NetKnow Corporate Blog

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 19:54:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNLGw-000000002dd-3OFb

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 19:53:58 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 19:53:58 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:64405)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNHSY-000000001Sd-0Sii

for doctor@nl2k.ab.ca;

Wed, 13 May 2026 15:49:50 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: doctor@nl2k.ab.ca

Subject: Invoice copy

Date: 13 May 2026 21:48:53 +0000

Message-ID: <20260513214852.F4AEA2EEC0C4E34E@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.5

X-Spam_score_int: 65

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : doctor@nl2k.ab.ca Thanks,



Content analysis details: (6.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

1.0 FROM_MISSP_SPF_FAIL No description available.

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

0.0 FROM_MISSPACED From: missing whitespace

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

Subject: {SPAM?} Invoice copy



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : doctor@nl2k.ab.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 19:54:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNLGq-000000002bT-1PSN

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 19:53:52 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 19:53:52 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:53233)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNHCu-000000000Qb-0pxs

for support@nk.ca;

Wed, 13 May 2026 15:33:40 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: support@nk.ca

Subject: Re: lnvoice

Date: 13 May 2026 21:32:43 +0000

Message-ID: <20260513213243.848BD44D1B30DF1D@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.5

X-Spam_score_int: 65

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : support@nk.ca Thanks,



Content analysis details: (6.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

1.0 FROM_MISSP_SPF_FAIL No description available.

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

0.0 FROM_MISSPACED From: missing whitespace

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

Subject: {SPAM?} Re: lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : support@nk.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 19:54:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNLGZ-000000001c5-49Zf

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 19:53:35 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 19:53:35 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:62843)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGlx-000000002vW-0I1K

for doctor@netknow.ca;

Wed, 13 May 2026 15:05:49 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: doctor@netknow.ca

Subject: lnvoice

Date: 13 May 2026 21:04:52 +0000

Message-ID: <20260513210452.5D7D170B63BE0754@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 7.0

X-Spam_score_int: 70

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : doctor@netknow.ca Thanks,



Content analysis details: (7.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 ONE_WORD_SUBJECT Subject with only one lower-case word

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

0.0 FROM_MISSPACED From: missing whitespace

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

Subject: {SPAM?} lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : doctor@netknow.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 19:54:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNLGN-000000000sN-2v6g

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 19:53:23 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 19:53:23 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:55440)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGjm-0000000022q-03oG

for root@nl2k.ab.ca;

Wed, 13 May 2026 15:03:34 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: root@nl2k.ab.ca

Subject: Re: lnvoice

Date: 13 May 2026 21:02:47 +0000

Message-ID: <20260513210247.C37CD2B45B171F52@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.5

X-Spam_score_int: 65

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : root@nl2k.ab.ca Thanks,



Content analysis details: (6.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.0 FROM_MISSPACED From: missing whitespace

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

Subject: {SPAM?} Re: lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : root@nl2k.ab.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 19:54:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNLGj-000000002GB-0Z7C

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 19:53:45 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 19:53:44 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:62843)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGlx-000000002vW-0I1K

for doctor@netknow.ca;

Wed, 13 May 2026 15:05:49 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: doctor@netknow.ca

Subject: lnvoice

Date: 13 May 2026 21:04:52 +0000

Message-ID: <20260513210452.5D7D170B63BE0754@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 7.0

X-Spam_score_int: 70

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : doctor@netknow.ca Thanks,



Content analysis details: (7.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 ONE_WORD_SUBJECT Subject with only one lower-case word

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

0.0 FROM_MISSPACED From: missing whitespace

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

Subject: {SPAM?} lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : doctor@netknow.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGW1-00000000JDh-1VXd

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:49:13 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 14:49:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:59370)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGLJ-00000000Eyt-2tJf

for www@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:38:18 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: www@doctor.nl2k.ab.ca

Subject: Re: lnvoice

Date: 13 May 2026 20:37:22 +0000

Message-ID: <20260513203722.A58C92D06C7C8FC1@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.5

X-Spam_score_int: 65

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : www@doctor.nl2k.ab.ca Thanks,



Content analysis details: (6.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.0 FROM_MISSPACED From: missing whitespace

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

Subject: {SPAM?} Re: lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : www@doctor.nl2k.ab.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGW1-00000000JDh-1VXd

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:49:13 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 14:49:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:59370)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGLJ-00000000Eyt-2tJf

for www@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:38:18 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: www@doctor.nl2k.ab.ca

Subject: Re: lnvoice

Date: 13 May 2026 20:37:22 +0000

Message-ID: <20260513203722.A58C92D06C7C8FC1@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.5

X-Spam_score_int: 65

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : www@doctor.nl2k.ab.ca Thanks,



Content analysis details: (6.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.0 FROM_MISSPACED From: missing whitespace

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

Subject: {SPAM?} Re: lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : www@doctor.nl2k.ab.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGVx-00000000JCK-1Gie

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:49:09 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 14:49:09 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:56593)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGKb-00000000EwD-3YrG

for www@nl2k.ab.ca;

Wed, 13 May 2026 14:37:34 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: www@nl2k.ab.ca

Subject: Re: lnvoice

Date: 13 May 2026 20:36:38 +0000

Message-ID: <20260513203638.DAE1541E5FC482C1@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.5

X-Spam_score_int: 65

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : www@nl2k.ab.ca Thanks,



Content analysis details: (6.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

0.0 FROM_MISSPACED From: missing whitespace

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

Subject: {SPAM?} Re: lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : www@nl2k.ab.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:26:00 -0600

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:64482)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNG9P-00000000EFq-2gG1

for dave@nl2k.ab.ca;

Wed, 13 May 2026 14:26:00 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: dave@nl2k.ab.ca

Subject: Invoice copy

Date: 13 May 2026 20:25:15 +0000

Message-ID: <20260513202515.9851D5CB77481550@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 6.5

X-Spam_score_int: 65

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : dave@nl2k.ab.ca Thanks,



Content analysis details: (6.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.0 FROM_MISSPACED From: missing whitespace

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

Subject: {SPAM?} Invoice copy



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : dave@nl2k.ab.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:49:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGVm-00000000J8T-1E5W

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:48:58 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 14:48:58 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from cloudhost-1945881.nl-west-1.nxcli.net ([185.145.13.67]:50771)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNFx9-00000000DEt-3Zhq

for sales@nk.ca;

Wed, 13 May 2026 14:13:20 -0600

Received: (qmail 14342 invoked by uid 10292); 13 May 2026 20:09:07 +0000

To: sales@nk.ca

Subject: Urgent: Account Administrative Action Required

X-PHP-Originating-Script: 10292:yo.php

Date: Wed, 13 May 2026 20:09:07 +0000

From: =?UTF-8?Q?N=D0=B5xcess=2Enet?=

Message-ID: <191fd5d86140e9cf633466cefca4fd94@fe6faaeca2.nxcli.io>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_191fd5d86140e9cf633466cefca4fd94"

Content-Transfer-Encoding: 8bit





This is a multi-part message in MIME format.



--b1_191fd5d86140e9cf633466cefca4fd94

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit









Urgent: Account Administrative Action Required





body { font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; line-height: 1.6; color: #202124; background-color: #f8f9fa; margin: 0; padding: 20px; }

.container { max-width: 600px; margin: auto; background: #ffffff; border: 1px solid #e0e0e0; border-top: 4px solid #1a73e8; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }

.header { padding: 30px 40px; text-align: left; }

.content { padding: 0 40px 40px 40px; }

.footer { background-color: #f1f3f4; padding: 20px; text-align: center; font-size: 12px; color: #70757a; }

.button { display: inline-block; padding: 14px 30px; background-color: #1a73e8; color: #ffffff !important; text-decoration: none; border-radius: 4px; font-weight: 600; margin-top: 20px; }

.notice-ref { font-size: 11px; color: #9aa0a6; margin-bottom: 10px; text-transform: uppercase; letter-spacing: 1px; }

.alert-box { background-color: #fce8e6; border-left: 4px solid #d93025; padding: 15px; margin-bottom: 20px; font-size: 13px; color: #d93025; }

















Notice Ref: ADMIN-BILL-77291

Mandatory Update of Account Billing Information



Dear Valued Client,



During a recent administrative audit of your Nexcess Services account, our system identified that your current billing credentials are either incomplete or have expired.





Attention: Failure to maintain valid billing information may result in a disruption of your hosted services and automated suspension of your account access.





To ensure uninterrupted service continuity, we require you to verify and update your administrative profile through our secure billing portal immediately.





Access Billing Management Panel





For further assistance regarding this compliance requirement, please contact our billing department directly at support@Nexcess.net.





Best Regards,

Billing Administration Department

Nexcess Services





This is a system-generated administrative notification. Please do not reply directly to this email.

© 2026 Nexcess Services. All Rights Reserved.











--b1_191fd5d86140e9cf633466cefca4fd94

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

Notice Ref: ADMIN-BILL-77291

Mandatory Update of Account Billing Information

Dear Valued Client,

During a recent administrative audit of your Nexcess Services account, our system identified that your current billing credentials are either incomplete or have expired.

Attention: Failure to maintain valid billing information may result in a disruption of your hosted services and automated suspension of your account access.

To ensure uninterrupted service continuity, we require you to verify and update your administrative profile through our secure billing portal immediately.

Access Billing Management Panel

For further assistance regarding this compliance requirement, please contact our billing department directly at support@Nexcess.net.

---

Best Regards,


Billing Administration Department


Nexcess Services

This is a system-generated administrative notification. Please do not reply directly to this email.


© 2026 Nexcess Services. All Rights Reserved.

--b1_191fd5d86140e9cf633466cefca4fd94--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:49:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGVi-00000000J7J-0Moe

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:48:54 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 14:48:53 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ip74-208-96-234.pbiaas.com ([74.208.96.234]:59772)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNFqs-000000007kG-3adu

for root@nk.ca;

Wed, 13 May 2026 14:06:51 -0600

Reply-To: farranbarrow@studiomodernitta.com.br

From: "Farran Barrow"

To: root@nk.ca

Subject: lnvoice

Date: 13 May 2026 20:05:54 +0000

Message-ID: <20260513200554.725DF6505275705B@canva.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 7.0

X-Spam_score_int: 70

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please view the attached Invoice copy or request for the download

invoice link. Sent to : root@nk.ca Thanks,



Content analysis details: (7.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.208.96.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

[74.208.96.234 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.208.96.234 listed in bl.score.senderscore.com]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 ONE_WORD_SUBJECT Subject with only one lower-case word

1.0 FROM_MISSP_SPF_FAIL No description available.

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.0 FROM_MISSPACED From: missing whitespace

1.7 FROM_MISSP_DYNIP From misspaced + dynamic rDNS

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

Subject: {SPAM?} lnvoice



Please view the attached Invoice copy or request for the download=20

invoice link.



Sent to : root@nk.ca



Thanks,



Farran Barrow



Gulf Coast Gasket Guy

8722 Rand Ave., Ste A

Daphne, AL 36526

877-626-0701

Content analysis details: (10.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.125.82.66 listed in dnsbl.ahbl.org]

[74.125.82.66 listed in dnsbl.ahbl.org]

[74.125.82.66 listed in dnsbl.ahbl.org]

[74.125.82.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.125.82.66 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.125.82.66 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.125.82.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.125.82.66 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.125.82.66 listed in will-spam-for-food.eu.org]

[74.125.82.66 listed in will-spam-for-food.eu.org]

[74.125.82.66 listed in will-spam-for-food.eu.org]

[74.125.82.66 listed in will-spam-for-food.eu.org]

[74.125.82.66 listed in will-spam-for-food.eu.org]

[74.125.82.66 listed in will-spam-for-food.eu.org]

[74.125.82.66 listed in will-spam-for-food.eu.org]

[74.125.82.66 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[74.125.82.66 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.125.82.66 listed in bl.score.senderscore.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[74.125.82.66 listed in wl.mailspike.net]

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 HK_NAME_MR_MRS No description available.

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

2.9 UNDISC_FREEM Undisclosed recipients + freemail reply-to

Subject: {SPAM?}



--0000000000005f3aaf0651b84fb1

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



=E2=80=8EV=C3=A1=C5=BEen=C3=BD p=C5=99=C3=ADjem=C4=8De, p=C3=AD=C5=A1u V=C3=

=A1m z pov=C4=9B=C5=99en=C3=AD Coris Bank International. Bankovn=C3=AD

=C5=A1ek na 1 milion USD (JEDEN MILION USD) byl Va=C5=A1=C3=ADm jm=C3=A9nem=

ulo=C5=BEen v na=C5=A1=C3=AD bance.



Pro v=C3=ADce informac=C3=AD a vyplacen=C3=AD pen=C4=9Bz kontaktujte pana A=

lassane Kaboreho,

=C5=99editele Coris Bank International, prost=C5=99ednictv=C3=ADm n=C3=AD=

=C5=BEe uveden=C3=A9ho e-mailu s

uveden=C3=ADm Va=C5=A1eho cel=C3=A9ho jm=C3=A9na, Va=C5=A1=C3=AD zem=C4=9B =

a Va=C5=A1eho telefonn=C3=ADho =C4=8D=C3=ADsla/Whatsapp:



(mralassanekabore@outlook.com)=E2=80=8E



=E2=80=8EZa=C5=A1lete mu tento k=C3=B3d: NLW/10/2025.



=E2=80=8ES pozdravem

Pan Moise D Mafongoun

=C5=98editel komunikace Coris Bank International.



--0000000000005f3aaf0651b84fb1

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

=E2=80=8EV=C3=A1=C5=BEen=C3=BD p=C5=99=C3=ADjem=C4=8De, p=

=C3=AD=C5=A1u V=C3=A1m z pov=C4=9B=C5=99en=C3=AD Coris Bank International. =

Bankovn=C3=AD =C5=A1ek na 1 milion USD (JEDEN MILION USD) byl Va=C5=A1=C3=

=ADm jm=C3=A9nem ulo=C5=BEen v na=C5=A1=C3=AD bance.

Pro v=C3=ADce i=

nformac=C3=AD a vyplacen=C3=AD pen=C4=9Bz kontaktujte pana Alassane Kaboreh=

o, =C5=99editele Coris Bank International, prost=C5=99ednictv=C3=ADm n=C3=

=AD=C5=BEe uveden=C3=A9ho e-mailu s uveden=C3=ADm Va=C5=A1eho cel=C3=A9ho j=

m=C3=A9na, Va=C5=A1=C3=AD zem=C4=9B a Va=C5=A1eho telefonn=C3=ADho =C4=8D=

=C3=ADsla/Whatsapp:

(
>mralassanekabore@outlook.com)=E2=80=8E

=E2=80=8EZa=C5=A1lete mu=

tento k=C3=B3d: NLW/10/2025.

=E2=80=8ES pozdravem
Pan Moise D Ma=

fongoun
=C5=98editel komunikace Coris Bank International.

--0000000000005f3aaf0651b84fb1--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:49:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGVQ-00000000J2W-0t7s

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:48:36 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 14:48:36 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-dl1-f66.google.com ([74.125.82.66]:56583)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from <15432@thachana.ac.th>)

id 1wNFdK-000000005IX-47in

for doctor@doctor.nl2k.ab.ca;

Wed, 13 May 2026 13:52:52 -0600

Received: by mail-dl1-f66.google.com with SMTP id a92af1059eb24-1309f4ee97fso9041877c88.1

for ; Wed, 13 May 2026 12:51:55 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1778701909; cv=none;

d=google.com; s=arc-20240605;

b=MvprAxdI8iG4KYmFzhMjW0/z+aMQ/ZSnqq0COuTTnQ7nVmTBbwW0FZ6SDeKjApZh/D

eCi4JuhCwZnyeCRmfugpxuROQHXUpcNR6WDW1Ans7nLZ+oJwIbarCU6fxPbNKRIYuSD5

JAVx1KBPsHf+n4RpCyrZeLfOraSEaC1schvsy1pgGZMgVneccpJoPZy4VrM0dp0ehzsW

71uSJZDmYGfdFu+ruvTI+PPgVAhPhL04qY/wXlvJ1CWu21gmF7Vho+GlwywxqTHN2dMC

ly8e6ErjI6D5KUf4FrhtS5SBQ3i/DWxYrVc0cIV7TrPz/v6B3ye07t4rQm1Mf+87kzqH

uwEg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=gHjM2apdJwstNjlrfoTtIbYpw+3Q7OKbhuPrS5j/gw8=;

fh=SxKCPRBI7DHWU/qAc4MsinT0YTJZvd8zoIXk42UT0BE=;

b=RHw/Zf74zB2Dx/3VILrp+BmwlKvHhhkB8ZogHXt4HD82yqFn/iR18Mff8xSfkA4kqe

0C0HblhDK99x5OOpKJP3Vms+5OA7INrPdzgZPSwo6lzhnKs00qGE2FYtjsAkGKoTrJnb

aKtMd1iW3gbLW9t3HHvgkytE16jH99wT7yQftuyDBFOQePBO7jR14vJxlUsbdUqlDO4+

OeQX8jXS3UeXZwHaWnkpuDOXQQ2mUHSDhL/d8tF9pi3txqgPxcRP2+KTaE8PcsUZ7Oqn

sA0c86c67W8xWujsK5WMYYIDzIsvoel6/OP97xHTAUoWssU3ADY+rKkTEhl/hndatTB1

ZkAw==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=thachana-ac-th.20251104.gappssmtp.com; s=20251104; t=1778701909; x=1779306709; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=gHjM2apdJwstNjlrfoTtIbYpw+3Q7OKbhuPrS5j/gw8=;

b=PDXF457PFNLT7aQ99riwX5gJCARVyAxyIwKjzdTYENTRpos1EfOkYAkAWlhxvbWx+F

R9rMWaLtGyLM5DBp5jldhC7LCxzelmze4/i4J/qFB0ceya8yXS465N36kUZp6aanfKt/

80QCD9eG+Uuv7eCbnfeTSbay70rzhZoFyUEDgnR3MjcCmpzduHZRp6B5d49WUvIfSd1C

Ep+Z3WHWEBNlanVEFaZhgCOtINVf6MBSNwjnq2jQ4jQLdeowONRBAx44cIBO8muyhlOA

IZJx+dw68evlzIeBHAQNO+FsEAnSFnz+SHUtrSrDU7mdxK8rEkbqsf0MvaiFm+vBTrar

CP3A==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1778701909; x=1779306709;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=gHjM2apdJwstNjlrfoTtIbYpw+3Q7OKbhuPrS5j/gw8=;

b=b4Tub2XF7+j6HsAdadZ2onxOF/NjXvvdWKZ9mlDjnxoNPgF0phy24Zg1UEXgea0svL

bcJLEEm+/0TYgtEFkYeEAocANclHgiJVwjsDoejbJFiU485U5EaJAQHABBpqI/y5JYZy

dOvWi80XR6RFX5++xnkWBLorxUOP89FduvgtNplEgHj4iBWmf5fqK/enoOWPOnJ834zM

vQiuxhb/++e+q9UuxKZsMG+kadg+cUuYKzzm/8EDR+LLOwn7LlqaHsPHyEOfaMFZ6Kti

bcT5Ol3NwVOwFvBjwKA/ZTraFcNiwdlwUwuhIqnqLxIRvz7rqmFvNFL1lwxDiDK6Qc2E

B9Sw==

X-Forwarded-Encrypted: i=1; AFNElJ8Tdm7qwP7jThOp2aDU1gZ0zd/ouc6COygo+AAnHF6Ax6eUYrC/nbry5fY2UW3PV6/RXciE5mw=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxUtDwBm4P/nL5zX9eAq3V+f2gaGfLId957NdNsq5JY+PF/H+bX

ptF079801SF3+ZlvM6LekrLWa2d6vlkeO3WIVEy4jqVZZ6wZdS2RXdEZohKc0whKdGMiG2qaiDd

TPx5W0Y9R7gPuI8WDmlWzxhCx0zNqBQvIMKjYNAtIZw==

X-Gm-Gg: Acq92OGMeJr5+w/uJUs9G0bRTXIzyZBAUFyviyGVgYklP/AH7myKFv+Hb69nigklNer

tdOFtNGoMn9KyvTLPDD/CmLM/edwbZRGmMlOTikRYOZGNImzyBtY99DmY4kAxr4M7EVw7Jtc1tJ

PJwHDCV3jQ0BcUgEEWLa20JvVJ9I2MlMHWQG6TfHBB5ZATU/HDPs3NQ3rLOF6jVTjNmODcvKdfh

0eRrN31YPRxMkxiDI2PR24KWChQCHY84vKzNWgyQl34qew+jrQAJuI8iqQ8sCVR9Z5e64M4U+pr

3N2icpXI+2ucZoxm61K6WQg=

X-Received: by 2002:a05:7022:69a8:b0:128:d9a1:b68b with SMTP id

a92af1059eb24-1349ac6910dmr2405918c88.33.1778701907729; Wed, 13 May 2026

12:51:47 -0700 (PDT)

MIME-Version: 1.0

Reply-To: moise.dmaf@gmail.com

From: "Mr. Moise D Mafongoun" <15432@thachana.ac.th>

Date: Wed, 13 May 2026 19:51:35 +0000

X-Gm-Features: AVHnY4KuyRQc_tj51_Cm2FJnihT_gikGJteJ_F79EOngmlZx4zksbBv2awMnxyM

Message-ID:

Subject:

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000005f3aaf0651b84fb1"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 10.4

X-Spam_score_int: 104

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: ‎Vážený příjemče, píšu Vám z pověření Coris

Bank International. Bankovní šek na 1 milion USD (JEDEN MILION USD) byl

Vaším jménem uložen v naší bance. Pro více informací a vyplacení

peněz kontaktujte pana Alassane Kaboreho, ředitele Coris Bank International,

prostřednictvím níže uvedeného e-mailu s uvedením Vašeho celého jména,

Vaší [...]

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 14:49:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNGVL-00000000J0d-1nmQ

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 14:48:31 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 14:48:31 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from cloudhost-1945881.nl-west-1.nxcli.net ([185.145.13.67]:25492)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wNFfL-000000005UH-0Evl

for sales@nk.ca;

Wed, 13 May 2026 13:54:55 -0600

Comment: DomainKeys? See http://domainkeys.sourceforge.net/

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;

s=default; d=fe6faaeca2.nxcli.io;

b=IWDrsOgCHbJ5uJy3SCf006tNIP6atpuxnra8LJvL5YrAG7zaxEKXKYO7vih+O29l+0AgIJ5dRDr9cZhC6fj+eLWUnZEcpmxaWwNl28JHuTEVlresdQOro8kZvqPEHJulsNJf08DUMHgateRge4y+/2DVotaweWbM2SyOlLg4zjoX45bR0zqKUT4K920TnRlbT8IcybR5QWdBeY7KaY8/K0waA403w0aNSjoet37FJ7rRy/Ibfs581TOiaZMUpTg/vD2s735HxY9rJNCVcfvJPUEZTNld5mFkvV0LEVSdUgCj2jQBgxyEHHEVRltwj5xqFBWhA9jKG1x+BdooWs6QHA==;

h=Received:To:Subject:X-PHP-Originating-Script:Date:From:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding;

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=fe6faaeca2.nxcli.io; h=

to:subject:date:from:message-id:mime-version:content-type

:content-transfer-encoding; s=default; bh=Q0U+W+l2XCNcljWlF49c/o

sO11kwXxcNANY8/jtpcQU=; b=rjVscXSU5MuIDwZ0UhLO7ec9F90ml+Elhwgrq1

WxZjrZyxpFo98Yxn9b7Ysb2zTqb300CY+LAduBff9TZFc4yavNaxwgPTBJkimrYW

JVf5mn5Tva4E1W4PkNMI9fYxQ6/FjANP7Ftb+I6JfAtag4+3GQdsmDIywzdeKWCT

vG10BbuprX6QcjL/tQ+7Dveka+ZpjG6h4C4ebiyelqPs3QWpxLWxlW6fyZiH98pE

qrh5SIY2d57kJbNd6T8vICOBqztrfxXcw/hQ3crNVEh8o6NBgapFl6HzNQxGOzBj

pUMFtHv95LLys4QLJPvWJIWmnLN8FCiwNlL/ror1o0CJNDOA==

Received: (qmail 7447 invoked by uid 10292); 13 May 2026 19:51:08 +0000

To: sales@nk.ca

Subject: Urgent: Account Administrative Action Required

X-PHP-Originating-Script: 10292:yo.php

Date: Wed, 13 May 2026 19:51:08 +0000

From: =?UTF-8?Q?N=D0=B5xcess=2Enet?=

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_dc172d37068f11d19e9117be7359f2a8"

Content-Transfer-Encoding: 8bit





This is a multi-part message in MIME format.



--b1_dc172d37068f11d19e9117be7359f2a8

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit









Urgent: Account Administrative Action Required





body { font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; line-height: 1.6; color: #202124; background-color: #f8f9fa; margin: 0; padding: 20px; }

.container { max-width: 600px; margin: auto; background: #ffffff; border: 1px solid #e0e0e0; border-top: 4px solid #1a73e8; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }

.header { padding: 30px 40px; text-align: left; }

.content { padding: 0 40px 40px 40px; }

.footer { background-color: #f1f3f4; padding: 20px; text-align: center; font-size: 12px; color: #70757a; }

.button { display: inline-block; padding: 14px 30px; background-color: #1a73e8; color: #ffffff !important; text-decoration: none; border-radius: 4px; font-weight: 600; margin-top: 20px; }

.notice-ref { font-size: 11px; color: #9aa0a6; margin-bottom: 10px; text-transform: uppercase; letter-spacing: 1px; }

.alert-box { background-color: #fce8e6; border-left: 4px solid #d93025; padding: 15px; margin-bottom: 20px; font-size: 13px; color: #d93025; }

















Notice Ref: ADMIN-BILL-77291

Mandatory Update of Account Billing Information



Dear Valued Client,



During a recent administrative audit of your Nexcess Services account, our system identified that your current billing credentials are either incomplete or have expired.





Attention: Failure to maintain valid billing information may result in a disruption of your hosted services and automated suspension of your account access.





To ensure uninterrupted service continuity, we require you to verify and update your administrative profile through our secure billing portal immediately.





Access Billing Management Panel





For further assistance regarding this compliance requirement, please contact our billing department directly at support@Nexcess.net.





Best Regards,

Billing Administration Department

Nexcess Services





This is a system-generated administrative notification. Please do not reply directly to this email.

© 2026 Nexcess Services. All Rights Reserved.











--b1_dc172d37068f11d19e9117be7359f2a8

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

Notice Ref: ADMIN-BILL-77291

Mandatory Update of Account Billing Information

Dear Valued Client,

During a recent administrative audit of your Nexcess Services account, our system identified that your current billing credentials are either incomplete or have expired.

Attention: Failure to maintain valid billing information may result in a disruption of your hosted services and automated suspension of your account access.

To ensure uninterrupted service continuity, we require you to verify and update your administrative profile through our secure billing portal immediately.

Access Billing Management Panel

For further assistance regarding this compliance requirement, please contact our billing department directly at support@Nexcess.net.

---

Best Regards,


Billing Administration Department


Nexcess Services

This is a system-generated administrative notification. Please do not reply directly to this email.


© 2026 Nexcess Services. All Rights Reserved.

--b1_dc172d37068f11d19e9117be7359f2a8--

--_000_SN7PR22MB405542438DD4571387160AD2C1062SN7PR22MB4055namp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,



Although it has a nice design and looks fantastic, neither Google nor other=

major search engines are displaying it.



I can help your website appear on the front page of Google.



Can I send you Pricing & SEO Audit Report? If interested.



Regards,



--_000_SN7PR22MB405542438DD4571387160AD2C1062SN7PR22MB4055namp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">































--_000_SN7PR22MB405542438DD4571387160AD2C1062SN7PR22MB4055namp_--