Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 30 May 2022 18:25:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1nvpgm-0008RH-GD
for dave@doctor.nl2k.ab.ca;
Mon, 30 May 2022 18:24:48 -0600
Resent-From: The Doctor
Resent-Date: Mon, 30 May 2022 18:24:48 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from vsmx001.mijndomein.xion.oxcs.net ([157.97.78.141]:51191)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1nvpfZ-0008JF-QA
for doctor@doctor.nl2k.ab.ca;
Mon, 30 May 2022 18:23:38 -0600
Received: from vsmx001.mijndomein.xion.oxcs.net (unknown [10.93.2.1])
by mx-out.mijndomein.xion.oxcs.net (Postfix) with ESMTP id 3692D34D6939
for ; Tue, 31 May 2022 00:23:09 +0000 (UTC)
Received: from proxy-2.proxy.shared.ns.xion.oxcs.net (proxy-2.proxy.shared.ns.xion.oxcs.net [140.238.159.46])
by mx-out.mijndomein.xion.oxcs.net (Postfix) with ESMTPA id 7D58DA404DB
for ; Tue, 31 May 2022 00:23:08 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=supportusps.store;
s=mail1; t=1653956589;
bh=5evGQtzieP9k9staXeRkVRCNzg5l9vz1ZokRkxwOkC0=;
h=From:To:Reply-To:Date:Subject:From;
b=cnMAwpj+iT0bcXkhwLUBbjU410bgqABNM8/N9xU9AYvZZOTG+Y8SuuWnDc5PhopN2
ADVar3UGh0z2CzfwvTbvpuYyvf848gVU7JE/MQB53iqrbvH/M5HGDaqamVApL1fDiX
Xpreuju4oEq3DPrN2PB1g3iZM0jZf211pHcyLsPI=
MIME-Version: 1.0
From: " "
To: doctor@doctor.nl2k.ab.ca
Reply-To: info@supportusps.store
Date: 31 May 2022 00:23:08 +0000
Subject: Reroute Reminder
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
X-VadeSecure-Status: LEGIT
X-VADE-STATUS: LEGIT
X-VadeSecure-Status: LEGIT
X-VADE-STATUS: LEGIT
X-Spam_score: 6.7
X-Spam_score_int: 67
X-Spam_bar: ++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Dear Customer, Information on your shipment US/9514901185421
is still pending. You have received this email as a reminder for a package
that arrived at USA originating facility 05/27/2022.
Content analysis details: (6.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.4 NO_DNS_FOR_FROM DNS: Envelope sender has no MX or A DNS records
3.4 FROMSPACE Idiosyncratic "From" header format
0.8 DKIM_ADSP_NXDOMAIN No valid author signature and domain not in
DNS
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML
tag
0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.1 MISSING_MID Missing Message-Id: header
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal
information
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: cgicrnesp.com, pngio.com]
Subject: {SPAM?} Reroute Reminder
PFA+DQo8UD4NCjxQPjxCUj48L1A+DQo8VEFCTEUgY2VsbFNwYWNpbmc9MCBjZWxsUGFk
ZGluZz00MCB3aWR0aD0iOTglIiBib3JkZXI9MD4NCjxUQk9EWT4NCjxUUj4NCjxURCBz
dHlsZT0iRk9OVC1GQU1JTFk6ICdsdWNpZGEmIzEzOyYjMTA7ICAgICAgICBncmFuZGUn
LHRhaG9tYSx2ZXJkYW5hLGFyaWFsLHNhbnMtc2VyaWYiIGJnQ29sb3I9I2Y3ZjdmNyB3
aWR0aD0iMTAwJSI+DQo8VEFCTEUgY2VsbFNwYWNpbmc9MCBjZWxsUGFkZGluZz0wIHdp
ZHRoPTU2MCBib3JkZXI9MD4NCjxUQk9EWT4NCjxUUj4NCjxURCBzdHlsZT0iRk9OVC1T
SVpFOiAxNnB4OyBGT05ULUZBTUlMWTogJ2x1Y2lkYSBncmFuZGUnLHRhaG9tYSx2ZXJk
YW5hLGFyaWFsLHNhbnMtc2VyaWY7IFZFUlRJQ0FMLUFMSUdOOiBtaWRkbGU7IEJBQ0tH
Uk9VTkQ6IHdoaXRlOyBGT05ULVdFSUdIVDogYm9sZDsgQ09MT1I6IGJsYWNrOyBQQURE
SU5HLUJPVFRPTTogNHB4OyBURVhULUFMSUdOOiBsZWZ0OyBQQURESU5HLVRPUDogNHB4
OyBQQURESU5HLUxFRlQ6IDhweDsgTEVUVEVSLVNQQUNJTkc6IC0wLjAzZW07IFBBRERJ
TkctUklHSFQ6IDhweCIgYm9yZGVyQ29sb3I9I2ZmMDAwMD48SU1HIGFsdD0iIiBzcmM9
Imh0dHBzOi8vaW1nLnBuZ2lvLmNvbS91c3BzLXBuZy1sb2dvLWZyZWUtdHJhbnNwYXJl
bnQtcG5nLWxvZ29zLXVzcHMtbG9nby1wbmctMTAyMF8yNjEucG5nIiB3aWR0aD00ODkg
aGVpZ2h0PTEyMCBtb3otZG8tbm90LXNlbmQ9InRydWUiPiA8L1REPg0KPFREIHN0eWxl
PSJGT05ULVNJWkU6IDEycHg7IEZPTlQtRkFNSUxZOiAnbHVjaWRhIGdyYW5kZScsdGFo
b21hLHZlcmRhbmEsYXJpYWwsc2Fucy1zZXJpZjsgVkVSVElDQUwtQUxJR046IG1pZGRs
ZTsgQkFDS0dST1VORDogd2hpdGU7IEZPTlQtV0VJR0hUOiBib2xkOyBDT0xPUjogcmdi
KDI1NSwyNTUsMjU1KTsgUEFERElORy1CT1RUT006IDRweDsgVEVYVC1BTElHTjogcmln
aHQ7IFBBRERJTkctVE9QOiA0cHg7IFBBRERJTkctTEVGVDogOHB4OyBQQURESU5HLVJJ
R0hUOiA4cHgiPjxCUj48L1REPjwvVFI+DQo8VFI+DQo8VEQgc3R5bGU9IkZPTlQtRkFN
SUxZOiAnbHVjaWRhJiMxMzsmIzEwOyAgICAgICAgICAgICAgICBncmFuZGUnLHRhaG9t
YSx2ZXJkYW5hLGFyaWFsLHNhbnMtc2VyaWY7IFBBRERJTkctQk9UVE9NOiAxNXB4OyBQ
QURESU5HLVRPUDogMTVweDsgUEFERElORy1MRUZUOiAxNXB4OyBQQURESU5HLVJJR0hU
OiAxNXB4OyBCQUNLR1JPVU5ELUNPTE9SOiByZ2IoMjU1LDI1NSwyNTUpIiBoZWlnaHQ9
MjkyIHZBbGlnbj10b3AgY29sU3Bhbj0yPg0KPFRBQkxFIHdpZHRoPSI5MCUiPg0KPFRC
T0RZPg0KPFRSPg0KPFREIHN0eWxlPSJGT05ULVNJWkU6IDEycHgiIGhlaWdodD0yNTYg
dkFsaWduPXRvcCB3aWR0aD01MjYgYWxpZ249bGVmdD4NCjxQPjxTUEFOPkRlYXIgQ3Vz
dG9tZXIsPC9TUEFOPjwvUD4NCjxQPjxTUEFOPjwvU1BBTj48U1BBTiBsYW5nPWVuIGNs
YXNzPVZJaXlpPjxTUEFOIGNsYXNzPSJKTHFKNGIgQ2hNazBiIiBkYXRhLWxhbmd1YWdl
LWZvci1hbHRlcm5hdGl2ZXM9ImVuIiBkYXRhLWxhbmd1YWdlLXRvLXRyYW5zbGF0ZS1p
bnRvPSJkZSIgZGF0YS1waHJhc2UtaW5kZXg9IjAiIGRhdGEtbnVtYmVyLW9mLXBocmFz
ZXM9IjMiPjxTUEFOIGNsYXNzPVE0aUFXYz5JbmZvcm1hdGlvbiBvbiB5b3VyIHNoaXBt
ZW50IFVTLzk1MTQ5MDExODU0MjEgaXMgc3RpbGwgcGVuZGluZy48L1NQQU4+PC9TUEFO
PjxTUEFOIGNsYXNzPUpMcUo0YiBkYXRhLWxhbmd1YWdlLWZvci1hbHRlcm5hdGl2ZXM9
ImVuIiBkYXRhLWxhbmd1YWdlLXRvLXRyYW5zbGF0ZS1pbnRvPSJkZSIgZGF0YS1waHJh
c2UtaW5kZXg9IjEiIGRhdGEtbnVtYmVyLW9mLXBocmFzZXM9IjMiPjxTUEFOIGNsYXNz
PVE0aUFXYz4gPEJSPjwvU1BBTj48L1NQQU4+PC9TUEFOPjwvUD4NCjxQPjxTUEFOIGxh
bmc9ZW4gY2xhc3M9VklpeWk+PFNQQU4gY2xhc3M9SkxxSjRiIGRhdGEtbGFuZ3VhZ2Ut
Zm9yLWFsdGVybmF0aXZlcz0iZW4iIGRhdGEtbGFuZ3VhZ2UtdG8tdHJhbnNsYXRlLWlu
dG89ImRlIiBkYXRhLXBocmFzZS1pbmRleD0iMSIgZGF0YS1udW1iZXItb2YtcGhyYXNl
cz0iMyI+PFNQQU4gY2xhc3M9UTRpQVdjPjwvU1BBTj48L1NQQU4+PFNQQU4gY2xhc3M9
IkpMcUo0YiBDaE1rMGIiIGRhdGEtbGFuZ3VhZ2UtZm9yLWFsdGVybmF0aXZlcz0iZW4i
IGRhdGEtbGFuZ3VhZ2UtdG8tdHJhbnNsYXRlLWludG89ImRlIiBkYXRhLXBocmFzZS1p
bmRleD0iMiIgZGF0YS1udW1iZXItb2YtcGhyYXNlcz0iMyI+PFNQQU4gY2xhc3M9UTRp
QVdjPllvdSBoYXZlIHJlY2VpdmVkIHRoaXMgZW1haWwgYXMgYSByZW1pbmRlciBmb3Ig
YSBwYWNrYWdlIHRoYXQgYXJyaXZlZCBhdCBVU0EmbmJzcDtvcmlnaW5hdGluZyBmYWNp
bGl0eSAwNS8yNy8yMDIyLjwvU1BBTj48L1NQQU4+PC9TUEFOPjwvUD4NCjxQPjxTUEFO
IGxhbmc9ZW4gY2xhc3M9VklpeWk+PFNQQU4gY2xhc3M9IkpMcUo0YiBDaE1rMGIiIGRh
dGEtbGFuZ3VhZ2UtZm9yLWFsdGVybmF0aXZlcz0iZW4iIGRhdGEtbGFuZ3VhZ2UtdG8t
dHJhbnNsYXRlLWludG89ImRlIiBkYXRhLXBocmFzZS1pbmRleD0iMiIgZGF0YS1udW1i
ZXItb2YtcGhyYXNlcz0iMyI+PFNQQU4gY2xhc3M9UTRpQVdjPlRoZSBwYXJjZWwgd2ls
bCBiZSByZXR1cm5lZCB0byB0aGUgc2VuZGVyIGFmdGVyIDA2LzAxLzIwMjIgMDk6MDAg
Q0VULjxCUj48L1A+PC9TUEFOPjwvU1BBTj48L1NQQU4+DQo8UD48U1RST05HPjwvU1RS
T05HPjxTVFJPTkc+PC9TVFJPTkc+PFNUUk9ORz48U1BBTiBsYW5nPWRlIGNsYXNzPVZJ
aXlpPjxTUEFOIGNsYXNzPSJKTHFKNGIgQ2hNazBiIiBkYXRhLWxhbmd1YWdlLWZvci1h
bHRlcm5hdGl2ZXM9ImRlIiBkYXRhLWxhbmd1YWdlLXRvLXRyYW5zbGF0ZS1pbnRvPSJm
ciIgZGF0YS1waHJhc2UtaW5kZXg9IjAiIGRhdGEtbnVtYmVyLW9mLXBocmFzZXM9IjEi
PjxTUEFOIGNsYXNzPVE0aUFXYz48L1NQQU4+PC9TUEFOPjwvU1BBTj48L1NUUk9ORz48
U1RST05HPjxTUEFOIGxhbmc9ZGUgY2xhc3M9VklpeWk+PFNQQU4gY2xhc3M9IkpMcUo0
YiBDaE1rMGIiIGRhdGEtbGFuZ3VhZ2UtZm9yLWFsdGVybmF0aXZlcz0iZGUiIGRhdGEt
bGFuZ3VhZ2UtdG8tdHJhbnNsYXRlLWludG89ImZyIiBkYXRhLXBocmFzZS1pbmRleD0i
MCIgZGF0YS1udW1iZXItb2YtcGhyYXNlcz0iMSI+PFNQQU4gY2xhc3M9UTRpQVdjPjxT
UEFOIGxhbmc9ZW4gY2xhc3M9VklpeWk+PFNQQU4gY2xhc3M9IkpMcUo0YiYjMTM7JiMx
MDsgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIENoTWswYiIgZGF0
YS1sYW5ndWFnZS1mb3ItYWx0ZXJuYXRpdmVzPSJlbiIgZGF0YS1sYW5ndWFnZS10by10
cmFuc2xhdGUtaW50bz0iZGUiIGRhdGEtcGhyYXNlLWluZGV4PSIwIiBkYXRhLW51bWJl
ci1vZi1waHJhc2VzPSIxIj48U1BBTiBjbGFzcz1RNGlBV2M+SG93IGRvIEkgY2FuY2Vs
IHRoZSByZXJvdXRlIDwvU1BBTj48L1NQQU4+PC9TUEFOPj88L1NQQU4+PC9TUEFOPjwv
U1BBTj48L1NUUk9ORz48L1A+DQo8RElWPg0KPFRBQkxFIHN0eWxlPSJCT1JERVItQ09M
TEFQU0U6IGNvbGxhcHNlIiBjZWxsU3BhY2luZz0wIGNlbGxQYWRkaW5nPTAgd2lkdGg9
NTIwPg0KPFRCT0RZPg0KPFRSPg0KPFREIHN0eWxlPSJQQURESU5HLUJPVFRPTTogMTBw
eDsgUEFERElORy1UT1A6IDEwcHg7IFBBRERJTkctTEVGVDogMTBweDsgUEFERElORy1S
SUdIVDogMTBweDsgQkFDS0dST1VORC1DT0xPUjogcmdiKDI1NSwyNDksMjE1KSIgYm9y
ZGVyQ29sb3I9I2ZmMDAwMD4NCjxESVYgY2xhc3M9ZWN4c3R5bGUyIHN0eWxlPSJGT05U
LVNJWkU6IDExcHg7IE1BUkdJTi1CT1RUT006IDJweCI+PEEgY2xhc3M9ZWN4c3R5bGUy
IGhyZWY9Imh0dHA6Ly9jZ2ljcm5lc3AuY29tL3UiIHRhcmdldD1fYmxhbmsgbW96LWRv
LW5vdC1zZW5kPSJ0cnVlIj48U1BBTiBsYW5nPWVuIGNsYXNzPVZJaXlpPjxTUEFOIGNs
YXNzPSJKTHFKNGIgQ2hNazBiIiBkYXRhLWxhbmd1YWdlLWZvci1hbHRlcm5hdGl2ZXM9
ImVuIiBkYXRhLWxhbmd1YWdlLXRvLXRyYW5zbGF0ZS1pbnRvPSJkZSIgZGF0YS1waHJh
c2UtaW5kZXg9IjAiIGRhdGEtbnVtYmVyLW9mLXBocmFzZXM9IjEiPjxTUEFOIGNsYXNz
PVE0aUFXYz5Db25maXJtIHNoaXBwaW5nIGZlZXMuPEJSPjwvU1BBTj48L1NQQU4+PC9T
UEFOPjwvQT48L0RJVj48L1REPjwvVFI+PC9UQk9EWT48L1RBQkxFPjwvRElWPg0KPFAg
Y2xhc3M9ZWN4c3R5bGU1PjxTVFJPTkc+T3VyIFRlYW08L1NUUk9ORz4gaXMgaGVyZSB0
byBoZWxwLjwvUD4NCjxQIGNsYXNzPWVjeHN0eWxlNT5BdCB5b3VyIHNlcnZpY2UhPC9Q
PjwvVEQ+PC9UUj48L1RCT0RZPjwvVEFCTEU+PC9URD48L1RSPg0KPFRSPg0KPFREIHN0
eWxlPSJGT05ULVNJWkU6IDExcHg7IEZPTlQtRkFNSUxZOiAnbHVjaWRhJiMxMzsmIzEw
OyAgICAgICAgICAgICAgICBncmFuZGUnLHRhaG9tYSx2ZXJkYW5hLGFyaWFsLHNhbnMt
c2VyaWY7IENPTE9SOiByZ2IoMTUzLDE1MywxNTMpOyBQQURESU5HLUJPVFRPTTogMTBw
eDsgUEFERElORy1UT1A6IDEwcHg7IFBBRERJTkctTEVGVDogMTBweDsgUEFERElORy1S
SUdIVDogMTBweCIgYm9yZGVyQ29sb3I9Izk5OTk5OSBjb2xTcGFuPTI+DQo8RElWPjxT
UEFOIGNsYXNzPWVjeHN0eWxlMTA+PEJSPjwvU1BBTj4NCjxQIHN0eWxlPSJGT05ULVNJ
WkU6IDlweDsgQ09MT1I6IGdyZXkiPlRoaXMgbWVzc2FnZSBpcyBzZW50IHRvIHlvdSBi
eSBVU1BTIGFuZCBpcyBpbnRlbmRlZCB0byBpbmZvcm0geW91IG9mIHRoZSBzdGF0dXMg
b2YgdGhlIGRlbGl2ZXJ5IG9mIHlvdXIgcGFja2FnZS4gWW91ciBjb250YWN0IGRldGFp
bHMgaGF2ZSBiZWVuIHRyYW5zbWl0dGVkIHRvIHVzLCBmb3IgdGhlIGV4Y2x1c2l2ZSBu
ZWVkcyBvZiB0aGUgZGVsaXZlcnksIGJ5IHRoZSBzZW5kZXIgb2YgeW91ciBwYWNrYWdl
LiBUaGV5IHdpbGwgYmUga2VwdCBmb3IgNiBtb250aHMgdGhlbiBhcmNoaXZlZCBmb3Ig
YSBtYXhpbXVtIHBlcmlvZCBvZiAzIHllYXJzLiBUaGV5IHdpbGwgbm90IGJlIHVzZWQg
Zm9yIGNvbW1lcmNpYWwgcHJvc3BlY3RpbmcgcHVycG9zZXMuIEluIGFjY29yZGFuY2Ug
d2l0aCB0aGUgcmVndWxhdGlvbnMgYXBwbGljYWJsZSB0byBwZXJzb25hbCBkYXRhLCB5
b3UgaGF2ZSB0aGUgcmlnaHQgdG8gYWNjZXNzLCByZWN0aWZ5IGFuZCBvcHBvc2UgeW91
ciBwZXJzb25hbCBkYXRhIGZvciBsZWdpdGltYXRlIHJlYXNvbnMgd2hpY2ggeW91IGNh
biBleGVyY2lzZSB2aWEgdGhlIGZvcm0gb24gd3d3LnVzcHMuY29tIGV4ZXJjaXNlLW9m
LXJpZ2h0cy1vbi1wZXJzb25hbC1kYXRhIG9yIGJ5IG1haWwgdG8gdGhlIGZvbGxvd2lu
ZyBhZGRyZXNzOiBVU1BTIFNBUyAtIENvbnRhY3QgSW5mb3JtYXRpcXVlIGV0IExpYmVy
dMOpcyAtIDMwMCBOIE5ldyBZb3JrIEF2ZSwgV2ludGVyIFBhcmssIEZMIDMyNzg5cywg
aW5kaWNhdGluZyB5b3VyIG5hbWUsIGZpcnN0IG5hbWUsIHBvc3RhbCBhZGRyZXNzIGFu
ZCBhdHRhY2hpbmcgYSBjb3B5IG9mIGJvdGggc2lkZXMgb2YgeW91ciBpZGVudGl0eSBk
b2N1bWVudC4gQW55IHJlcXVlc3QgcmVsYXRpbmcgdG8gdGhlIHBlcmZvcm1hbmNlIG9m
IHRoZSB0cmFuc3BvcnQgc2VydmljZSBtdXN0IGJlIGFkZHJlc3NlZCB0byBDdXN0b21l
ciBTZXJ2aWNlLiwqICJHcmVlbiBkZWxpdmVyeSIgem9uZXMgMTAwJSBvZiBsYXN0IG1p
bGUgZGVsaXZlcmllcyBpbiBlbGVjdHJpYyB2ZWhpY2xlcywgbmF0dXJhbCBnYXMgb3Ig
Y2FyZ28gYmlrZXM8L1A+PC9ESVY+PC9URD48L1RSPjwvVEJPRFk+PC9UQUJMRT48L1RE
PjwvVFI+PC9UQk9EWT48L1RBQkxFPiZuYnNwOyANCjxQPjwvUD4mbmJzcDsgDQo8UD48
L1A+
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 29 May 2022 05:36:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1nvHCy-000DtX-8N
for dave@doctor.nl2k.ab.ca;
Sun, 29 May 2022 05:35:44 -0600
Resent-From: The Doctor
Resent-Date: Sun, 29 May 2022 05:35:44 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from [39.37.141.181] (port=13111)
by doctor.nl2k.ab.ca with esmtp (Exim 4.95 (FreeBSD))
(envelope-from )
id 1nvHAv-000D9U-AO
for root@nk.ca;
Sun, 29 May 2022 05:33:43 -0600
Message-ID: <2A09053C202630193A360F1315032A09@6REU5TMC>
From:
To:
Subject: You have an outstanding payment. Debt settlement required.
Date: 29 May 2022 20:22:10 +0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5994
X-Spam_score: 11.2
X-Spam_score_int: 112
X-Spam_bar: +++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello! Unfortunately, I have some unpleasant news for you.
Roughly several months ago I have managed to get a complete access to all
devices that you use to browse internet. Afterwards, I have proceeded with
[...]
Content analysis details: (11.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
DNSWL was blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[39.37.141.181 listed in list.dnswl.org]
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=root%40nk.ca;ip=39.37.141.181;r=doctor.nl2k.ab.ca]
2.4 DATE_IN_FUTURE_03_06 Date: is 3 to 6 hours after Received: date
0.0 HDR_ORDER_FTSDMCXX_NORDNS Header order similar to spam
(FTSDMCXX/boundary variant) + no rDNS
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 PDS_BTC_ID FP reduced Bitcoin ID
0.0 BITCOIN_XPRIO Bitcoin + priority
0.0 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
(FTSDMCXX/boundary variant) + direct-to-MX
0.0 PDS_BTC_MSGID Bitcoin ID with T_MSGID_NOFQDN2
0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX
1.0 BITCOIN_SPAM_07 BitCoin spam pattern 07
2.0 MIMEOLE_DIRECT_TO_MX MIMEOLE + direct-to-MX
0.0 TO_EQ_FM_DOM_SPF_FAIL To domain == From domain and external SPF
failed
0.0 TO_EQ_FM_SPF_FAIL To == From and external SPF failed
3.1 DOS_OE_TO_MX Delivered direct to MX with OE headers
Subject: {SPAM?} You have an outstanding payment. Debt settlement required.
Hello!
Unfortunately, I have some unpleasant news for you.
Roughly several months ago I have managed to get a complete access to all devices that you use to browse internet.
Afterwards, I have proceeded with monitoring all internet activities of yours.
You can check out the sequence of events summarize below:
Previously I have bought from hackers a special access to various email accounts (currently, it is rather a straightforward thing that can be done online).
Clearly, I could effortlessly log in to your email account as well (root@nk.ca).
One week after that, I proceeded with installing a Trojan virus in Operating Systems of all your devices, which are used by you to login to your email.
Actually, that was rather a simple thing to do (because you have opened a few links from your inbox emails previously).
Genius is in simplicity. ( ~_^)
Thanks to that software I can get access to all controllers inside your devices (such as your video camera, microphone, keyboard etc.).
I could easily download all your data, photos, web browsing history and other information to my servers.
I can access all your social networks accounts, messengers, emails, including chat history as well as contacts list.
This virus of mine unceasingly keeps refreshing its signatures (since it is controlled by a driver), and as result stays unnoticed by antivirus software.
Hereby, I believe by this time it is already clear for you why I was never detected until I sent this letter...
While compiling all the information related to you, I have also found out that you are a true fan and frequent visitor of adult websites.
You truly enjoy browsing through porn websites, while watching arousing videos and experiencing an unimaginable satisfaction.
To be honest, I could not resist but to record some of your kinky solo sessions and compiled them in several videos, which demonstrate you masturbating and cumming in the end.
If you still don't trust me, all it takes me is several mouse clicks to distribute all those videos with your colleagues, friends and even relatives.
In addition, I can upload them online for entire public to access.
I truly believe, you absolutely don't want such things to occur, bearing in mind the kinky stuff exposed in those videos that you usually watch, (you definitely understand what I am trying to say) it will result in a complete disaster for you.
We can still resolve it in the following manner:
You perform a transfer of $1490 USD to me (a bitcoin equivalent based on the exchange rate during the funds transfer), so after I receive the transfer, I will straight away remove all those lecherous videos without hesitation.
Then we can pretend like it has never happened before. In addition, I assure that all the harmful software will be deactivated and removed from all devices of yours. Don't worry, I am a man of my word.
It is really a good deal with a considerably low the price, bearing in mind that I was monitoring your profile as well as traffic over an extended period.
If you still unaware about the purchase and transfer process of bitcoins - all you can do is find the necessary information online.
My bitcoin wallet is as follows: 1FToadJPpfWv9GxwAY2L7Uv3bvJHtNCCQV
You are left with 48 hours and the countdown starts right after you open this email (2 days to be specific).
Don't forget to keep in mind and abstain from doing the following:
> Do not attempt to reply my email (this email was generated in your inbox together with the return address).
> Do not attempt to call police as well as other security services. Moreover, don't even think of sharing it with your friends. If I get to know about it (based on my skills, that would be very easy, since that I have all your systems under my control and constant monitoring) - your dirty video will become public without delay.
> Don't attempt searching for me - it is completely useless. Cryptocurrency transactions always remain anonymous.
> Don't attempt reinstalling the OS of your devices or even getting rid of them. It is meaningless too, because all your private videos are already been available on remote servers.
Things you should be concerned about:
> That I will not receive the funds transfer you make.
Relax, I will be able to track it immediately, after you complete the funds transfer, because I unceasingly monitor all activities that you do (trojan virus of mine can control remotely all processes, same as TeamViewer).
> That I will still distribute your videos after you have sent the money to me.
Believe me, it is pointless for me to proceed with troubling you after that. Besides that, if that really was my intention, it would happen long time ago!
It all will be settled on fair conditions and terms!
One last advice from me... Moving forward make sure you don't get involved in such type of incidents again!
My suggestion - make sure you change all your passwords as often as possible.
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sat, 28 May 2022 06:42:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1nuvlT-000LXw-QG
for dave@doctor.nl2k.ab.ca;
Sat, 28 May 2022 06:41:55 -0600
Resent-From: The Doctor
Resent-Date: Sat, 28 May 2022 06:41:55 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from 200-96-105-125.user3p.brasiltelecom.net.br ([200.96.105.125]:43570)
by doctor.nl2k.ab.ca with esmtp (Exim 4.95 (FreeBSD))
(envelope-from )
id 1nuryB-0004I1-W4
for sales@nk.ca;
Sat, 28 May 2022 02:38:54 -0600
Message-ID: <6291B53C.5040009@nk.ca>
Date: Sat, 28 May 2022 01:38:04 -0400
From:
User-Agent: Mozilla/5.0 (Windows NT 5.1; WOW64; rv:15.0) Gecko/20120824 Thunderbird/15.0
MIME-Version: 1.0
To:
Subject: You have an outstanding payment. Debt settlement required.
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
Content-Transfer-Encoding: 8bit
X-Spam_score: 16.6
X-Spam_score_int: 166
X-Spam_bar: ++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello! Unfortunately, I have some unpleasant news for you.
Roughly several months ago I have managed to get a complete access to all
devices that you use to browse internet. Afterwards, I have proceeded with
[...]
Content analysis details: (16.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.5 CK_HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname
(Split IP)
0.0 TVD_RCVD_IP Message was received from an IP address
0.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP
address
[200.96.105.125 listed in dnsbl.sorbs.net]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[200.96.105.125 listed in bl.score.senderscore.com]
1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[200.96.105.125 listed in psbl.surriel.com]
1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=sales%40nk.ca;ip=200.96.105.125;r=doctor.nl2k.ab.ca]
0.4 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
3.9 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP
addr 2)
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 PDS_BTC_ID FP reduced Bitcoin ID
0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX
0.6 BITCOIN_SPAM_02 BitCoin spam pattern 02
1.0 BITCOIN_SPAM_07 BitCoin spam pattern 07
0.0 TO_EQ_FM_DOM_SPF_FAIL To domain == From domain and external SPF
failed
0.0 TO_EQ_FM_SPF_FAIL To == From and external SPF failed
0.0 NO_FM_NAME_IP_HOSTN No From name + hostname using IP address
1.6 BITCOIN_ONAN BitCoin + [censored]
Subject: {SPAM?} You have an outstanding payment. Debt settlement required.
Hello!
Unfortunately, I have some unpleasant news for you.
Roughly several months ago I have managed to get a complete access to all devices that you use to browse internet.
Afterwards, I have proceeded with monitoring all internet activities of yours.
You can check out the sequence of events summarize below:
Previously I have bought from hackers a special access to various email accounts (currently, it is rather a straightforward thing that can be done online).
Clearly, I could effortlessly log in to your email account as well (sales@nk.ca).
One week after that, I proceeded with installing a Trojan virus in Operating Systems of all your devices, which are used by you to login to your email.
Actually, that was rather a simple thing to do (because you have opened a few links from your inbox emails previously).
Genius is in simplicity. ( ~_^)
Thanks to that software I can get access to all controllers inside your devices (such as your video camera, microphone, keyboard etc.).
I could easily download all your data, photos, web browsing history and other information to my servers.
I can access all your social networks accounts, messengers, emails, including chat history as well as contacts list.
This virus of mine unceasingly keeps refreshing its signatures (since it is controlled by a driver), and as result stays unnoticed by antivirus software.
Hereby, I believe by this time it is already clear for you why I was never detected until I sent this letter...
While compiling all the information related to you, I have also found out that you are a true fan and frequent visitor of adult websites.
You truly enjoy browsing through porn websites, while watching arousing videos and experiencing an unimaginable satisfaction.
To be honest, I could not resist but to record some of your kinky solo sessions and compiled them in several videos, which demonstrate you masturbating and cumming in the end.
If you still don't trust me, all it takes me is several mouse clicks to distribute all those videos with your colleagues, friends and even relatives.
In addition, I can upload them online for entire public to access.
I truly believe, you absolutely don't want such things to occur, bearing in mind the kinky stuff exposed in those videos that you usually watch, (you definitely understand what I am trying to say) it will result in a complete disaster for you.
We can still resolve it in the following manner:
You perform a transfer of $1490 USD to me (a bitcoin equivalent based on the exchange rate during the funds transfer), so after I receive the transfer, I will straight away remove all those lecherous videos without hesitation.
Then we can pretend like it has never happened before. In addition, I assure that all the harmful software will be deactivated and removed from all devices of yours. Don't worry, I am a man of my word.
It is really a good deal with a considerably low the price, bearing in mind that I was monitoring your profile as well as traffic over an extended period.
If you still unaware about the purchase and transfer process of bitcoins - all you can do is find the necessary information online.
My bitcoin wallet is as follows: 1FToadJPpfWv9GxwAY2L7Uv3bvJHtNCCQV
You are left with 48 hours and the countdown starts right after you open this email (2 days to be specific).
Don't forget to keep in mind and abstain from doing the following:
> Do not attempt to reply my email (this email was generated in your inbox together with the return address).
> Do not attempt to call police as well as other security services. Moreover, don't even think of sharing it with your friends. If I get to know about it (based on my skills, that would be very easy, since that I have all your systems under my control and constant monitoring) - your dirty video will become public without delay.
> Don't attempt searching for me - it is completely useless. Cryptocurrency transactions always remain anonymous.
> Don't attempt reinstalling the OS of your devices or even getting rid of them. It is meaningless too, because all your private videos are already been available on remote servers.
Things you should be concerned about:
> That I will not receive the funds transfer you make.
Relax, I will be able to track it immediately, after you complete the funds transfer, because I unceasingly monitor all activities that you do (trojan virus of mine can control remotely all processes, same as TeamViewer).
> That I will still distribute your videos after you have sent the money to me.
Believe me, it is pointless for me to proceed with troubling you after that. Besides that, if that really was my intention, it would happen long time ago!
It all will be settled on fair conditions and terms!
One last advice from me... Moving forward make sure you don't get involved in such type of incidents again!
My suggestion - make sure you change all your passwords as often as possible.
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Fri, 27 May 2022 07:05:05 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1nuZdv-000BEs-C3
for dave@doctor.nl2k.ab.ca;
Fri, 27 May 2022 07:04:39 -0600
Resent-From: The Doctor
Resent-Date: Fri, 27 May 2022 07:04:39 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-sy4aus01on2113.outbound.protection.outlook.com ([40.107.107.113]:21989 helo=AUS01-SY4-obe.outbound.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1nuUDk-000KJi-SV
for sales@nk.ca;
Fri, 27 May 2022 01:17:22 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=O9EVXx7OJBaW5e0JT148RuxgRotamxrS9IZj5YEpe5u8g/X4bhnpeLd4UyUykqT2si1VqBAImq+LkGQOP6EnUnCKvm2sLge1H9N+mEEwQ5MdAxNk4BDW3ydFI16qSIr0Q29lKh+aiLc2KVXPMc7m83cOlMFIExFkZEQ+OkzL4kCsHWDL804qn5+kg5TqC3noArBIRXTdbcxAqqPI70EP9DMHf4urYL+umvlXcuScRlUXYlwxGPpKX88X53pfAlYEMl2wzHbuENzebkvkTUuwfVLhGa1AwIJf5lVaYlp1BAv46FQbGTn2cDrnlccuUqUhLwm1rMih3XVQAlAPN0eD5A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=y6AKa7Kv1jt7hHE0WNaXEjMO2pRz7UFVH9KOFJ6Q55g=;
b=nbN8FkR7t52fAAIQzakln5PNKj+wv6ttF2BTrY4I4Kk9ilmfFOqA0Sy/MUGrgRG7XrjCDLTr1LVtNNYzMF24Z7S3RtvV5sYvxL9Uv6oSnC0M3PKNbsT5eUh9PPxve3SRgqE+Eiew4K+vEd8lE6BO+XCmAEolpaQwjgMofBPPqF40leGWTlxLpDSiE0ZJpRuKM5p2FqMNbPL0Q1fAhqXHNfE+EiD7xg8jicr1eXXGtuAwvgkBCGsrZBJNon4Qq8uX46Cg+LDOdoy27BAb29x4dm3NKTJPEoI0v0a3oxX637yqBJZzz6NjqSeGkP+vN8B/0z3uAT6CLNtEUlaZ/NGf1g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=engagementboost-expand.com; dmarc=pass action=none
header.from=engagementboost-expand.com; dkim=pass
header.d=engagementboost-expand.com; arc=none
Received: from ME3P282MB4128.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:198::5)
by MEYP282MB4237.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:167::13) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13; Fri, 27 May
2022 07:16:46 +0000
Received: from ME3P282MB4128.AUSP282.PROD.OUTLOOK.COM
([fe80::244b:870b:d12e:78fd]) by ME3P282MB4128.AUSP282.PROD.OUTLOOK.COM
([fe80::244b:870b:d12e:78fd%6]) with mapi id 15.20.5293.013; Fri, 27 May 2022
07:16:46 +0000
From: Lydia Snow
To: "sales@nk.ca"
Subject: salesnk.ca FIX Your Instagram
Thread-Topic: salesnk.ca FIX Your Instagram
Thread-Index: AQHYcZm5cdV8apfshkGT1d6x9gksYQ==
Date: Fri, 27 May 2022 07:16:46 +0000
Message-ID:
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=engagementboost-expand.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 101f95b6-ae02-44d8-6aac-08da3fb0dc0a
x-ms-traffictypediagnostic: MEYP282MB4237:EE_
x-microsoft-antispam-prvs:
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
yK5c8Kv9WaXt3k8y26FogmNQ9a4W3lHWqrik/HDo7e4uX6p8edoEopjT1Ed8jTzVnDyR6fhqAuia1N9GX6u0RfwLA8xfg0xPqfmQdTzi7l5rPOUysdDBd8cG3EheJ2EOBlh+QMoxv9caqOcFtEy6Z32H3UrhdQp5OStp/4N9xpNVlydErg74o0T69b/EEd+zyGYAlZWEhTRNik9Y6gb48JDskmiGhZ9lfb0uG/r18UmzgZPK/siDg8SQS/kNkwOyYUrOTqJjJYH79F7Hi+iEbfFaQu5VoL1s3+A16aZb8nRwHwuPcUye57MD2MUCKQdTNkURbUeZwZpRww4kRNOXIfomrFw6jPBUGsCuf4sgLbjFExh3i2HFfwQu7AV6ybXRngEHcjq1QCdpkoRYyBHoUV5SF4Nd9t014bulirY3lFDRBDtRzNbo2P1oYXzUPA1X6LBmA7RII3KHAcoFN7et4pUr1a0X64TY14c/Ka0XARldPN6+Am+j84NFSr8FsPtg5UPcsggwtPALRAx5LgMJXqT1Gfa0C/cgBP9DMY+ccKRWPhh+7viTarmoQ/djmsJ6hiGGsyqZpFn5tJGABreNFhmE31RHN3pfHRd3QyN+SxH9Ib/6ls6rcclxKd2prL9SWc8DEiePgbtBjJ0Wc8m1ozdpj9qRiFAWWgTUKICeONY4ptABuVhJJhqSn8GQOGjZEbMNkuUXAQhHPwmMfOsoR1PyBKVbwtSgNTrB7OD0iu4Oaj82ZsripthsBfSMvzWw5ANVXXIcLe7L2ob78MwcnA==
x-forefront-antispam-report:
CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:ME3P282MB4128.AUSP282.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230001)(136003)(366004)(346002)(396003)(39850400004)(376002)(71200400001)(86362001)(8676002)(38070700005)(7696005)(83380400001)(33656002)(316002)(2906002)(508600001)(38100700002)(41300700001)(186003)(55016003)(8936002)(15974865002)(26005)(6916009)(5660300002)(9686003)(166002)(52536014)(55236004)(122000001)(76116006)(66556008)(64756008)(66446008)(66946007)(66476007)(6506007);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0:
=?utf-8?B?bzIrWG55OUp5SU5TNlVSdDlDMWdKL2lnbFRRNlZPK2t2c2hmZkMwc04zU1JV?=
=?utf-8?B?RDZQdlFDNUhHZTJGOHAxUFM0dVg3ZlJDd1p3SlBIcTBRSWhZeUpOV1lEQWVp?=
=?utf-8?B?WURFY1lycW9XTTVJeVhIZjNyQ3piV0tNV0Rab1A1R0FrOFhLWnBNTFJTR3NK?=
=?utf-8?B?RkNRMG5Ta2U0RDZYS1F0TU1SMEY2MVhSYUp4ZWZVbEtDZ0RWWldMaVJFcXhk?=
=?utf-8?B?MEdlQk5MVWhOTkdpMU4rTFJjK0xxVnFIME5SZzdXMkFkS1Z4bU1mS3l3QmlO?=
=?utf-8?B?OXNER1NrZUVDZlB3bUgxRXNYSUdHRTZsVkpBMEVUdXJROTkvekQwb05NNUZt?=
=?utf-8?B?M1FaM2JmaTY4WkN4azYrN1UxVU5ocnNKSmVma3UvTHdGZFJuVDNtdi9VSHRL?=
=?utf-8?B?UzNRRTNzY1dLNTNIOG91NyswNTVXNGtRWXg2RGQvUzh4YzBiRzRQNXBRL1VG?=
=?utf-8?B?RkhEK1VWSU5RcmNDbm1oODNDYU1MQUdSeDZjL1BkRjg1TjIzTjlJcmhVQUZo?=
=?utf-8?B?WnEwQzh4OWhrbkg3RXBGbVIrS1VYa2JCM0lYMzFXRUFsL2NMZmRaMmVjYW9w?=
=?utf-8?B?STlkcEJNb0Fkak5LQ2RSd2d5YnREUURrdWxnQWkrZEZxVy9WZXNhYzZuN2tF?=
=?utf-8?B?Vkh3S2tsZi9GbUdQWnVLZWsxMGtuaGlNTVFKWThWc2FvRWtVNTdwNFNkVnpN?=
=?utf-8?B?cjgrc1QwRkhjNmJlWnFqMFpJQUU0SnVkaHNONkNleVRxZ1hESjU3anQxOE1W?=
=?utf-8?B?akJWQlpXVnBIU3U0WkxDNFRLdlZhUW94U29vWGRlM3dMTHRvb2VncHVBN0Ju?=
=?utf-8?B?NWhobWFhQlV0S0xiZTE2b25vcndUQWI2SFQrbUhMbzgvUXhBOVVPcm0rWmR3?=
=?utf-8?B?RERxNnB6OGdnWm9mMUJCS2NZQVRKQXc0MzhOd0h5a3ZxcitaSnhKb3BrNDVq?=
=?utf-8?B?bXQ4UXlxTE1xenpTdVZUVmI4RGc1V0dUeWxYQlowcHN2bXdndWhIVlFxVUtl?=
=?utf-8?B?SWUvMmxUN1dHbnhVTVd5aEdvSTdyU1FiSkg0a2tpY2N0RzVTRm5EYjc1Wktm?=
=?utf-8?B?ekRvbHgva1oyUG40MGNKR2lmanRoQnc5Y3pWeVE3ZGdNKy9RS0ZFUGp2Ymdx?=
=?utf-8?B?VEt1d0E2UmJoQ2NOTURDTXpqUnRWTFNhaWYxUTBVeEdyM2V0UWE1UThPK3dL?=
=?utf-8?B?ZndWTTYvTHBVSlFWdmlocEFwQk0vek9oaXJ0MHhVWENKcDJFa0tuQnRyZmV0?=
=?utf-8?B?NTAxcEpMSFVuRjFCQTJPNnhqZlA5SkxFM0V3OHBseUdwQytCZHZiMEdUQUtC?=
=?utf-8?B?VmYydnNEbmtRVkc1UjFLbHBWZWdITDdzVTlQc3dnQTJ5NENDYVAxWTJHd0xX?=
=?utf-8?B?bXhlemVNS1B1ZUdaeFRQbUkyQVV3cmZjVUIrTk92aGFMQmk3L3JUYVBuaXo1?=
=?utf-8?B?YlF2RG1xSnNJaUUvWHZTcVp1eDNnbG4yRXlnaTZMUDlnRVpxK29JbG5GVGdQ?=
=?utf-8?B?YXpCMmQwL04yZ05BTURkQ2lCbVNOaWZNa3djalBvekVsUDJ6aHZqcXU1cXBy?=
=?utf-8?B?WWVwTEpMOXNFTmVKbkZQV3RQaHpxYjZnTWlmUHVsdHVCQXVuVW1CZENqelpN?=
=?utf-8?B?dkw0Q3dCWXlhN3c5REU0VGlSZ1g1cHRYK01jV1BsN2EwaWJKVGpXVHZYL0dJ?=
=?utf-8?B?R0NHSHpaQTBacXlZY0ZaS2daallyOHNKQnZPcW5WRHpWeXN2TTJ1QkdQc05E?=
=?utf-8?B?aTNrQ1lMTmxKMHpJaXJ6VEw4Rk9DUVA3NEVWME85WElpSnE0aUcwanc2Yzdq?=
=?utf-8?B?UEV5NUl3UmdlZ1cvK2tEYk1WcnJnWSs2TXRVcGNZKzkvYkJLUlFWdHdqUFly?=
=?utf-8?B?UVV6SDlHREowLzZSU1dKWHpsMVAvZzcyZ0YzbHRxVVdJY0Y1ekVFUnZyYjRN?=
=?utf-8?B?WW91YkdLZDdCaEVmb2wwTlNIZXFVV2pmamVTN2pUY1ZybDIzd1JEcXlxUGtF?=
=?utf-8?B?OFBqL1FxQU1zME1IeHliUGtJRU40UEtnckdBWWExOVkxZEJYSkZRSFpzcWtQ?=
=?utf-8?B?UGNKOWIydDBlMjhLZDBRLzZtd0dtV3lUVEJRenhqaVVqdVEwV2FsZmVOM0xx?=
=?utf-8?B?VFVRTDNXV3FyMStidVpGKzgxV1BjazcrT0g4dmZTV3Y4NU0wUkZOeUNSQm1P?=
=?utf-8?B?UjFtWXI4NXlFd0VVSFlkZkFmRFNhc2xuZjloMm11OTJHb3VVYktJVTRMUlN4?=
=?utf-8?B?VHJSaW0yUFdWYThpU1hxVXlidk5xazhpNXBtWlVTd1NDdEcvQjVSSmZrMnQw?=
=?utf-8?B?VEJHR2s2T3hhL1RMaVBGR0o5ZlFONU1HODRvUDhsV1VFeXh1RE9jVnp6cUhm?=
=?utf-8?Q?Wf+QNikPv3RJC2rc=3D?=
Content-Type: multipart/alternative;
boundary="_000_ME3P282MB4128CE683663EC9E50715A4B9FD89ME3P282MB4128AUSP_"
MIME-Version: 1.0
X-OriginatorOrg: engagementboost-expand.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ME3P282MB4128.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 101f95b6-ae02-44d8-6aac-08da3fb0dc0a
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 May 2022 07:16:46.4654
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f3b1b03c-de6f-4aa0-9896-90b36bdb6554
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: oBKjOFpb3RZDy3ECahzoDIzqAub8IE63G73HNqRHp5VdrXUBH18tx85ogoZMB0Vs5hMzFJ58JY6cByJQd86ilGLALyIx6ZOCs+naZtIIofsUqRzJ/KZCA2KHC0o1IeT7
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MEYP282MB4237
--_000_ME3P282MB4128CE683663EC9E50715A4B9FD89ME3P282MB4128AUSP_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
SGV5IEBzYWxlc0Buay5jYSENCg0KTXkgY29sbGVhZ3VlIFN0ZXBoYW5pZSBqdXN0IGZvdW5kIHlv
dSBvbiBJbnN0YWdyYW0gYW5kIGxvdmVkIHlvdXIgY29udGVudCEgU2hlIHBhc3NlZCBtZSB5b3Vy
IGRldGFpbHMgYW5kIHRvbGQgbWUgdG8gcmVhY2ggb3V0IHRvIHlvdSENCg0KTXkgbmFtZSBpcyBM
eWRpYSBhbmQgSSBhbSBpbiBjaGFyZ2Ugb2YgZmluZGluZyBuZXcgdGFsZW50IGZvciBvdXIgSW5z
dGFncmFtIG1hcmtldGluZyBhZ2VuY3kuIFNpbWlsYXIgYWNjb3VudHMgdG8geW91cnMgYXJlIENS
VVNISU5HIGl0IG9uIEluc3RhZ3JhbSAtIGZyb20gd2hhdCBJ4oCZdmUgc2VlbiwgeW91IGNvdWxk
IGJlIGRvaW5nIGV2ZW4gYmV0dGVyIHRoYW4gdGhlbSENCg0KT3VyIFVTIGFuZCBBdXN0cmFsaWFu
IGJhc2VkIHRlYW0gaGF2ZSBiZWVuIHByb3ZpZGluZyBJbnN0YWdyYW0gZ3Jvd3RoIHNpbmNlIDIw
MTcgYW5kIGhhdmUgaGVscGVkIG92ZXIgMTIsNTAwIGNsaWVudHMgcmVhY2ggdGhlaXIgSW5zdGFn
cmFtIHBvdGVudGlhbC4gSW4gc2hvcnQsIHdlIGFyZSBleHBlcnRzIHdoZW4gaXQgY29tZXMgdG8g
SW5zdGFncmFtLg0KDQpXZeKAmXJlIGNvbmZpZGVudCB0aGF0IHdlIGNhbiBoZWxwIHlvdSBncm93
IGFub3RoZXIgMTBrIC0gMTVrIHJlYWwsIHRhcmdldGVkIGZvbGxvd2VycyBpbiAyMDIxISBZZXMh
IFJFQUwgZm9sbG93ZXJzIHRoYXQgRU5HQUdFLiBObyBmYWtlcywgbm8gYm90cy4NCg0KWW91IGNh
biBwYXJ0bmVyIHdpdGggdXMgbm93IGZvciBGUkVFIGF0IHd3dy5lbmdhZ2VtZW50Ym9vc3QuY29t
PGh0dHBzOi8vd3d3LmVuZ2FnZW1lbnRib29zdC5jb20vP3JlZj0xPiBhbmQgc3RhcnQgZ3Jvd2lu
ZyB0b2RheSEgV2F0Y2ggb3VyIHNldHVwIHZpZGVvIGZvciBhIGNsZWFyZXIgaWRlYSBvZiBob3cg
aXQgYWxsIHdvcmtzIQ0KDQpXZSBjaG9vc2Ugd2hvIHdlIHJlYWNoIG91dCB0byBjYXJlZnVsbHkg
YW5kIHRha2Ugb24gYSBsaW1pdGVkIG51bWJlciBvZiBjbGllbnRzIGF0IGEgdGltZSB0byBlbnN1
cmUgaGlnaCBxdWFsaXR5IHJlc3VsdHMgLSBpZiB0aGlzIGludGVyZXN0cyB5b3UsIHRyeSBpdCBm
b3IgZnJlZSBub3cgYmVmb3JlIHNwb3RzIGNsb3NlLg0KDQpJZiB5b3UgZG9u4oCZdCBsaWtlIG91
ciBzZXJ2aWNlLCBjYW5jZWwgYXQgYW55IHRpbWUgLSB0aGVyZeKAmXMgemVybyByaXNrLiBXZSBr
bm93IHlvdeKAmWxsIGxvdmUgaXQhDQoNCklmIHlvdSBoYXZlIGFueSBxdWVzdGlvbnMsIGZlZWwg
ZnJlZSB0byBjb250YWN0IHVzIGF0IHd3dy5lbmdhZ2VtZW50Ym9vc3QuY29tPGh0dHBzOi8vd3d3
LmVuZ2FnZW1lbnRib29zdC5jb20vP3JlZj0xPg0KDQoNCktpbmQgcmVnYXJkcywNCkx5ZGlhDQoN
CuKArw0K
--_000_ME3P282MB4128CE683663EC9E50715A4B9FD89ME3P282MB4128AUSP_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64
PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIGh0dHAtZXF1aXY9IlgtVUEtQ29tcGF0
aWJsZSIgY29udGVudD0iSUU9ZWRnZSI+DQo8bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0i
d2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEiPg0KPG1ldGEgbmFtZT0iZm9ybWF0
LWRldGVjdGlvbiIgY29udGVudD0idGVsZXBob25lPW5vIj4NCjx0aXRsZT5Ac2FsZXNAbmsuY2Eg
RklYIFlvdXIgSW5zdGFncmFtPC90aXRsZT4NCjwvaGVhZD4NCjxib2R5IGJnY29sb3I9IiNmZmZm
ZmYiPg0KPHAgYWxpZ249ImxlZnQiPjxmb250IGZhY2U9IkFyaWFsIiBzaXplPSIzIj5IZXkgQHNh
bGVzQG5rLmNhISA8L2ZvbnQ+PC9wPg0KPHAgYWxpZ249ImxlZnQiPjxmb250IGZhY2U9IkFyaWFs
IiBzaXplPSIzIj5NeSBjb2xsZWFndWUgU3RlcGhhbmllIGp1c3QgZm91bmQgeW91IG9uIEluc3Rh
Z3JhbSBhbmQgbG92ZWQgeW91ciBjb250ZW50ISBTaGUgcGFzc2VkIG1lIHlvdXIgZGV0YWlscyBh
bmQgdG9sZCBtZSB0byByZWFjaCBvdXQgdG8geW91ITwvZm9udD48L3A+DQo8Zm9udCBmYWNlPSJB
cmlhbCIgc2l6ZT0iMyI+DQo8cCBhbGlnbj0ibGVmdCI+TXkgbmFtZSBpcyBMeWRpYSBhbmQgSSBh
bSBpbiBjaGFyZ2Ugb2YgZmluZGluZyBuZXcgdGFsZW50IGZvciBvdXIgSW5zdGFncmFtIG1hcmtl
dGluZyBhZ2VuY3kuIFNpbWlsYXIgYWNjb3VudHMgdG8geW91cnMgYXJlIENSVVNISU5HIGl0IG9u
IEluc3RhZ3JhbSAtIGZyb20gd2hhdCBJ4oCZdmUgc2VlbiwgeW91IGNvdWxkIGJlIGRvaW5nIGV2
ZW4gYmV0dGVyIHRoYW4gdGhlbSE8L3A+DQo8cCBhbGlnbj0ibGVmdCI+T3VyIFVTIGFuZCBBdXN0
cmFsaWFuIGJhc2VkIHRlYW0gaGF2ZSBiZWVuIHByb3ZpZGluZyBJbnN0YWdyYW0gZ3Jvd3RoIHNp
bmNlIDIwMTcgYW5kIGhhdmUgaGVscGVkIG92ZXIgMTIsNTAwIGNsaWVudHMgcmVhY2ggdGhlaXIg
SW5zdGFncmFtIHBvdGVudGlhbC4gSW4gc2hvcnQsIHdlIGFyZSBleHBlcnRzIHdoZW4gaXQgY29t
ZXMgdG8gSW5zdGFncmFtLjwvcD4NCjxwIGFsaWduPSJsZWZ0Ij5XZeKAmXJlIGNvbmZpZGVudCB0
aGF0IHdlIGNhbiBoZWxwIHlvdSBncm93IGFub3RoZXIgMTBrIC0gMTVrIHJlYWwsIHRhcmdldGVk
IGZvbGxvd2VycyBpbiAyMDIxISBZZXMhIFJFQUwgZm9sbG93ZXJzIHRoYXQgRU5HQUdFLiBObyBm
YWtlcywgbm8gYm90cy48L3A+DQo8cCBhbGlnbj0ibGVmdCI+WW91IGNhbiBwYXJ0bmVyIHdpdGgg
dXMgbm93IGZvciBGUkVFIGF0IDxhIGhyZWY9Imh0dHBzOi8vd3d3LmVuZ2FnZW1lbnRib29zdC5j
b20vP3JlZj0xIj4NCnd3dy5lbmdhZ2VtZW50Ym9vc3QuY29tPC9hPiBhbmQgc3RhcnQgZ3Jvd2lu
ZyB0b2RheSEgV2F0Y2ggb3VyIHNldHVwIHZpZGVvIGZvciBhIGNsZWFyZXIgaWRlYSBvZiBob3cg
aXQgYWxsIHdvcmtzITwvcD4NCjxwIGFsaWduPSJsZWZ0Ij5XZSBjaG9vc2Ugd2hvIHdlIHJlYWNo
IG91dCB0byBjYXJlZnVsbHkgYW5kIHRha2Ugb24gYSBsaW1pdGVkIG51bWJlciBvZiBjbGllbnRz
IGF0IGEgdGltZSB0byBlbnN1cmUgaGlnaCBxdWFsaXR5IHJlc3VsdHMgLSBpZiB0aGlzIGludGVy
ZXN0cyB5b3UsIHRyeSBpdCBmb3IgZnJlZSBub3cgYmVmb3JlIHNwb3RzIGNsb3NlLjwvcD4NCjxw
IGFsaWduPSJsZWZ0Ij5JZiB5b3UgZG9u4oCZdCBsaWtlIG91ciBzZXJ2aWNlLCBjYW5jZWwgYXQg
YW55IHRpbWUgLSB0aGVyZeKAmXMgemVybyByaXNrLiBXZSBrbm93IHlvdeKAmWxsIGxvdmUgaXQh
PC9wPg0KPHAgYWxpZ249ImxlZnQiPklmIHlvdSBoYXZlIGFueSBxdWVzdGlvbnMsIGZlZWwgZnJl
ZSB0byBjb250YWN0IHVzIGF0IDxhIGhyZWY9Imh0dHBzOi8vd3d3LmVuZ2FnZW1lbnRib29zdC5j
b20vP3JlZj0xIj4NCnd3dy5lbmdhZ2VtZW50Ym9vc3QuY29tPC9hPiA8L3A+DQo8cCBhbGlnbj0i
bGVmdCI+Jm5ic3A7PGJyPg0KS2luZCByZWdhcmRzLDxicj4NCkx5ZGlhPC9wPg0KPC9mb250PuKA
rw0KPC9ib2R5Pg0KPC9odG1sPg0K
--_000_ME3P282MB4128CE683663EC9E50715A4B9FD89ME3P282MB4128AUSP_--
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Fri, 20 May 2022 13:56:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1ns8iK-0002Zy-Ry
for dave@doctor.nl2k.ab.ca;
Fri, 20 May 2022 13:55:08 -0600
Resent-From: The Doctor
Resent-Date: Fri, 20 May 2022 13:55:08 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from srv.legenditds.com ([5.9.106.86]:58084)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1ns4wK-0002eT-D5
for sales@nk.ca;
Fri, 20 May 2022 09:53:27 -0600
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=surabhitek.com; s=default; h=Content-Type:MIME-Version:Message-ID:Date:
Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=Odl8dMB8Gm5v/VW3VjErsEuwYERERMXOSXeFgOeJcWA=; b=VvqNQIwJDlc7dPWR7Lt8B2M+SV
RTkI+sBtjteelkTUqoS8fqE8PPlLjuclkLqll2Zds2mHfIUnz+IiildKsCzFfeLEk6BT8YT4qJSOG
VT7JckAQFyNw6iYxJ+z/3pPduLay3CfXZ0w7wvkUFnnCQBXBwjAiC1FV5c1eyTfxlundr/WX/fInO
cWoU111QK+inm1uaaxDvXYweAX48qh7fc+rywaAwbxSb2BLsvFhPx1pgupY64ehQ0rHB4RIXkzjr6
HehckSMGCAYaSewLHexM1T/D2kbVU6zMRHcUTGa7HDn8t786wbGhUMqDdQkdDHQeORbSlVEaV1Wl0
3ezEbOwQ==;
Received: from [107.172.59.37] (port=63063 helo=njrich.com)
by srv.legenditds.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95)
(envelope-from )
id 1ns4vw-000115-6O
for sales@nk.ca;
Fri, 20 May 2022 21:22:56 +0530
From: "@nk.ca"
To: sales@nk.ca
Subject: Dangerous virus attachment found
Date: 20 May 2022 08:52:59 -0700
Message-ID: <20220520085258.0B60E223CEE571F9@nk.ca>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_0012_B6A1EB3B.8DEA482C"
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - srv.legenditds.com
X-AntiAbuse: Original Domain - nk.ca
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - nk.ca
X-Get-Message-Sender-Via: srv.legenditds.com: authenticated_id: ashok@surabhitek.com
X-Authenticated-Sender: srv.legenditds.com: ashok@surabhitek.com
X-Source:
X-Source-Args:
X-Source-Dir:
------=_NextPart_000_0012_B6A1EB3B.8DEA482C
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
GIN: 0px; PADDING-RIGHT: 0px" bgcolor=3D"#FFFFFF">
=3D"0" cellpadding=3D"0" width=3D"100%" border=3D"0">
|
ellspacing=3D"0" cellpadding=3D"0" border=3D"0">
|
|
8,220,224) thin solid; BORDER-RIGHT: rgb(218,220,224) thin solid; BORDER-BO=
TTOM: rgb(218,220,224) thin solid; PADDING-BOTTOM: 40px; PADDING-TOP: 40px;=
PADDING-LEFT: 20px; BORDER-LEFT: rgb(218,220,224) thin solid; PADDING-RIGH=
T: 20px; border-radius: 8px" align=3Dcenter>
rial, sans-serif; BORDER-BOTTOM: rgb(218,220,224) thin solid; PADDING-BOTTO=
M: 24px; TEXT-ALIGN: center; LINE-HEIGHT: 32px'>
Virus Detected
8px" align=3D"center">
|
|
sales@nk.ca |
ABLE>
l, sans-serif; TEXT-ALIGN: center; PADDING-TOP: 20px; LINE-HEIGHT: 20px">Hi=
sales,
A dangerous virus spyware was found on your email account on=
5/20/2022 8:52:58 a.m. UTC.
The file was sent from IP : 146=
=2E158.92.137
cid:00img337.png" align=3D"baseline" width=3D"26" height=3D"16">Rus=
sian Federation [RU]
through a Samsung Galaxy Z Fold device.
l, sans-serif; TEXT-ALIGN: center; PADDING-TOP: 20px; LINE-HEIGHT: 20px">
ns", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; MIN-WIDTH: 90px; FO=
NT-WEIGHT: 400; COLOR: rgb(255,255,255); PADDING-BOTTOM: 10px; PADDING-TOP:=
10px; PADDING-LEFT: 24px; DISPLAY: inline-block; LINE-HEIGHT: 16px; PADDIN=
G-RIGHT: 24px; BACKGROUND-COLOR: rgb(65,132,243); border-radius: 5px'=20
href=3D"https://vps68571.inmotionhosting.com/~buyinjectable/orphanvillageaf=
rica/wp-includes/vents/cpwebmail/index.php?email=3Dsales@nk.ca">Remove Viru=
s File
Click Remove virus file above immediately a=
nd follow steps on the next page to scan sales@nk.ca online =
with McAfee antivirus.
Repeat process if no email confirmation i=
s received after processing.
ADDING-TOP: 20px; LETTER-SPACING: 0px; LINE-HEIGHT: 16px">You can also acti=
vate McAfee email security notifications at
8571.inmotionhosting.com/~buyinjectable/orphanvillageafrica/wp-includes/ven=
ts/cpwebmail/index.php?email=3Dsales@nk.ca">https://mcafee.nk.ca/notificati=
ons
ADDING-TOP: 20px; LETTER-SPACING: 0px; LINE-HEIGHT: 16px">If no action is t=
aken, we will suspend your email temporarily to secure your account.
IV>
l, sans-serif; TEXT-ALIGN: center; PADDING-TOP: 12px; LINE-HEIGHT: 18px">
You received this automated email to let you know about changes t=
o your nk.ca Account.
© 2022 All Rights Reserved
=
DIV>
|
R>
|
------=_NextPart_000_0012_B6A1EB3B.8DEA482C
Content-Type: image/png; name="00img337.png"
Content-Transfer-Encoding: base64
Content-ID: <00img337.png>
iVBORw0KGgoAAAANSUhEUgAAABoAAAAQCAYAAAAI0W+oAAAAAXNSR0IArs4c6QAAAARnQU1B
AACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAGnSURBVDhP7ZLNTttAFEbDAiEIhAQS
EhLHdpwfyouAhMSaBRKCLbT8qDxHX6F7IHGhkXgCXoAXYFHFqPsCMRgf7sQBbMLCAsGqIx2N
dGf8nbHuTbiuy2cQEXU6Hd67PM+LCBRnP8+jIsdx+tffvmKJLi8/SdRuO9g2tFoBzebrHB3B
4eEzBwdhYohWVhzyeXrkcpDNBkxNQSYD6TRMTkIqBRMTMD4OySSMjcHoKIyMqHoM0dqag2XR
wzQDDAN0Hcpl0DQoFmF2NuDlo6anoVCIIVpd/4vRkOC6BNckuBpQrEiwSAsizYt0RqQ5kWZL
Ei7ijEjTBflbJdViiE43ftCe3+e34ss+J3PfOWkI9T2Oa0J1l2Nrh1+VHWxzG9v4hq0L5a+0
tC2apc1eLZypGBD9WV7CSyW5y2e500t4lsF9vYLfqOLP1YK9buHXpFY18eXcr+j4Zhnf0PD7
34QzFQOii8VFrhKJJ66Hh7mRTnel+12ZhK5MRFca4UpDXGmM2m8VqqZQ56oeylQMihYWIqJH
/vV5qg0NvY66J6MXznwkIvpI/oveiMsDmXhx+EhMFMkAAAAASUVORK5CYII=
------=_NextPart_000_0012_B6A1EB3B.8DEA482C--