credential phishing for nk.ca user from smartape russia

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 01 Apr 2024 13:36:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1rrNQt-000000004ZR-3bOE

for dave@doctor.nl2k.ab.ca;

Mon, 01 Apr 2024 13:35:03 -0600

Resent-From: The Doctor

Resent-Date: Mon, 1 Apr 2024 13:35:03 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [188.127.231.172] (port=41842 helo=s850048.srvape.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1rrNJZ-0000000029k-3fIB

for doctor@nl2k.ab.ca;

Mon, 01 Apr 2024 13:27:35 -0600

Received: from WIN-BUNS25TD77J (localhost [IPv6:::1])

by s850048.srvape.com (Postfix) with ESMTP id 5802F2B43CA

for ; Mon, 1 Apr 2024 22:22:45 +0300 (MSK)

From: "nl2k.ab.ca Support"

Subject: Report: SMTP Authentication

To:

Content-Type: multipart/alternative; boundary="cGyG4q2xLE=_2dxnacTPPufnBKVFcNKu7A"

MIME-Version: 1.0

Date: Mon, 1 Apr 2024 12:22:45 -0700

Message-Id: <20240104122245A8EE6FA9EC$7BE0702D1A@rptechnology.fr>

X-Spam_score: 7.4

X-Spam_score_int: 74

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: nl2k.ab.ca Inc. Hi doctor ! Please confirm the email account:

doctor@nl2k.ab.ca ownership to authenticate and continue usage.



Content analysis details: (7.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

0.5 URI_NOVOWEL URI: URI hostname has long non-vowel sequence

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_LARGE BODY: HTML font size is large

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.2 GOOG_REDIR_NORDNS Google redirect to obscure spamvertised website +

no rDNS

1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)

0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%

[cf: 100]

2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level

above 50%

[cf: 100]

0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe

Subject: {SPAM?} Report: SMTP Authentication

X-Antivirus: AVG (VPS 240401-10, 4/1/2024), Inbound message

X-Antivirus-Status: Clean



This is a multi-part message in MIME format



--cGyG4q2xLE=_2dxnacTPPufnBKVFcNKu7A

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable





nl2k.ab.ca Inc.



Hi doctor !



Please confirm the email account: doctor@nl2k.ab.ca ownership to authe=

nticate and continue usage.



Authenticate Your Email Account https://pub-b314fbc03d584b3b8eebea7bea=

9a4494.r2.dev/gb.html#doctor@nl2k.ab.ca



Note: Please do not fail to authenticate your email account to avoid f=

urther email issues.



Thanks & Regards



nl2k.ab.ca http://webmail.ortectechnoloqy.com/#NOP



account team



--cGyG4q2xLE=_2dxnacTPPufnBKVFcNKu7A

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








8859-1">


me=3D"viewport" content=3D"width=3Ddevice-width, initial-scale=3D1"> <=

META name=3D"format-detection" content=3D"telephone=3Dno"> Repo=<br /><br /> rt: SMTP Authentication



nl2k.ab.ca Inc.<=

/I>


ed rgb(211, 211, 211); color: rgb(51, 51, 51); text-indent: 0px; font-=

family: 'Noto Sans', sans-serif; font-size: 16px;">
der-radius: 0px;">
TR>

ding: 5px; border-radius: 0px; border: 0px solid rgb(0, 0, 0); width: =

2px; background-color: rgb(2, 151, 64);">

px;">
border: 0px solid rgb(0, 0, 0); width: 700px;">


dius: 0px; background-color: rgb(243, 255, 248);">
r-radius: 0px; font-family: Calibri, Helvetica, sans-serif; font-size:=

11pt; background-color: rgb(255, 255, 255);">Hi
radius: 0px;"> doctor =

!


vetica, sans-serif;">


margin-bottom: 0px;">
Calibri, Helvetica, sans-serif; font-size: 11pt;">Please confirm the e=

mail account: 
border-width: 0px; margin: 0px; padding: 0px; border-radius: 0px; vert=

ical-align: baseline; font-stretch: inherit; font-variant-numeric: inh=

erit; font-variant-east-asian: inherit;">docto=

r@nl2k.ab.ca 
dius: 0px; font-family: Calibri, Helvetica, sans-serif; font-size: 11p=

t;">ownership to authenticate and continue usage.


"border-radius: 0px; margin-top: 0px; margin-bottom: 0px;"> 

<=

/DIV>

sans-serif;">


-bottom: 0px;">
n: 0px; padding: 5px 10px; border-radius: 0px; border: 1px solid rgb(0=

, 120, 215); width: 1000px;">
yle=3D"margin: 0px; padding: 5px 10px; border-radius: 0px; border: 1px=

solid rgb(0, 120, 215); width: 1000px; font-family: Calibri, Helvetic=

a, sans-serif; font-size: 11pt; background-color: rgb(243, 243, 243);"=

>
134, 186);" href=3D"https://pub-b314fbc03d584b3b8eebea7bea9a4494.r2.de=

v/gb.html#doctor@nl2k.ab.ca" target=3D"_blank" rel=3D"noreferrer" data=

-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://bafybeihhp4=

nxufiptmxdgqnj2r6t2ohlzqoliek2mos7hpr4aquqmnwpu4.ipfs.ipfs.joaoleitao.=

org/?filename%3Dindez.html%26err%3D3CPI7TWWDQMMVLDJPGX%26dispatch%3D7C=

C%26id%3D2abb6CC4a02718Cc91B4177445b5B2%23%5B%5B-Email-%5D%5D&sour=

ce=3Dgmail&ust=3D1711808599057000&usg=3DAOvVaw2L5mdi6Gqo9TOCEQ=

r6QTUt">Authenticate Your Email Account


>

s-serif;">


tom: 0px;">


dius: 0px; margin-top: 0px; margin-bottom: 0px;">
" style=3D"border-radius: 0px;">
style=3D"border-radius: 0px; font-family: Calibri, Helvetica, sans-se=

rif; font-size: 11pt;">Note: 
ius: 0px; font-family: Calibri, Helvetica, sans-serif; font-size: 11pt=

;"> Please do not fail to authenticate your email account to avoi=

d further email issues.


x; margin-top: 0px; margin-bottom: 0px;"> 


radius: 0px; margin-top: 0px; margin-bottom: 0px;">
ri" style=3D"border-radius: 0px;">
ont-family: Calibri, Helvetica, sans-serif; font-size: 11pt;">Thanks&n=

bsp;& Regards


0px; font-family: Arial, Helvetica, sans-serif;">

-radius: 0px;">

0px;">

: Arial, Helvetica, sans-serif; border-top-color: currentColor; border=

-top-width: 0px; border-top-style: none;">


0px; margin-top: 0px; margin-bottom: 0px;">
e=3D"border-radius: 0px;">
=3D"border-radius: 0px; font-family: Calibri, Helvetica, sans-serif; f=

ont-size: 11pt;">
; color: rgb(1, 134, 186);" href=3D"http://webmail.ortectechnoloqy.com=

/#NOP" target=3D"_blank" rel=3D"noreferrer" data-saferedirecturl=3D"ht=

tps://www.google.com/url?q=3Dhttp://webmail.ortectechnoloqy.com/%23NOP=

&source=3Dgmail&ust=3D1711808599057000&usg=3DAOvVaw18oZNTV=

QKMXuIm5AX2hUOq">nl2k.ab.ca&nb=

sp; account team



ne; text-indent: 0px; font-family: Arial, Helvetica, sans-serif; font-=

size: small; font-style: normal; font-weight: 400; word-spacing: 0px; =

white-space: normal; orphans: 2; widows: 2; background-color: rgb(255,=

255, 255); font-variant-ligatures: normal; font-variant-caps: normal;=

-webkit-text-stroke-width: 0px; text-decoration-thickness: initial; t=

ext-decoration-style: initial; text-decoration-color: initial;">


body>





--cGyG4q2xLE=_2dxnacTPPufnBKVFcNKu7A--



McAfee Phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 01 Apr 2024 11:29:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1rrLSt-0000000037V-24dA

for dave@doctor.nl2k.ab.ca;

Mon, 01 Apr 2024 11:28:59 -0600

Resent-From: The Doctor

Resent-Date: Mon, 1 Apr 2024 11:28:59 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pg1-f176.google.com ([209.85.215.176]:48233)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1rrJL7-000000007aS-2sm4

for doctor@doctor.nl2k.ab.ca;

Mon, 01 Apr 2024 09:12:52 -0600

Received: by mail-pg1-f176.google.com with SMTP id 41be03b00d2f7-5d81b08d6f2so3250253a12.0

for ; Mon, 01 Apr 2024 08:10:55 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1711984249; x=1712589049; darn=doctor.nl2k.ab.ca;

h=list-post:list-subscribe:list-id:list-owner:list-unsubscribe

:x_mailer:priority:importance:content-class:to:from:subject

:mime-version:date:message-id:from:to:cc:subject:date:message-id

:reply-to;

bh=rDu3pjTWThorp30DXOoe8zZRE0mH+VsYb0RysQMZ5lQ=;

b=cTYHMimu2J9k/zwIpuJlFjgVL917y3bfbSRgnFuDJ7+v7JtRyBddxt7ZlFoVeOtTUO

iTPoDlBsGVAPSVNRsvnc6X6xC6B4fX9hckBXiCmuOx1n4vJr6mPyLbrMiKdMJRgwksyc

fFRH1f11gg1ocJMKBktsdl3Tt8zrdWNP6gxQTMZdoaVxIPrDd6FdSaEZKeBeqfRS6I4Z

7AFu7XNSVwGqSBBjegkAr32bFIRB+wLPgXZ/h9fNSRdMOuP8CITHJl8VmRrzgDzWg4uu

RpZEE7JxNSzfzsLQIJ0fcWtzEkwgDPDY+sbSEj2MlZgR/nkzRr5tyVNAOEr7aYRYDKdw

3Ikw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1711984249; x=1712589049;

h=list-post:list-subscribe:list-id:list-owner:list-unsubscribe

:x_mailer:priority:importance:content-class:to:from:subject

:mime-version:date:message-id:x-gm-message-state:from:to:cc:subject

:date:message-id:reply-to;

bh=rDu3pjTWThorp30DXOoe8zZRE0mH+VsYb0RysQMZ5lQ=;

b=VYRQuV/oEGMV6/3vZwHMJCj3bN+/ie19HD/Fm+4Mn9yqV1Ip19gQdmxTuKFH3m0QnL

CR5wqnbwVHOKoqFerT0V4AJMLN/PJztehg4WIuPz5/jPQmFrhqQCWB8R6AhmSaghJiy+

7TTULqlRCGcmMlEmYlNK9Li1a7WGeswKqKobjFveVKNplVQ2vfS0Be557s2ciGOPl7WG

YOCvnA+V5/F07SBykizgfxBf0YVV6s2VTJi0LPXv5+vk26UsUcfs5okNYi+iZ6e1iru+

H1iRSSfEqlv4kFuXu056ooPaOv4bOLIQJS64dYsXTEzyhwzleECNKFYhgnKzVBrQhUp+

2CGA==

X-Gm-Message-State: AOJu0Yw65cE9fllIO9mzKUirRUGQf2IcQf0tBnub8fzKOLdek8PcDOi3

5CbdQpPnbbsGHH3lLk8q/jZg9xsZG+bA/u/6R9fQr52X+uay7GQm2NsrIdl77sViHQ==

X-Google-Smtp-Source: AGHT+IGSalfz4GEnXTKfs1PUGtD2AemUBumV8/nkwM9StTwhdU7LpC+x51ovqQB4LucHmLV4I0KF3A==

X-Received: by 2002:a17:903:32cb:b0:1e0:7bbf:bef4 with SMTP id i11-20020a17090332cb00b001e07bbfbef4mr11298057plr.41.1711984248840;

Mon, 01 Apr 2024 08:10:48 -0700 (PDT)

Received: from [172.31.0.53] ([124.156.46.139])

by smtp.gmail.com with ESMTPSA id g7-20020a170902f74700b001e24988b99asm4228514plw.250.2024.04.01.08.10.47

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Mon, 01 Apr 2024 08:10:48 -0700 (PDT)

Message-ID: <660ace78.170a0220.22580.93cc@mx.google.com>

Date: Mon, 01 Apr 2024 08:10:48 -0700 (PDT)

Content-Type: multipart/mixed; boundary="===============2361134655248403793=="

MIME-Version: 1.0

Subject: Payment for order no. 74205317 is approved

From: Christina Sorrells

To: doctor@doctor.nl2k.ab.ca

Content-Class: urn:content-classes:message

Importance: normal

Priority: normal

X-Priority: 3

X-MimeOLE: Produced By Microsoft MimeOLE

x_mailer: ZuckMail [version 1.00]

List-Unsubscribe:

List-Owner:

List-ID: kpodoviaanthony123456@gmail.com

List-Subscribe: kpodoviaanthony123456@gmail.com

List-Post:

X-Antivirus: AVG (VPS 240401-10, 4/1/2024), Inbound message

X-Antivirus-Status: Clean



--===============2361134655248403793==

MIME-Version: 1.0

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: base64



RGVhciA8Yj5kb2N0b3I8L2I+LDxicj4KJiM3MzsmIzExMDsmIzExODsmIzExMTsmIzEwNTsmIzk5

OyYjMTAxOyBEYXRlOiBBcHJpbCAwMSwgMjAyNDxicj4KPGJyPgo8Yj5Zb3VyICYjNzM7JiMxMTA7

JiMxMTg7JiMxMTE7JiMxMDU7JiM5OTsmIzEwMTsgRGV0YWlsczwvYj4KPGJyPgpDbGllbnQ6IGRv

Y3Rvcjxicj4KT3JkZXJlZCBJdGVtOiAmIzc3OyYjOTk7JiM5NzsmIzEwMjsmIzEwMTsmIzEwMTsg

U2VjdXJlPGJyPgpTdXBwb3J0IER1cmF0aW9uOiA1IHllYXJzPGJyPgo8YnI+CkFjdGl2YXRpb24g

S2V5OiBaUTcyNjNDVzxicj4KPGJyPgo8YnI+CllvdXIgPGI+JiM3NzsmIzk5OyYjOTc7JiMxMDI7

JiMxMDE7JiMxMDE7IFNlY3VyZTwvYj4gdHJhbnNhY3Rpb24gaGFzIGJlZW4gc3VjY2Vzc2Z1bGx5

IGNvbXBsZXRlZC4gRW5qb3kgeW91ciBwcm9kdWN0Ljxicj4gVGhlICYjODA7JiM5NzsmIzEyMTsm

IzEwOTsmIzEwMTsmIzExMDsmIzExNjsgb2YgPGI+JDQ1Mi41MjwvYj4gZm9yIHRoZSA8Yj4mIzc3

OyYjOTk7JiM5NzsmIzEwMjsmIzEwMTsmIzEwMTsgU2VjdXJlPC9iPiBoYXMgYmVlbiBzdWNjZXNz

ZnVsbHkgcHJvY2Vzc2VkLjxicj5TaG91bGQgeW91IHJlcXVpcmUgYW55IGFkZGl0aW9uYWwgaW5m

b3JtYXRpb24gb3IgY2xhcmlmaWNhdGlvbiByZWdhcmRpbmcgdGhpcyB0cmFuc2FjdGlvbiwgZmVl

bCBmcmVlIHRvIGNvbnRhY3QgdXMuPGJyPkNvbnRhY3Qgb3VyIGN1c3RvbWVyIHNlcnZpY2UgdGVh

bSBhdCA8Yj4mIzQzOyYjNDk7KCYjNTY7NCYjNTE7KSA0JiM1NTs0LTAmIzU2OzI3PC9iPiB3aXRo

aW4gdGhlIG5leHQgc2l4IGhvdXJzIGlmIHlvdSBuZWVkIGFzc2lzdGFuY2UuCjxicj4KPGJyPgo8

YnI+CldlIHNpbmNlcmVseSBhcHByZWNpYXRlIHlvdXIgdHJ1c3QgaW4gPGI+JiM3NzsmIzk5OyYj

OTc7JiMxMDI7JiMxMDE7JiMxMDE7IFNlY3VyZTwvYj4gYW5kIHRoYW5rIHlvdSBmb3IgY2hvb3Np

bmcgdXMuPGJyPgo8YnI+Cjxicj4KV2FybSByZWdhcmRzLDxicj4KJiM3NzsmIzk5OyYjOTc7JiMx

MDI7JiMxMDE7JiMxMDE7IFNlY3VyZTxicj4KMjIwIFRyaW5pdHkgV2F5IFd2IFVuaXRlZCBTdGF0

ZXM8YnI+CkZvciBpbnF1aXJpZXMsIHBsZWFzZSBzdXBwb3J0IHVzIGF0IDxiPiYjNDM7JiM0OTso

JiM1Njs0JiM1MTspIDQmIzU1OzQtMCYjNTY7Mjc8L2I+Lg==



--===============2361134655248403793==--

FEdex PHish from Rackspace.com

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 31 Mar 2024 19:41:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1rr6ee-00000000FK8-2MuX

for dave@doctor.nl2k.ab.ca;

Sun, 31 Mar 2024 19:40:08 -0600

Resent-From: The Doctor

Resent-Date: Sun, 31 Mar 2024 19:40:08 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from so15.mailgun.net ([198.61.254.15]:39739)

by doctor.nl2k.ab.ca with utf8esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1rr5xv-00000000OcA-0ABP

for root@nk.ca;

Sun, 31 Mar 2024 18:56:02 -0600

DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=richtechmaven.com; q=dns/txt; s=mx; t=1711932831; x=1711940031;

h=Content-Type: Content-Transfer-Encoding: Message-Id: To: To: From: From: Subject: Subject: Mime-Version: Date: Sender: Sender;

bh=BIolZmlq2wyfmeFtqjaVFq8Dhe2xzZCOamqRguBBiTQ=;

b=oJ7Ew3PM9LJKuxRtnoBKOsAMFTaYAscO8DJ+K0ZPVmmdGaCKXb6oTitd4k/JxXfW3TRPByvQPIJ9H2n9SmwWwVWJAFM144x7cbllXX36ESlwQ34gP9N6jeyS6XxFG3lVNLYVdjCPnpzFmtfRLi6z/NCxgoD/Msfh6GxErXkFtiQ=

X-Mailgun-Sending-Ip: 198.61.254.15

X-Mailgun-Sid: WyJhMjZhMCIsInJvb3RAbmsuY2EiLCJkNTVkMWIiXQ==

Received: from ( []) by 555d88c3a8c1 with HTTP id

660a059fbb1dfdb5f5167c60; Mon, 01 Apr 2024 00:53:51 GMT

Sender: fed-ex=serviceing.com@richtechmaven.com

Date: Mon, 01 Apr 2024 00:53:51 +0000

Mime-Version: 1.0

Subject: Your package is waiting for you!

From: Delivery Service

To: root@nk.ca

Message-Id: <20240401005351.4d6187431d2a6234@richtechmaven.com>

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset=ascii

X-Spam_score: 7.5

X-Spam_score_int: 75

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: FedEx Your package is waiting for you! Your package

is waiting for delivery fees to be paid. Once your payment is processed,

your package will be delivered to you in 5 business days or less.



Content analysis details: (7.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.0 T_SPF_PERMERROR SPF: test of record failed (permerror)

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 J_WEEDS_X FULL: Dec/Hex char Enc [Xx]

1.0 J_WEEDS_D FULL: Dec/Hex char Enc [Dd]

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)

0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%

[cf: 100]

2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level

above 50%

[cf: 100]

Subject: {SPAM?} Your package is waiting for you!

X-Antivirus: AVG (VPS 240331-4, 3/31/2024), Inbound message

X-Antivirus-Status: Clean












=3D1.0">

=20




nt-size:48px">Fed
>Ex
1>




adding: 20px;">


10px;">

Your p =

7;ckage is wait=

ing for you!



Your p=

;ackage is wai&#=

116;ing for deli&=

#118;ery fees to &=

#98;e paid. Once&#=

32;your payment&#=

32;is processed&c=

omma; your packag=

01; will be del =

5;vered to you=

2;in 5 business=

; days or less=

.



Click =

on the follow=

;ing link to c=

heck and pay =

16;he delivery &#=

102;ees:




inline-block; padding: 10px 20px; background-color: #007bff; color: #ffffff=

; text-decoration: none; border-radius: 5px;">https=

;://delivery.&=

#102;edex.com/?d=

01;livery_pay==

8;78A51C2GHBX

If you have&#=

32;any question&#=

115; do not hesi&#=

116;ate to contac=

;t us.



Kind regards&=

comma; Fed
=3D"color:#e67e23">Ex