Phish | Entries from Wednesday, December 20. 2023

Canada Post Phish from virginmediabusiness.co.uk

Sirius XM Phishing from Amazon

Harbor Frieght Surprise Phish from Microsoft Outlook

Lowe's phish from Microsoft Outlook

ICloud phish from Beauharnois, Quebec

Posted by Dave Yadallee on Wednesday, December 20. 2023

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 20 Dec 2023 15:28:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97 (FreeBSD))

(envelope-from )

id 1rG4jZ-00000000Eej-2JkA

for dave@doctor.nl2k.ab.ca;

Wed, 20 Dec 2023 15:08:09 -0700

Resent-From: The Doctor

Resent-Date: Wed, 20 Dec 2023 15:08:09 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from 197.152-31-62.static.virginmediabusiness.co.uk ([62.31.152.197]:62205 helo=account.email.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.97 (FreeBSD))

(envelope-from )

id 1rG1lz-00000000Nbd-3yjc

for doctor@nl2k.ab.ca;

Wed, 20 Dec 2023 11:58:31 -0700

From: Canada Post

To: doctor@nl2k.ab.ca

Subject: Canada Post - Pending Delivery

Date: 20 Dec 2023 18:56:27 +0000

Message-ID: <20231220185627.88FBCD4B32E89CB7@account.email.com>

MIME-Version: 1.0

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 8.4

X-Spam_score_int: 84

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Dear Customer, The package sent to you has been delivered

to Canada Post Office and should be delivered withing 48h. Please confirm

the payment (1.99 CAD) on the link below within a maximum of 14 days before

it expi [...]

Content analysis details: (8.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,

https://senderscore.org/blocklistlookup/

[62.31.152.197 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[62.31.152.197 listed in bl.score.senderscore.com]

0.0 TVD_RCVD_IP Message was received from an IP address

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

-0.0 T_SCC_BODY_TEXT_LINE No description available.

0.3 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS

1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)

2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level

above 50%

[cf: 100]

0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%

[cf: 100]

Subject: {SPAM?} Canada Post - Pending Delivery

<=

td style=3D"width: 390.0px;">

td>

c/img/logos/cpc-main-logo.svg">

Dear Customer,=

The package sent to you h=

as been delivered to Canada Post Office and should be delivered withing 48h=

=2E Please confirm the payment

(1.99 CAD) on the link below within a maximum of 14 days before it =

expires:

ground:#004a8e; padding: 6px 20px; border-radius: 2px;text-decoration:none"=

href=3D"https://forbangladesh.com/wexz/">Follow my package

tyle=3D"font-size: 8.0pt;">This email is provided for informational purpose=

s only and does not guarantee delivery of the shipment. Unable to reply to =

this email. Your e-mail address will only be used for the announcement of t=

he parcel of the above shipment and will not be saved for advertising purpo=

ses. If you no longer wish to receive the package announcement, please clic=

k here:
e\/nextt-online-business\/gw\/evs\/SendEmail.action'); return true;" target=

=3D"_blank" href=3D"https://google.com">Canada Post Notification Service
a>

=

=20=20

=

_blank" href=3D"https://google.com">Website

blank" href=3D"mailto:contact@post.ca">Contact

blank" href=3D"https://google.com">Impressum

0.0px;font-family: Arial;text-align: left;">=A9 2023 Canada Post ID00##0=

9-{7}##

colgroup>

Posted by Dave Yadallee on Wednesday, December 20. 2023

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 20 Dec 2023 15:28:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97 (FreeBSD))

(envelope-from )

id 1rG4hF-00000000EQy-3lD2

for dave@doctor.nl2k.ab.ca;

Wed, 20 Dec 2023 15:05:45 -0700

Resent-From: The Doctor

Resent-Date: Wed, 20 Dec 2023 15:05:45 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from a8-97.smtp-out.amazonses.com ([54.240.8.97]:45911)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

(Exim 4.97 (FreeBSD))

(envelope-from <0100018c87eaf28c-2eb7d07c-4ee5-420e-8868-9d46aa6c26b5-000000@amazonses.com>)

id 1rFyrA-00000000HsX-0oy9

for root@nk.ca;

Wed, 20 Dec 2023 08:51:41 -0700

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=iumxvzai7h3ln4d7i65v55tz7xp4hs74; d=foxlabs.in; t=1703087371;

h=Content-Transfer-Encoding:Content-Type:From:Subject:Message-Id:Date:To;

bh=le9LpHK1BsfDAhQkxcV747G37kNiFzRPsmsIpxYKwCY=;

b=F+fNK3iE+cZR8X18WNsAS1fvxRxNe5pQn31LuCE4UAYCJfzukTddFMd87IUzmvwn

vrIz1IgNuNNaiZJa9OajDRtwJGA5LAhhtm2Y4SiT9f59Tp6UWxs0N1l5TTQyQBqvqbw

3w9pfMwn90IxZiJ8HX6tjWEAoh69JD9kyD8bcMTuEzkUc8yyXJTXErOx/TVCVmwvPKO

gaeIsFJoNYpnEa3A/8uLcP0n7iY/WpNctRLbkIep+IJJnZodWPTCCkdGoTowgHmkBoI

+kJUMzypCR6yccSBDeacqOAt5nEsIuzVU5Y4DnPDjBqh7RMxpCoxpXvDQyUpzZazpgH

tIB0q2/LeA==

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1703087371;

h=Content-Transfer-Encoding:Content-Type:From:Subject:Message-Id:Date:To:Feedback-ID;

bh=le9LpHK1BsfDAhQkxcV747G37kNiFzRPsmsIpxYKwCY=;

b=jhks6FrpXsNhuHixVAjB86CdmsweYU84QmnwQ3GBUYbkHcJWKpgQwdyV14Wdwaqc

ehs+G8JPhsrmCDtJF7/a9ztysDz6PKd4YZyMrJh45dlcMBWXYAEeXL0X5kuLVl8m/Zl

J13cbMSrMTl6LOf3m4QK83O4XlMUu6AuYnAWSaAE=

Content-Transfer-Encoding: 8bit

X-Uber-Id: 1460dc38-9597-33c4-ac65-bae3283ca1c9

Content-Type: multipart/alternative; boundary="_----------=_MCPart_512623887"

From: SiriusXM Membership

Subject: =?UTF-8?Q?Your_SiriusXM_Membership_has_Expired_=F0=9F=93=A6_#71126?=

Message-ID: <0100018c87eaf28c-2eb7d07c-4ee5-420e-8868-9d46aa6c26b5-000000@email.amazonses.com>

Date: Wed, 20 Dec 2023 15:49:30 +0000

X-Feedback-ID: 4468541:SG

X-SG-EID: dK63Id144yQiS+/k8b2VX6hJb/hEknWpdZlZDqP7t8s8ktWcwxjA/MkokNgqMgpQYlbBDJIIo4jddhpKnKAbXnEeVLFfKELEZbEP6YU1LdiR2myiruANNs4t0zL5ytIsdtXAybhKjLm7TgiV9maDtjp6AXbqxs3+noZSR+HMhuUkCvfpaoMDmcwfi9tWfpekXGbjUWQW9eRcQ3RWHSBBjUosDSA/fRIlcZ+mF6Qa+V4=

To: root@nk.ca

Feedback-ID: 1.us-east-1.4vz5eWi3mu8p3ejxSXq5bqW4hRrKTuBrAoonK+dzQNI=:AmazonSES

X-SES-Outgoing: 2023.12.20-54.240.8.97

X-Spam_score: 5.7

X-Spam_score_int: 57

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: --

--

Content analysis details: (5.7 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[54.240.8.97 listed in list.dnswl.org]

4.5 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist

[URI: dscoola.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[54.240.8.97 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 T_SCC_BODY_TEXT_LINE No description available.

Subject: {SPAM?} =?UTF-8?Q?Your_SiriusXM_Membership_has_Expired_=F0=9F=93=A6_#71126?=

--_----------=_MCPart_512623887

Content-Type: text/plain; charset="utf-8"

Content-Transfer-Encoding: quoted-printable

--
PfJW63tBuW>=0A--
iQ5qY6STWEvAT2vbaYilcuiG>=0A-
xzjLv8pcQ>-=0A-
UX2GVz78PXnF4xixWmLmNxM>-=0A
pPjWOXYI>--=0A
cr2F62XKRSLpp9WcMCNlML>--
bKqBN>=0A--
JG0IoUJZzgIUr41CGAW>=0A-
LmSY>-=0A-
6RoFFVa4F9ksKRVQbQ>-=0A
BTt>--=0A
pkNycFqG0CNlGeMu8>--
>=0A--
QX4QkZDxIOQZ8y>

--_----------=_MCPart_512623887

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: 8bit

Your SiriusXM membership has expired!

Dear customer, your membership has expired.

But, as part of our loyalty program, you can now extend for 90 days for free.

Enjoy Unlimited Music for Everyone! Extend your membership.

Hurry! This offer will expire soon:

Extend for Free

--

--

--

--

--

--

--

--

--

--

--

--

--_----------=_MCPart_512623887--

Posted by Dave Yadallee on Wednesday, December 20. 2023

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 19 Dec 2023 17:17:01 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97 (FreeBSD))

(envelope-from )

id 1rFjSP-0000000064d-188s

for dave@doctor.nl2k.ab.ca;

Tue, 19 Dec 2023 16:25:01 -0700

Resent-From: The Doctor

Resent-Date: Tue, 19 Dec 2023 16:25:01 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-dbaeur03hn2222.outbound.protection.outlook.com ([52.100.14.222]:27040 helo=EUR03-DBA-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.97 (FreeBSD))

(envelope-from )

id 1rFeLz-00000000Eps-1onN

for doctor@doctor.nl2k.ab.ca;

Tue, 19 Dec 2023 10:58:07 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;

b=YalJS+BxfRP6DbdBJDXco8mEBWA+SKu6+qidMUzL8yhR3zaM2MqWg7MsP4cBuwUprR9xWnwAezc1awk26Dz9JCDvjsZ5Vg9RYN5+yxZeS72G3iDZk17ysv3DJGSFvKmswZi2EMRxjbA/1PdkEE6hX+kpA5f3qNlR6o0AtEqhQ1NtlIUZBEcOq2uYpbXk/Aro2byOZmLNdwJqrZ/M7lnDQR4jJtBVqpzt2IM0PlymlCxMRm3Sry6hWOahkoRwj7Q4/mhuqNXyjk+Kzi4bxaoUYigxQGZzWhmNQ1d7D2//EkF3pnuse5rpsaLFdMtYcXYTjruH6fLGV9TYWxjX5gNIew==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector9901;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=Nu0AGp9/Ikc+TOEy5W2Ck73msoeR1nipHevCQt8/m9Q=;

b=Y6FCi7gsc+1u2d5r3KDX4Yu6rxHmvpO4PWuOurjd6VQgL5WFXwsQrP2jlqbdannXubeO6o9gb5rDZj4bBizKelEdWa//X7dzMezP5VtY9iEiYH671VKhDXHDufQS6tSO4piAubUjIUIU8oTJvjDaM9WFSEOScAiHb3R9IQEnpwILTQcOsP6nOxK9Y4BSMNH1m1kXSOyh/843/vU1lJVe40jxxV8fTRsCHMyWCf6bFqDmQGx/on7Xsfp8cHOg9Hn8pzaST0yug6o9plxjNsDFLtZfWBBK0GLT4NJBIpDsxO/kfqDFSeVYuZ00jskmej/b/2NiH4BnGoDBWmBbPIYxXQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=fail (sender ip is

95.216.164.141) smtp.rcpttodomain=doctor.nl2k.ab.ca

smtp.mailfrom=dankusars.onmicrosoft.com; dmarc=none action=none

header.from=dankusars.onmicrosoft.com; dkim=none (message not signed);

arc=none (0)

X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 95.216.164.141)

smtp.mailfrom=dankusars.onmicrosoft.com; dkim=none (message not signed)

header.d=none;dmarc=none action=none header.from=dankusars.onmicrosoft.com;

X-TOI-MSGID: <1171489529.93030E346BC62.1703006511137@washingtonpost.com>

CC: doctor@doctor.nl2k.ab.ca

MIME-Version: 1.0

Date: Tue, 19 Dec 2023 18:21:51 +0100

From: Harbor Freight Surprise

To: doctor@doctor.nl2k.ab.ca

Content-Type: multipart/alternative; charset="UTF-8";boundary="PART_pO4L.gjxfqwue"

In-Reply-To:

Importance: high

Subject: Notice for doctor, You Are Our December Winner_!!

Message-ID:

<4c3c0cec-dbd9-43ba-a971-c1bb58cba09f@AMS0EPF000001B1.eurprd05.prod.outlook.com>

X-EOPAttributedMessage: 0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: AMS0EPF000001B1:EE_|DB8P195MB0696:EE_

X-MS-Office365-Filtering-Correlation-Id: 6a40b7de-f9da-4efb-f2af-08dc00bbbf27

X-MS-Exchange-SenderADCheck: 1

X-MS-Exchange-AntiSpam-Relay: 0

X-Microsoft-Antispam: BCL:0;

X-Microsoft-Antispam-Message-Info:

G9GPlUPDEs0Ik5Xz0Dg2Hs6bRa6FbTC0FEjBYWzbGdLqu7tfB8l4Ry4H/7YNhcqiBWYDwQxLkUgiD/zEXUthw4E6ySjmuXXcbPfz7uwCDiMWHoIJRHaEM1d+397M7bNAHRTniZtLArWwqFljQ4HMrqmd/lyYinxzQGzBv1iTGbkt8y7Fe8R35BLDhxUbuxzshkmpSvcDfoj0lQIvu7ImMXEdRl1/yX0Wl677fWs4FKyh1hLV9+D50+JSwSCOeIEGSb37tFA6NSGpy+piQHoUA19noIvYRP0+k1TPOhpgKoEdzGUCbfQGAs39lJFso9Wus25U0WjClphpxaw/XTs8jiML4tU022VZc3Uy3kE2SAfTRK0f3QDeeTV2WGF4Wb4OgeYSOR/U5HrEAXmPnJNh4VmceK8F59sBCq8t5wO/dDpsiQMWv5OpjOduUFm0thSxxbbsJPHBwxTFvGHYr1AAZ8kIbH+uVnPCKlYHPaKBAe/Xb93alhX62oCSYYvIgw97PVZCBnBznUAIoJlL/hIFiq/QBI0cFTnijsUu/nkfIBWmqDeBdQbsTh1ob4InyR69Sa9iNb9UBFKk8c5X6Jcyi/PZCXYT+b1bBG8Vjmn8LVGGqM0tvOqRXCHNCAWKcIaZ

X-Forefront-Antispam-Report:

CIP:95.216.164.141;CTRY:FI;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.washingtonpost.com;PTR:static.141.164.216.95.clients.your-server.de;CAT:NONE;SFS:(13230031)(39860400002)(346002)(136003)(396003)(376002)(230922051799003)(82310400011)(451199024)(64100799003)(186009)(1690799017)(7200799017)(61400799012)(40470700004)(46966006)(36840700001)(40480700001)(8400799017)(40460700003)(32880700267)(34020700004)(47076005)(81166007)(82740400003)(5660300002)(19625305002)(36860700001)(2906002)(33964004)(166002)(336012)(26005)(9686003)(66899024)(41320700001)(8676002)(564344004)(70206006)(70586007)(478600001)(41300700001)(6916009)(8936002)(4326008)(31696002)(42186006)(316002)(786003)(18023003)(42472002)(38122002)(83022004);DIR:OUT;SFP:1501;

X-OriginatorOrg: dankusars.onmicrosoft.com

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Dec 2023 17:55:54.4780

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: 6a40b7de-f9da-4efb-f2af-08dc00bbbf27

X-MS-Exchange-CrossTenant-Id: 355025fa-3f3b-4899-ac63-6cca2638793d

X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=355025fa-3f3b-4899-ac63-6cca2638793d;Ip=[95.216.164.141];Helo=[mail.washingtonpost.com]

X-MS-Exchange-CrossTenant-AuthSource:

AMS0EPF000001B1.eurprd05.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem

X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8P195MB0696

X-Spam_score: 5.1

X-Spam_score_int: 51

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: (9175) Notifications For YOU

Content analysis details: (5.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.100.14.222 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.100.14.222 listed in wl.mailspike.net]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

0.0 ARC_SIGNED Message has a ARC signature

0.0 ARC_VALID Message has a valid ARC signature

1.0 HK_RANDOM_FROM From username looks random

0.5 FROM_LOCAL_NOVOWEL From: localpart has series of non-vowel letters

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[info_9175(at)dankusars.onmicrosoft.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[info_9175(at)dankusars.onmicrosoft.com]

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 T_SCC_BODY_TEXT_LINE No description available.

0.0 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts

0.3 HTML_SHORT_LINK_IMG_3 HTML is very short with a linked image

0.7 BODY_URI_ONLY Message body is only a URI in one line of text or for

an image

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} Notice for doctor, You Are Our December Winner_!!

--PART_pO4L.gjxfqwue

Content-Transfer-Encoding: 7bit

Content-Type: text/html; charset="UTF-8"

(9175) Notifications For YOU

--PART_pO4L.gjxfqwue--

Posted by Dave Yadallee on Wednesday, December 20. 2023

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 19 Dec 2023 16:16:01 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97 (FreeBSD))

(envelope-from )

id 1rFj4V-00000000M1m-3LXi

for dave@doctor.nl2k.ab.ca;

Tue, 19 Dec 2023 16:00:19 -0700

Resent-From: The Doctor

Resent-Date: Tue, 19 Dec 2023 16:00:19 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-mw2nam12on2052.outbound.protection.outlook.com ([40.107.244.52]:17600 helo=NAM12-MW2-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.97 (FreeBSD))

(envelope-from )

id 1rFcFQ-00000000AYU-20hU

for doctor@doctor.nl2k.ab.ca;

Tue, 19 Dec 2023 08:43:18 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;

b=LoWE4S7q/wckkknDxwUBIhhk3q4YRXTAOFlEPll1ZOpFcDLA5cp5JoPrhsjCU/sd2/P0GnKbIY6Fx0CuPUArLXFl3frrNJExZ/Q6dxXhj3QTGowNny6aRXirVKzSoeG808+hjTAF2CLPgl3QxbRl7ooD7aEPXZviJE62AImOvBMxP9txtbYNOwwl8Qh1P9tVKShru+JkThpgJjr6OTHEWV7/E7ZrMRVumojMtVxsGls6RUSvIcRbOnGX/0FrmvFfEUpTcsNGT5OPLJys465Y4EHzdAHb+0cilGBO2bAxFBGtxKukrl99DAUhDbT5cBhaYtmAJLHXp9UI86AeOFjttw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector9901;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=tcgc2P+iBn1x/7osGEyFM/+1lsHBtBV8o4J0mYZkUoY=;

b=XfAClcitBFYC5YZuP+SOEaPlEhVFlTQihHyJX0CrZBPcU/IuXXpXEuJu3ifJ4UlZw7Yka8Ht28NDVfo12mMM46l4Ken8A1+fsx9bg45Rk78Cc/f002EsDc0DdDP8T6xlJUw6wqmBV6pFXC9eQAHoTZnU3cMP5Q/vs8dWNaEqPWkdvrxfIToPERRCJfFYi4gMgk+rVvckpUFMgtFDOfcGhnTSMvXVjkoeKzzGLHbbd1Ej8LVu9MmENWjKzYzwSvuBjOtAKV2/lmLUAyjiQoVKsbL7TCh2kHOe2KfetsqA1K9+Ue1izp7eZ1Ur5SgEjB+C10TQ1PLvCd05uo8ghLXD4g==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=fail (sender ip is

172.234.25.141) smtp.rcpttodomain=doctor.nl2k.ab.ca

smtp.mailfrom=xc2h60z.onmicrosoft.com; dmarc=none action=none

header.from=xc2h60z.onmicrosoft.com; dkim=none (message not signed); arc=none

(0)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=xc2h60z.onmicrosoft.com; s=selector1-xc2h60z-onmicrosoft-com;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=tcgc2P+iBn1x/7osGEyFM/+1lsHBtBV8o4J0mYZkUoY=;

b=cq3REqVoSbuySaU4NVrQgcgVOk/BqGwbF6asMkyf1GuhQ1ssNk6nHVYRGJ4yjx9602T+poRKE1/AvVeA3Hva57HWJyBW4cK0RD1QdBf8/k15rAEBbL6KMldbnuWax+nTtCjRY0KMbozW05uuT2AGAQ2m2/Zx/wkKP+RCU/xGOylrKb04s310S8ju/saIgIR7LkqhNseUiqiUzwwT5+KsfvSVWQoNMlfkNYC2AzLoh5m53zyd8u19rXWNBfidsRooOlDTlt6YqGCtPydymROOcTBcaX7Uy3lhTX288hnaOuYRQtvQf+u8b2IGn8FjBCPWwr0WT/QSk207qIgTqJ7n9w==

Received: from BYAPR03CA0018.namprd03.prod.outlook.com (2603:10b6:a02:a8::31)

by MW4PR10MB6560.namprd10.prod.outlook.com (2603:10b6:303:226::8) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7091.38; Tue, 19 Dec

2023 15:41:01 +0000

Received: from DM6NAM12FT044.eop-nam12.prod.protection.outlook.com

(2603:10b6:a02:a8:cafe::ba) by BYAPR03CA0018.outlook.office365.com

(2603:10b6:a02:a8::31) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7091.38 via Frontend

Transport; Tue, 19 Dec 2023 15:41:00 +0000

X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 172.234.25.141)

smtp.mailfrom=xc2h60z.onmicrosoft.com; dkim=none (message not signed)

header.d=none;dmarc=none action=none header.from=xc2h60z.onmicrosoft.com;

Received-SPF: Fail (protection.outlook.com: domain of xc2h60z.onmicrosoft.com

does not designate 172.234.25.141 as permitted sender)

receiver=protection.outlook.com; client-ip=172.234.25.141;

helo=mail.howe.com;

Received: from mail.howe.com (172.234.25.141) by

DM6NAM12FT044.mail.protection.outlook.com (10.13.178.204) with Microsoft SMTP

Server id 15.20.7113.12 via Frontend Transport; Tue, 19 Dec 2023 15:41:00

+0000

Importance: high

MIME-Version: 1.0

From: Lowe'S_Department_!!

Sender: app-java@xc2h60z.onmicrosoft.com

X-TOI-MSGID: <106129944.3F57B3A2402EA.1703000286625@howe.com>

Date: Tue, 19 Dec 2023 16:38:06 +0100

CC: doctor@doctor.nl2k.ab.ca

In-Reply-To:

Subject: Important for doctor, You Are Our December Winner_!!

Content-Type: multipart/alternative; charset="UTF-8";boundary="PART_g6Rc.vdtsdgsa"

To: doctor@doctor.nl2k.ab.ca

Message-ID:

<4f5d550d-9f60-48f3-a30c-025ed9d1dc03@DM6NAM12FT044.eop-nam12.prod.protection.outlook.com>

X-EOPAttributedMessage: 0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: DM6NAM12FT044:EE_|MW4PR10MB6560:EE_

X-MS-Office365-Filtering-Correlation-Id: 743bfcbc-4084-4bfd-63d8-08dc00a8e691

X-MS-Exchange-SenderADCheck: 1

X-MS-Exchange-AntiSpam-Relay: 0

X-Microsoft-Antispam: BCL:0;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?VWtOTDZMU2Q5N05OOHB4anpDeURqR05EbUFCMjhvbnlGaXdweTk1eW1aSmlm?=

=?utf-8?B?R0ZZM2h3ckR6YWFHdXdCdGxkMWJRNzJ4L09LTWhkZ1lnb0dsNUNRVzVZT01n?=

=?utf-8?B?ZlpqblUwUC9tTjh4WHVnYWt0Q1grNk85RGNUV3BMcEpvRVVhTmJzcWlPd2RU?=

=?utf-8?B?TGwrbHN4QmkwakNDemJKVWxyaWM5R2VZZkYybUVVWndEWFlySTAvRzNZdWZn?=

=?utf-8?B?YXNzVmk0Q0F2M1VIRVh4Z25vNnJGQzA3Z0JFbExxeTJjQ3pTTjNUaFNtSXBw?=

=?utf-8?B?L0g3amgxb01UVUk4dEpmTFhNUFpVV294SHVIR0NSYmtFMGxvZytaandXZ29G?=

=?utf-8?B?L3pzWGZGWmw0bDRiUnpKcTViVS80b0U3aFBmQ2tiTkVqdTB5dEk2Zi9QRTFN?=

=?utf-8?B?UGJnYnpqbm93Y0Z4Q2UycUcvdjhERnNnZzlyeDAwY2ZUWkxvSW43SGhhU1A0?=

=?utf-8?B?ZHJzMlIweDU1RnhYSXRRci9SLzBYRXd3YnNPRndaNHY1Y1hmTlNKK0NmemZZ?=

=?utf-8?B?ajhyMGZkOHZ1ZWMvL3RIUHhwV1lBUGwrTW1MNEt3SENDSGRaU3dkS0k0WWRL?=

=?utf-8?B?NkRRNmFRRzZrZ2ZKR0FNMC9RTzhGZXZqQVhLRzBIRWJFM0xMSnl1SHlWODRw?=

=?utf-8?B?Vy9vcUNHVFJGWEdTNW1YTGZ5TDRXSE9mVFNDT1pZNHc4V2tHeVpObkttRlZs?=

=?utf-8?B?ZVlkT09VUHM4cUE4eXBKSnpHSlNIdnBqMi9jOE1NQ0djb3duTkdwTWFYb0xo?=

=?utf-8?B?ZHVLbmZIUkgyNFpsK0Q1MFhBcmZxMVllR2FheThpQUFsK0twTCtKZHByd3M3?=

=?utf-8?B?NTZXb0RqWnBNWXlnaG1Fc0hNdnlIZ014bUgwOGJ3SFZsRG9rK2pScHYvZ1pU?=

=?utf-8?B?ZXI0TVBVOVFqYmJYRmhUZG1qcFZPejJMdS9uWlo4UDVEaWZLeVpJd2lMSTdW?=

=?utf-8?B?clI2Mmdzd1FxMGFJR1QxRVhXaXQzSWY4NVRKeUhkdXNXckJlNEZHWHB3Myta?=

=?utf-8?B?cEVTNnpWUDAwU2xuMEZOTVhjTkJsNU1hby9zeW5IZEdsNzJuNkVJUHN0VDFK?=

=?utf-8?B?UnlRQm5XZzdZL0dvZ3IzcTJ2QnpneEd1M1M4eExHb3htZmIwOWdjcWhUaXBn?=

=?utf-8?B?Y1o1THZFOXBJQVVQaCtRRXNyR0JPeTRpS2orZGM0MnlBeVM0NjIwR21CTDd3?=

=?utf-8?B?Qm9Cd0pKSDRVQXRpWFBKNXd4eE44UXZiclRzTVgvd0c5UzZvY0Y1bWswYVJz?=

=?utf-8?B?V1Z0WTF1eHNnVXY4Y2JubzkxcEwxRlVyK3h6aDgxcGkvSHpZRE13Z2VCTUMz?=

=?utf-8?B?cWQ3S2ZRUERyVEt5a1NwZkhoNE1qb3dQKys3YmtWWXhrQzd3cFdEZ1hseFdB?=

=?utf-8?B?R2pVSVZvSzFHMnF6NWlaY1ZTbndjNjh1YzhudHIxUk5zRFdaL2s2NGVkQnd5?=

=?utf-8?B?WHI3YnFyV3dmUm54NDNzeE1BakMwQlUvWkpJYUxkTGxNRTM4K3o3ZWpwVjJ5?=

=?utf-8?B?MGFvVWVVdXZ2bnBPaTBnVlJ3OUNKczllRXJPNTlhbWdiTmdVTjh5Ukh3SWdw?=

=?utf-8?B?SzBpelRzR1BpeTJvRGd0RGx2dzQ1czhlZFJUWm1RMmxNMS9QUEI5V1BZK1g4?=

=?utf-8?B?ekhLVzRFU3YzUUhxeFJ2cDJWcFJyRGh3c29jQkFUOUNQZGx0eDFWMnVNSTd1?=

=?utf-8?B?aWNsMHFKelFpN01hL2xIYVZyS3o2M3lZRnAyYkdNVms0YnF6K2oxRDMycWRU?=

=?utf-8?B?cHAzNnAyNXFZQzlCSkdXc2w1OExnZ1pScmFIWGFGd0tvQ3E3aHZacnJ0Wksv?=

=?utf-8?B?RlJIVURPekg0bVFiL1E1UmF3MVhUTkwwUnp6cnVoakdLSVhWbU9lZ3l1dk1n?=

=?utf-8?B?d3d6UyswOVhRb2lRNCtXeGVkMHFyVmtqQ2RyS0M2Vm5BRDNmRHhMc3FZTVFt?=

=?utf-8?B?N3dyL0IxN2dJb2FoVnpXTHVpemEzV2szS0Z3SVpxNFROSWFsOXRZVXcySTFD?=

=?utf-8?B?OE1qRTZwaUpaR1ZXeVR4U1NTSTVHdmRuZFdaeHp1ZDhCOTNtWVZkdlI5cDZz?=

=?utf-8?B?TVhGRmNZSGVqOU84S0dkZVlCZDRmY0tTeEYvOW9YUGpzejRHUEpsOEN4cGRt?=

=?utf-8?B?eGFCWWgrYno2SG9UU0didVQwVFE2MVdIejM1R0FpbEc3VGJ6Q0ZiL1RYVGtv?=

=?utf-8?B?VHc9PQ==?=

X-Forefront-Antispam-Report:

CIP:172.234.25.141;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.howe.com;PTR:172-234-25-141.ip.linodeusercontent.com;CAT:NONE;SFS:(13230031)(136003)(376002)(39860400002)(346002)(396003)(230922051799003)(64100799003)(82310400011)(7200799017)(1690799017)(186009)(451199024)(61400799012)(46966006)(36840700001)(40470700004)(41320700001)(40460700003)(66899024)(33964004)(6916009)(34020700004)(36860700001)(83380400001)(47076005)(31696002)(81166007)(82740400003)(356005)(118246002)(6486002)(8676002)(166002)(478600001)(41300700001)(8936002)(4326008)(786003)(316002)(70206006)(36736006)(19625305002)(956004)(336012)(9686003)(26005)(2906002)(6506007)(5660300002)(7846003)(70586007)(21615005)(6512007)(564344004)(9316004)(31686004)(8400799017)(40480700001)(1406899027)(43852003)(18023003)(42472002)(38122002);DIR:OUT;SFP:1101;

X-OriginatorOrg: xc2h60z.onmicrosoft.com

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Dec 2023 15:41:00.1467

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: 743bfcbc-4084-4bfd-63d8-08dc00a8e691

X-MS-Exchange-CrossTenant-Id: 79432332-f417-43e7-84a8-8203b4e26f73

X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=79432332-f417-43e7-84a8-8203b4e26f73;Ip=[172.234.25.141];Helo=[mail.howe.com]

X-MS-Exchange-CrossTenant-AuthSource:

DM6NAM12FT044.eop-nam12.prod.protection.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem

X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR10MB6560

--PART_g6Rc.vdtsdgsa

Content-Transfer-Encoding: 7bit

Content-Type: text/html; charset="UTF-8"

(3543) Notifications

If you no longer wish to receive these emails, you may unsubscribe by

clicking here.

--PART_g6Rc.vdtsdgsa--

December '23

Posted by Dave Yadallee on Wednesday, December 20. 2023

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 14 Dec 2023 18:40:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97 (FreeBSD))

(envelope-from )

id 1rDxB8-00000000B5W-0a7b

for dave@doctor.nl2k.ab.ca;

Thu, 14 Dec 2023 18:39:50 -0700

Resent-From: The Doctor

Resent-Date: Thu, 14 Dec 2023 18:39:50 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [194.116.215.187] (port=59946 helo=anc.org.za)

by doctor.nl2k.ab.ca with esmtp (Exim 4.97 (FreeBSD))

(envelope-from )

id 1rDx1Z-00000000AVU-15WT

for doctor@doctor.nl2k.ab.ca;

Thu, 14 Dec 2023 18:30:03 -0700

Delivered-To: elenadibrova545@gmail.com

Received: by 2002:ab0:2757:0:b0:7cb:4ca5:1567 with SMTP id c23csp1508342uap;

Thu, 14 Dec 2023 16:39:51 -0800 (PST)

X-Google-Smtp-Source: AGHT+IFU5dp8iZoLLEc3toxbAKwJp2FZ7ezsUJntr/yg9lItOVqbUZpwLRUA2rsf2OBDHJM1sfZK

X-Received: by 2002:a05:620a:4482:b0:77b:c650:5eab with SMTP id x2-20020a05620a448200b0077bc6505eabmr14462218qkp.5.1702600791405;

Thu, 14 Dec 2023 16:39:51 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1702600791; cv=none;

d=google.com; s=arc-20160816;

b=YvbmYSMkQMrPJRgX1GHSEssQ1OFjOn913VAxBEk6xPIDSfpwiyvnUplXSkbznkyTo7

45RxQr28InRYMF0gVHkKRUxk+JFimKI7H/5Ogrlpjo6WqYgE1SbRPNLOW9Z9dzCRcQwb

a6/Q9oUq73zviOaey7Qo46xMbc6dDBM9c8CmguIPcEB5Bxwt9RUNSJ769IRtjczSPX0w

dFmyI6EXJW6u7WjSft48HNrNEPyzi38kGocBvDbs5WKtBmQedZqmp6rxBLqtru7RG37E

m4UKaipsT+880sTtRwGmQhQ4Itt3oSKl058VJReB3v6TgPDyWlmYQ4Ryab5o4AgRywYu

2NOg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;

h=feedback-id:sent-on:content-transfer-encoding:subject:message-id:to

:reply-to:from:date:mime-version:dkim-signature;

bh=ZrWHQ1/w8ylcSl3L5kJry3BzXyEHJPe3piXr2+KjeTI=;

fh=qc65l13lZ0vMBrocc+JXeKNmoPY8s+vbjVodSH1g9fQ=;

b=hXyJRvzbIq1224Z0ne13zQRTCyTmSE+w2WIvBwi/Neuso4VbaEeXh/a5n3d/zqFUGc

wtTj+EEOavyJCHCBWzCIi44Aa+D/km7xx71MrofuEVdzyTXgtNhG/qA8iY8ySBzf2a2A

puuJK0yYPeq4ys549BHsvX3BcFZLIVmvoVPnFko7sqBnS34+bbuOWrf6rJWM90auJ90T

9rMlVOTgGTMKH5abGNFPow6r7vqeB/25UVtqQxBVtC+L+tN1RAbGNEyLoJP8aDeul4s/

QGF/UYGthrboRFWDnQUYIRrQMGSCR99a7ueoYvp6n4KD5XiF9mxvRqxLP0ZmDcsKvGJI

dBrg==

ARC-Authentication-Results: i=1; mx.google.com;

dkim=pass header.i=@freshdesk.com header.s=fdusmail header.b=L7WxTUuU;

spf=pass (google.com: domain of bounces+us.1.2993963.607-support=info4193.freshdesk.com@emailus.freshdesk.com designates 44.192.35.192 as permitted sender) smtp.mailfrom="bounces+us.1.2993963.607-support=info4193.freshdesk.com@emailus.freshdesk.com";

dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=freshdesk.com

Received: from mail-usn193.freshemail.io (mail-usn193.freshemail.io. [44.192.35.192])

by mx.google.com with ESMTPS id b19-20020a05620a0f9300b0077f129f0a08si15450721qkn.784.2023.12.14.16.39.51

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Thu, 14 Dec 2023 16:39:51 -0800 (PST)

Received-SPF: pass (google.com: domain of bounces+us.1.2993963.607-support=info4193.freshdesk.com@emailus.freshdesk.com designates 44.192.35.192 as permitted sender) client-ip=44.192.35.192;

Authentication-Results: mx.google.com;

dkim=pass header.i=@freshdesk.com header.s=fdusmail header.b=L7WxTUuU;

spf=pass (google.com: domain of bounces+us.1.2993963.607-support=info4193.freshdesk.com@emailus.freshdesk.com designates 44.192.35.192 as permitted sender) smtp.mailfrom="bounces+us.1.2993963.607-support=info4193.freshdesk.com@emailus.freshdesk.com";

dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=freshdesk.com

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=simple/relaxed; t=1702600791;

s=fdusmail; d=freshdesk.com;

h=MIME-Version:Date:From:Reply-To:To:Message-ID:Subject:Content-Type:Content-Transfer-Encoding;

bh=ZrWHQ1/w8ylcSl3L5kJry3BzXyEHJPe3piXr2+KjeTI=;

b=L7WxTUuUokUajKVSNQJcxiMLCMut3m5EuCs7gQLymNl7ID+x/glhiGnqMzUI68v4

ZdAIoqupwVHY7gy4mnhS3YrFiEosqtmC1Ds2vRG0W7oD4EDllhRqfmTfxp0sQOMcG99

Wgp7inO2dg+6nBq8RFkakBtiQkf47RmYQg2mDhDWUEHAWOfADogu1lFrKJwb4fVuAKa

ElO51fGttXoJ9+ASQxrgCTs5I9DGXTPJ20tXrF3DfsEvW5Utr7H/h51cpXGGA79UpBD

cEg9/KkfNxiEoSzW0YALhIA35Na/s624CodDr5kTZHQETmWjEzYxEx9ptYBF7a2XdEk

p6rSJTpFHQ==

MIME-Version: 1.0

X-Received: from ip-172-16-192-79.ec2.internal (EHLO freshdesk.com) ([172.16.192.79])

by smtpout.freshdesk.com (Freshworks SMTP Server) with ESMTPA ID 2138801853.318

for ;

Fri, 15 Dec 2023 00:39:50 +0000 (UTC)

Date: Fri, 15 Dec 2023 00:39:50 +0000

From: INFO

Reply-To: INFO

To: elenadibrova545@gmail.com

Message-ID: <657ba0567bdf8_1c43f846935c1a427008157.sidekiq-frequent-fd-poduseast1-main-blue-8464cb4f86-rpxr4@outbound-email.freshdesk.com>

Subject: LAST ALERT: All Your Photos Will Be Deleted!

Content-Type: multipart/alternative;

boundary="--==_mimepart_657ba0568226f_1c43f846935c1a4270082e7";

charset=UTF-8

Content-Transfer-Encoding: 7bit

sent-on: 2023-12-15 00:39:50 +0000

X-FUP-PRIORITY: 1

Feedback-ID: appId_b_accId_cjjdjgd:appId_b_accId_cjjdjgd:appId_b:freshemail

X-MESSAGEID: BZ/irWDg3ErN6WKppURD036faqt3wSKAOzDiMKgGEvoMkqgx6yrenk5+An41jZAv5dsJctaMpI+Pya1OErjTNZElDMpvY5x/29damaL/yeTPZWIBL10exR9p6gcZACbY3iRhbgFDj33V2ejJQySIs6xjMBkGQVSYkD+4DLWG1qo=

----==_mimepart_657ba0568226f_1c43f846935c1a4270082e7

Content-Type: text/plain;

charset=UTF-8

Content-Transfer-Encoding: quoted-printable

=C2=A0 You have reached your storage limit Dear customer, Your iCloud=

storage is full. But, as part of our loyalty program, you can now recei=

ve an additional 50 GB for free before the files on your iCloud Drive are=

deleted. Receive 50 GB After signing up, you have to insert your cre=

dit card details for validation of your Apple ID. We=C2=A0will not withdr=

aw any amount. If you no longer wish to receive these emails, you may=

unsubscribe by=C2=A0clicking here or by writing to 6130 W Flamingo Rd. L=

as Vegas, NV 89103

----==_mimepart_657ba0568226f_1c43f846935c1a4270082e7

Content-Type: text/html;

charset=UTF-8

Content-Transfer-Encoding: quoted-printable

boto, Helvetica Neue, Arial, sans-serif; font-size:14px;">

oboto, Helvetica Neue, Arial, sans-serif; font-size:14px">

ize: medium; font-style: normal; font-variant-ligatures: normal; font-var=

iant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; =

text-align: start; text-indent: 0px; text-transform: none; widows: 2; wor=

d-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: normal; text=

-decoration-thickness: initial; text-decoration-style: initial; text-deco=

ration-color: initial'>=C2=A0

rphans: 2; text-transform: none; widows: 2; word-spacing: 0px; -webkit-te=

xt-stroke-width: 0px; text-decoration-thickness: initial; text-decoration=

-style: initial; text-decoration-color: initial' width=3D"100%">

order-top: 1px solid rgb(240, 240, 240);background-color:#fff" width=3D"5=

50">

el=3D"noreferrer">
achment?token=3DeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTUzMDAyMTY0=

MTI0LCJkb21haW4iOiJpbmZvNDE5My5mcmVzaGRlc2suY29tIiwiYWNjb3VudF9pZCI6Mjk5M=

zk2M30.9GTYbXRLZriObhumslF9a6FzlcjCCIOdsz2mHRI7Zt4" alt=3D"" width=3D"70"=

height=3D"86" class=3D"fr-fic fr-dii" data-id=3D"153002164124">
=

You have reached your storage limit

el=3D"noreferrer">
achment?token=3DeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MTUzMDAyMTY0=

MTI1LCJkb21haW4iOiJpbmZvNDE5My5mcmVzaGRlc2suY29tIiwiYWNjb3VudF9pZCI6Mjk5M=

zk2M30.xiOZDCSUDoPvuicKj-B4_NHIci-qO_4St9r92vSircE" width=3D"350" height=3D=

"350" class=3D"fr-fic fr-dii" data-id=3D"153002164125">
Dear cust=

omer,
Your iCloud storage is full.

But, as part of our loyalty program, you can now receive an addition=

al 50 GB for free before the files on your iCloud Drive are deleted.
>

loudder" rel=3D"noreferrer">Receive 50 GB

After signing up, you have to insert your credit card details for =

validation of your Apple ID.
We=C2=A0will not withdra=

w any amount.

: rgb(121, 121, 121); max-width: 550px; line-height: 1.4; margin-top: 15p=

x">If you no longer wish to receive these emails, you may unsubscribe by=C2=

=A0
155" style=3D"color: rgb(102, 102, 102); text-decoration: none" rel=3D"no=

referrer">clicking here or by writing to 6130 W Flamingo Rd. Las Vega=

s, NV 89103

tktid"; min-height:0px; height:0px; opacity:0; max-height:0px; line-heigh=

t:0px; color:#ffffff'>607:2993963

=

----==_mimepart_657ba0568226f_1c43f846935c1a4270082e7--

Categories: Phish

0 Comments