjx0aCBzdHls

ZT0iYm9yZGVyLXJhZGl1czogOTk5OXB4OyBmb250LWZhbWlseTogJ09wZW4gU2FucycsIFJvYm90

bywgdWktc2Fucy1zZXJpZiwgJ1NlZ29lIFVJJywgQXJpYWwsIC1hcHBsZS1zeXN0ZW0sIHNhbnMt

c2VyaWY7IGJhY2tncm91bmQtY29sb3I6IGJsdWU7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc0NjE7

IHdpZHRoOiAyMjkuMzMzcHg7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBkaXNw

bGF5OiBibG9jazsgcGFkZGluZy10b3A6IDE4cHg7IHBhZGRpbmctYm90dG9tOiAxOHB4OyBmb250

LXNpemU6IDE0cHg7IGxpbmUtaGVpZ2h0OiAxMDAlOyBmb250LWZhbWlseTogJ09wZW4gU2Fucycs

Um9ib3RvLHVpLXNhbnMtc2VyaWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMt

c2VyaWY7IGNvbG9yOiAjZmZmZmZmOyIgaHJlZj0iaHR0cHM6Ly9zaXRlcy5nb29nbGUuY29tL3Zp

ZXcvenJldGVyL2hvbWUiIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vb3BlbmVyIj5tZXR0cmUgJmFn

cmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zPC9hPjwvdGg+DQo8L3RyPg0KPC90Ym9keT4NCjwv

dGFibGU+DQo8cCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPiZuYnNwOzwvcD4NCjwvdGQ+DQo8

L3RyPg0KPHRyIHN0eWxlPSJoZWlnaHQ6IDQ4cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

MnB4OyBoZWlnaHQ6IDQzcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNl

cmlmOyB3aWR0aDogNDE3LjMzM3B4OyB2ZXJ0aWNhbC1hbGlnbjogdG9wOyBjb2xvcjogIzAwMDAw

MDsgYmFja2dyb3VuZC1jb2xvcjogI2VkZWRlZDsgcGFkZGluZzogMjBweCAzMHB4IDIzcHg7IiBh

bGlnbj0ibGVmdCI+PHNwYW4gaWQ9InAyOCI+PHNwYW4gaWQ9IjMxIj4mY29weTtQYXlwYWw8L3Nw

YW4+IDIwMjQ8L3NwYW4+PGJyIC8+TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdy

YXZlOyBjZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7

cG9uZHJlIGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNz

ZS4gUG91ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFn

cmF2ZTsgdm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1

YW50IHN1ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEg

eVBhbCBvdSBwYXIgZS1tYWlsLjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L3Rk

Pg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90

YWJsZT4NCjxwPiZuYnNwOzwvcD4=







--1054e9f84412c5557f5215f35ae8d8cc0--

French language Paypal Phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 07:34:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxnrr-00000000NhE-3WVa

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 07:33:43 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 07:33:43 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.80.215.157] (port=56924 helo=managergram.com.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxluk-00000000KAn-01cW

for root@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 05:28:37 -0600

Received: by managergram.com.com (Postfix, from userid 33)

id D0EC58806E; Mon, 7 Oct 2024 07:33:14 +0000 (UTC)

To: root@doctor.nl2k.ab.ca

Subject: =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=

Date: Mon, 7 Oct 2024 07:32:37 +0000

From: =?UTF-8?B?UGF5UGFs?=

Message-ID: <0add5ca7b9f58e118a9cb2ce67e629bd@compte.fr>

List-Unsubscribe: mailto:bounce395-lYl8gSaS9CCHRx9@compte.fr?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1ce020416e1fded720edb50fddcdfc077"

X-Spam_score: 8.9

X-Spam_score_int: 89

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:   Bonjour,Une mise à jour de notre serveur a

été effectuée afin de vous garantir un meilleur service

et une meilleur sécurité.Pour terminer le processus de cell

[...]



Content analysis details: (8.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

[45.80.215.157 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

[45.80.215.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.80.215.157 listed in dnsbl.ahbl.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=www-data%40managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=managergram.com.com;ip=45.80.215.157;r=doctor.nl2k.ab.ca]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

Subject: {SPAM?} =?UTF-8?B?TUVUVEVaIMOAIEpPVVJTIFZPUyBJTkZPUk1BVElPTlM=?=



This is a multi-part message in MIME format.



--1ce020416e1fded720edb50fddcdfc077

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: base64



DQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw0KDQoNCg0KQm9uam91cixVbmUgbWlzZSAmYWdy

YXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZldXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVh

Y3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJhbnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBt

ZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZlYWN1dGU7LlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3Vz

IGRlIGNlbGxlLWNpLHZvdXMgZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdy

YXZlOyBqb3VyIHZvcyBpbmZvcm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRl

O3JpZmllciBxdSdpbCBzJ2FnaXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9j

aXJjO3QgYmxvcXUmZWFjdXRlOyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuDQoNCg0KDQptZXR0

cmUgJmFncmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zDQoNCg0KDQombmJzcDsNCg0KDQoNCiZj

b3B5O1BheXBhbCAyMDI0TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdyYXZlOyBj

ZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7cG9uZHJl

IGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNzZS4gUG91

ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFncmF2ZTsg

dm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1YW50IHN1

ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEgeVBhbCBv

dSBwYXIgZS1tYWlsLg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCiZuYnNwOw==





--1ce020416e1fded720edb50fddcdfc077

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: base64



PHRhYmxlIGJvcmRlcj0iMCIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGlu

Zz0iMCI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InZlcnRpY2FsLWFsaWduOiB0b3A7IGJh

Y2tncm91bmQtY29sb3I6ICNmZmZmZmY7IHBhZGRpbmc6IDBweDsiIGFsaWduPSJjZW50ZXIiPg0K

PHRhYmxlIHN0eWxlPSJtaW4td2lkdGg6IDQ4MHB4OyIgYm9yZGVyPSIwIiB3aWR0aD0iNDgwIiBj

ZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHN0eWxl

PSJ2ZXJ0aWNhbC1hbGlnbjogdG9wOyBtaW4td2lkdGg6IDQ4MHB4OyBwYWRkaW5nOiAwcHg7IiBh

bGlnbj0ibGVmdCI+PGltZyBzcmM9Imh0dHBzOi8vaGVpbmJhdmViLWY4Y2RjZi5pbmdyZXNzLWJh

cm9ubi5ld3AubGl2ZS93cC1jb250ZW50L3BsdWdpbnMvcHAxNDQucG5nIiBhbHQ9IiIgd2lkdGg9

IjE1MCIgaGVpZ2h0PSI5NCIgLz48YnIgLz4NCjx0YWJsZSBzdHlsZT0iaGVpZ2h0OiAyNTRweDsg

YmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsiIGJvcmRlcj0iMCIgd2lkdGg9IjQ4MCIgY2VsbHNw

YWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiBhbGlnbj0iY2VudGVyIj4NCjx0Ym9keT4NCjx0ciBz

dHlsZT0iaGVpZ2h0OiA1cHg7Ij4NCjx0ZCBzdHlsZT0iaGVpZ2h0OiA1cHg7IHdpZHRoOiA0Nzcu

MzMzcHg7IHZlcnRpY2FsLWFsaWduOiB0b3A7IiBhbGlnbj0ibGVmdCI+Jm5ic3A7PC90ZD4NCjwv

dHI+DQo8dHIgc3R5bGU9ImhlaWdodDogMjA2cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

M3B4OyBib3JkZXItdG9wOiAxcHggc29saWQgI2U2ZTZlNjsgaGVpZ2h0OiAyMDZweDsgZm9udC1m

YW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IHdpZHRoOiA0MzcuMzMzcHg7IHZl

cnRpY2FsLWFsaWduOiB0b3A7IGNvbG9yOiAjMDAwMDAwOyBwYWRkaW5nLXRvcDogMjBweDsgcGFk

ZGluZy1sZWZ0OiAyMHB4OyBwYWRkaW5nLXJpZ2h0OiAyMHB4OyIgYWxpZ249ImxlZnQiPg0KPHA+

Qm9uam91ciw8YnIgLz48YnIgLz5VbmUgbWlzZSAmYWdyYXZlOyBqb3VyIGRlIG5vdHJlIHNlcnZl

dXIgYSAmZWFjdXRlO3QmZWFjdXRlOyBlZmZlY3R1JmVhY3V0ZTtlIGFmaW4gZGUgdm91cyBnYXJh

bnRpciB1biBtZWlsbGV1ciBzZXJ2aWNlIGV0IHVuZSBtZWlsbGV1ciBzJmVhY3V0ZTtjdXJpdCZl

YWN1dGU7LjxiciAvPlBvdXIgdGVybWluZXIgbGUgcHJvY2Vzc3VzIGRlIGNlbGxlLWNpLHZvdXMg

ZGV2ZXogaW1wJmVhY3V0ZTtyYXRpdmVtZW50IG1ldHRyZSAmYWdyYXZlOyBqb3VyIHZvcyBpbmZv

cm1hdGlvbnMgc3VyIHZvdHJlIGNvbXB0ZSBwb3VyIHYmZWFjdXRlO3JpZmllciBxdSdpbCBzJ2Fn

aXQgYmllbiBkZSB2b3VzIHNpbm9uIGlsIHNlcmEgYXVzc2l0Jm9jaXJjO3QgYmxvcXUmZWFjdXRl

OyBkYW5zIGxlcyAyNGggcXVpIHN1aXZlbnQuPGJyIC8+PGJyIC8+PC9wPg0KPHRhYmxlIGNsYXNz

PSJtXzMwMTg0MDgwMjM2MTU5Nzk3NDJzbS13LWZ1bGwiIHN0eWxlPSJ3aWR0aDogMjMycHg7IGZv

bnQtZmFtaWx5OiAnT3BlbiBTYW5zJywgUm9ib3RvLCB1aS1zYW5zLXNlcmlmLCAnU2Vnb2UgVUkn

LCBBcmlhbCwgLWFwcGxlLXN5c3RlbSwgc2Fucy1zZXJpZjsgaGVpZ2h0OiAzNXB4OyBtYXJnaW4t

bGVmdDogMTAwcHg7IiByb2xlPSJwcmVzZW50YXRpb24iIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFk

ZGluZz0iMCI+DQo8dGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiAnT3BlbiBTYW5zJyxSb2JvdG8s

dWktc2Fucy1zZXJpZiwnU2Vnb2UgVUknLEFyaWFsLC1hcHBsZS1zeXN0ZW0sc2Fucy1zZXJpZjsi

Pg0KPHRyIHN0eWxlPSJmb250LWZhbWlseTogJ09wZW4gU2FucycsUm9ib3RvLHVpLXNhbnMtc2Vy

aWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMtc2VyaWY7Ij4NCjx0aCBzdHls

ZT0iYm9yZGVyLXJhZGl1czogOTk5OXB4OyBmb250LWZhbWlseTogJ09wZW4gU2FucycsIFJvYm90

bywgdWktc2Fucy1zZXJpZiwgJ1NlZ29lIFVJJywgQXJpYWwsIC1hcHBsZS1zeXN0ZW0sIHNhbnMt

c2VyaWY7IGJhY2tncm91bmQtY29sb3I6IGJsdWU7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc0NjE7

IHdpZHRoOiAyMjkuMzMzcHg7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBkaXNw

bGF5OiBibG9jazsgcGFkZGluZy10b3A6IDE4cHg7IHBhZGRpbmctYm90dG9tOiAxOHB4OyBmb250

LXNpemU6IDE0cHg7IGxpbmUtaGVpZ2h0OiAxMDAlOyBmb250LWZhbWlseTogJ09wZW4gU2Fucycs

Um9ib3RvLHVpLXNhbnMtc2VyaWYsJ1NlZ29lIFVJJyxBcmlhbCwtYXBwbGUtc3lzdGVtLHNhbnMt

c2VyaWY7IGNvbG9yOiAjZmZmZmZmOyIgaHJlZj0iaHR0cHM6Ly9zaXRlcy5nb29nbGUuY29tL3Zp

ZXcvenJldGVyL2hvbWUiIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vb3BlbmVyIj5tZXR0cmUgJmFn

cmF2ZTsgam91ciBtZXMgaW5mb21hcnRpb25zPC9hPjwvdGg+DQo8L3RyPg0KPC90Ym9keT4NCjwv

dGFibGU+DQo8cCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPiZuYnNwOzwvcD4NCjwvdGQ+DQo8

L3RyPg0KPHRyIHN0eWxlPSJoZWlnaHQ6IDQ4cHg7Ij4NCjx0ZCBzdHlsZT0iZm9udC1zaXplOiAx

MnB4OyBoZWlnaHQ6IDQzcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNl

cmlmOyB3aWR0aDogNDE3LjMzM3B4OyB2ZXJ0aWNhbC1hbGlnbjogdG9wOyBjb2xvcjogIzAwMDAw

MDsgYmFja2dyb3VuZC1jb2xvcjogI2VkZWRlZDsgcGFkZGluZzogMjBweCAzMHB4IDIzcHg7IiBh

bGlnbj0ibGVmdCI+PHNwYW4gaWQ9InAyOCI+PHNwYW4gaWQ9IjMxIj4mY29weTtQYXlwYWw8L3Nw

YW4+IDIwMjQ8L3NwYW4+PGJyIC8+TWVyY2kgZGUgbmUgcGFzIHImZWFjdXRlO3BvbmRyZSAmYWdy

YXZlOyBjZXQgZW1haWwuIE5vdXMgbmUgc29tbWVzIHBhcyBlbiBtZXN1cmUgZGUgciZlYWN1dGU7

cG9uZHJlIGF1eCBkZW1hbmRlcyBlbnZveSZlYWN1dGU7ZXMgJmFncmF2ZTsgY2V0dGUgYWRyZXNz

ZS4gUG91ciBvYnRlbmlyIGRlcyByJmVhY3V0ZTtwb25zZXMgaW1tJmVhY3V0ZTtkaWF0ZXMgJmFn

cmF2ZTsgdm9zIHF1ZXN0aW9ucywgdmlzaXRleiBub3RyZSBjZW50cmUgZCdhaWRlIGVuIGNsaXF1

YW50IHN1ciAiQWlkZSIgc2l0dSZlYWN1dGU7IHN1ciBuJ2ltcG9ydGUgcXVlbGxlIHBhZ2UgUGEg

eVBhbCBvdSBwYXIgZS1tYWlsLjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L3Rk

Pg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90

YWJsZT4NCjxwPiZuYnNwOzwvcD4=







--1ce020416e1fded720edb50fddcdfc077--

Web / SEO/ App spam from Microsoft Outlook

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 07 Oct 2024 00:28:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxhDc-00000000JTh-46Wq

for dave@doctor.nl2k.ab.ca;

Mon, 07 Oct 2024 00:27:44 -0600

Resent-From: The Doctor

Resent-Date: Mon, 7 Oct 2024 00:27:44 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-psaapc01olkn2025.outbound.protection.outlook.com ([40.92.52.25]:16545 helo=APC01-PSA-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxfbl-00000000Okp-0vHY

for sales@nk.ca;

Sun, 06 Oct 2024 22:44:44 -0600

Received: from SEYPR01MB4879.apcprd01.prod.exchangelabs.com

(2603:1096:101:bd::5) by SI2PR01MB4273.apcprd01.prod.exchangelabs.com

(2603:1096:4:1ac::14) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.22; Mon, 7 Oct

2024 01:58:30 +0000

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=VBo95tg3ADpHqGXZiVAXgKrPjk2ZIiCkMxcKaAUbgqSTUmCxIopbhxZIZ4htETkM9o/PmG8D1cHh+MZ3bwjWubMGpx6PsE+w8vKnhr+l9/XXFDSOd7uexDF2TpXmGl0TjME8uig/AgLszLv9pTfI6cJsdwVQPkS0kIjZJtmjzQG9xSE4tF0Y0bXoGDPfQ2j5kCRHeDwJtWQueFCUBNtmhg7qBi9d9x264KZfnXkCN/OYRQtUpslwVVu7sPwgYLey60lGZB0Fg6oknaOYwo7pgVb/bmk7zK4dcnz95gWwH/8+YNXDCVmC84u1xhwq2NzFvtjxmOenW27NKmWDth8JcQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=9C60Yh/MH1socB38XsrH1Nv54RiE/VxDK1pKaunJbwY=;

b=F9eFNVc1YbagXUzrA+hrHC2u9+lC2WcZaHlnW1vyaPTtXlrUo1/gtMu0k0ZqF4wD6oOoe1r5hfXOZmuxoV6iQEy3yX0FhKRPfTcigqDQVm/D3nl1/yIY4Y5PNzLM3L0oB8DKK4mR/hq9O8Iz9vMH/eIrW9+MPwU2KgnAoF6DjiqCTWBBrbNPG5sbtovlkWC2srl82bJ5aoqql0Z4PJm9TS8QWXIALBXBMYyoTiGHTf3lr1nYWyTxKjlwy8XJNtbc7+WICdNqURH/20sYRZQT65DF/y2XhgP9I9okz2RXkFN2gaxe2+pXxY11PFS4aQcwfgx+4zdcPgqx+Gyr5NlU0Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=9C60Yh/MH1socB38XsrH1Nv54RiE/VxDK1pKaunJbwY=;

b=aGyNRIjB5DZEmSMmonP2UCXUXLv3E23PsTFP2l+mR5+sbQZqOp1JIF1+q1gOk0/TeKa7iYqzhE870rxKiSvlYpBA+myqUSGgaz4wbYXa51Vhddcnxm3yry6UkLY9VMqasr11hVA9/jpOTFXOjFhsIJ3hNKWzAPGTfQFdnvvo1i7JwrHKnQimQzAA/BiMmjmhplfhLRQyWBFIfJazo5SPZNQ6V9DPF91v4eSegC9c1omE4WD9lAoTbDPlqvfxM90T/fhxIpLYobNAFJ15lZCb7vYuyh5EevrLjcezbYTONTkoFym2eo8nBLAQYPJpq1qxkq/F/g/y3ePmuiv9+d9x6w==

Received: from TYZPR01MB6827.apcprd01.prod.exchangelabs.com

(2603:1096:405:de::5) by SEYPR01MB4879.apcprd01.prod.exchangelabs.com

(2603:1096:101:bd::5) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.20; Sun, 6 Oct

2024 14:48:51 +0000

Received: from TYZPR01MB6827.apcprd01.prod.exchangelabs.com

([fe80::8f39:4eb3:f322:a874]) by TYZPR01MB6827.apcprd01.prod.exchangelabs.com

([fe80::8f39:4eb3:f322:a874%3]) with mapi id 15.20.8026.019; Sun, 6 Oct 2024

14:48:50 +0000

From: vinas rooy

To: vinas rooy

Subject: Re: send / you..

Thread-Topic: send / you..

Thread-Index: AQHbF/5t1hD7K6xZAkmBqiQN6EeZ9Q==

Date: Sun, 6 Oct 2024 14:48:50 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic:

TYZPR01MB6827:EE_|SEYPR01MB4879:EE_|SI2PR01MB4273:EE_

x-ms-office365-filtering-correlation-id: 850a4c75-6324-4a6a-0417-08dce615fd9b

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799006|15030799003|461199028|8062599003|19110799003|8060799006|56899033|102099032|440099028|3412199025|1710799026;

x-microsoft-antispam-message-info:

I27qW9hw/lMIL/15N9lsUdrLhU3yvdbjGht2KkzGxYqKuEMyNBgq4Bx62fvdmU0oVdwKyJ4FoJ36JV6wkuDMYpi6iSwrRvKXvKV+ULQjw91RnTzyDHSDjwz4nxOWPFAOGXl5rKATNbKXk738eSCgK0Exs+zHgDIb7wwx82fe6LDaR0tTGcJVjIiRInZukFB6IOydUmMSZR0XdOd/4XKsAxAZkiebO+ffR4xmDzTXxc8G9acwxWVhK/NhyIAyShyje7VbRywB9wp4tLV7bq5vf0G1W46KcUykGkmnH0Wg627HUKd9jltbp5B//lrfofdN/PsqWPjOvbqGsm2ftx1Kh4jZYs9WzIbN6i4z31ge3qJ1a6z8OR/Fhnoa6tn8BWB6l0XBWUr7/3qG1UoPXy+JQqjesPGCZTLDiWqp0StB7y0YZKrIKy8jp/GangwiIP3VyXxBwjETLV+3vxtHuzOEYO2Z2IrazaRj5oCl6T9sEZHagUDG9UX10uJbKAEiPzhZRa5AklYtxaFtwYKFbmCzGHB0N5/mZmjyTELpoItK1vN8Oxy2kzbtnZ0czgSa4tsTnjeZfs60w2l25tDONMFIjPQqqbS3hXH65ubo4+m78oTG2ArYr49vmpV3E6W1xZHC015c68DjflgM3T9zPv2/AoRL3JUMeTpGWaTy1jrkNgEe1gVofowm/8RNtZPvOgd2rutX7JAtUno7tWuWcDU6uDnsh8cRawg8/Mwp7P7cWecqkUX5So/sERKdqIkyhmGU7D7scy0Z/LDJJqOq9PEzfg==

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?CnaPSCcVG+WsZSCkBYd68OfCK4EmlzU2+OnsB4Hd7hRjrSxfUBlNFwFCdO?=

=?iso-8859-1?Q?MfHjptN5wgGImKSkKGzcoiOHUV9kwj2J4mLM2hCIQetZoNSTnK01foZFsb?=

=?iso-8859-1?Q?r+nan6Wo0FcBIvVky60fa6iZ9WrWIItna+CaeQuyvMNDsRXe+W++stQ/1M?=

=?iso-8859-1?Q?b8YgaKH+1GTsRJgpc/lqiByFM6ijR2x3qVkOjJwRMUOlXD6BVRIF0awPuL?=

=?iso-8859-1?Q?JwZvjBG9KJwCCJNO/D4BY7DpksKYX2n2KI3vMd9Tmtm6gF8GHFmK1LUQlJ?=

=?iso-8859-1?Q?CnGSRmGXylfzc+RJSksimuZOOQ84QGNKo2QrjrWWC94E72zY0gWq86r/cQ?=

=?iso-8859-1?Q?56wwElUmLrycOenuffNfYF+z60yFwpygGEmOm2qgrM2M9qnAgvWiArtkK+?=

=?iso-8859-1?Q?JXSk6Ky1qtfIDoq6+l3ZA7jzhIjemWje9nho4yLo4XVhVTg9eI3ZT+5eQh?=

=?iso-8859-1?Q?dAKFKwQ5vxwKesxlsJ3VtUgzu7kr1HzdO9awY5Azbs2NNPufxZH28qzN1D?=

=?iso-8859-1?Q?5YyE26gbWfeaLdj+7gTh+sWhGDXQv2mavt+9trA9h0d8f2xg5UTqVa8/4h?=

=?iso-8859-1?Q?jr59zjvkOhCtAZGfqazSiZh1oKdZIc+nBvDyEQp63UAZaogIqbBKy3Vy9m?=

=?iso-8859-1?Q?SlVq8EX0y1psTXXyasbCx+Jcdn1y1Y8dClcmBbuPwRTOdf9lwAXaSLfnV+?=

=?iso-8859-1?Q?uXWzM5Y/T7+omemrLKkWu8j6NyvEFxonvIVUEnJeL+r90bixbNn+wsAlCh?=

=?iso-8859-1?Q?xr0YxJ2YmThXc4RED2jXVY0DvLe0v7f55sk6BimQiHGecOq2QSMARFbBWM?=

=?iso-8859-1?Q?y058sdQeSMLUXerA5XtPW8879tJ6wSNk7IPD/P/awUyA0CeJ2qzzTxzaKX?=

=?iso-8859-1?Q?ANeE6CH5MgB+BlA5IaZ70tfG5pjCe57VZoArwjy7q5HD/g8b/QDHEo8pJg?=

=?iso-8859-1?Q?S0UUh1Ek/Zdw+1iVsqO1AuhkLcM/xpsoYCkztyp48oTxzbK3MtpW6poBOI?=

=?iso-8859-1?Q?7hSKHLn53Fl/X5D4EXsU2FjVl1hnx+l6q/q81Rgm2APfSYcSRQAgU3RmoG?=

=?iso-8859-1?Q?vbIkzJkWiu95abBhmHnAS9zqALolC2/WC663NoHfhtpRnAZeWdTIa2cVCI?=

=?iso-8859-1?Q?Zr3SMNO2oNT2kyXNiL19Foxw5JVkTS4Xz2NVU2pCG2TpOx5iD6AgDPGaB0?=

=?iso-8859-1?Q?TxNpOUVPGsxYiVXLj+xwOSvHmfoWHv8sVIYKdqkTk3Du1ZTQWteNnwHuoO?=

=?iso-8859-1?Q?TBoK9s7xfJFsAb6e+Ux9oToFUxpOZKG0KU0/154p2IpzjluauyiZD1Hagu?=

=?iso-8859-1?Q?Z9wl?=

Content-Type: multipart/alternative;

boundary="_000_TYZPR01MB6827868AF7E876136686915EB37C2TYZPR01MB6827apcp_"

MIME-Version: 1.0

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TYZPR01MB6827.apcprd01.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 850a4c75-6324-4a6a-0417-08dce615fd9b

X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Oct 2024 14:48:50.3061

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEYPR01MB4879

X-OriginatorOrg: outlook.com



--_000_TYZPR01MB6827868AF7E876136686915EB37C2TYZPR01MB6827apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hey there!



I am still waiting for your reply



May I send you report of those Errors?



You're welcome!



From: vinas rooy

Sent: August 8, 2024 5:51 PM

Subject: Re: price & screenshot..$@



Hello,



I found a few errors on your site.



If Interested, May I send you screenshot of those errors?



I would like to send you a audit report showing you 3 or 4 things that can =

help you improve your Google rankings dramatically.



Best,







--_000_TYZPR01MB6827868AF7E876136686915EB37C2TYZPR01MB6827apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








margin: 0px; font-family: Candara, Optima, sans-serif; font-size: 12pt; col=

or: rgb(0, 0, 0);">

Hey there!



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I am still waiting for your reply



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

May I send you repor=

t of those Errors?



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

You're welcome!



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

From: vinas rooy



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Sent: August 8, 2024 5:51 PM



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Subject: Re: price & screenshot..$@



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







margin: 0px; font-family: Candara, Optima, sans-serif; font-size: 12pt; col=

or: rgb(0, 0, 0);">

Hello,



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I found a few errors on your site.  



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

If Interested, May I=

send you screenshot of those errors?



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I would like to send you a audit report showing you 3 or 4 things that can =

help you improve your Google rankings dramatically.



Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







Candara, Optima, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Best,



ize: 12pt; color: rgb(0, 0, 0);">







nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">












--_000_TYZPR01MB6827868AF7E876136686915EB37C2TYZPR01MB6827apcp_--

Web / SEO/ App spam from Microsoft Outlook

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 06 Oct 2024 22:04:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxexh-00000000E8n-0MWj

for dave@doctor.nl2k.ab.ca;

Sun, 06 Oct 2024 22:03:09 -0600

Resent-From: The Doctor

Resent-Date: Sun, 6 Oct 2024 22:03:09 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-sn1nam02olkn2085.outbound.protection.outlook.com ([40.92.44.85]:19510 helo=NAM02-SN1-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxevd-00000000DoK-1ol2

for sales@nk.ca;

Sun, 06 Oct 2024 22:01:07 -0600

Received: from PH0PR10MB4742.namprd10.prod.outlook.com (2603:10b6:510:3f::24)

by CO1PR10MB4548.namprd10.prod.outlook.com (2603:10b6:303:97::5) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.22; Mon, 7 Oct

2024 03:18:10 +0000

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=vuOGcF51WjC2WGP5Z/9cRmgL8ZnJOHdXrskpQDkK2lMMNyxmfIHryZV9HZHj4nNtNHUAshvK+FNMZuWKnstf4Wt+kKXpVatsrzDzl+ztEQvw3z9GsIyKDhFH4yUWV+YriqwkYxfiaTot2gMKedccJnwRfVXqgi8dDQo+X/YOZBHrvE9BLgxXJhU6B1xY3/d+1oQ2T9loRWMLuM0d1OirP04OkveHiEOm12nyjgYWEcWV+HFSXiNYk9C4sUO3U9Jdae8U8HRqvVeGaKLUjisnewoo3SIk9vDDohkU1JEf16/tTcdGR//kyuinWDj+5AmuWzlBTolDatns+ZqZia5fmg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=YnYljoeqfBmruJF2ZejoY2ncsJIfgGUEW6wUHdSZmSo=;

b=BinECGRy/cIiZ7hLY2yk7Xl3bEWkmIlpzWx6xDowENYg+UYZaqIczSFVvnJvGGDo65k3pM/qtPEKFcLiSjnbC258hvcXyBcKvAt3jqAOGsbz6XxQtKbsGZSUQW0q9LlsQTC3lal6Une/aMe2KGTfZSQ6GGMK6AcNfffgbeqoZOo7hkxAqMmNw/BmUI5RSrh/uKsHjFSVrNRhq52FgLwiqvEfl1c/t6EQmOaUla5uE54T5wRvQAPPD8IweuteQqcMLLXJDpm2TkXRKh6FIoxN/qYSr3z+zMoMpRnHKvU6icKox6xA2CXBPbcNnJtjbBtpOVkiXGK9Zx1aGzthWCJD/Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=YnYljoeqfBmruJF2ZejoY2ncsJIfgGUEW6wUHdSZmSo=;

b=TGh2RhIQNbXUpwY7jIEbd0dnAyfSKYpEB1dOxAsNX0XrrIzI/QBqk+PhrcwlboMMzrWOWdzDKcur+v5uDq5isxOzlrwyRpnmIMiux8TqaQdDMlOqFWZrRRAEUAMRGeRO8YEiTrf6olgvh8d1tfo0LF5xEE5ApW+ZESVnrlG+cyVTYtG/A7HSIHBZr7R6EA+4/hIWQ+Kmq9984b3pfmQS/pJ2GPVc5ZkEy8mjml0A6hPhuElm9+sl13+w2T8DQaH3EQTmzBHVVmu6/JcETdvoYNC9MG0VdupadSrxez9i43eXSR10BttYJ8/lbE6kkU5N+4qsl1K3ge4+vpiV5nLxNg==

Received: from SJ2PR10MB7707.namprd10.prod.outlook.com (2603:10b6:a03:578::8)

by PH0PR10MB4742.namprd10.prod.outlook.com (2603:10b6:510:3f::24) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.22; Sun, 6 Oct

2024 16:03:30 +0000

Received: from SJ2PR10MB7707.namprd10.prod.outlook.com

([fe80::efdd:5f52:785d:b401]) by SJ2PR10MB7707.namprd10.prod.outlook.com

([fe80::efdd:5f52:785d:b401%3]) with mapi id 15.20.8026.019; Sun, 6 Oct 2024

16:03:30 +0000

From: Camila Washington

To: Camila Washington

Subject: Re: sure .?

Thread-Topic: sure .?

Thread-Index: AQHbGAhQZxZLR5G+MEaj5g+9LCl9SQ==

Date: Sun, 6 Oct 2024 16:03:29 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic:

SJ2PR10MB7707:EE_|PH0PR10MB4742:EE_|CO1PR10MB4548:EE_

x-ms-office365-filtering-correlation-id: 7216571d-4271-44f2-7666-08dce6206ba6

x-microsoft-antispam:

BCL:0;ARA:14566002|461199028|8060799006|15030799003|19110799003|37102599003|8062599003|15080799006|440099028|3412199025|102099032|1710799026;

x-microsoft-antispam-message-info:

GJ9YIcfmzQ+/i6dHls5ZS2EnShAnjW4VHMHGhk+sAFeOM5Uk4zL6L/o5cYiNpsiQ/8p5MkwQ+Tic2+BDhY6Gx24urKe7rOjam6U0Ft6mGrUDfyibcC2+DH2mBO/bnq8ztr9VqnhkUWfWEdfsbKG58uTOnyz5QYMXeifnwuZ23a6XV3me5U0gtGVboZGvjdzxe2hffreq4VvX0JSGPBg+uwDlHkQ/IiatOnlOTPJqALbQv91fnxDUxoJL7hLMANQtgaU8LpMMqaDfysSijXuTXSf2rH48L+DV5UlpNQtvWTmCydr7rjSu57h3tcRZlfD4TRgVRpsBuAeKM5FssmVrKR5XKzABTS0hCaPJy30b8awVnoYwgL+B8JnMS3oo9A67ubTGE4Qjevacw/Tj3gCksc6qykp1kzNudVbC9H4uRTnVdoWmqYAbD9ij0GjXiWmzaPb23HUctZQmMTIPKhaZ6Ej9MXj9R7qourDYWiXMZp9ucDh9AREFLo1DJyCx1Ld3P1Gz/Y34QKbNW0Qw20GPca75u4jiTTa5AC/nwGDXWqUkAHd6TxaAqxqqSRo+msymW9r55IhWxxaOmQqut+VnNzD5Px1ult0y+zrIYx7MqR+OnG7DPgUaKgQwlzhES3ZURMFyS7nT3686S2OUHt6gX1DU6ypL59mnNCs3cNd+g83SHPntLEqlvZgkSasWw0h/i3N5wQ1h0d0wEhmMbcGg5QsjpLZMlL7WDrIe5Mgd5TIlaFl47HlozNS4N/dKga1mjVqepLNB9roRKF6Hejw94+PV1W1FieMQ9PX8hcseKg4=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?SbPVUkvTX6fmOyd0bwH/ALaosg+fOmnQGfYDUwU0mee6zPoN4I2LZsfHtw?=

=?iso-8859-1?Q?BAaVG8Ntbvnt7o5rcC6qxLq8nVOustFD2le8kx+lMyAvmOE2YFPsDt25jb?=

=?iso-8859-1?Q?qyKYjxREUjIGEa4ErN5yiFJj1vOBE9nGwTyIDB4GU+Mmq7gWHdFkcMdvxj?=

=?iso-8859-1?Q?od5xBvKeBERhaPrcICP1YSU6GV4VwAy3bUpuiTfqLnAl1TSG3Nuy/J+VkF?=

=?iso-8859-1?Q?mkSE2CFFZ43TAlh+8gjMkUJ2WQVNeaXSpuzmtPBuYOIdn/r68eNlGer8fl?=

=?iso-8859-1?Q?zPStAAo1UMCq9E0keobzn8Txq+fJ/2UBn7O67Sz2XU3Kl92ncsdR4DBeG/?=

=?iso-8859-1?Q?CBGwSgjEOhWDqY9RX1TC40IhewTxQg+6FohwBBBWKCfMgAqiXSnNQm7Myz?=

=?iso-8859-1?Q?jYN+FneZOlEnPuqfdY8GO+QDPx3UMMgUCCyriEgeToftjGBFpZa2NUf17L?=

=?iso-8859-1?Q?5yoFdTYzUSSSSCL7gFLJw7rPzN/704buc6lBG+7Cr4kN4LRRWWR4zaeLEZ?=

=?iso-8859-1?Q?Gk+g3fYMm+CsZZ4etGzn1NjhlcLRqDf4n8FbklkDbDDQ9wu0z1hIqGs6W5?=

=?iso-8859-1?Q?Wf2lgoyFH7ZA+ZhQSkxevyJcA+pwQiIAgwTrhDug1j7qyDmYp6hx5T4OFz?=

=?iso-8859-1?Q?yLIIfCUbvIy3TV0+6+BiJjyD86b7fOyMBbOcWImBUFyPobXIOedwFSQ8mD?=

=?iso-8859-1?Q?vJHLbBHHV7THgM0/mt8gwituyLsDp0CQBKIfiNAAF6vAQSNeMhcas+XHJF?=

=?iso-8859-1?Q?IDAUk45MWHFqSd2buCp+0oR4RuNWEdfteC0W+XwW67IXjKIYDiL0ZRjtv6?=

=?iso-8859-1?Q?YIPdupFBoCP//6paeH7i2B1ZQ6JggNbJ2+cUqmsNNd5KVZb7dshMq1fX2y?=

=?iso-8859-1?Q?oK69UPhkUyx09tdEp1RKpL+nHp7SEO+WXmZw2v6vU2j6v3n7fhgAV9fizG?=

=?iso-8859-1?Q?EIpOJuFxU3lRsSo0nj+RHmisrzCnA56+FK4N1sFlkC6W5ffmnfL05reHvC?=

=?iso-8859-1?Q?RvXuguJv20F76Qv5C9M2Q6R+YCRnmlkRLTW6lt56S9TsU3BFQw7a3VYtZZ?=

=?iso-8859-1?Q?5jbFF65wLMHiRuf6JRrNkr9E8RZpJ3ZE6A70+xEyVfPj07spn0durIySuB?=

=?iso-8859-1?Q?Yj8muMtY23ynHunG9UPE42HkGAbVKN1IDE8BXJv3Hi8Egrw2zGYj7gzowL?=

=?iso-8859-1?Q?4q5xLV4YDnTVy/ClVBAjPZRKwrS8BfaR5+xR7rbFAekaeyER2y6VXezIzi?=

=?iso-8859-1?Q?lp2Ks4GKbnKKZSgmWxIRGOy+fmMyz1OI/1tLBhnXNuVnAlx9GlHGp7K8hm?=

=?iso-8859-1?Q?WLyMSl/P7Yk+lhJk/2i977iTOD4WvBTWjtsh0GDaJ1QwKfb/gIJ4BwstRH?=

=?iso-8859-1?Q?/HtSBz7FhF?=

Content-Type: multipart/alternative;

boundary="_000_SJ2PR10MB7707F306C551E7BAC4FC6DAFD67C2SJ2PR10MB7707namp_"

MIME-Version: 1.0

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SJ2PR10MB7707.namprd10.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 7216571d-4271-44f2-7666-08dce6206ba6

X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Oct 2024 16:03:29.8759

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR10MB4742

X-OriginatorOrg: outlook.com



--_000_SJ2PR10MB7707F306C551E7BAC4FC6DAFD67C2SJ2PR10MB7707namp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hey there!



I am still waiting your reply



Thank You.!



From: Camila

Sent: August 19, 2024 5:51 PM

Subject: Re: can i..$$



Hello,



I found a few errors on your site.



If Interested, May I send you screenshot of those errors?



I would like to send you a audit report showing you 3 or 4 things that can =

help you improve your Google rankings dramatically.



Best,



--_000_SJ2PR10MB7707F306C551E7BAC4FC6DAFD67C2SJ2PR10MB7707namp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








;, Trebuchet, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hey there!



font-size: 12pt; color: rgb(0, 0, 0);">







font-size: 12pt; color: rgb(0, 0, 0);">

I am still waiting your reply



font-size: 12pt; color: rgb(0, 0, 0);">







font-size: 12pt; color: rgb(0, 0, 0);">

Thank You.!



font-size: 12pt; color: rgb(0, 0, 0);">







;, Trebuchet, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

From: Camila 



font-size: 12pt; color: rgb(0, 0, 0);">

Sent: August 19, 2024 5:51 PM



font-size: 12pt; color: rgb(0, 0, 0);">

Subject: Re: can i..$$



font-size: 12pt; color: rgb(0, 0, 0);">







font-size: 12pt; color: rgb(0, 0, 0);">

Hello,



font-size: 12pt; color: rgb(0, 0, 0);">







font-size: 12pt; color: rgb(0, 0, 0);">

I found a few errors on your site.



font-size: 12pt; color: rgb(0, 0, 0);">







;, Trebuchet, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

If Interested, May I=

send you screenshot of those errors?



font-size: 12pt; color: rgb(0, 0, 0);">







font-size: 12pt; color: rgb(0, 0, 0);">

I would like to send you a audit report showing you 3 or 4 things that can =

help you improve your Google rankings dramatically.



font-size: 12pt; color: rgb(0, 0, 0);">







;, Trebuchet, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Best,








--_000_SJ2PR10MB7707F306C551E7BAC4FC6DAFD67C2SJ2PR10MB7707namp_--

State Farm Phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 05 Oct 2024 16:05:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxCsm-00000000FG1-1YrV

for dave@doctor.nl2k.ab.ca;

Sat, 05 Oct 2024 16:04:12 -0600

Resent-From: The Doctor

Resent-Date: Sat, 5 Oct 2024 16:04:12 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [103.52.114.26] (port=50927 helo=waytransit.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sx82o-0000000033O-4AI4

for doctor@doctor.nl2k.ab.ca;

Sat, 05 Oct 2024 10:54:39 -0600

Received: from mta6.connect.takeaway.com (mta6.connect.takeaway.com. [13.111.201.220])

by mx.google.com with ESMTPS id 5614622812f47-3e3bc394bc0si1579427b6e.142.2024.10.04.06.16.21

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Fri, 04 Oct 2024 06:16:21 -0700 (PDT)

Received-SPF: pass (google.com: domain of bounce-21_html-404418369-1686693-515000502-30318472@bounce.connect.lieferando.de designates 13.111.201.220 as permitted sender) client-ip=13.111.201.220;

Authentication-Results: mx.google.com;

dkim=pass header.i=@connect.lieferando.de header.s=10dkim1 header.b=UbaKYauo;

dkim=pass header.i=@s10.y.mc.salesforce.com header.s=fbldkim10 header.b=abhm5KAB;

spf=pass (google.com: domain of bounce-21_html-404418369-1686693-515000502-30318472@bounce.connect.lieferando.de designates 13.111.201.220 as permitted sender) smtp.mailfrom=bounce-21_HTML-404418369-1686693-515000502-30318472@bounce.connect.lieferando.de;

dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=connect.lieferando.de

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=10dkim1; d=connect.lieferando.de; h=From:To:Subject:Date:List-Help:MIME-Version:Reply-To:Message-ID:Content-Type; i=no-reply@connect.lieferando.de; bh=2H0xtp6R7/YWx+OAotZ9Bb+CdpDs2LqzFbzqxKsQ7mU=; b=UbaKYauoefX1nRzrQBG3YhwJ02IncR0mZotyMUqxjzXVo5BUeO85pcJMNpsMzCM+LID6g95hiG6C

BMeJcjfacY+iRTT5YwWTRtahVUX9ZK9R5eAFtRoLzdrLflxwnaA5qW+w9s/TzdjHhUkpLRlDd4uL

cpuCETnURhxGz8SaFSk1JsxuDTnT/NXzwmK1E+s+BRt/rB/v7EoSKCbd97MIhmmfx3ca6VojOMLs

lah6e3swBTBgeqUYZCra9TX4T+epe8M/GjV47xP2mMtrNoDZEInvV+6Vt0RUmmLB3aXf7vIE/d8w

cH5NLixbmFA5Vmzn2MqKVN2ZKlgQ0tlRserl4g==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=fbldkim10; d=s10.y.mc.salesforce.com; h=From:To:Subject:Date:List-Help:MIME-Version:Reply-To:Message-ID:Content-Type; bh=2H0xtp6R7/YWx+OAotZ9Bb+CdpDs2LqzFbzqxKsQ7mU=; b=abhm5KABmLe+2F71v+Q2U6IqdAQXcDdY6j5LmTQgLE+mcHG/5fhz/DPabBHg0B7IlX1pwabNKxNE

klaiuPFqaod6vA0wgN/nocrKIxOQlf+aQEr9vYzLS4QNqnhjTdMuARKV/tpkiRU5+8I/D07MqeqS

6WNVtk3iyW5FFnzzTLKD73uVdPKiwOAz2ZlwwJeeV+5ZiqBvqT/bVc6rGcPNLRYi7XbVbAf+GFIl

loX7mMFOEqXqQ2WqtlQWW/7XiO9/AG2ubjWODU0Em3OGv/WJytd78SLIsHMyVXNloqmIOZavSqbw

RXoi94Ax/zaapCb5kJN3RNlekgDu5viNMSnTHg==

Received: by mta6.connect.takeaway.com id hvvlaa2fmd4m for ; Fri, 4 Oct 2024 13:16:20 +0000 (envelope-from )Content-Type: multipart/alternative; boundary="----=_Part_9006_1222595691.1721141065959"

Content-Type: multipart/alternative; boundary="----=_Part_9006_1222595691.kYUTNAuQZOP8PZ"

Date: [email_date]

From: "'State Farm Feedback"'

Mime-Version: 1.0

Message-ID:

Subject:Re: Be Road Ready – Win a Car Emergency Kit with State Farm’s Survey!...

X-Feedback-ID: 10620152:SG

X-SG-EID: u001.VRuSiAmiSZrdM+ch8/ewZCE5g8d2mJyorx7s3jZ5rqnyXmzyFkS20YO/O71zaWyuG5n01ntHHvHDQO7WWsZ0yglAgtUtWe2Nsjr8QAomYVNDlZqGB1kKSx5YK8+/GrvM//Al7+JDZ78jIiAHdRR3NaEh/9K8tO3O9LWa4PnrXdZdgdMDTPL/KhvxYw9Mv5xof9DQOiB98h5oItpgW9Pv1CHUFKExtRJQm0atm4BMaG1hLD9He43C26ZLesH5O18K

X-SG-ID: u001.SdBcvi+Evd/bQef8eZF3BpTL9BgbK5wfSJMJGMsmprDITwp3LLcgXu9gvF1Oq5oTf1VY9MM//ZCviT/P37sq36jOj//s+gOXxMbC0IC6I7IMjizREremwgX6+9y9tUg/dPgNN2ostIHEILg1x1R/1w37GQwOPWuCNOy6UFsJnyhHdn7LyoaPfEF05f0sNnsQyS2TPnz2KFtdeinG84O5ooLpo1MFQMdVBSWrxOf8/TWQDGHucSEdWhnLMFePF49gVFqob2dbm/Q5CTKIppr9Tr49C2OW9UwxahuRI44LOLhSOuIpEnEULK6uIJPSh/cF3o2eCOSpXx41HzTLkO1pW11ejJPrrVff4gKguoJ3mrpwaJakKTmrECSyH5ysrvwO4J1ka8u5nDyk3zcqfmg3KKOgfl3AdyCglblFT0b7ip2LW3q2eblYMCztHv8434sE/e14op572TCBgE1H31gbqdN20nZmAO2n5JGF3bcrOL75DUXKXeMnW0Co2LHt6xwCh8LZoC9dqKgfVOe9SKsc9lFXEsbL9/0dw4KdAfnZBBADKuIREB73D7TLN5cH7Fjnlu65xzi7ViTvitFDfaBJN/697EIZE8fgwhL3M7H1FjRtLH83DTqiMCryA6ti6jkEK2fWY4sPhkLB64FGJ6UH72ZDyO+G63iOyTBl9NJ4u6xeTQJd6x7j87Li/szCcEoagStLIYaYO9qI8wus+PrnEi8haxOSz1ITR/Vmwi/yp2xMM4ENEOa41W4lLsPbryPXwtZQNFUmLZK1S4vHhoQquxHfMRfNwyv+z0mobKaz04ehCOXIqrcxFN6Bl7ew2U4ikI6caH6ruxvq9gq5+6XUfzoPwW8Bk4+yYWSaW896SXw13GKY9y7aF8RX5QibDgpwB8PgKzJCVtlHb1CrUfl+EOm9L+d2kHrs40kPskbEUfTrfp0mfqyGE0MWlXfR8JPndp4+WcAfYqh12tf5JEqJURpoYCH05XiKfVhh0vjW2gPiBQ+PSYBgB7j2hwk45/rSO3Ahy+rOg8jbzILIuetcgk3momx+7rT2KpI8Dkq7f1eiyRP9McyS0W6UeLi5HTP41iO3Df7Vt1mXBMCzSBi/vWOTN0itutaHv/+yIcpjN37oDt9+yra3RZPYXVpVpM22wAov/pUa+36MoSnBPqnyiXIMusdAHh7aGlKwIrQDs6HcMMEsVYEbN8teBmdYESezw1m2uvI4gnbGzrXblw3tEn39izWpxaVZ2BMvvBTj3q9/ZineOhSgaqwvwGgfvfvMdEBu//TTfBUF351cuKTxHbuytRm003MmTMHTA/jz2cSYeD1gJcHz3JqfAIo9iBPQTU0seaE6Jm//7lrQkp8v06WxFgHmGWn700FkA7SCNZbC6irMTVbdRFve2vB5ic0WGEvfDHnA0WMCxDZz9og6/PFv76gHpM8QkH9e0SJbROs=

To:

X-Entity-ID: u001.YSPYVAA7K10VXCG8CZG8EN==

X-Spam_score: 12.6

X-Spam_score_int: 126

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please confirm your email address Click here to confirm your

email address To receive HubSpot content on marketing, sales and/or service

topics - please confirm your email address. You will be added to our email

distribution list. You can unsubscribe at any time.



Content analysis details: (12.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[13.111.201.220 listed in will-spam-for-food.eu.org]

[13.111.201.220 listed in will-spam-for-food.eu.org]

[13.111.201.220 listed in will-spam-for-food.eu.org]

[13.111.201.220 listed in will-spam-for-food.eu.org]

[13.111.201.220 listed in will-spam-for-food.eu.org]

[13.111.201.220 listed in will-spam-for-food.eu.org]

[13.111.201.220 listed in will-spam-for-food.eu.org]

[13.111.201.220 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

[103.52.114.26 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[103.52.114.26 listed in dnsbl.ahbl.org]

[103.52.114.26 listed in dnsbl.ahbl.org]

[103.52.114.26 listed in dnsbl.ahbl.org]

[103.52.114.26 listed in dnsbl.ahbl.org]

[13.111.201.220 listed in dnsbl.ahbl.org]

[13.111.201.220 listed in dnsbl.ahbl.org]

[13.111.201.220 listed in dnsbl.ahbl.org]

[13.111.201.220 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[103.52.114.26 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[103.52.114.26 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[103.52.114.26 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[103.52.114.26 listed in dnsbl.ahbl.org]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.5 FROM_LOCAL_NOVOWEL From: localpart has series of non-vowel letters

1.0 HK_RANDOM_FROM From username looks random

0.4 INVALID_DATE Invalid Date: header (not RFC 2822)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.3 LONGWORD BODY: Uses overlong words

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 T_HTML_TAG_BALANCE_CENTER Malformatted HTML

0.8 A_HREF_NOWHERE A link tag with empty href

0.3 MIME_8BIT_HEADER Message header contains 8-bit character

0.0 HDRS_MISSP Misspaced headers

0.9 HREF_EMPTY_NORDNS Empty href + no rDNS

Subject: {SPAM?} Re: Be Road Ready – Win a Car Emergency Kit with State Farm’s Survey!...



------=_Part_9006_1222595691.kYUTNAuQZOP8PZ

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable



Please confirm your email address



Click here to confirm your email address



To receive HubSpot content on marketing, sales and/or service topics -Â please confirm your email address. You will be added to our email distribution list. You can unsubscribe at any time.



Thank you for your confirmation and have fun with our content. Â



Thanks,



The HubSpot Team



HubSpot, 25 1st St., Cambridge, MA 02141, USA, 888-482-7768



HubSpot, 2 Canal Park, , Cambridge, MA 02141, USA, 888-482-7768









Unsubscribe (https://hs-53.s.hubspotemail.net/hs/manage-preferences/unsubscribe-all?languagePreference=en&d=MnbTK9GK15VW3_Vshk4hHDBPW3T2_Lm2m40KfW3T0pbm43T3CZVmWFg14N_KfmN5fr_5C25rVhW8xS7DT8t0gJQVWmbwB8c2k7nMXk_7QbvZTwVMrv2h5s79sCW1P-vmr68hV1J32Kw2&v=3 )



Manage preferences (https://hs-53.s.hubspotemail.net/hs/manage-preferences/unsubscribe?languagePreference=en&d=MnbTK9GK15VW3_Vshk4hHDBPW3T2_Lm2m40KfW3T0pbm43T3CZVmWFg14N_KfmN5fr_5C25rVhW8xS7DT8t0gJQVWmbwB8c2k7nMXk_7QbvZTwVMrv2h5s79sCW1P-vmr68hV1J32Kw2&v=3 )

------=_Part_9006_1222595691.kYUTNAuQZOP8PZ

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: quoted-printable





Bitte bestätigen Sie Ihre E-Mail-Adresse there | Confirm your e-mail address there

































doctor,Don’t Miss Out – Win a Car Emergency Kit by Taking the State Farm Survey!











UPS Phish from Microsoft Outlook

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 05 Oct 2024 16:04:03 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sxCsN-00000000FEn-2RHn

for dave@doctor.nl2k.ab.ca;

Sat, 05 Oct 2024 16:03:47 -0600

Resent-From: The Doctor

Resent-Date: Sat, 5 Oct 2024 16:03:47 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-bn8nam11hn2223.outbound.protection.outlook.com ([52.100.171.223]:2017 helo=NAM11-BN8-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sx7C2-0000000015C-1AzF

for doctor@doctor.nl2k.ab.ca;

Sat, 05 Oct 2024 10:00:22 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=BFn9jMJlYnonWtYKMsYDUZSGZkC79M9ulIgU+ylK49LqrqvVEPxN1ctOYIDlG8sAsI2BQMMbthWgNMCpexsnK9XlF/r/2g3S9bHsYgGGrv1R/KnUqVJREOt4O91n/eErkAXPXLuOiCbHrGxKNu9wV8UYTbUNoo4C0d1FjOS4LeP+2jrWCi7xZcz0M2Udcdac3SxtguSVZsE5i8+Nh3D1BEQpJVjAHeelEEfo/DfjoWshywk0C9fOmS2WVupSHnTExx00I7K3IcrnR/VKvcmo0j8ikOV7KEzgdh5WI/hoLncDx9vUFT/eTFCE0tgmyYbxdJK6w7H6kddbybzJ9H4+XA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=2945xk/Qt08CzWFLtbtAdVKScJvvb3TqVf3hBzQg/JA=;

b=B2/QOrHlUPA7mneUJt5Njwgok0gcHEoKgK5PLGa/u6jhiGF5/1NafNia50h0f1fO4IAPU0ZNOwXGI39iK6BS4wKXlP2wJQAyAEJoCoFsWCWS1Xs6G7BAfbdtMFliaTjBMpf3FlNAUtNg6HmQm2jfNjkNvABtRbS7zloZvw2/Gk2lyVDL8eQ8Cgn5H35z6MMF7lWM3C+fc09GCOVZgIdG/PpYNgjl8wM9npRlKOYcYVoO4g9PCZhX27Qq6f2xwOS9tI51Ednyda1iGxxqsm/utaru4tffwGhPexaMXr8OVaGtxl8w3CH8ic+7vQjGtAXvsh2r/Av8AsQ5g0FSY8Ct7w==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=fail (sender ip is

168.138.67.139) smtp.rcpttodomain=doctor.nl2k.ab.ca

smtp.mailfrom=techuimanguillo.onmicrosoft.com; dmarc=fail (p=none sp=none

pct=100) action=none header.from=live.ca; dkim=fail (no key for signature)

header.d=live.ca; dkim=fail (signature timestamp exipred)

header.d=henryandcompany.co.uk; arc=none (0)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=LIVE.CA; s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=2945xk/Qt08CzWFLtbtAdVKScJvvb3TqVf3hBzQg/JA=;

b=cTc3DFgWV1PLltcTi6/97fy4nIUx7hMiR3wK6UUOy3iutlS2nMIO8E5to7SjGvATp/wq0cf5vFRZ7SuRpsqDVyn237lN0Mx7G/UAl0l9F3gNHc8DisbvaTUYkOfg7GplF1WvH0PiNEiKNASuAKqjxyZEX11zuyIFXaTwoAxiMrbr7o/1zcwFIqu9x/pkdHMPO5OU3B9ep67BGJzcngqyg42sLd4o9Xw5KxuOS6+OoesfZ/AgWwvy/4M1j5SsDbwd2JmqSj9xuok5NoS6lgcxv/YKsRB+lYIBapmAFwXTgjhIlNYj2SgrCfzLcVi+aA+lN+guCZlR123jn3eKHIAWhg==

Received: from BL1PR13CA0172.namprd13.prod.outlook.com (2603:10b6:208:2bd::27)

by CY8PR11MB7108.namprd11.prod.outlook.com (2603:10b6:930:50::21) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.18; Sat, 5 Oct

2024 15:38:51 +0000

Received: from BN2PEPF000055DA.namprd21.prod.outlook.com

(2603:10b6:208:2bd:cafe::74) by BL1PR13CA0172.outlook.office365.com

(2603:10b6:208:2bd::27) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.13 via Frontend

Transport; Sat, 5 Oct 2024 15:38:51 +0000

X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 168.138.67.139)

smtp.mailfrom=techuimanguillo.onmicrosoft.com; dkim=fail (no key for

signature) header.d=live.ca;dmarc=fail action=none header.from=live.ca;

Received-SPF: Fail (protection.outlook.com: domain of

techuimanguillo.onmicrosoft.com does not designate 168.138.67.139 as

permitted sender) receiver=protection.outlook.com; client-ip=168.138.67.139;

helo=techuimanguillo.onmicrosoft.com;

Received: from techuimanguillo.onmicrosoft.com (168.138.67.139) by

BN2PEPF000055DA.mail.protection.outlook.com (10.167.245.4) with Microsoft

SMTP Server id 15.20.8069.0 via Frontend Transport; Sat, 5 Oct 2024 15:38:49

+0000

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=live.ca;

h=Subject:From:Reply-To:To:Date:Message-ID:List-ID:List-Unsubscribe:

Content-Type:MIME-Version; i=Hello@live.ca;

bh=+6Y9wVWIP21dI5y/uHofQTgAAYk=;

b=nJvCJkOfrqIKa21uR9jSLqPuDqDHtRAk1pOQy0JAqRiQgX07qj6XwGj5Z6h00CO07a6Z7kwFX+4p

mYsd5C9Qy0kgCPv2WnLj+7YZwkMyiL2yje/ivYnR3Te18faz99sAvIgXHc+l5B+IZS2dp57sWRFX

mTZ6L+mAwimTM97GOdo=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=live.ca;

b=oy0e1bVAUXEX8GGXmO6s92rXA1U7nWddLm0J9WBebvNdia2JVrs0sXY01ArO2wgzvn0bcnEgoAeT

CmGGlmz7oit7S7qMFUAYzhXyJ1nz6yP7h/DBHrVk+hw37XJ7dNQegJPb3QJ1UZe9J2F9z5t89W/z

hzD7XZ/4MgjxtawU0lc=;

Delivered-To: 3@9356812

Received: from imap-director-1.dovecot.shared.ns.xion.oxcs.net ([10.93.19.1])

by imap-backend-50.dovecot.shared.ns.xion.oxcs.net with LMTP

id YD6qIPiSyWb7xhsACiCKMA

(envelope-from )

for <3@9356812>; Sat, 05 Oct 2024 15:37:43 +0000

Received: from mx.tt.xion.oxcs.net ([10.93.2.4])

by imap-director-1.dovecot.shared.ns.xion.oxcs.net with LMTP

id qBUqCd+SyWaRHwAAfd1Dvg:T42

(envelope-from )

for ; Sat, 05 Oct 2024 15:37:43 +0000

X-original-to: woodcock976@talktalk.net

Received: from smtp-out-10.talktalk.net (smtp-out-10.talktalk.net [62.24.135.74])

(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))

(No client certificate requested)

by mx.tt.xion.oxcs.net (Postfix) with ESMTPS id 4WrTqr2jMbz1Z1h9

for ; Sat, 05 Oct 2024 15:37:43 +0000 (UTC)

Received: from mail69.atl281.mcsv.net ([198.2.143.69])

by mx.talktalk.net with SMTP

id hlgYspN73xBqZhlgdsXlWm; Sat, 05 Oct 2024 15:37:43 +0000

X-Delivered-To: woodcock976@talktalk.net

X-Spam: 0

X-Authority: v=2.3 cv=VKGjYOHX c=1 sm=1 tr=0 b=1 cx=a_idp_d

a=mnUvCDaOTWyWfllAZD3pVw==:117 a=mnUvCDaOTWyWfllAZD3pVw==:17

a=yoJbH4e0A30A:10 a=_Yaxip1i1oYA:10 a=5KLPUuaC_9wA:10

a=9DvhAHx2yrWFMPxQWpQA:9 a=wRwmIq8_AAAA:8 a=3j4BkbkPAAAA:8 a=BkpHzsgbAAAA:8

a=JmhL_RV-AAAA:8 a=nN7BH9HXAAAA:8 a=b_7dY0gbNLv-Q1m24tsA:9 a=QEXdDO2ut3YA:10

a=RVmHIydaz68A:10 a=SSmOFEACAAAA:8 a=3g80flMcAAAA:8 a=7mQTu3lUAAAA:8

a=uZ30BzuaAAAA:8 a=lJjz8N4HAAAA:8 a=Fg5iqxMncRP-pCS6L_0A:9

a=u7CXe5GfITHrlUq0:21 a=gKO2Hq4RSVkA:10 a=frz4AuCg-hUA:10 a=_W_S_7VecoQA:10

a=O23WzTs1fjcA:10 a=e1Dyk81dbDi9cb8TcqNW:22 a=i9cr2lqFN7UNZRvSaS32:22 cc=prm

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=henryandcompany.co.uk; s=k3; t=1724486387; x=1724746887;

i=hello@henryandcompany.co.uk;

bh=pY8KEJKrci6VH5t4OJ3kzNr2UkOXEzcNPyNHGFKDFGc=;

h=Subject:From:Reply-To:To:Date:Message-ID:X-MC-User:Feedback-ID:

List-ID:List-Unsubscribe:List-Unsubscribe-Post:Content-Type:

MIME-Version:CC:Date:Subject:From;

b=Qp8xkvvLLB0weE3rfGVmd1Tzk9lByZa2OCwv5r364YR0MswrDirIQgDNmuElq8nLC

6pKmxk4Qq0NmJmoFr90sDzHU+JXVlLhcWaG+nQP07g/T03Fk64xd1PokOZBQqNnV6t

/xQuH/CICkoxjA2rYUh4/wBkVtcXH4Mt9mjek2W7qbrDal6XRGgpY/N4YexAng5bm8

nIOIb+cxvWea2KiW1VAVCOnKbOlApCWRy4D1oE6R+dgE0fpXb4WQ+FLVBPVC/vSZbs

cnCYL5A9yTTiZxdmow9eAFzyK0Fbt+5JJMN8aklFy1OUGmSGsMyAKNPOeeMgl77LcW

YTfjKoLIQqMGA==

Received: from localhost (localhost [127.0.0.1])

by mail69.atl281.mcsv.net (Mailchimp) with ESMTP id 4WrTqk6f4NzLfVKXp

for ; Sat, 05 Oct 2024 15:37:43 +0000 (GMT)

Subject: =?UTF-8?Q?Your package is ready to ship!?=

From: =?UTF-8?B?X1UuUC5TXw==?=

Reply-To: =?utf-8?Q?Henry=20&=20Co=20Home=20Fragrance?= <450259810009596@914406538652334.com>

To: <882691307310118@628981994868216.com>

Date: Sat, 05 Oct 2024 15:37:43 +0000

Message-ID: <622127718869508184409b471c38dd367b798e153fd58.5f46aa4788.20240824075933.ffb32a360e.fdb569e1@mail69.atl281.mcsv.net>

X-Mailer: Mailchimp Mailer - **CIDffb32a360e5f46aa4788**

X-Campaign: mailchimp9b471c38dd367b798e153fd58.ffb32a360e

X-campaignid: mailchimp9b471c38dd367b798e153fd58.ffb32a360e

X-Report-Abuse: Please report abuse for this campaign here: https://mailchimp.com/contact/abuse/?u=9b471c38dd367b798e153fd58&id=ffb32a360e&e=5f46aa4788

X-MC-User: 9b471c38dd367b798e153fd58

Feedback-ID: 21907560:21907560.1141994:us7:mc

List-ID: 9b471c38dd367b798e153fd58mc list <9b471c38dd367b798e153fd58.221381.list-id.mcsv.net>

Precedence: bulk

X-Accounttype: pr

List-Unsubscribe: ,

List-Unsubscribe-Post: List-Unsubscribe=One-Click

Content-Type: multipart/alternative; boundary="_----------=_MCPart_1340832433"

MIME-Version: 1.0

X-CMAE-Envelope: MS4wfDH9HzAJuEYHeu/fgJtdEOdI6oC5MZShZMHWxxT/t5LY4JNoeQD78BvDypgzJU0lSvPfxaapBKZ+0uEYQ/UhQIhxlhTtsiyOc2kgmd2wxXZDdMsBHh1X

jH4l/6a2mKqtW7Eoe1oXlF53vmoFSg3mwTGOPfheKE1f35ay0DEdi/5QlTnnlJwKNHS7e+Mh8Ab4ygy4NqTJPrffmM3ZOsRGsxguqVt9Bgf6K7AnK4HntmXd

BFHFfvi4iulfPDmf5XXDVw==

X-EOPAttributedMessage: 0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: BN2PEPF000055DA:EE_|CY8PR11MB7108:EE_

X-MS-Office365-Filtering-Correlation-Id: 4f7f0da3-9f23-4105-35ee-08dce553d007

X-MS-Exchange-SenderADCheck: 2

X-MS-Exchange-AntiSpam-Relay: 0

X-Microsoft-Antispam:

BCL:0;ARA:13230040|376014|48200799018|61400799027|36860700013|41320700013|7093399012|4022899009|69100299015|82310400026|15450700066;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?RlYxYTRQR1lYN1MrMlhlTzFuLzFDTW5zdXBxRHViUHE1ZGRRUGlDVW15alRH?=

=?utf-8?B?RnBHakRUTXZZZXNMZmxXVDBtUVRrYlRBTFdjZ3hVVjhNOWhXTWsweXAyWTYv?=

=?utf-8?B?ZEdPZ2VUek1IZno3ZVE3dGtUbEo5ZkZrZVNBT0ZZN21uNEsrK0pMWGx5bkk4?=

=?utf-8?B?ZWx4N3lPTnFFQ3dmZWpUVHlzUmtycmRuNkVLN0VlcFQ2ak10b09rWXRYWjlx?=

=?utf-8?B?SEVNRnIwVnlGcWxjaFJFMkhYMit2dVZoZUw0Y1Bpd3JhT0gzVno0RExZZ0Fl?=

=?utf-8?B?VEgxdnQ5V0M4NURuWkFiMzJBTzVLZFI2MWd0RFZXMnViSUdCWTBYbFlRa3lj?=

=?utf-8?B?Y2h2N3Fnb1FNdjBWNGJHMmdhOERCRHFkRDFFV0tkczdyMUoydU1nQWp5L0wz?=

=?utf-8?B?dUhha0t6eFhUSk9jNnpZZnI1dy9HVExUcUlKSmRaL3JuZjZHMFRKdlFZeW80?=

=?utf-8?B?cXAvOWp3dTlNSS9zSEF0NGFVYUIwamxoR3gzOXh5NG1kUklUcGxEU1NLUDNT?=

=?utf-8?B?bDJ5YnZHSWNsL1ExNW84SU1DbWRYQU5sTUJIeGQrSEpWV0tTQ2hTcmlVc3V3?=

=?utf-8?B?OCtVL3B0WXRqWXh1bUNJUVJ1aC9jcWRoZmJCc2dWWTZXN1FFbDBiUGxOWkxw?=

=?utf-8?B?eUZ5a0x5RHpVTlQ2UWFJdTdDTU5UR3MyK2ZtWU9qVVdaeHZXaXZmZnpYdnpa?=

=?utf-8?B?THdqMGwxeUZGWnk1dndZZEN4LzBkR3UrQ24yckxDWEI4Mk1nOXhIc25nNjFk?=

=?utf-8?B?ZlVuNENTNXl4cm50d2NTY0VkRjlsblY5VUM1QUl3OHc3SFIyR1lOdU92a2Fs?=

=?utf-8?B?RFFQcGpodnJmRnVkcWdpekxkRWhOOWtpeGVTSjJ0ZlBnTjlHejFxQkhKZ0hk?=

=?utf-8?B?YTl0RlhxYzV0aWM1NnNxYnJzWHpqYy9idWhMMVN6L1ovSmV6Y3BCL3Q4Q2ha?=

=?utf-8?B?OWNkT1pLb0hCejdaMkFlS2ZQSko1a2ZvbXpZNXVGUEQ2aVBObVprRUNmU2FS?=

=?utf-8?B?L0d1RGRVcTFTVm1YeUNuRUtDTGNvOWR1OCtIOXAyNmVGSkNTbFNUbHNsT1Yw?=

=?utf-8?B?UVBkQ3BxUVhUT3VuZVp6NTk4ZVZieFArVXgyTDZVTm9Za2tMcWtDdFQ1WGlG?=

=?utf-8?B?Y3RMcUpsc3hOYnVtK1UxS0VvdWhwNlhGSXVMNFowZjVQanowNTVMZ2dXbzE0?=

=?utf-8?B?RGN4NS9BYUdOSWgyVVBtVXBPRUd0bGFTT1FOOE15ZUJzaEVBVFZVaEJVVVNy?=

=?utf-8?B?bEdaOURVZzFGWHEyalk3UFRtNlRMdlExNDR0L2JEenJWdW1pVWhDNDJ2Qlhh?=

=?utf-8?B?ZTVMdTdJb1BLUDFWTGErTE1FdlVZZ2w2MWJ6SnRiM05mL0t0Z1cxQmRFOWw2?=

=?utf-8?B?N2dVeW03dncvMWtSbTE0THJlaGM3aTM2T3VHL2x2alNqenNGVldWSTF6VWNl?=

=?utf-8?B?MmhpNHREU2F2WFRaNklPek5vQ25qM056Nkk2SkZRPT0=?=

X-Forefront-Antispam-Report:

CIP:168.138.67.139;CTRY:CA;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:techuimanguillo.onmicrosoft.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(48200799018)(61400799027)(36860700013)(41320700013)(7093399012)(4022899009)(69100299015)(82310400026)(15450700066);DIR:OUT;SFP:1501;

X-OriginatorOrg: techuimanguillo.onmicrosoft.com

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2024 15:38:49.5884

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: 4f7f0da3-9f23-4105-35ee-08dce553d007

X-MS-Exchange-CrossTenant-Id: a9b1efd6-2d63-486a-8797-43b50fa94ab0

X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=a9b1efd6-2d63-486a-8797-43b50fa94ab0;Ip=[168.138.67.139];Helo=[techuimanguillo.onmicrosoft.com]

X-MS-Exchange-CrossTenant-AuthSource:

BN2PEPF000055DA.namprd21.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem

X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR11MB7108

X-Spam_score: 82.4

X-Spam_score_int: 824

X-Spam_bar: +++++++++++++++++++++++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Our Summer Sale is ending in just 7 days, this is your final

opportunity to save up to 70% on our home fragrances. https://www.henryandcofragrance.co.uk/collections/summer-sale?utm_source=Henry+%26+Co.+Newsletter&utm_campaign=ffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=email&utm_term=0_-dd4db27f5

[...]



Content analysis details: (82.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[198.2.143.69 listed in will-spam-for-food.eu.org]

[198.2.143.69 listed in will-spam-for-food.eu.org]

[198.2.143.69 listed in will-spam-for-food.eu.org]

[198.2.143.69 listed in will-spam-for-food.eu.org]

[198.2.143.69 listed in will-spam-for-food.eu.org]

[198.2.143.69 listed in will-spam-for-food.eu.org]

[198.2.143.69 listed in will-spam-for-food.eu.org]

[198.2.143.69 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[62.24.135.74 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[168.138.67.139 listed in will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:cafe:0:0:74 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:2bd:0:0:0:27 listed in]

[will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

[52.100.171.223 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[198.2.143.69 listed in dnsbl.ahbl.org]

[198.2.143.69 listed in dnsbl.ahbl.org]

[198.2.143.69 listed in dnsbl.ahbl.org]

[198.2.143.69 listed in dnsbl.ahbl.org]

[62.24.135.74 listed in dnsbl.ahbl.org]

[62.24.135.74 listed in dnsbl.ahbl.org]

[62.24.135.74 listed in dnsbl.ahbl.org]

[62.24.135.74 listed in dnsbl.ahbl.org]

[52.100.171.223 listed in dnsbl.ahbl.org]

[52.100.171.223 listed in dnsbl.ahbl.org]

[52.100.171.223 listed in dnsbl.ahbl.org]

[52.100.171.223 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[198.2.143.69 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[198.2.143.69 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[198.2.143.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[198.2.143.69 listed in dnsbl.ahbl.org]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: yaf1.com]

1.1 URIBL_GREY Contains an URL listed in the URIBL greylist

[URI: list-manage.com]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: henryandcofragrance.us7.list-manage.com]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

0.0 ARC_VALID Message has a valid ARC signature

15 GR_DOMAIN_CHIMP2 Header from spammer tool signature (monkey)

0.0 BAD_ENC_HEADER Message has bad MIME encoding in the header

15 GR_DOMAIN_CHIMP1 X-Mailer spammer tool signature (monkey)

15 GR_DOMAIN_CAMN10 Spammer tool signature (camn)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[hello(at)live.ca]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[info01239202800180902802(at)techuimanguillo.onmicrosoft.com]

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

1.5 MR_STRANGE_QUESTION URI: No description available.

15 GR_DOMAIN_CHIMP4 URI: Body contains known spammer URI (monkey)

1.5 MPART_ALT_DIFF_COUNT BODY: HTML and text parts are different

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars

0.0 NO_RDNS2 Sending MTA has no reverse DNS

-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list

manager

1.0 IMPRO_URI_2 No description available.

1.0 FORGED_SPF_HELO No description available.

2.5 MIXED_CENTER_CASE Has center tag in mixed case

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

2.2 HTML_TITLE_SUBJ_DIFF No description available.

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

1.0 RDNS_IMPRO No description available.

Subject: {SPAM?} =?UTF-8?Q?Your package is ready to ship!?=



This is a multi-part message in MIME format







--_----------=_MCPart_1340832433

Content-Type: text/plain; charset="utf-8"; format="fixed"

Content-Transfer-Encoding: quoted-printable



Our Summer Sale is ending in just 7 days=2C this is your final opportunity=

to save up to 70% on our home fragrances.



https://www.henryandcofragrance.co.uk/collections/summer-sale?utm_source=

=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_=

05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLIST_EM=

AIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a36=

0e&mc_eid=3DUNIQID

https://www.henryandcofragrance.co.uk/products/earl-grey-bergamot-reed-dif=

fuser?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAI=

L_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db=

27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&m=

c_cid=3Dffb32a360e&mc_eid=3DUNIQID

Earl Grey & Bergamot Diffuser

=C2=A312.50

ADD TO CART (https://www.henryandcofragrance.co.uk/products/earl-grey-berg=

amot-reed-diffuser?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dff=

b32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_te=

rm=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/spring-flowers-waxmelts?utm=

_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIG=

N_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5B=

LIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Df=

fb32a360e&mc_eid=3DUNIQID

Spring Flowers Wax Melts

=C2=A31.50 - =C2=A33.75

ADD TO CART (https://www.henryandcofragrance.co.uk/products/spring-flowers=

-waxmelts?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-=

EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-d=

d4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/pear-white-freesia-reed-dif=

fuser-refill?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a36=

0e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0=

_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID

Pear & White Freesia Reed Diffuser Refill

=C2=A36.00

ADD TO CART (https://www.henryandcofragrance.co.uk/products/pear-white-fre=

esia-reed-diffuser-refill?utm_source=3DHenry+%26+Co.+Newsletter&utm_campai=

gn=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail=

&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a36=

0e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/espresso-martini-reed-diffu=

ser?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_=

CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27=

f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_=

cid=3Dffb32a360e&mc_eid=3DUNIQID

Espresso Martini Scented Reed Diffuser

=C2=A312.50

ADD TO CART (https://www.henryandcofragrance.co.uk/products/espresso-marti=

ni-reed-diffuser?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb3=

2a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=

=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/black-cherry-cedarwood-reed=

-diffuser-refill?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb3=

2a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=

=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID

Black Cherry & Cedarwood Reed Diffuser Refill

=C2=A36.00

ADD TO CART (https://www.henryandcofragrance.co.uk/products/black-cherry-c=

edarwood-reed-diffuser-refill?utm_source=3DHenry+%26+Co.+Newsletter&utm_ca=

mpaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3De=

mail&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb3=

2a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/lavender-chamomile-vanilla?=

utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMP=

AIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-=

%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=

=3Dffb32a360e&mc_eid=3DUNIQID

Lavender & Chamomile Wax Melts

=C2=A31.50 - =C2=A33.75

ADD TO CART (https://www.henryandcofragrance.co.uk/products/lavender-chamo=

mile-vanilla?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a36=

0e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0=

_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/white-mulberry-reed-diffuse=

r-refill?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-E=

MAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd=

4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID

White Mulberry Reed Diffuser Refill

=C2=A36.00

ADD TO CART (https://www.henryandcofragrance.co.uk/products/white-mulberry=

-reed-diffuser-refill?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=

=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&u=

tm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e=

-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/red-raspberry-waxmelt?utm_s=

ource=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_=

2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLI=

ST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb=

32a360e&mc_eid=3DUNIQID

Red Raspberry Wax Melts

=C2=A30.90 - =C2=A32.25

ADD TO CART (https://www.henryandcofragrance.co.uk/products/red-raspberry-=

waxmelt?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EM=

AIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4=

db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989=

&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/products/white-mulberry-scented-cand=

le?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_C=

AMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f=

52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_c=

id=3Dffb32a360e&mc_eid=3DUNIQID

White Mulberry Scented Candle

=C2=A311.00

ADD TO CART (https://www.henryandcofragrance.co.uk/products/white-mulberry=

-scented-candle?utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32=

a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=

=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

https://www.henryandcofragrance.co.uk/collections/summer-sale?utm_source=

=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_=

05_22_09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLIST_EM=

AIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a36=

0e&mc_eid=3DUNIQID



Only 7 days remain to enjoy our Summer Sale before it ends! Now's the perf=

ect time to stock up on wax melts=2C candles and reed diffusers with these=

incredible savings while you still can.



Warm regards=2C



=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

** (https://www.henryandcofragrance.co.uk?utm_source=3DHenry+%26+Co.+Newsl=

etter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&ut=

m_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f=

164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

** Facebook (https://www.facebook.com/HenryandCofragrance?utm_source=3DHen=

ry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_=

09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID=

%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_=

eid=3DUNIQID)

** Link (https://www.instagram.com/henryandcofragrance/?utm_source=3DHenry=

+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09=

_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5=

D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_ei=

d=3DUNIQID)

** Website (https://www.henryandcofragrance.co.uk?utm_source=3DHenry+%26+C=

o.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_CO=

PY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=

=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUN=

IQID)

Copyright =C2=A9 2024 Henry & Co UK Ltd=2C All rights reserved.

You are receiving this email because you opted in at our website www.henry=

andcofragrance.co.uk previously trading as Love Aroma



Our mailing address is:

Henry & Co UK Ltd

Unit E8A Park Farm Centre

Allestree

Derby=2C Derbyshire DE22 2QN

United Kingdom

** Add us to your address book (https://henryandcofragrance.us7.list-manag=

e.com/vcard?u=3D9b471c38dd367b798e153fd58&id=3Db8f164cc5f&utm_source=3DHen=

ry+%26+Co.+Newsletter&utm_campaign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_=

09_45_COPY_01&utm_medium=3Demail&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID=

%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_=

eid=3DUNIQID)



Want to change how you receive these emails?

You can ** update your preferences (https://henryandcofragrance.us7.list-m=

anage.com/profile?u=3D9b471c38dd367b798e153fd58&id=3Db8f164cc5f&e=3D&c=3Db956f7516a&utm_source=3DHenry+%26+Co.+Newsletter&utm_campaign=3Dff=

b32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Demail&utm_te=

rm=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

or ** unsubscribe from this list (https://henryandcofragrance.us7.list-man=

age.com/unsubscribe?u=3D9b471c38dd367b798e153fd58&id=3Db8f164cc5f&t=3Db&e=

=3D&c=3Db956f7516a&utm_source=3DHenry+%26+Co.+Newsletter&utm_camp=

aign=3Dffb32a360e-EMAIL_CAMPAIGN_2024_05_22_09_45_COPY_01&utm_medium=3Dema=

il&utm_term=3D0_-dd4db27f52-%5BLIST_EMAIL_ID%5D&goal=3D0_b8f164cc5f-ffb32a=

360e-165703989&mc_cid=3Dffb32a360e&mc_eid=3DUNIQID)

=2E



This email was sent to woodcock976@talktalk.net (mailto:woodcock976@talktalk.net)

why did I get this? (https://henryandcofragrance.us7.list-manage.com/about=

?u=3D9b471c38dd367b798e153fd58&id=3Db8f164cc5f&e=3D5f46aa4788&c=3Dffb32a360e=

) unsubscribe from this list (https://henryandcofragrance.us7.list-man=

age.com/unsubscribe?u=3D9b471c38dd367b798e153fd58&id=3Db8f164cc5f&t=3Db&e=

=3D5f46aa4788&c=3Dffb32a360e) update subscription preferences (https://h=

enryandcofragrance.us7.list-manage.com/profile?u=3D9b471c38dd367b798e153fd=

58&id=3Db8f164cc5f&e=3D5f46aa4788&c=3Dffb32a360e)

Henry & Co UK Ltd . Unit E8A Park Farm Centre . Allestree . Derby=2C Derby=

shire DE22 2QN . United Kingdom

--_----------=_MCPart_1340832433

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: quoted-printable






oft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:office">












-scale=3D1">

Hurry! =E2=8F=B3 Final Days to Save Up to 70% on Home Fragr=<br /><br /> ances!




s?family=3DOpen+Sans:400=2C400i=2C700=2C700i" rel=3D"stylesheet">






xlc6jdvajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93bxlc6jdvxlc6jdvxlc6jdvajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93b


coords="1,3,425,745" shape="rect">

xlc6jdvajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93bxlc6jdvxlc6jdvxlc6jdvajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93bajtvt4veavagup93b












Technorati Profile







AddThis Feed Button

Remote RSS/OPML-Blogroll Feed

No RSS/OPML feed selected

Error

serendipity error: could not include serendipity_plugin_statistics:9cbc0e29a86fd9359ac6748399d6ba5b - exiting.

addthis





AddThis Social Bookmark Button










Blog Grade for www.nk.ca/blog

Empire Avenue





Syndicate This Blog

Error

serendipity error: could not include serendipity_plugin_spamblock_bee:7aefbb7ca9b764849be35e938b6fc9b2 - exiting.

Error

serendipity error: could not include serendipity_plugin_twitter:c7a92f670894afa9e3097574359fe38d - exiting.

Error

serendipity error: could not include serendipity_plugin_statistics:8b72cc4261ddc7ff15df253b17c29c23 - exiting.

Error

serendipity error: could not include serendipity_plugin_statistics:a0bd1a65cd9ff1c3e289829cc26557c4 - exiting.

Error

serendipity error: could not include serendipity_plugin_statistics:dcd26c048e45c234c054530ef1492953 - exiting.

Error

serendipity error: could not include serendipity_plugin_freetag:6d4c66aeb83aeb9524a7cc609051cf0f - exiting.

Error

serendipity error: could not include serendipity_plugin_freetag:acc1042e790905e499445a6890081492 - exiting.

Error

serendipity error: could not include serendipity_plugin_freetag:158fb50035b12269ec43107b29253af3 - exiting.

Error

serendipity error: could not include serendipity_plugin_topreferers:6b7e3336713d0a60294c7e310ca5cf1a - exiting.

Error

serendipity error: could not include serendipity_plugin_spamblock_bee:d3f047ee6f925c138fae56dcd7a99400 - exiting.

Error

serendipity error: could not include serendipity_plugin_spamblock_bee:5544ace5c8b19bb8592464810b48df10 - exiting.

Error

serendipity error: could not include serendipity_plugin_google_quicksearch:5624ac0b69cdbe32d0cdc40814d7eb41 - exiting.

Error

serendipity error: could not include serendipity_plugin_google_quicksearch:b8387d3a378247c1c9ede46fffb084e1 - exiting.

Error

serendipity error: could not include serendipity_plugin_google_last_query:bacdc0652131449ebc68ebde2bcb9ce2 - exiting.

Error

serendipity error: could not include serendipity_plugin_google_last_query:8c84ca587b64b627d986e9d5ce98ead1 - exiting.