Return-path: <>
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 10:39:48 -0600
Received: from [95.217.66.194] (port=33244 helo=borderlandresearch.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.95 (FreeBSD))
id 1o5rlI-000Ic6-I0
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 10:39:02 -0600
MIME-Version: 1.0
Message-Id:
From:=?UTF-8?B?U2VsZWN0ZWQh?=
Subject:=?UTF-8?B?SHVycnksIExpbWl0ZWQgVGltZSBPbmx5?=
Reply-To: reply_MW950K5dVyJ8HZt7h.bounce9@inx1and1.de
To: dave@doctor.nl2k.ab.ca
Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Jun 2022 18:36:46 +0200
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 15:02:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5vrG-000NIw-D0
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 15:01:22 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 15:01:22 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from dhtrptvr.outbound-mail.sendgrid.net ([208.117.55.133]:26110)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5r8P-000EeY-La
for sales@nk.ca;
Mon, 27 Jun 2022 09:58:49 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendgrid.me;
h=from:subject:references:in-reply-to:mime-version:to:content-type:
content-transfer-encoding;
s=smtpapi; bh=f8O0PFzOtCDPpB86xoPx+ngVmxEnxQqseM8i6TEV3nU=;
b=Gl59nnvUD6bRBiXjzG/WgYHgL+AelNUlTAhWLCj0OIY7h06nFyNZv8vCuGj4xrdwjLdQ
gEQQtOM5XIHG9HbJzv1Rvg4xV0VkA+7751ngwABKPBHwW1Y/kaIExS0Gznd3dfV/eIMcxW
eBxt/5SL27hldGtMtpJx2h9giYMtQGBq0=
Received: by filterdrecv-7b77c45746-6fvxl with SMTP id filterdrecv-7b77c45746-6fvxl-1-62B9D39E-2D
2022-06-27 15:58:22.657246507 +0000 UTC m=+1636527.740629392
Received: from 127.0.0.1 (unknown)
by geopod-ismtpd-4-1 (SG) with ESMTP
id 66Q_DNHnTbO1_DMlBtCT8Q
for ;
Mon, 27 Jun 2022 15:58:22.147 +0000 (UTC)
Date: Mon, 27 Jun 2022 15:58:22 +0000 (UTC)
From: Mike Kyle
Subject: NetKnow Internet Knowledge Co. & QeWebby
Message-ID: <83b219ed-ed7b-eb55-3fa5-bfc5d91ca94d@mail.gmail.com>
References:
X-Forwarded-Message-Id:
In-Reply-To:
MIME-Version: 1.0
X-SG-EID:
=?us-ascii?Q?gQkno2vIGpTbi=2FX3IyC+KiwMuSWPeAu6AAAUtb8PBFPmc5mmYUivfGi6Cymb6N?=
=?us-ascii?Q?vJ+u5m4qi+6RLNgXYhHr6ln5ZYg4Z9RjZI3Vxtm?=
=?us-ascii?Q?zZS1LUOgwux2IffBhEVGGGGDD4Rf=2FCU+9cXEG5+?=
=?us-ascii?Q?RG7SdmkpLmv9AjRJE3FxfCe68GKb=2FfTUunZ0JT2?=
=?us-ascii?Q?uEXo7N+6Tg0GSl7NVJ2ISGr49SMqozLEstdrXU0?=
=?us-ascii?Q?HO2K9etrpiLY4AsY4=3D?=
To: sales@nk.ca
X-Entity-ID: a2DzOxQgTHayZSyNfKdyJQ==
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hello Aboo,
I hope you're having a wonderful day.
I just wanted to reach out and send over some information about what we do and see if there is room for us to work together.
QeWebby is a white-label agency that helps companies like yours in their WordPress and WooCommerce projects at just USD 18/hour.
Whether you need help with a couple of projects or support/maintenance tasks or dedicated developers that work directly in your systems, we have you covered.
Our Expertise:
- New website builds and redesign
- Design (PSD, Ai, Adobe XD, PDF, etc.) to WordPress conversion.
- WordPress custom development
- WooCommerce development
Why QeWebby?
- No minimum project size
- Free quotations are provided under no obligation
- Strict NDA
- Dedicated account manager
Does this sound like something you are interested in?
A reply would be greatly appreciated.
Best,
Mike Kyle // QeWebby
P.S. If you are not interested or not the right time, no problem at all. Just let me know either way.
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 15:01:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5vqj-000NDi-EX
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 15:00:49 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 15:00:49 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-yw1-f169.google.com ([209.85.128.169]:43798)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5qai-000BED-TH
for sales@nk.ca;
Mon, 27 Jun 2022 09:24:01 -0600
Received: by mail-yw1-f169.google.com with SMTP id 00721157ae682-3137316bb69so88705687b3.10
for ; Mon, 27 Jun 2022 08:23:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
bh=rITThpq+c6o4qv0OvvNP5JGWUGL2YMq8DJyiiVCSFhU=;
b=SYTZj4RXGezkVTJDA7ePeb33RFj9+56ar2LO9+wZHMdTPOCKnTZN790CDhOeqGZ6mz
fkP6zvnes9XQI1e8Wcdtte4OcAxkyYSoGr+jRIf3CC4JXjBuEcScEwsJnZQkuXnMvh91
C2h+b8/HV5+6Pc1e4XKUOsmZRpomQo4mtJ6jntMfG7ks23Gs6Y+gmcImuHo+nQRktHsk
RHr06BEuz/eSfcJVnIHfa1EPWF7gegWzD3NcsJ42NxfnsSXYeXxRMhqM+8DmsHma8MjV
vWX88OkbgpeaWUkfnh9TDAXu32kwBpFsTLlnPmHJmuxIi4yJGDpUZ4/8TyvLm+4kWNRd
zhKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to;
bh=rITThpq+c6o4qv0OvvNP5JGWUGL2YMq8DJyiiVCSFhU=;
b=GP6KdROK4TlFFhQABwazrNiZmXFSia/7WGUm9jvTkAuVx5BImp3KQbHLoCvaInnjtf
WzShYBCV3AScT1PmWO7t9nuIIpGGJnL3MeH/n61Ie2G6E6C75jD78f1gIAzmgu6PHfgS
LvW/X4H1DTtA65Ue/35j8XdWVtURRMskCwRmcEuvoirQTNlzyEbX3dr6CkFMitgZH61S
nF2awjVbqoWfq8DkpmKwKcGkARICUIkzXxtIH5OF8s6nSEvfbfbPjgVRsvgvlsZTMRxe
yTpvl97YVXVat+7aowlaPXdzvdC1QcayQPTILij9FCKhOIIqMCPAMCS/xUbXoxCPPVQ6
BErQ==
X-Gm-Message-State: AJIora8qjOkPl3zzcIA109ACOJVx3O3xz3NbcY4tYqszoeKWLUxjccgE
UH4Pr4WjJ/OAYS6U1/e9Fvb8fAcjsngm0RSCLHdDWqYFBsI=
X-Google-Smtp-Source: AGRyM1tztb+/PkOc/IvgnnPB6236XdnDUtHfOmkYg1amupgtHCPZgDuoUvGyc5413+GJkwIDfGyE23HwIAWlY9T0UXc=
X-Received: by 2002:a81:9286:0:b0:317:d78b:fa41 with SMTP id
j128-20020a819286000000b00317d78bfa41mr15110383ywg.46.1656343413968; Mon, 27
Jun 2022 08:23:33 -0700 (PDT)
MIME-Version: 1.0
References:
In-Reply-To:
From: Michael Davis
Date: Mon, 27 Jun 2022 16:23:05 +0100
Message-ID:
Subject: Re: Edmonton Broadband
To: sales@nk.ca
Content-Type: multipart/alternative; boundary="000000000000d0d60005e26f808e"
--000000000000d0d60005e26f808e
Content-Type: text/plain; charset="UTF-8"
Hello,
We have not heard from you regarding EdmontonBroadband.com
This massive domain can be forwarded to your website to capture clients
that need Broadband Services in Edmonton and nearby areas.
Price has been reduced to $399.
Go to www.EdmontonBroadband.com to get it now for $39 only.
Let me know if you have any questions.
Michael Davis.
On Mon, May 9, 2022, 6:49 PM Michael Davis wrote:
> Hello,
>
> EdmontonBroadband.com is listed for sale on Dan Domain Marketplace.
>
> The domain is often checked up on the internet in Edmonton. To capture
> more targeted customers for your business, redirect this massive domain to
> your primary website or build a new massive one on it.
>
> When you have 2 or more domains, it helps to throw a wider range and
> visibility than just 1.
>
> Go to www.EdmontonBroadband.com for immediate acquisition @ $499 only.
>
> Domain is also available @ GoDaddy.
>
> Best Regards,
> Michael Davis
> From Crown Domains.
>
--000000000000d0d60005e26f808e
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Hello,
>
We have not heard from you regarding EdmontonBroadband.c=
om
This massive domain c=
an be forwarded to your website to capture clients that need Broadband Serv=
ices in Edmonton and nearby areas.=C2=A0
<=
div dir=3D"auto">Price has been reduced to $399.=C2=A0
o"> Go to
d.com">www.EdmontonBroadband.com to get it now for $39 only.=C2=A0
>
Let me know if you have any =
questions.
Michael Davis=
.=C2=A0
"gmail_attr">On Mon, May 9, 2022, 6:49 PM Michael Davis <
to:michaeldav2559@gmail.com">michaeldav2559@gmail.com> wrote:
iv>
:1px #ccc solid;padding-left:1ex">
EdmontonBroadband.com is listed for sale=
on Dan Domain Marketplace.=C2=A0
=3D"auto">The domain is often checked up on the internet in Edmonton. To ca=
pture more targeted customers for your business, redirect this massive doma=
in to your primary website or build a new massive one on it.=C2=A0
v dir=3D"auto">When you have 2 or more domains,=
it helps to throw a wider range and visibility than just 1.=C2=A0
v dir=3D"auto">Go to
ntonBroadband.com" target=3D"_blank" rel=3D"noreferrer">www.EdmontonBroadba=
nd.com for immediate acquisition @ $499 only.=C2=A0
to">Domain is also available @ GoDaddy.=C2=A0=
div>
Best Regards,
ir=3D"auto">Michael Davis
From Crown Domains.
<=
/div>
--000000000000d0d60005e26f808e--
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 15:01:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5vps-000N68-L3
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 14:59:56 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 14:59:56 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from wfbtbkkd.outbound-mail.sendgrid.net ([159.183.177.29]:19120)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5p5R-0003YY-4C
for root@nk.ca;
Mon, 27 Jun 2022 07:47:37 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=newlaurakitchen22.com;
h=content-type:mime-version:from:subject:to;
s=s1; bh=+yii+NOD4s/yzXMRRcW5J74WJ29749cHN4Z4RZAM5NM=;
b=fG+2/y9Rjvg9qvI25IPCarNf0PRXaoSDtDkDlc0G95QxPN21m21yGkwi+SzFqXFYzTup
UY6iEX7M77XiFLclZyQPZXPbY05pRHDNkJjs4LlUWTyIb9JOpJKfsY3ouksiWwGdMLnSb1
1sh8oOrl2JCax/qIaBlp621c2EC3rglfOYRsG1NGDg4dpE43v9tJGo5FkK6El4+Vai+u9g
ruWr8VHU2PJVsO3+m5+FAE5R3y7HmaxwNniqK/d0a7sdwTRgWJ2IvzcPgZ3hFQEBOo5Wq3
o/610dZCJ5J8k8+gzdVrvW2EDF8SpWXThv+/crOZxUdLYd2tyGz2pvk66HYmV87A==
Received: by filterdrecv-846cc7cc7f-xf5dw with SMTP id filterdrecv-846cc7cc7f-xf5dw-1-62B9B4DA-7A
2022-06-27 13:47:06.40835424 +0000 UTC m=+1628286.956692011
Received: from [172.17.0.4] (unknown)
by geopod-ismtpd-6-5 (SG) with ESMTP
id Vc92YIaSRhOHbG64ULmN3Q
for ;
Mon, 27 Jun 2022 13:47:06.332 +0000 (UTC)
Content-Type: multipart/related; boundary="===============5976475191921004144=="
MIME-Version: 1.0
From: noreply-zOEivzkkAVNJ9iX@em7717.newlaurakitchen22.com
Subject: Nk Urgent Deactivation alert
X-Priority: 2
Message-ID:
Date: Mon, 27 Jun 2022 13:47:06 +0000 (UTC)
X-SG-EID:
=?us-ascii?Q?lT58ugLK=2FeEakYOTzexAmdEL6LQ4znUew5Jeij3FkK=2FWVEYkIk4udGQ3ZiM+mf?=
=?us-ascii?Q?Nd2RnSjQuMoOK2St4OPKq9PGoHWLB0Tdp74jMKm?=
=?us-ascii?Q?qQUFk7KmRGmRg3RlZGRaJx3V6bnUIpFuZqGJrFT?=
=?us-ascii?Q?xVXSS01RhQQ0=2Fya2VAotqZN9pro4ySI+EnEtxpS?=
=?us-ascii?Q?mcKGHnBBfLzYQcvRBB6D7x0Xqcs3aPEGvcXbro0?=
=?us-ascii?Q?Oi7Ulxl+zylC5rq7CVKwNfxQK801o1o2EMU4Hy?=
To: root@nk.ca
X-Entity-ID: dFS1WKN9/TYVa6CBz9GjHA==
X-Spam_score: 5.2
X-Spam_score_int: 52
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: We have identified data security issues concerning your account
root@nk.ca So, we advise that all accounts be authenticated. You are required
to verify your account immediately or we will be
Content analysis details: (5.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[159.183.177.29 listed in wl.mailspike.net]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or
identical to background
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 MIME_BASE64_TEXT RAW: Message text disguised using base64
encoding
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.0 T_SCC_BODY_TEXT_LINE No description available.
1.5 FROM_FMBLA_NEWDOM From domain was registered in last 7 days
1.0 ACCT_PHISHING Possible phishing for account information
1.0 XPRIO Has X-Priority header
0.9 URI_PHISH Phishing using web form
Subject: {SPAM?} Nk Urgent Deactivation alert
--===============5976475191921004144==
Content-Type: text/html; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: base64
PGh0bWw+PGhlYWQ+CiAgICA8bWV0YSBuYW1lPSJHRU5FUkFUT1IiIGNvbnRlbnQ9Ik1TSFRNTCAx
MS4wMC4xMDU3MC4xMDAxIj4KICAgIDxtZXRhIGh0dHAtZXF1aXY9IlgtVUEtQ29tcGF0aWJsZSIg
Y29udGVudD0iSUU9ZWRnZSI+CiAgICA8L2hlYWQ+CiAgICA8Ym9keT4KICAgIDx0YWJsZSBzdHls
ZT0ibWFyZ2luOiBhdXRvOyB3aWR0aDogNTUwcHg7IGNvbG9yOiByZ2IoMCwgMCwgMCk7IHRleHQt
dHJhbnNmb3JtOiBub25lOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBmb250LWZhbWlseTogQ2Fs
aWJyaSwgQXJpYWwsIEhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxNnB4OyBmb250
LXN0eWxlOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiA0MDA7IHdvcmQtc3BhY2luZzogMHB4OyB3aGl0
ZS1zcGFjZTogbm9ybWFsOyBib3JkZXItY29sbGFwc2U6IGNvbGxhcHNlOyBvcnBoYW5zOiAyOyB3
aWRvd3M6IDI7IGZvbnQtc3RyZXRjaDogaW5oZXJpdDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1
NSwgMjU1LCAyNTUpOyBmb250LXZhcmlhbnQtbGlnYXR1cmVzOiBub3JtYWw7IGZvbnQtdmFyaWFu
dC1jYXBzOiBub3JtYWw7IGZvbnQtdmFyaWFudC1udW1lcmljOiBpbmhlcml0OyBmb250LXZhcmlh
bnQtZWFzdC1hc2lhbjogaW5oZXJpdDsgCiAgICAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAw
cHg7IHRleHQtZGVjb3JhdGlvbi10aGlja25lc3M6IGluaXRpYWw7IHRleHQtZGVjb3JhdGlvbi1z
dHlsZTogaW5pdGlhbDsgdGV4dC1kZWNvcmF0aW9uLWNvbG9yOiBpbml0aWFsOyI+CiAgICA8dGJv
ZHk+CiAgICA8dHI+CiAgICA8dGQgc3R5bGU9IndpZHRoOiA1NDhweDsiPgogICAgPGRpdiBzdHls
ZT0iYmFja2dyb3VuZDogcmdiKDIzOSwgMjM5LCAyMzkpOyBtYXJnaW46IGF1dG87IHBhZGRpbmc6
IDIwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5l
OyI+CiAgICA8ZGl2IHN0eWxlPSJtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBw
eCBjdXJyZW50Q29sb3I7IHZlcnRpY2FsLWFsaWduOiBiYXNlbGluZTsiPgogICAgPHRhYmxlIHdp
ZHRoPSIxMDAlIiBzdHlsZT0iaGVpZ2h0OiAxOHB4OyI+CiAgICA8dGJvZHk+CiAgICA8dHIgc3R5
bGU9ImhlaWdodDogMThweDsiPgogICAgPHRkIHN0eWxlPSJoZWlnaHQ6IDE4cHg7Ij4mbmJzcDs8
L3RkPgogICAgPHRkIHN0eWxlPSJoZWlnaHQ6IDE4cHg7IHRleHQtYWxpZ246IHJpZ2h0OyI+Jm5i
c3A7PC90ZD48L3RyPjwvdGJvZHk+PC90YWJsZT48L2Rpdj4KICAgIDxkaXYgc3R5bGU9Im1hcmdp
bjogMHB4OyBwYWRkaW5nOiAwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgdmVydGljYWwt
YWxpZ246IGJhc2VsaW5lOyI+Jm5ic3A7PC9kaXY+CiAgICA8ZGl2IHN0eWxlPSJiYWNrZ3JvdW5k
OiB3aGl0ZTsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDEwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRD
b2xvcjsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyI+CiAgICA8dGFibGUgc3R5bGU9IndpZHRo
OiA0ODhweDsgaGVpZ2h0OiAxMjdweDsgYm94LXNpemluZzogYm9yZGVyLWJveDsiPgogICAgPHRi
b2R5PgogICAgPHRyPgogICAgPHRkIHN0eWxlPSJ3aWR0aDogNDc2cHg7IGhlaWdodDogOTJweDsg
Ym94LXNpemluZzogYm9yZGVyLWJveDsiPgogICAgPHAgc3R5bGU9Im1hcmdpbjogMHB4OyBjb2xv
cjogcmdiKDM0LCAzNCwgMzQpOyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZldGljYSwgc2Fucy1z
ZXJpZjsgZm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJjb2xvcjogcmdiKDAsIDAsIDAp
OyBmb250LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij5XZSBoYXZlIGlkZW50aWZpZWQgZGF0
YSBzZWN1cml0eSBpc3N1ZXMgY29uY2VybmluZyB5b3VyIGFjY291bnQmbmJzcDs8L3NwYW4+PHNw
YW4gc3R5bGU9ImNvbG9yOiByZ2IoMCwgMCwgMjU1KTsiPgogICAgcm9vdEBuay5jYTxzcGFuIHN0
eWxlPSJtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBweCBjdXJyZW50Q29sb3I7
IGZvbnQtZmFtaWx5OiBhcmlhbCwgc2Fucy1zZXJpZjsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5l
OyBmb250LXN0cmV0Y2g6IGluaGVyaXQ7Ij4mbmJzcDs8L3NwYW4+PC9zcGFuPjwvcD4KICAgIDxw
IHN0eWxlPSJtYXJnaW46IDBweDsgZm9udC1mYW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMt
c2VyaWY7IGZvbnQtc2l6ZTogc21hbGw7Ij48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IGFyaWFs
LCBzYW5zLXNlcmlmOyI+U28sIHdlIGFkdmlzZSB0aGF0IGFsbCBhY2NvdW50cyBiZSBhdXRoZW50
aWNhdGVkLjwvc3Bhbj48L3A+CiAgICA8cCBzdHlsZT0ibWFyZ2luOiAwcHg7IGZvbnQtZmFtaWx5
OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IHNtYWxsOyI+Jm5ic3A7
PC9wPgogICAgPHAgc3R5bGU9Im1hcmdpbjogMHB4OyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZl
dGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJmb250LWZh
bWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij5Zb3UgYXJlIHJlcXVpcmVkIHRvIHZlcmlmeSB5b3Vy
IGFjY291bnQgaW1tZWRpYXRlbHkgb3Igd2Ugd2lsbCBiZSZuYnNwOzwvc3Bhbj48L3A+CiAgICA8
cCBzdHlsZT0ibWFyZ2luOiAwcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5z
LXNlcmlmOyBmb250LXNpemU6IHNtYWxsOyI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBhcmlh
bCwgc2Fucy1zZXJpZjsiPmZvcmNlZCB0byBEZWFjdGl2YXRlIHlvdXIgYWNjb3VudC48L3NwYW4+
PC9wPgogICAgPHAgc3R5bGU9Im1hcmdpbjogMHB4OyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZl
dGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJmb250LWZh
bWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij48L3NwYW4+Jm5ic3A7PC9wPgogICAgPHAgc3R5bGU9
Im1hcmdpbjogMHB4OyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZldGljYSwgc2Fucy1zZXJpZjsg
Zm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTogYXJpYWwsIHNhbnMt
c2VyaWY7Ij48c3BhbiBzdHlsZT0ibWFyZ2luOiAwcHg7IHBhZGRpbmc6IDBweDsgYm9yZGVyOiAw
cHggY3VycmVudENvbG9yOyBjb2xvcjogcmdiKDM0LCAzNCwgMzQpOyBmb250LWZhbWlseTogaW5o
ZXJpdDsgZm9udC1zaXplOiBzbWFsbDsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBkaXNwbGF5
OiBpbmxpbmUgIWltcG9ydGFudDsgZm9udC1zdHJldGNoOiBpbmhlcml0OyBiYWNrZ3JvdW5kLWNv
bG9yOiByZ2IoMjU1LCAyNTUsIDI1NSk7Ij4KICAgIElmIHlvdSBmYWlsIHRvIFZlcmlmeSB5b3Vy
IGFjY291bnQsIHlvdSB3aWxsIGJlIGRlYWN0aXZhdGVkIGFuZCB5b3Ugd2lsbCBsb3NlIGFjY2Vz
cyB0byB5b3VyIE1haWxib3guPC9zcGFuPjxicj48L3NwYW4+PC9wPjxzcGFuIHN0eWxlPSJmb250
LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij48YnI+PC9zcGFuPjwvdGQ+CiAgICA8dGQgc3R5
bGU9IndpZHRoOiA1cHg7IGhlaWdodDogOTJweDsgdGV4dC1hbGlnbjogcmlnaHQ7IGJveC1zaXpp
bmc6IGJvcmRlci1ib3g7Ij4mbmJzcDs8L3RkPjwvdHI+CiAgICA8dHI+CiAgICA8dGQgc3R5bGU9
InBhZGRpbmc6IDVweCAwcHg7IHdpZHRoOiA0NzZweDsgaGVpZ2h0OiAyOXB4OyBib3gtc2l6aW5n
OiBib3JkZXItYm94OyI+CiAgICA8YSBzdHlsZT0iYmFja2dyb3VuZDogcmdiKDAsIDEwMywgMTg0
KTsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDdweDsgYm9yZGVyLXJhZGl1czogMnB4OyBib3JkZXI6
IDBweCBjdXJyZW50Q29sb3I7IHdpZHRoOiAxMDAlOyBjb2xvcjogd2hpdGU7IHZlcnRpY2FsLWFs
aWduOiBiYXNlbGluZTsiIGhyZWY9Imh0dHA6Ly92TUh3N3hlWUYuY2l0eXBldC5jb20udHIvXzo6
c3J1MnVUWGF1cGtXSkQ0YmVpZGJDUnNPMF9yZWZfTURZdVluQnlhR0Z1WldSaExtTnZMbWxrTDE4
d05pOGdNRFlqWTIwNWRtUkZRblZoZVRWcVdWRTlQUT09Ij5DbGljayBoZXJlIHRvIHVwZGF0ZSB5
b3VyIGFjY291bnQmZ3Q7Jmd0OzwvYT48L3RkPgogICAgPHRkIHN0eWxlPSJ3aWR0aDogNXB4OyBo
ZWlnaHQ6IDI5cHg7IHRleHQtYWxpZ246IHJpZ2h0OyBib3gtc2l6aW5nOiBib3JkZXItYm94OyI+
Jm5ic3A7PC90ZD48L3RyPjwvdGJvZHk+PC90YWJsZT48L2Rpdj4KICAgIDxkaXYgc3R5bGU9Im1h
cmdpbjogMHB4OyBwYWRkaW5nOiAwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgdmVydGlj
YWwtYWxpZ246IGJhc2VsaW5lOyI+Jm5ic3A7PC9kaXY+CiAgICA8ZGl2IHN0eWxlPSJtYXJnaW46
IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBweCBjdXJyZW50Q29sb3I7IHZlcnRpY2FsLWFs
aWduOiBiYXNlbGluZTsiPgogICAgPHA+PHNwYW4gc3R5bGU9Im1hcmdpbjogMHB4OyBwYWRkaW5n
OiAwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgZm9udC1mYW1pbHk6IGluaGVyaXQ7IGZv
bnQtc2l6ZTogMTRweDsgZm9udC13ZWlnaHQ6IDYwMDsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5l
OyBmb250LXN0cmV0Y2g6IGluaGVyaXQ7Ij5Ob3RlOjwvc3Bhbj4KICAgICZuYnNwOzxzcGFuIHN0
eWxlPSJtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBweCBjdXJyZW50Q29sb3I7
IGZvbnQtZmFtaWx5OiBpbmhlcml0OyBmb250LXNpemU6IDEycHg7IHZlcnRpY2FsLWFsaWduOiBi
YXNlbGluZTsgZm9udC1zdHJldGNoOiBpbmhlcml0OyI+CiAgICBUaGUgY29udGVudCBvZiB0aGlz
IGVtYWlsIGlzIGNvbmZpZGVudGlhbCBhbmQgaW50ZW5kZWQgZm9yIHRoZSByZWNpcGllbnQgc3Bl
Y2lmaWVkIGluIG1lc3NhZ2Ugb25seS4gSXQgaXMgc3RyaWN0bHkgZm9yYmlkZGVuIHRvIHNoYXJl
IGFueSBwYXJ0IG9mIHRoaXMgbWVzc2FnZSB3aXRoIGFueSB0aGlyZCBwYXJ0eSwgd2l0aG91dCBh
IHdyaXR0ZW4gY29uc2VudCBvZiB0aGUgc2VuZGVyLiBJZiB5b3UgcmVjZWl2ZWQgdGhpcyBtZXNz
YWdlIGJ5IG1pc3Rha2UsIHBsZWFzZSByZXBseSB0byB0aGlzIG1lc3NhZ2UgYW5kIGZvbGxvdyB3
aXRoIGl0cyBkZWxldGlvbiwgc28gdGhhdCB3ZSBjYW4gZW5zdXJlIHN1Y2ggYSBtaXN0YWtlIGRv
ZXMgbm90IG9jY3VyIGluIHRoZSBmdXR1cmUuPC9zcGFuPjwvcD48L2Rpdj48L2Rpdj48L3RkPjwv
dHI+PC90Ym9keT48L3RhYmxlPjwvYm9keT48L2h0bWw+
--===============5976475191921004144==--
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 07:35:02 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5otF-0001bn-Ov
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 07:34:57 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 07:34:57 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-yb1-f177.google.com ([209.85.219.177]:47017)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5oma-0000hI-B0
for root@mail.nl2k.ab.ca;
Mon, 27 Jun 2022 07:28:08 -0600
Received: by mail-yb1-f177.google.com with SMTP id l11so16683593ybu.13
for ; Mon, 27 Jun 2022 06:27:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=mime-version:reply-to:from:date:message-id:subject:to
:content-transfer-encoding;
bh=1n2Tbp2UoOeJaIEJWe8PzXOuqessPWxgs3TxofVd7zc=;
b=WRcA1g3BQl3+2379eY4P9pO5v7mijMeAI8gZnsiwBr98N4dDDy6ec9iV54m23VZoNx
NYyDsQ0TxNwBPs7hgiux+E1MnTIj7T0Gkxbt5cQ85W5lkhod5sQ3iJPutXRlfC266Awb
GgjWoUOXyaV+0Cnn9+zioLsIvHpEnTWpPTsVOm6bMvq3yzfjlCjOpzrOZLG2gGYKIxln
BxOIHCsaKnYuR7mhU3TcpC/xK2HCV7oNCWT8emyVxPnbAX7i46LqhuFjQc6eZfRnBCcT
izseK+psZnFxuztBAlkpXisbZvik2FNEGH632fuAF/9g2SayE5xaBYX+tE0n+qpA+pOR
Otsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:mime-version:reply-to:from:date:message-id
:subject:to:content-transfer-encoding;
bh=1n2Tbp2UoOeJaIEJWe8PzXOuqessPWxgs3TxofVd7zc=;
b=0xKJM0TvnyU7diwx5HuA80hVc7HjzE1AQ8eNUlwNWZ070GhWJYNWOnliMpN6fSiOFJ
EWCYgWqLO+EkWKe7UuEcHuBvLAYl2wxNjJ8ae/QcU98B+4jwt7N1kHRjGC911A6RnLZz
6LLegONJ+nVgEZ0RM38iU1O+qyc8u65NVAgPDkHmc/PyNfsxKxERILrBhbnAVtXmfNG3
mLo6p4SCtvkWotlG9dMk1KEyFwa9axl4mv4XqwHCevX6++uPiAHQeXv1CLUDNfNErIk1
RDsd5vOvGUfMCjUze6N3CcTlkYv+Qjynbb5d4/C1z4BqFYf1V++mfhVM5ZPOSPDm5EQo
7ohQ==
X-Gm-Message-State: AJIora9QzsDAyUnwouydOCY+82VDtQClSe/0CITS8LCaLEDxCfMP0IQk
npSCcyjsfkma1XjG5lod5EsfDyi37QbdvvU7eCQiQqwZqhZI8g==
X-Google-Smtp-Source: AGRyM1tevOSGmFdTJikQHUQUWnADsZjXROo8gIhRc2HSnIzib0ZxNsWhRLRgHNETv+5IOV8V+8HEz8SfSv/xr3inCRA=
X-Received: by 2002:a25:b94:0:b0:669:b56c:e7e6 with SMTP id
142-20020a250b94000000b00669b56ce7e6mr13994972ybl.194.1656336447698; Mon, 27
Jun 2022 06:27:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:7000:2c96:0:0:0:0 with HTTP; Mon, 27 Jun 2022 06:27:27
-0700 (PDT)
Reply-To: ubagroupbankingplc1@gmail.com
From: UNITED NATIONS
Date: Mon, 27 Jun 2022 06:27:27 -0700
Message-ID:
Subject: IMMEDIATE PAYMENT
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Bcc: root@mail.nl2k.ab.ca
X-Spam_score: 19.4
X-Spam_score_int: 194
X-Spam_bar: +++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: WORLD BANK ASSISTED PROGRAM DIRECTORATE OF INTERNATIONAL PAYMENT
AND TRANSFER. DEBT RECONCILIATION/AUDIT UNIT UNITED NATIONS HEADQUARTERS,
NEW YORK, NY 10017, USA YOU’RE REF: WB/NF/UN/028 UNITED NAT [...]
Content analysis details: (19.4 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 HK_RANDOM_REPLYTO Reply-To username looks random
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.219.177 listed in wl.mailspike.net]
-0.0 SPF_PASS SPF: sender matches SPF record
1.6 SUBJ_ALL_CAPS Subject is all capitals
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit
[ubagroupbankingplc1[at]gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[siliyamponsah[at]gmail.com]
2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
0.0 MILLION_HUNDRED BODY: Million "One to Nine" Hundred
1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 LOTS_OF_MONEY Huge... sums of money
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain
different freemails
2.2 UNDISC_FREEM Undisclosed recipients + freemail reply-to
2.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free
email?
0.5 XFER_LOTSA_MONEY Transfer a lot of money
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal
information
1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form
3.7 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money
2.0 UNDISC_MONEY Undisclosed recipients + money/fraud signs
0.0 FORM_FRAUD_5 Fill a form and many fraud phrases
Subject: {SPAM?} IMMEDIATE PAYMENT
WORLD BANK ASSISTED PROGRAM
DIRECTORATE OF INTERNATIONAL
PAYMENT AND TRANSFER.
DEBT RECONCILIATION/AUDIT UNIT
UNITED NATIONS HEADQUARTERS,
NEW YORK, NY 10017, USA
YOU=E2=80=99RE REF: WB/NF/UN/028 UNITED NATIONS.
FASN: OSB/629578/NIG/GFS63G
Dear Sir/Ma,
We're delighted to inform you that through the LEGAL intervention of
United Nations and World Bank delegates we have successfully secured
the release of your funds which you abandoned because of those corrupt
Government officials. We=E2=80=99re obligated to comply with both Domestic =
and
International Financial Laws, which requires us to verify your
identity prior to sending or receiving wire transfer to or from
nations. Please understand that this procedure is crucial for
preventing financing terrorism and organized crime throughout the
world. Today the Global Financial Stability Report, a quarterly
publication launched to review a regular assessment of global Pending
Foreign Payments, reviewed that your contract/Inherence fund
US$15,500.000.00 which was seized and confiscated on Tuesday, July 10,
2012 by the Global Illicit Financial Team as it was tagged suspicious
fund transfer was proven to be a legal fund, free from any illegal
business and civil, criminal, or financial crime.
In view to the verification process and survey in the Joint Annual
Meetings of the Boards of Governors of the United Nations, the World
Bank and other key International Financial Intelligence Agencies, it
has been showed that you have fully complied with the International
statutory provision for payment of Huge Funds under Article 102,
section 36, SS 1a-2b of the 2012 International Financial and Allied
Matters Act. Prior to this effect, an irrevocable fund transfer
authorization letter has been forwarded to the remitting bank "United
Bank for Africa" to commence with the fund transfer as appropriate to
you as the beneficiaries with Fund Allocation Approval Serial Number:
OSB/629578/NIG/GFS63G.
With all due respect Sir/Ma, we apologize for the inconveniences and
pains this delay might have caused you and note that your fund
US$15,500,000.00 {Fifteen Million Five Hundred Thousand Dollars} shall
be release to you. Kindly contact; United Bank for Africa Plc, Email:
{ ubagroupbankingplc1@gmail.com } with your Fund Allocation Approval
Serial Number: OSB/629578/NIG/GFS63G, as your fund transfer order has
been forward to their bank and you are only required to re-confirm the
following;
(1) Full Name:.....
(2) Contact Address:....
(3) Tel:... for verification reasons only. Any hesitation or
procrastination in following up as advised here might endanger the
transfer of your fund US$15,500,000.00 into your designated Bank
account within three Bank working days.
Thanks and congratulations.
Faithfully;
ANT=C3=93NIO GUTERRES
Secretary-General United Nation
Cc: Bertrand Badr=C3=A9,
Managing Director and World Bank Group Chief Financial Officer.
Cc: Mahmoud Mohieldin
Corporate Secretary and President's Special Envoy.
Cc: UN Debt Reconciliation Committee.
cc: Mr. Kennedy Uzoka
Group Managing Director and Chief Executive Officer,
United Bank for Africa Plc
Phone Number: +2348102473294
E_MAIL:ubagroupbankingplc1@gmail.com
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 06:43:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5o4V-000ACY-A8
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 06:42:31 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 06:42:31 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from a8-81.smtp-out.amazonses.com ([54.240.8.81]:43871)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from <01000181a504dd6e-4a036fd3-bc49-40d2-acdc-7504122d6bf8-000000@amazonses.com>)
id 1o5nM2-000CIz-IQ
for doctor@nk.ca;
Mon, 27 Jun 2022 05:56:40 -0600
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1656330968;
h=Subject:From:To:Reply-To:List-Unsubscribe:List-Unsubscribe-Post:List-Id:Feedback-ID:Message-ID:MIME-Version:Date:Content-Type;
bh=cW9jUGU03edE/Lbm1JGNS6wfZ6mli1DEfH+3p30jMoE=;
b=ctDUVMlxZq93P+vT8YMsznjRAuUFzo9mp9VF142ACXwAwCzPFRoVrlyNESKa7bjr
eFJwb4cT0/KI9nf90BvCEaM/QFt0oQMq2lyQxszn9sTWsIjchQdspxvy1UB3+mlC+xr
UwOZ+EKL9D1wde3O0wHroVtwEXf9YvtS6uyF/taY=
Subject: Session not expiring after password change via forgot link
From: Claire Samuel
To: "doctor@nk.ca"
Reply-To: Claire Samuel
List-Unsubscribe: ,
Subscriber-Uid:ey9677xbfhf21 - Unsubscribe request&body=Please unsubscribe
me!>
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Id: af726vv397a14
X-Report-Abuse: https://email.offensiveguards.io/latest/campaigns/mx001lfzwh6e2/report-abuse/af726vv397a14/ey9677xbfhf21
X-EBS: https://email.offensiveguards.io/latest/lists/block-address
Feedback-ID: 1.us-east-1.jUPIvFwI5WueMv7UjkxdV4UxLo/q5d3gibQe3k7gqaU=:AmazonSES
Message-ID: <01000181a504dd6e-4a036fd3-bc49-40d2-acdc-7504122d6bf8-000000@email.amazonses.com>
MIME-Version: 1.0
Date: Mon, 27 Jun 2022 11:56:08 +0000
Content-Type: multipart/alternative; boundary=PbL8ZI_d
X-SES-Outgoing: 2022.06.27-54.240.8.81
--PbL8ZI_d
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hello doctor,
Hope you are fine. As an=C2=A0independent security research=
er I have found
some bugs/vulnerabilities in your website.
Vulnerabilit=
y: Failure to invalidate session on forget password
I have observed that =
when we=C2=A0request=C2=A0a forgot password link it
updates the session i=
nstead of=C2=A0expiration. If an account=C2=A0is
logged=C2=A0in some acco=
unt and the password reset link=C2=A0is used=C2=A0the
other account will =
get updated but not expired.
Steps to reproduce:
1. Request a forgot pa=
ssword link.
2. Now login in another browser and then use the password re=
set link
in another browser.
3. You will notice that the password=C2=
=A0will be changed=C2=A0successfully
and the other browser will still be =
active with the account you opened
in it.
Impact:
If some account=
=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will not
be=C2=A0log=
ged out from that browser and=C2=A0will be logged=C2=A0in and=C2=A0can
be=
=C2=A0used for malicious activities.
Recommendations:
It should expire =
immediately when the password=C2=A0is changed.
Regards.
--PbL8ZI_d
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
=09Session not expiring after password change via forgot link
>
Hello doctor,
Hope you are fine. As an=C2=A0independent security researcher I have found =
some bugs/vulnerabilities in your website.
Vulnerability: Failure to invalidate session on forget password
I have observed that when we=C2=A0request=C2=A0a forgot password link it up=
dates the session instead of=C2=A0expiration. If an account=C2=A0is logged=
=C2=A0in some account and the password reset link=C2=A0is used=C2=A0the oth=
er account will get updated but not expired.
Steps to reproduce:
1. Request a forgot password link.
2. Now login in another browser and then use the password reset link in ano=
ther browser.
3. You will notice that the password=C2=A0will be changed=C2=A0successfully=
and the other browser will still be active with the account you opened in =
it.
Impact:
If some account=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will no=
t be=C2=A0logged out from that browser and=C2=A0will be logged=C2=A0in and=
=C2=A0can be=C2=A0used for malicious activities.
Recommendations:
It should expire immediately when the password=C2=A0is changed.
Regards.
1070 S Elmhu=
rst Rd
Mt Prospect Delaware 60056
United States
, =
https://email.offensiveguards.io/latest/lists/af726vv397a14/unsubscribe/ey9=
677xbfhf21/mx001lfzwh6e2" />
--PbL8ZI_d--
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 06:44:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5o5Q-000AIM-K2
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 06:43:28 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 06:43:28 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from wrqvxbss.outbound-mail.sendgrid.net ([149.72.171.102]:18748)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5ngU-000Jfw-2o
for doctor@nl2k.ab.ca;
Mon, 27 Jun 2022 06:17:47 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sendgrid.net;
h=content-type:from:mime-version:subject:reply-to:to:list-unsubscribe;
s=smtpapi; bh=g0WlowMpMFBsgBoG9fuD58aA9QPtzI4W+wLI3plBONk=;
b=FkEM8sRyEZL/ap6+juxdG8RER3Ov8+XSWeJpRqVkZZTizjKXTdsHIyFoJyMWxDRD7pCh
sDF6sSg/1J2SqyfRHqVNRTj8Lmk62xRc15miNHyUue9yhrgojwqb5U/5zfJMpvSLq6t+P5
4Sr310qBlhOvkl4eCDi0Q0DI5O2VnIasc=
Received: by filterdrecv-7b77c45746-d972d with SMTP id filterdrecv-7b77c45746-d972d-1-62B99FCB-28
2022-06-27 12:17:15.274465218 +0000 UTC m=+1623257.217864494
Received: from MjcwNDcwMDY (unknown)
by geopod-ismtpd-4-1 (SG) with HTTP
id mzPT7tDtT5el5-E8d6ywVA
Mon, 27 Jun 2022 12:17:15.145 +0000 (UTC)
Content-Type: multipart/alternative; boundary=df69c009a443ce55dc2da6bd199fbfc6914cd664b8122fb2516038860a70
Date: Mon, 27 Jun 2022 12:17:16 +0000 (UTC)
From: TD Business Banking
Mime-Version: 1.0
Message-ID:
Subject: Password Policy Update
Reply-To: td.com@torontomail.com
X-SG-EID:
=?us-ascii?Q?yhZWgKvlK15pBWdPnhzXfXQeMKv42bE=2FsOJaXvY9znl=2FmuY8xCqWcHnpYjEUa8?=
=?us-ascii?Q?fgELVLuJmwN4SdsTHbZzC9HFh9CMGPBV2K8BVmw?=
=?us-ascii?Q?IAa3BA9CZXPTaKggIuWDdT+7Nw0aLlFBq7HRLOn?=
=?us-ascii?Q?TdMk+4rd3hxDNibSnXiCcr57xl6zPOHJp7fxojo?=
=?us-ascii?Q?1lAxXX2c28Of6e6c+p2F=2FU3TN=2FQNK=2FW79NUiINI?=
=?us-ascii?Q?vCx2tIpvxymXMi4U49lXpYXcFyZGPIeeCXdhxrD?=
=?us-ascii?Q?DsOqdHLTot3gXJyXwG8FQ=3D=3D?=
X-SG-ID:
=?us-ascii?Q?se=2F49CGmbS0sfR97ImeXvDoOrI1ra2UfBi=2FYp+tM4sZNnFcdeo8cVPRMz3vfJ1?=
=?us-ascii?Q?B4lB8ss1VLTXJ6ibLPDs95VBUlMzbRCfT5eXVrQ?=
=?us-ascii?Q?W0=2FHUF6MdagXFaBFayL3LnrJH7TJwHIuZHtzsNd?=
=?us-ascii?Q?0=2FEGlhS66qLjjIoFv4pBk+8lQStUafBKEFSpQdX?=
=?us-ascii?Q?Jfc+kobNWH1U2BVIYJoX37tUHLoSHcfborxTj1g?=
=?us-ascii?Q?ZloEC6yhq+qdAv4xt53hmvM=2FJQDKv=2FPEX3D2Jfm?=
=?us-ascii?Q?uVeFzaVMgmwvzB1RLsGfqySa2hineVLW4UQ9=2FFP?=
=?us-ascii?Q?Ra5FOFdNFE8=2Fxs7fPyTqzuZY8AaGIL7wfY4Gtfs?=
=?us-ascii?Q?9NmFDffhtQE1czNvTJi05RabqIYrDT5oHNetPzH?=
=?us-ascii?Q?exQO+JWZIOSfT2KnWO0P0aFDfM6tJvXINP8Y7YM?=
=?us-ascii?Q?vMKHSM31A2qeoNIIz1FjXUDxllPKRWYUFLARPZf?=
=?us-ascii?Q?4C1l5KeyXVQbzC7cUZswfY36CK0RZ8DHVsv1oVH?=
=?us-ascii?Q?M2P4O1P5i55Mn9IbjKPlvmRwv8WiQdHJ8r0WoWc?=
=?us-ascii?Q?1r338+AqyoMEZXFZwleQZ04YZa5NsXdDzuFHKWG?=
=?us-ascii?Q?NImx=2F+ZCBi8Dy8WdBISrk7JGZNrYQ8laOp5z1oI?=
=?us-ascii?Q?D31jCNJTJlExGvpkz6r=2F3EideVMLtdnnAggHY+O?=
=?us-ascii?Q?TZ5RDej+XSQ905Q=3D=3D?=
To: doctor@nl2k.ab.ca
X-Entity-ID: RRdFgQvbMlG3bLFCcTwTkA==
List-Unsubscribe:
=?us-ascii?Q?=3Cmailto=3Aunsubscribe=40sendgrid=2Enet=3Fsubject=3Dhttps=3A=2F=2Fu27047006=2Ect=2E?=
=?us-ascii?Q?sendgrid=2Enet=2Fwf=2Funsubscribe*q*upn=3DyhyZF?=
=?us-ascii?Q?x0VqEyf8mUp3GgHMPstewA3N-2B-2BgCWrOdRjN?=
=?us-ascii?Q?0FEmAVitFDe-2BViSO-2BTZU7jTBHwlTHJs6G1q?=
=?us-ascii?Q?WdE7pGi4asRNBzriJwQncSa3LVQ2aMxk9Ah3J-2?=
=?us-ascii?Q?BXBuH4Dtepgbj8W94fpeQ5WFMgsWMhBup6AV4Pi?=
=?us-ascii?Q?FBaUpddtzFaCSIRGSO9g5bFh0bwXrzQZKQu8ZiP?=
=?us-ascii?Q?rFXxYrZ7fMvE6ZUbAnCHIw29ayAYz6twuz6umaC?=
=?us-ascii?Q?VuIy-2Bu6tfLWP-2FA6HS8WHlsV8po0JVml-2B-?=
=?us-ascii?Q?2F6g5e-2F5HE3ZA-2BRc2yRQusDR40Ww8WCso07?=
=?us-ascii?Q?Q1lWokO99tcwmXBKsrSmoqUttEaK0zRGQJ1SFMn?=
=?us-ascii?Q?5CLK-2B7Hf0VnivjTc4OoVUGx68uy7vYck1-2FI?=
=?us-ascii?Q?-2FRRG8NaeS8b-2BwChsEenOUmTba66WZqGkgpk?=
=?us-ascii?Q?MIRCGXsi-2FEmbnZdsp6GkYgHjNKJ8rcgd33cBi?=
=?us-ascii?Q?X6vARoWdmFKu9p0IP2ImrNi-2BDAQMJLtejxqM6?=
=?us-ascii?Q?xZHc5dI-2F41scxWwy-2BPWHKKhl4pDMpJEGPSY?=
=?us-ascii?Q?fUyT6GNdEaCCdo01d9ZwPbHnLPn4g-2F-2FXztU?=
=?us-ascii?Q?oeuYuIdZIJ-2F-2F7-2F-2BGkKovaOZHJB9-2Fm?=
=?us-ascii?Q?NcwEfMVbOCc0i-2FR8RVpjSE0inXMTYz3GfUc3a?=
=?us-ascii?Q?7mPOIT-2FbiLvjyPR2yCRndkoRQZ6P32Z8q4f-2?=
=?us-ascii?Q?BgiwWacOKgPUBBpxS6e9DnJf1uBuAtXtrW6UZpa?=
=?us-ascii?Q?2C-2By25yTMT-2FjjylIT7WDQme0s-2FFuozcC8?=
=?us-ascii?Q?ND-2FDsLVgqt2GS7PALVKIXQPiZUA5TIXjVB3L5?=
=?us-ascii?Q?-2B5LG2-2BiEOAiEgB9YCRxMZS7RF9ur-2FF8Kk?=
=?us-ascii?Q?V1AhEzVtSYJcmE5uWZ3t3P-2FyrnylXVoKrzYQl?=
=?us-ascii?Q?jmeTd7QaqRUqHO6TaZ-2BzsxlLzw-3D-3D=3E?=
--df69c009a443ce55dc2da6bd199fbfc6914cd664b8122fb2516038860a70
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=iso-8859-1
Mime-Version: 1.0
Dear Valued Customer,
The=A0password for your business=A0banking account=A0is set to expire soon.=
This is as a result of an update to our password policy rules.
Passwords have to be a minimum of 8 characters long and last for 180 days, =
and users cannot change them for 5 days, counted from the day they set the =
password.
Maintain current Password ( https://snip.ly/q2btad )
Use the button above to=A0maintain the password for your account. See our u=
pdated Terms and Privacy Policy. ( https://snip.ly/q2btad )
Do not ignore this email to avoid login interruption.
This is an automatically generated email for doctor@nl2k.ab.ca and reply =
is not required.
Thanks and Regards,
The Customer Feedback,
Toronto-Dominion Centre,
P.O. Box 193,
Toronto, ON M5K 1H6.
--df69c009a443ce55dc2da6bd199fbfc6914cd664b8122fb2516038860a70
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=us-ascii
Mime-Version: 1.0
; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT=
: 400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LET=
TER-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font=
-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thic=
kness: initial; text-decoration-style: initial; text-decoration-color: init=
ial">
ial Banking" src=3D"http://cdn.mcauto-images-production.sendgrid.net/727a93=
3e8880c8cd/59b6be4d-7f54-4357-b60a-0b7fc35bacc8/304x60.gif" width=3D305 hei=
ght=3D60>
WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: =
400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTE=
R-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickn=
ess: initial; text-decoration-style: initial; text-decoration-color: initia=
l">
0); TEXT-ALIGN: justify">
WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: =
400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTE=
R-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickn=
ess: initial; text-decoration-style: initial; text-decoration-color: initia=
l">
0); TEXT-ALIGN: justify">Dear Valued Customer,
WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: =
400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTE=
R-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickn=
ess: initial; text-decoration-style: initial; text-decoration-color: initia=
l">
XT-ALIGN: justify">The password for your business banking account=
is set to expire soon. This is as a result of an update to our passwo=
rd policy rules.
XT-ALIGN: justify">Passwords have to be a minimum of 8 characters long and =
last for 180 days, and users cannot change them for 5 days, counted from th=
e day they set the password.
WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: =
400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTE=
R-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickn=
ess: initial; text-decoration-style: initial; text-decoration-color: initia=
l">
T-FAMILY: sans-serif; BORDER-COLLAPSE: collapse; TABLE-LAYOUT: auto; COLOR:=
rgb(0,0,0); TEXT-ALIGN: justify; BORDER-SPACING: 0px; MARGIN: 0px" cellSpa=
cing=3D0 cellPadding=3D0 align=3Dleft border=3D0>
; BACKGROUND: rgb(34,34,34); TEXT-ALIGN: center; MARGIN: 0px; border-radius=
: 3px">
xubZkK0PyIVapR11GqDkG98ClQhIOvvJce0-3DTQs7_EjU-2BRb4-2FGPO3PNlJPYwJDFRIfDNk=
3Pi2UPBowZvfZqhx6gNVUujL-2B5qkX6WlQsmm3YV5euJTSONxDBBOWEfUHi1hM10jbWsIK29dz=
n97BC1nHnuONuQ8FP5wA1B8HGjD-2BCGxdEL6HpsFM3xcIFXfwm02Gjr6ZSeNWEhIYrW2iTlDs7=
CAEHHVbWVKsXjKF3FU7Tih6-2BZVBVm5azAodBI-2FA6A0Uxg-2Btpjzo2WCUXOOQNh7tSUyz1I=
EqFj1oecoM8Tz5fgRYKJLmR-2FdKpRPXYJQzR8povUIS3nJKwOtA8apQP6-2B2RRirl8ZxJm17m=
NQQyzrB6pTHOXULXW0gnFAiEZHQUfI0wo5PaHPg26zNVkaSbSfs0RXtA5Ex-2FDQAdyvdG8h-2F=
1Xnum9ATQopt4lxF8I8iPbFmFRiW-2BRoMqa9rZLKdrcdmnbuIG6OU2HFYWGkjoL10BuN7MXchC=
IT6ARyXfpsBLDts6mjeF5NBXgeRRnhDt6cpaVM0cAgQELuWi7Cv9GVT6MbVbeaUJOt6s6ZSD-2B=
b4QkfYrZbC3zdsoZCtbnlH2085f3Asw-2FCGV6m6GU-2FzUhMvM5-2BmAmIO2eO-2FHSTXKIrrn=
uMNnTf97TSoS1P8R4-2BAtA2MO-2Fqsi6AVgbtKpZOjcsITbCLT74opdN7Z02R8bfhCzYEvsVNK=
IGf5-2FYn6Zuk8zDeU6V-2FF1mbifoO8Iu5dCvmPj01PwMc6sYiI9R3iVp5HyTl8hgWrs6Q6w4-=
2By5JRl0dTMN76t-2BQ2Ez4kvs9R-2F6pwARaVT43iiZ45QDwVtNfICW6H-2BLEJRsQNouSIsY5=
7pNfML2FkUQZiGNBNtYtioNNlPVx3JkmaY2A8eiWpEMYIpQ-3D-3D" style=3D"text-decora=
tion:none; FONT-SIZE: 13px; BORDER-TOP: rgb(45,92,61) 15px solid; FONT-FAMI=
LY: sans-serif; BORDER-RIGHT: rgb(45,92,61) 15px solid; BACKGROUND: rgb(45,=
92,61); BORDER-BOTTOM: rgb(45,92,61) 15px solid; FONT-WEIGHT: bold; BORDER-=
LEFT: rgb(45,92,61) 15px solid; DISPLAY: block; LINE-HEIGHT: 1.1; border-ra=
dius: 3px">Maintain current Password <=
/TR>
COLOR: rgb(0,0,0); TEXT-ALIGN: justify">
WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: =
400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTE=
R-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickn=
ess: initial; text-decoration-style: initial; text-decoration-color: initia=
l">
WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: =
400; COLOR: rgb(34,34,34); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTE=
R-SPACING: normal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-v=
ariant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickn=
ess: initial; text-decoration-style: initial; text-decoration-color: initia=
l">
XT-ALIGN: justify">Use the button above to maintain the password for y=
our account. See our updated
=3D"https://u27047006.ct.sendgrid.net/ls/click?upn=3DdBo5W9xAxubZkK0PyIVapR=
11GqDkG98ClQhIOvvJce0-3DUxZu_EjU-2BRb4-2FGPO3PNlJPYwJDFRIfDNk3Pi2UPBowZvfZq=
hx6gNVUujL-2B5qkX6WlQsmm3YV5euJTSONxDBBOWEfUHi1hM10jbWsIK29dzn97BC1nHnuONuQ=
8FP5wA1B8HGjD-2BCGxdEL6HpsFM3xcIFXfwm02Gjr6ZSeNWEhIYrW2iTlDs7CAEHHVbWVKsXjK=
F3FU7Tih6-2BZVBVm5azAodBI-2FA6A0Uxg-2Btpjzo2WCUXOOQNh7tSUyz1IEqFj1oecoM8Tz5=
fgRYKJLmR-2FdKpRPXYJQzR8povUIS3nJKwOtA8apQP6-2B2RRirl8ZxJm17mNQQyzrB6pTHOXU=
LXW0gnFAiEZHQUfI0wo5PaHPg26zNVkaSbSfs0RXtA5Ex-2FDQAdyvdG8h-2F1Xnum9ATQopt4l=
xF8I8iPbFmFRiW-2BRoMqa9rZLKdrcdmnbuIG6OU2HFYWGkjoL10BuN7MXchCIT6ARyXfpsBLDt=
s6mjeF5NBXgeRRnhDt6cpaVM0cAgQELuWi7Cv9GVT6MbVbeaUJOt6s6ZSD-2Bb4QkfYrZbC3zds=
oZCtbnlH2085f3Asw-2FCGV6m6GU-2FzUhMvM5-2BmAmIO2eO-2FHSTXKIrrnuMNnTf97TSoS1P=
8R4-2BAtA2MO-2Fqsi6AVgbtKpZOjcsITbCLT74opdN7Z02R8bfhCzYEvsVNKIGf5-2FYn6Zuk8=
zB-2FgP9xmUeVmRZ-2Blj4IvhtitjB7s92nRM4wCYQjySqEhQ3hh9N-2FyG1-2FXQLfQCfE-2Bn=
2AVNAvEDbMmeEROx7y-2FD1ASPAIAxMZz8bf-2FN2DeZ-2B5y5qn7riESIXmk2McporZSwN4nlr=
fIrcuL4rJo-2BsKNr3Je7lmLYBC3KGjM0K-2Boi0xOg-3D-3D">Terms and Privacy Policy=
.
TEXT-ALIGN: justify">Do not ignore this email to avoid login interruption.<=
/I>
-ALIGN: justify">
-ALIGN: justify">
-ALIGN: justify">
-STYLE: normal">This is an automatically generated email for
TRONG style=3D"FONT-SIZE: 13px; COLOR: rgb(85,85,85); FONT-STYLE: normal">d=
octor@nl2k.ab.ca
5); FONT-STYLE: normal"> and reply is not required.
V>
-ALIGN: justify">
-STYLE: normal">
-ALIGN: justify">
Thanks and Regards,
The Customer Feedback,
R>Toronto-Dominion Centre, P.O. Box 193, Toronto, ON M5K 1H6.
>
yZFx0VqEyf8mUp3GgHMPstewA3N-2B-2BgCWrOdRjN0FEmAVitFDe-2BViSO-2BTZU7jTBHwlTH=
Js6G1qWdE7pGi4asRNBzriJwQncSa3LVQ2aMxk9Ah3J-2BXBuH4Dtepgbj8W94fpeQ5WFMgsWMh=
Bup6AV4PiFBaUpddtzFaCSIRGSO9g5bFh0bwXrzQZKQu8ZiPrFXxYrZ7fMvE6ZUbAnCHIw29ayA=
Yz6twuz6umaCVuIy-2Bu6tfLWP-2FA6HS8WHlsV8po0JVml-2B-2F6g5e-2F5HE3ZA-2BRc2yRQ=
usDR40Ww8WCso07Q1lWokO99tcwmXBKsrSmoqUttEaK0zRGQJ1SFMn5CLK-2B7Hf0VnivjTc4Oo=
VUGx68uy7vYck1-2FI-2FRRG8NaeS8b-2BwChsEenOUmTba66WZqGkgpkMIRCGXsi-2FEmbnZds=
p6GkYgHjNKJ8rcgd33cBiX6vARoWdmFKu9p0IP2ImrNi-2BDAQMJLtejxqM6xZHc5dI-2F41scx=
Wwy-2BPWHKKhl4pDMpJEGPSYfUyT6GNdEaCCdo01d9ZwPbHnLPn4g-2F-2FXztUoeuYuIdZIJ-2=
F-2F7-2F-2BGkKovaOZHJB9-2FmNcwEfMVbOCc0i-2FR8RVpjSE0inXMTYz3GfUc3a7mPOIT-2F=
biLvjyPR2yCRndkoRQZ6P32Z8q4f-2BgiwWacOKgPUBBpxS6e9DnJf1uBuAtXtrXLD4RJpZBVIx=
cLvtXbI0BnWtR3rfSiU5skEbOsTCcZyTCtfZQ2eJNHuOlI-2FzUieEQe3DuyXSh5oUqq7W8VTdv=
1ptoOjlFcbM-2BLEKcYgCkpp0Awzf-2FAeEvIPbi6amBQjdvaw9g08XjYEbSQCuQ7gVgjscySIi=
9FuhsMhZr5a7-2F0ig-3D-3D" alt=3D"" width=3D"1" height=3D"1" border=3D"0" st=
yle=3D"height:1px !important;width:1px !important;border-width:0 !important=
;margin-top:0 !important;margin-bottom:0 !important;margin-right:0 !importa=
nt;margin-left:0 !important;padding-top:0 !important;padding-bottom:0 !impo=
rtant;padding-right:0 !important;padding-left:0 !important;"/>
--df69c009a443ce55dc2da6bd199fbfc6914cd664b8122fb2516038860a70--
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 06:43:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5o4V-000ACY-A8
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 06:42:31 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 06:42:31 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from a8-81.smtp-out.amazonses.com ([54.240.8.81]:43871)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from <01000181a504dd6e-4a036fd3-bc49-40d2-acdc-7504122d6bf8-000000@amazonses.com>)
id 1o5nM2-000CIz-IQ
for doctor@nk.ca;
Mon, 27 Jun 2022 05:56:40 -0600
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1656330968;
h=Subject:From:To:Reply-To:List-Unsubscribe:List-Unsubscribe-Post:List-Id:Feedback-ID:Message-ID:MIME-Version:Date:Content-Type;
bh=cW9jUGU03edE/Lbm1JGNS6wfZ6mli1DEfH+3p30jMoE=;
b=ctDUVMlxZq93P+vT8YMsznjRAuUFzo9mp9VF142ACXwAwCzPFRoVrlyNESKa7bjr
eFJwb4cT0/KI9nf90BvCEaM/QFt0oQMq2lyQxszn9sTWsIjchQdspxvy1UB3+mlC+xr
UwOZ+EKL9D1wde3O0wHroVtwEXf9YvtS6uyF/taY=
Subject: Session not expiring after password change via forgot link
From: Claire Samuel
To: "doctor@nk.ca"
Reply-To: Claire Samuel
List-Unsubscribe: ,
Subscriber-Uid:ey9677xbfhf21 - Unsubscribe request&body=Please unsubscribe
me!>
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Id: af726vv397a14
X-Report-Abuse: https://email.offensiveguards.io/latest/campaigns/mx001lfzwh6e2/report-abuse/af726vv397a14/ey9677xbfhf21
X-EBS: https://email.offensiveguards.io/latest/lists/block-address
Feedback-ID: 1.us-east-1.jUPIvFwI5WueMv7UjkxdV4UxLo/q5d3gibQe3k7gqaU=:AmazonSES
Message-ID: <01000181a504dd6e-4a036fd3-bc49-40d2-acdc-7504122d6bf8-000000@email.amazonses.com>
MIME-Version: 1.0
Date: Mon, 27 Jun 2022 11:56:08 +0000
Content-Type: multipart/alternative; boundary=PbL8ZI_d
X-SES-Outgoing: 2022.06.27-54.240.8.81
--PbL8ZI_d
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hello doctor,
Hope you are fine. As an=C2=A0independent security research=
er I have found
some bugs/vulnerabilities in your website.
Vulnerabilit=
y: Failure to invalidate session on forget password
I have observed that =
when we=C2=A0request=C2=A0a forgot password link it
updates the session i=
nstead of=C2=A0expiration. If an account=C2=A0is
logged=C2=A0in some acco=
unt and the password reset link=C2=A0is used=C2=A0the
other account will =
get updated but not expired.
Steps to reproduce:
1. Request a forgot pa=
ssword link.
2. Now login in another browser and then use the password re=
set link
in another browser.
3. You will notice that the password=C2=
=A0will be changed=C2=A0successfully
and the other browser will still be =
active with the account you opened
in it.
Impact:
If some account=
=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will not
be=C2=A0log=
ged out from that browser and=C2=A0will be logged=C2=A0in and=C2=A0can
be=
=C2=A0used for malicious activities.
Recommendations:
It should expire =
immediately when the password=C2=A0is changed.
Regards.
--PbL8ZI_d
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
=09Session not expiring after password change via forgot link
>
Hello doctor,
Hope you are fine. As an=C2=A0independent security researcher I have found =
some bugs/vulnerabilities in your website.
Vulnerability: Failure to invalidate session on forget password
I have observed that when we=C2=A0request=C2=A0a forgot password link it up=
dates the session instead of=C2=A0expiration. If an account=C2=A0is logged=
=C2=A0in some account and the password reset link=C2=A0is used=C2=A0the oth=
er account will get updated but not expired.
Steps to reproduce:
1. Request a forgot password link.
2. Now login in another browser and then use the password reset link in ano=
ther browser.
3. You will notice that the password=C2=A0will be changed=C2=A0successfully=
and the other browser will still be active with the account you opened in =
it.
Impact:
If some account=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will no=
t be=C2=A0logged out from that browser and=C2=A0will be logged=C2=A0in and=
=C2=A0can be=C2=A0used for malicious activities.
Recommendations:
It should expire immediately when the password=C2=A0is changed.
Regards.
1070 S Elmhu=
rst Rd
Mt Prospect Delaware 60056
United States
, =
https://email.offensiveguards.io/latest/lists/af726vv397a14/unsubscribe/ey9=
677xbfhf21/mx001lfzwh6e2" />
--PbL8ZI_d--
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 06:43:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5o4N-000ABr-0f
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 06:42:23 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 06:42:22 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from a8-97.smtp-out.amazonses.com ([54.240.8.97]:51827)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from <01000181a504c74d-88bdf770-e679-48f6-b08a-9020da8e1786-000000@amazonses.com>)
id 1o5nLw-000CGs-Pi
for root@nk.ca;
Mon, 27 Jun 2022 05:56:33 -0600
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1656330962;
h=Subject:From:To:Reply-To:List-Unsubscribe:List-Unsubscribe-Post:List-Id:Feedback-ID:Message-ID:MIME-Version:Date:Content-Type;
bh=sJMaHM0gOhug46EjZsCveztYT9jxYpwc/9e9nMnkX4g=;
b=TLv83h3t+66wZmrZTDdV/Fg/YR89m3YZ2GSDeet41duJ55UWMF4C3pBsFWXLjBiR
Es3Nj3TTgQ5lOWCnzvCpAoFt66vXMabZfAQLCVGk4ENlUfR0l4nlQnG1FtfgVOKYbM8
YdHUWCvbuol3bmD77zLdnKO1+jy/b2i8J5hVbQOA=
Subject: Vulnerability - Failure to invalidate session on forget password
link
From: Claire Samuel
To: "root@nk.ca"
Reply-To: Claire Samuel
List-Unsubscribe: ,
Subscriber-Uid:hv0557rmh80d6 - Unsubscribe request&body=Please unsubscribe
me!>
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Id: af726vv397a14
X-Report-Abuse: https://email.offensiveguards.io/latest/campaigns/mx001lfzwh6e2/report-abuse/af726vv397a14/hv0557rmh80d6
X-EBS: https://email.offensiveguards.io/latest/lists/block-address
Feedback-ID: 1.us-east-1.jUPIvFwI5WueMv7UjkxdV4UxLo/q5d3gibQe3k7gqaU=:AmazonSES
Message-ID: <01000181a504c74d-88bdf770-e679-48f6-b08a-9020da8e1786-000000@email.amazonses.com>
MIME-Version: 1.0
Date: Mon, 27 Jun 2022 11:56:02 +0000
Content-Type: multipart/alternative; boundary=2nIPpntA
X-SES-Outgoing: 2022.06.27-54.240.8.97
--2nIPpntA
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hello root,
Hope you are fine. As an=C2=A0independent security researcher=
I have found
some bugs/vulnerabilities in your website.
Vulnerability:=
Failure to invalidate session on forget password
I have observed that wh=
en we=C2=A0request=C2=A0a forgot password link it
updates the session ins=
tead of=C2=A0expiration. If an account=C2=A0is
logged=C2=A0in some accoun=
t and the password reset link=C2=A0is used=C2=A0the
other account will ge=
t updated but not expired.
Steps to reproduce:
1. Request a forgot pass=
word link.
2. Now login in another browser and then use the password rese=
t link
in another browser.
3. You will notice that the password=C2=
=A0will be changed=C2=A0successfully
and the other browser will still be =
active with the account you opened
in it.
Impact:
If some account=
=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will not
be=C2=A0log=
ged out from that browser and=C2=A0will be logged=C2=A0in and=C2=A0can
be=
=C2=A0used for malicious activities.
Recommendations:
It should expire =
immediately when the password=C2=A0is changed.
Regards.
--2nIPpntA
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
=09 Vulnerability - Failure to invalidate session on forget password=
link
Hello root,
Hope you are fine. As an=C2=A0independent security researcher I have found =
some bugs/vulnerabilities in your website.
Vulnerability: Failure to invalidate session on forget password
I have observed that when we=C2=A0request=C2=A0a forgot password link it up=
dates the session instead of=C2=A0expiration. If an account=C2=A0is logged=
=C2=A0in some account and the password reset link=C2=A0is used=C2=A0the oth=
er account will get updated but not expired.
Steps to reproduce:
1. Request a forgot password link.
2. Now login in another browser and then use the password reset link in ano=
ther browser.
3. You will notice that the password=C2=A0will be changed=C2=A0successfully=
and the other browser will still be active with the account you opened in =
it.
Impact:
If some account=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will no=
t be=C2=A0logged out from that browser and=C2=A0will be logged=C2=A0in and=
=C2=A0can be=C2=A0used for malicious activities.
Recommendations:
It should expire immediately when the password=C2=A0is changed.
Regards.
1070 S Elmhu=
rst Rd
Mt Prospect Delaware 60056
United States
, =
https://email.offensiveguards.io/latest/lists/af726vv397a14/unsubscribe/hv0=
557rmh80d6/mx001lfzwh6e2" />
--2nIPpntA--
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 27 Jun 2022 06:42:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5o3d-000A7l-8J
for dave@doctor.nl2k.ab.ca;
Mon, 27 Jun 2022 06:41:37 -0600
Resent-From: The Doctor
Resent-Date: Mon, 27 Jun 2022 06:41:37 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from wfbtbkkd.outbound-mail.sendgrid.net ([159.183.177.29]:28752)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from )
id 1o5mYe-0008Kb-Ia
for root@nk.ca;
Mon, 27 Jun 2022 05:05:39 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=newlaurakitchen22.com;
h=content-type:mime-version:from:subject:to;
s=s1; bh=ywG3+ve/g8FCg3hJiQx9Mgs9xYHSnulWeVyWIrFMHL8=;
b=kQn+glXErovR6Kujaisd9lmyfnaMccSoTJS44/EWQUe0u5vwjcm+iH0lgHc0ruxL/kIv
zS/XxARewVxVT8fK3Ii9BI95TkqhTWrcEenYJSRRZfm1GzwcC5nsEeuIGHT7rWq8VgCHte
sJHmlG/fulkJrYfYQ6wgjdEqFXaSsdckPuhXyuqS9VjvYt3rTHrStwQaF+4ApbE/esp4oj
fznOhvuTO2PISpg0persnEKahOQpVTvdSM3RyB4KRFaOhKRbkroo0nIZ3Sc6n85IlsDE3a
kSIqboyLaZ9tyy8zqSShEf/wwPcYAERdbrfp4zWK5jgc52QwDJsq4D3M8xA7FYOA==
Received: by filterdrecv-667c84fc7-vh4kj with SMTP id filterdrecv-667c84fc7-vh4kj-1-62B98EE6-6
2022-06-27 11:05:10.022086255 +0000 UTC m=+1618477.811879739
Received: from [172.17.0.4] (unknown)
by geopod-ismtpd-4-6 (SG) with ESMTP
id CaosyXcDTEKEzsFkC0p5eA
for ;
Mon, 27 Jun 2022 11:05:09.976 +0000 (UTC)
Content-Type: multipart/related; boundary="===============7451406344786898446=="
MIME-Version: 1.0
From: noreply-N55uZFG6PQU1VpC@em7717.newlaurakitchen22.com
Subject: Nk Urgent Deactivation alert
X-Priority: 2
Message-ID:
Date: Mon, 27 Jun 2022 11:05:10 +0000 (UTC)
X-SG-EID:
=?us-ascii?Q?lT58ugLK=2FeEakYOTzexAmRxiSeMkB2+NEEE4vPNX=2FF8rxMidqMHGWRRkgunDxw?=
=?us-ascii?Q?IToFwfhgm7C+8pMwWKylPPYeolYSv2OvgVpDPxH?=
=?us-ascii?Q?knZHB5RmNNoTpoNT1SwcQqXxU1A9aF2qNvxMlwP?=
=?us-ascii?Q?TWQrGhbyvs+qaCEP8555Y9HiijKG8Va0fUbG7fr?=
=?us-ascii?Q?Wzckq1RguN1jk=2FHnpU1MhCkBxLtqX7oAkI5LSky?=
=?us-ascii?Q?NmTWB2jFUXiBaB7xmn4NJJElB1ItOmMOoY3wB4?=
To: root@nk.ca
X-Entity-ID: dFS1WKN9/TYVa6CBz9GjHA==
X-Spam_score: 5.2
X-Spam_score_int: 52
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: We have identified data security issues concerning your account
root@nk.ca So, we advise that all accounts be authenticated. You are required
to verify your account immediately or we will be
Content analysis details: (5.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[159.183.177.29 listed in wl.mailspike.net]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or
identical to background
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 MIME_BASE64_TEXT RAW: Message text disguised using base64
encoding
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.0 T_SCC_BODY_TEXT_LINE No description available.
1.5 FROM_FMBLA_NEWDOM From domain was registered in last 7 days
1.0 ACCT_PHISHING Possible phishing for account information
1.0 XPRIO Has X-Priority header
0.9 URI_PHISH Phishing using web form
Subject: {SPAM?} Nk Urgent Deactivation alert
--===============7451406344786898446==
Content-Type: text/html; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: base64
PGh0bWw+PGhlYWQ+CiAgICA8bWV0YSBuYW1lPSJHRU5FUkFUT1IiIGNvbnRlbnQ9Ik1TSFRNTCAx
MS4wMC4xMDU3MC4xMDAxIj4KICAgIDxtZXRhIGh0dHAtZXF1aXY9IlgtVUEtQ29tcGF0aWJsZSIg
Y29udGVudD0iSUU9ZWRnZSI+CiAgICA8L2hlYWQ+CiAgICA8Ym9keT4KICAgIDx0YWJsZSBzdHls
ZT0ibWFyZ2luOiBhdXRvOyB3aWR0aDogNTUwcHg7IGNvbG9yOiByZ2IoMCwgMCwgMCk7IHRleHQt
dHJhbnNmb3JtOiBub25lOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBmb250LWZhbWlseTogQ2Fs
aWJyaSwgQXJpYWwsIEhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxNnB4OyBmb250
LXN0eWxlOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiA0MDA7IHdvcmQtc3BhY2luZzogMHB4OyB3aGl0
ZS1zcGFjZTogbm9ybWFsOyBib3JkZXItY29sbGFwc2U6IGNvbGxhcHNlOyBvcnBoYW5zOiAyOyB3
aWRvd3M6IDI7IGZvbnQtc3RyZXRjaDogaW5oZXJpdDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1
NSwgMjU1LCAyNTUpOyBmb250LXZhcmlhbnQtbGlnYXR1cmVzOiBub3JtYWw7IGZvbnQtdmFyaWFu
dC1jYXBzOiBub3JtYWw7IGZvbnQtdmFyaWFudC1udW1lcmljOiBpbmhlcml0OyBmb250LXZhcmlh
bnQtZWFzdC1hc2lhbjogaW5oZXJpdDsgCiAgICAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAw
cHg7IHRleHQtZGVjb3JhdGlvbi10aGlja25lc3M6IGluaXRpYWw7IHRleHQtZGVjb3JhdGlvbi1z
dHlsZTogaW5pdGlhbDsgdGV4dC1kZWNvcmF0aW9uLWNvbG9yOiBpbml0aWFsOyI+CiAgICA8dGJv
ZHk+CiAgICA8dHI+CiAgICA8dGQgc3R5bGU9IndpZHRoOiA1NDhweDsiPgogICAgPGRpdiBzdHls
ZT0iYmFja2dyb3VuZDogcmdiKDIzOSwgMjM5LCAyMzkpOyBtYXJnaW46IGF1dG87IHBhZGRpbmc6
IDIwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5l
OyI+CiAgICA8ZGl2IHN0eWxlPSJtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBw
eCBjdXJyZW50Q29sb3I7IHZlcnRpY2FsLWFsaWduOiBiYXNlbGluZTsiPgogICAgPHRhYmxlIHdp
ZHRoPSIxMDAlIiBzdHlsZT0iaGVpZ2h0OiAxOHB4OyI+CiAgICA8dGJvZHk+CiAgICA8dHIgc3R5
bGU9ImhlaWdodDogMThweDsiPgogICAgPHRkIHN0eWxlPSJoZWlnaHQ6IDE4cHg7Ij4mbmJzcDs8
L3RkPgogICAgPHRkIHN0eWxlPSJoZWlnaHQ6IDE4cHg7IHRleHQtYWxpZ246IHJpZ2h0OyI+Jm5i
c3A7PC90ZD48L3RyPjwvdGJvZHk+PC90YWJsZT48L2Rpdj4KICAgIDxkaXYgc3R5bGU9Im1hcmdp
bjogMHB4OyBwYWRkaW5nOiAwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgdmVydGljYWwt
YWxpZ246IGJhc2VsaW5lOyI+Jm5ic3A7PC9kaXY+CiAgICA8ZGl2IHN0eWxlPSJiYWNrZ3JvdW5k
OiB3aGl0ZTsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDEwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRD
b2xvcjsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyI+CiAgICA8dGFibGUgc3R5bGU9IndpZHRo
OiA0ODhweDsgaGVpZ2h0OiAxMjdweDsgYm94LXNpemluZzogYm9yZGVyLWJveDsiPgogICAgPHRi
b2R5PgogICAgPHRyPgogICAgPHRkIHN0eWxlPSJ3aWR0aDogNDc2cHg7IGhlaWdodDogOTJweDsg
Ym94LXNpemluZzogYm9yZGVyLWJveDsiPgogICAgPHAgc3R5bGU9Im1hcmdpbjogMHB4OyBjb2xv
cjogcmdiKDM0LCAzNCwgMzQpOyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZldGljYSwgc2Fucy1z
ZXJpZjsgZm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJjb2xvcjogcmdiKDAsIDAsIDAp
OyBmb250LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij5XZSBoYXZlIGlkZW50aWZpZWQgZGF0
YSBzZWN1cml0eSBpc3N1ZXMgY29uY2VybmluZyB5b3VyIGFjY291bnQmbmJzcDs8L3NwYW4+PHNw
YW4gc3R5bGU9ImNvbG9yOiByZ2IoMCwgMCwgMjU1KTsiPgogICAgcm9vdEBuay5jYTxzcGFuIHN0
eWxlPSJtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBweCBjdXJyZW50Q29sb3I7
IGZvbnQtZmFtaWx5OiBhcmlhbCwgc2Fucy1zZXJpZjsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5l
OyBmb250LXN0cmV0Y2g6IGluaGVyaXQ7Ij4mbmJzcDs8L3NwYW4+PC9zcGFuPjwvcD4KICAgIDxw
IHN0eWxlPSJtYXJnaW46IDBweDsgZm9udC1mYW1pbHk6IEFyaWFsLCBIZWx2ZXRpY2EsIHNhbnMt
c2VyaWY7IGZvbnQtc2l6ZTogc21hbGw7Ij48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IGFyaWFs
LCBzYW5zLXNlcmlmOyI+U28sIHdlIGFkdmlzZSB0aGF0IGFsbCBhY2NvdW50cyBiZSBhdXRoZW50
aWNhdGVkLjwvc3Bhbj48L3A+CiAgICA8cCBzdHlsZT0ibWFyZ2luOiAwcHg7IGZvbnQtZmFtaWx5
OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IHNtYWxsOyI+Jm5ic3A7
PC9wPgogICAgPHAgc3R5bGU9Im1hcmdpbjogMHB4OyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZl
dGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJmb250LWZh
bWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij5Zb3UgYXJlIHJlcXVpcmVkIHRvIHZlcmlmeSB5b3Vy
IGFjY291bnQgaW1tZWRpYXRlbHkgb3Igd2Ugd2lsbCBiZSZuYnNwOzwvc3Bhbj48L3A+CiAgICA8
cCBzdHlsZT0ibWFyZ2luOiAwcHg7IGZvbnQtZmFtaWx5OiBBcmlhbCwgSGVsdmV0aWNhLCBzYW5z
LXNlcmlmOyBmb250LXNpemU6IHNtYWxsOyI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBhcmlh
bCwgc2Fucy1zZXJpZjsiPmZvcmNlZCB0byBEZWFjdGl2YXRlIHlvdXIgYWNjb3VudC48L3NwYW4+
PC9wPgogICAgPHAgc3R5bGU9Im1hcmdpbjogMHB4OyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZl
dGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJmb250LWZh
bWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij48L3NwYW4+Jm5ic3A7PC9wPgogICAgPHAgc3R5bGU9
Im1hcmdpbjogMHB4OyBmb250LWZhbWlseTogQXJpYWwsIEhlbHZldGljYSwgc2Fucy1zZXJpZjsg
Zm9udC1zaXplOiBzbWFsbDsiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTogYXJpYWwsIHNhbnMt
c2VyaWY7Ij48c3BhbiBzdHlsZT0ibWFyZ2luOiAwcHg7IHBhZGRpbmc6IDBweDsgYm9yZGVyOiAw
cHggY3VycmVudENvbG9yOyBjb2xvcjogcmdiKDM0LCAzNCwgMzQpOyBmb250LWZhbWlseTogaW5o
ZXJpdDsgZm9udC1zaXplOiBzbWFsbDsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBkaXNwbGF5
OiBpbmxpbmUgIWltcG9ydGFudDsgZm9udC1zdHJldGNoOiBpbmhlcml0OyBiYWNrZ3JvdW5kLWNv
bG9yOiByZ2IoMjU1LCAyNTUsIDI1NSk7Ij4KICAgIElmIHlvdSBmYWlsIHRvIFZlcmlmeSB5b3Vy
IGFjY291bnQsIHlvdSB3aWxsIGJlIGRlYWN0aXZhdGVkIGFuZCB5b3Ugd2lsbCBsb3NlIGFjY2Vz
cyB0byB5b3VyIE1haWxib3guPC9zcGFuPjxicj48L3NwYW4+PC9wPjxzcGFuIHN0eWxlPSJmb250
LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7Ij48YnI+PC9zcGFuPjwvdGQ+CiAgICA8dGQgc3R5
bGU9IndpZHRoOiA1cHg7IGhlaWdodDogOTJweDsgdGV4dC1hbGlnbjogcmlnaHQ7IGJveC1zaXpp
bmc6IGJvcmRlci1ib3g7Ij4mbmJzcDs8L3RkPjwvdHI+CiAgICA8dHI+CiAgICA8dGQgc3R5bGU9
InBhZGRpbmc6IDVweCAwcHg7IHdpZHRoOiA0NzZweDsgaGVpZ2h0OiAyOXB4OyBib3gtc2l6aW5n
OiBib3JkZXItYm94OyI+CiAgICA8YSBzdHlsZT0iYmFja2dyb3VuZDogcmdiKDAsIDEwMywgMTg0
KTsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDdweDsgYm9yZGVyLXJhZGl1czogMnB4OyBib3JkZXI6
IDBweCBjdXJyZW50Q29sb3I7IHdpZHRoOiAxMDAlOyBjb2xvcjogd2hpdGU7IHZlcnRpY2FsLWFs
aWduOiBiYXNlbGluZTsiIGhyZWY9Imh0dHA6Ly96UUQwVEZtT2wuY2l0eXBldC5jb20udHIvXzo6
NlIzRFNDbFFKYWVWSXN2NklyQldaTjdraF9yZWZfTURrdVluQnlhR0Z1WldSaExtTnZMbWxrTDE4
d09TOGdNRGtqWTIwNWRtUkZRblZoZVRWcVdWRTlQUT09Ij5DbGljayBoZXJlIHRvIHVwZGF0ZSB5
b3VyIGFjY291bnQmZ3Q7Jmd0OzwvYT48L3RkPgogICAgPHRkIHN0eWxlPSJ3aWR0aDogNXB4OyBo
ZWlnaHQ6IDI5cHg7IHRleHQtYWxpZ246IHJpZ2h0OyBib3gtc2l6aW5nOiBib3JkZXItYm94OyI+
Jm5ic3A7PC90ZD48L3RyPjwvdGJvZHk+PC90YWJsZT48L2Rpdj4KICAgIDxkaXYgc3R5bGU9Im1h
cmdpbjogMHB4OyBwYWRkaW5nOiAwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgdmVydGlj
YWwtYWxpZ246IGJhc2VsaW5lOyI+Jm5ic3A7PC9kaXY+CiAgICA8ZGl2IHN0eWxlPSJtYXJnaW46
IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBweCBjdXJyZW50Q29sb3I7IHZlcnRpY2FsLWFs
aWduOiBiYXNlbGluZTsiPgogICAgPHA+PHNwYW4gc3R5bGU9Im1hcmdpbjogMHB4OyBwYWRkaW5n
OiAwcHg7IGJvcmRlcjogMHB4IGN1cnJlbnRDb2xvcjsgZm9udC1mYW1pbHk6IGluaGVyaXQ7IGZv
bnQtc2l6ZTogMTRweDsgZm9udC13ZWlnaHQ6IDYwMDsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5l
OyBmb250LXN0cmV0Y2g6IGluaGVyaXQ7Ij5Ob3RlOjwvc3Bhbj4KICAgICZuYnNwOzxzcGFuIHN0
eWxlPSJtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBib3JkZXI6IDBweCBjdXJyZW50Q29sb3I7
IGZvbnQtZmFtaWx5OiBpbmhlcml0OyBmb250LXNpemU6IDEycHg7IHZlcnRpY2FsLWFsaWduOiBi
YXNlbGluZTsgZm9udC1zdHJldGNoOiBpbmhlcml0OyI+CiAgICBUaGUgY29udGVudCBvZiB0aGlz
IGVtYWlsIGlzIGNvbmZpZGVudGlhbCBhbmQgaW50ZW5kZWQgZm9yIHRoZSByZWNpcGllbnQgc3Bl
Y2lmaWVkIGluIG1lc3NhZ2Ugb25seS4gSXQgaXMgc3RyaWN0bHkgZm9yYmlkZGVuIHRvIHNoYXJl
IGFueSBwYXJ0IG9mIHRoaXMgbWVzc2FnZSB3aXRoIGFueSB0aGlyZCBwYXJ0eSwgd2l0aG91dCBh
IHdyaXR0ZW4gY29uc2VudCBvZiB0aGUgc2VuZGVyLiBJZiB5b3UgcmVjZWl2ZWQgdGhpcyBtZXNz
YWdlIGJ5IG1pc3Rha2UsIHBsZWFzZSByZXBseSB0byB0aGlzIG1lc3NhZ2UgYW5kIGZvbGxvdyB3
aXRoIGl0cyBkZWxldGlvbiwgc28gdGhhdCB3ZSBjYW4gZW5zdXJlIHN1Y2ggYSBtaXN0YWtlIGRv
ZXMgbm90IG9jY3VyIGluIHRoZSBmdXR1cmUuPC9zcGFuPjwvcD48L2Rpdj48L2Rpdj48L3RkPjwv
dHI+PC90Ym9keT48L3RhYmxlPjwvYm9keT48L2h0bWw+
--===============7451406344786898446==--