Geek Squad Phish from Google Gmail Part 2

Posted by Dave Yadallee on
0.7 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.219.73 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.1 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.219.73 listed in sa-trusted.bondedsender.org]

0.4 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.219.73 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.219.73 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.219.73 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

2.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Invitation: Update available now for Bill @ Thu Mar 19, 2026 3:30am

(GMT-4) (doctor@nl2k.ab.ca)



Jacquie Herriott has invited you to Update available now for Bill

Title: Update available now for Bill

When: Thursday, March 19, 2026 at 01:30

Organizer:

Jacquie Herriott

Description: Bill date: Thursday, 19 March 2026

Bill No: ZDKJ-8147-982



Renewal has been successfully confirmed



Hey,



This is to remind you that your membership renewal with GeekSquads will be completed today. A payment of $410.80 will be processed as per your plan. For support, please contact 865 243 4132.



Dispatch Monitoring Hub:

Service Provider: GeekSquads

Add-on Service: Ultra Protection Plan

Amount Scheduled: $410.80

Validity: 36 Months

Total Payable: $410.80



If you need assistance regarding your account, please contact Customer Service at 865 243 4132.



Received with thanks,

Sarah Ciralli

GeekSquads, llc

2026 Company. All Rights Reserved.

Activation key: 56b79e66-0db4-41d1-ab86-235a722b782b

Attendees:



doctor@nl2k.ab.ca





Bill date: Thursday, 19 March 2026

Bill No: ZDKJ-8147-982



Renewal has been successfully confirmed



Hey,



This is to remind you that your membership renewal with GeekSquads will be completed today. A payment of $410.80 will be processed as per your plan. For support, please contact 865 243 4132.



Dispatch Monitoring Hub:

Service Provider: GeekSquads

Add-on Service: Ultra Protection Plan

Amount Scheduled: $410.80

Validity: 36 Months

Total Payable: $410.80



If you need assistance regarding your account, please contact Customer Service at 865 243 4132.



Received with thanks,

Sarah Ciralli

GeekSquads, llc

2026 Company. All Rights Reserved.

Activation key: 56b79e66-0db4-41d1-ab86-235a722b782b

When

Thursday Mar 19, 2026 ⋅ 3:30am (Eastern Time - New York)

Organizer

Jacquie Herriott

jacquieherriott1006@novasitegss.com

Guests

(Guest list has been hidden at organizer's request)

Reply for doctor@nl2k.ab.ca

Yes



No



Maybe

More options



Invitation from Google Calendar



You are receiving this email because you are an attendee on the event.



Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

Geek squad phish from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Mar 2026 15:28:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2yQ1-00000000Fnq-2wG5

for dave@doctor.nl2k.ab.ca;

Wed, 18 Mar 2026 15:27:09 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Mar 2026 15:27:09 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qv1-f73.google.com ([209.85.219.73]:58729)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2vfm-000000007mk-0ga0

for doctor@nl2k.ab.ca;

Wed, 18 Mar 2026 12:31:24 -0600

Received: by mail-qv1-f73.google.com with SMTP id 6a1803df08f44-89c3e0be5ccso3500646d6.1

for ; Wed, 18 Mar 2026 11:30:25 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1773858619; x=1774463419; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=NuihtZ8VlwCmzBTh7bvHSYqPwzTVkJzwRSPKXQKRDjU=;

b=FQnjryFDpKnbbyQllHyNBZhueEZtGWkEoTMZbUtJlnfkxeR+Bnpu5q6evoCbwQWZd3

EIxSAAhbxL1H0txZrpi2Pf0bmvlscNcCj9Dtye945kAwnYbr86BcE/Bdm39jtxp02G6s

oHqHkRAGvK4sFwuxqwGMUmyhdJh1GeQvMddLsFVKbp81ACfeG4QOKxcR0+GQUQYptNja

wo7ozepkv2naTzMkD/R987FQl/zeNKrVLyXXIWxoTXpNC8zm9Ev+vJK5fvuOkeiUG/OV

40UmAUhf07fIeTZcAPs9N0WxwVSF6w/hhYUT4RzppZbzmDn31vllIC2yhPoFryaHDCrP

o7mQ==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=novasitegss-com.20230601.gappssmtp.com; s=20230601; t=1773858619; x=1774463419; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=NuihtZ8VlwCmzBTh7bvHSYqPwzTVkJzwRSPKXQKRDjU=;

b=GqndNnb6K8W8j0q+G4Rvi9xaA99ymgVP8sqQPfFnX0y96EWrJ1N84D6ncicBz6a3DR

HAyKvjR1VPq4yMr76GS5SAl6hu+uPT8osrgg9W6wtVTDjaXJ+UxXaLMBvUStkwBZDyuG

ZMJy/tBmncJxNrHCQKcOIMM99O9pq/TusPlu6s64J30U4GkTxZcUPEgUNm3e2yM+XhXZ

hyjX8z9wZQuHxHqG4xg0xhFD677Ng+S9vb8n2VKizQfZD3pRHwuOWJPPdOdnpm835keT

g0bQywfmUdttNJTHZjfb82GRLZyVwq8sDl3q5eCNQQLfJkjo1GI/vwNMo5b7fhyWEVFh

UQxg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1773858619; x=1774463419;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=NuihtZ8VlwCmzBTh7bvHSYqPwzTVkJzwRSPKXQKRDjU=;

b=JoAGnYBDR3PkZTSk4LXiEkRU6uroGgzuuwoo8/qJpo6fhKFtX/znOesVx9But+C15d

L/Nte9SQCiArB2/oI/FsPHXdGp4l/nzDNoxgF4P+pQpn4sIvNTfpzs5oVvmjkzN4/a/8

oH0B1PuFHMu6DkYCRgqUH1YNxrr9lIB/stbmxuZE65OuKXFiPzDgTI++EUig1dQUS0TB

yFOqJmCAFvWURKCc1nDr8FJwc5pZVrLxY4E2U7HxSneOj5/S6UiO9ie4PBAK9P66+Okz

SY0lqeXc5w95auewdPh9WtIwIKlaxDUjPROgA1kZ2BwqvhKO6RnS/JX/405fGpzMK7xE

2S8g==

X-Gm-Message-State: AOJu0YxMvZqRkhLu3JsDi/tAg47I8qd4vxa34TN2colrmWvtRQGPJb+1

/Ke6zLVMGJvPpiHctQYT3zSGigXiOpkCpF2JsR5XrFkZul565mtGh6duo1uXai8wwvhM3giDL2f

PcNdvFMH1CAYKGhQNYG/G98nVYRwsimbrULt2PuREiv7/uC4sgUXREYAp

MIME-Version: 1.0

X-Received: by 2002:a05:620a:bc3:b0:8cd:b61f:2f48 with SMTP id

af79cd13be357-8cfad352235mr603732185a.42.1773858619225; Wed, 18 Mar 2026

11:30:19 -0700 (PDT)

Reply-To: Jacquie Herriott

Sender: Google Calendar

Message-ID:

Date: Wed, 18 Mar 2026 18:30:19 +0000

Subject: Invitation: Update available now for Bill @ Thu Mar 19, 2026 3:30am

(GMT-4) (doctor@nl2k.ab.ca)

From: Jacquie Herriott

To: doctor@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="000000000000e18796064d50a456"

X-Spam_score: 10.3

X-Spam_score_int: 103

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Update available now for Bill Thursday Mar 19, 2026 â‹… 3:30am

Eastern Time - New York Bill date: Thursday, 19 March 2026 Bill No: ZDKJ-8147-982

Renewal has been successfully confirmed



Content analysis details: (10.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.219.73 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.219.73 listed in will-spam-for-food.eu.org]

[209.85.219.73 listed in will-spam-for-food.eu.org]

[209.85.219.73 listed in will-spam-for-food.eu.org]

[209.85.219.73 listed in will-spam-for-food.eu.org]

[209.85.219.73 listed in will-spam-for-food.eu.org]

[209.85.219.73 listed in will-spam-for-food.eu.org]

[209.85.219.73 listed in will-spam-for-food.eu.org]

[209.85.219.73 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.219.73 listed in dnsbl.ahbl.org]

[209.85.219.73 listed in dnsbl.ahbl.org]

[209.85.219.73 listed in dnsbl.ahbl.org]

[209.85.219.73 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.219.73 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.219.73 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.219.73 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.219.73 listed in dnsbl.ahbl.org]

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

WEb/SEO/App spam from Microsoft outlook Part 3

Posted by Dave Yadallee on
--_000_SEZPR01MB7680DE50526DF23F5ACE8C13AA4EASEZPR01MB7680apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,



px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, H=

elvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







ht: 1.284; margin: 0cm 0cm 8pt; font-family: Aptos, Aptos_EmbeddedFont, Apt=

os_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: r=

gb(0, 0, 0);">

Please share your Website link & target location, an=

d I will send the SEO price details.



ht: 1.284; margin: 0cm 0cm 8pt; font-family: Aptos, Aptos_EmbeddedFont, Apt=

os_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: r=

gb(0, 0, 0);">

Thanks.





yFwdMsg">


_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

From: Isla webrank


Sent: 17 March 2026 09:28


Subject: Send Demo Sample





em 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibr=

i, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hello,



em 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibr=

i, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Search Engine Optimization is all about making your website more visible to=

people who are using search engines to look for your product, brand, or se=

rvices.



em 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibr=

i, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Kindly please share your Website URL and Target Location with keywords wher=

e you want us to promote your site.



em 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibr=

i, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Looking forward to your response?



em 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibr=

i, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Thank You, 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Isia,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica=

, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">












--_000_SEZPR01MB7680DE50526DF23F5ACE8C13AA4EASEZPR01MB7680apcp_--

WEb/SEO/App spam from Microsoft outlook Part 2

Posted by Dave Yadallee on
Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEZPR01MB7680:EE_|SEYPR01MB5868:EE_

x-ms-office365-filtering-correlation-id: 1c06406c-2a3d-4978-2a87-08de850e7d78

x-microsoft-antispam:

BCL:0;ARA:14566002|8060799015|15080799012|15030799006|8062599012|19110799012|37102599003|461199028|31061999003|24121999003|22091999003|37011999003|39105399006|3412199025|440099028|102099032|40105399003|51015399003|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?mL6r9PRtiHHfZBOYthTnEyD8c0TyRwWzpt6lJrGIy/sQ0owU4m7MBzV18W?=

=?iso-8859-1?Q?hh9HkpPOoEXnsFBCAdmWRhmh/rzbI/ifjko26LqZZn7i8e8nB5HtMOsEjB?=

=?iso-8859-1?Q?VpyhiO0xs6XUkyaHR/y2r8zR5DTbnxMedTDHetwfl8qDA5re/keTFjxChl?=

=?iso-8859-1?Q?JrDiJGZXjHb3v7W8aeNFl93kNAnX9vJ9gxBpjS56a6YnNifQkq2vi4FYnp?=

=?iso-8859-1?Q?GJqoHSs0unznMc4W/JljEfj0HACci53eBk6I7QPf+89hxhjNOKs51f4DCd?=

=?iso-8859-1?Q?ICV5CkGMpKTyPMNM3KCSvw4gRd4JNj+S4xhHdSvP/jVgm+Ev+451KBAqGQ?=

=?iso-8859-1?Q?ZJfGRKMmiw4TLkFIETEtvoUJ+NdaIhyfkhq9N4ZwUHfBYba+q3QovSbc5Y?=

=?iso-8859-1?Q?TiPWQk4jy8Ud8YgZkpZZyqCXmPRccrmLu1C7tv7Seu9rya35UbcSnXVYo2?=

=?iso-8859-1?Q?htquZQdA3WD2CcjAzUaoZjwciNVQuDOOoWbAkHe+A5QzYcQiMDoOZLM99Q?=

=?iso-8859-1?Q?POrI3+FtowK/wl7eKrl1LZsxFSFYyEyKH2rXDEK3XmYH99KJ3aBhFaNq5e?=

=?iso-8859-1?Q?9SjExAKZJ6JG0UclrCFz90VXTidus8hDrSqr7vzKSMna8Cjac1WTTHCmGT?=

=?iso-8859-1?Q?uG6FKPiVPcl8ol87dzOXu4Hm+Lv7D+r37ETVAxb2env+wfnAfHiUuOohqc?=

=?iso-8859-1?Q?jDQtq54nCpSSs4hdIh7S74wD43AxPhE1gtAUrv+cuuwK5jix+Cd2ceGZo5?=

=?iso-8859-1?Q?H04aw2yL39eD8GOl2ZlGJthB2P5QfeKJXOCgHGw1XUe2WYmRsmvwRBeqKD?=

=?iso-8859-1?Q?Otm2g4FmwB11RLvW1MmKJCdtoz/6U6iyzXNDpbQxCEc6tRz/ZGIZNqRTKq?=

=?iso-8859-1?Q?3eBTGIAzOJ5Z0vs2JlQNY3I2Tepp4fZpyyFoilJ/v/4xqK13k8KZDTHrIt?=

=?iso-8859-1?Q?3Tf27VnZV+TcOi09NqHKtgbDiHrb57qQOorHLBWvk2rYpt7MiQYRlGiHcb?=

=?iso-8859-1?Q?BprZlJDsQvTC/XlHZZc/Izpp73aoO/uiJChK3siiFX1YHD77e0bHj2vTnJ?=

=?iso-8859-1?Q?djjspqWUTfndfy733q7Kd9eL1nklXXHQCdtlqGwqE2QBcOoiITFfDIWY5E?=

=?iso-8859-1?Q?Pgsee1d9pUdPXUt2fbFGo6Ceen07CN1lf4210IeHoWRTD1Z094?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?6TdFbbzokAjtMPaxhnoUjGSwhbHtBevIhgcoREECUw8tF/4cmIVGmoIrMY?=

=?iso-8859-1?Q?oKy2X/ObAC1tvStw1X8F9xyyPIAhU3eolRGb/Ek+EaVQQILB9HeA8gs1va?=

=?iso-8859-1?Q?PHSK8qYnZocEp8l0Ds2jS8EnpBpstrIJov6arm+pMtpXuQcJM5j+dJszF2?=

=?iso-8859-1?Q?adEetXcB3Em2dFVzmQoo+THZoi4pYOtfaNF/pPnbQ9Q0iNn/kEuNrfBjie?=

=?iso-8859-1?Q?wz3DnXqvflAUl/UG7COrcfzNOUqC2btYvdDdiQJRK1lo27r2tPwinNZnxT?=

=?iso-8859-1?Q?/53a3pP49/JtlZS+8uMSTePg5i+r8WN7P8774DFldn4LeTZPo6HPnmLG3h?=

=?iso-8859-1?Q?5Qwu1O0EsUVotxzvUcJbTNxEarS9QC6lpJC0SelUoSNznG04QyEFd4HLNP?=

=?iso-8859-1?Q?pjwWNKkPYxD7EuxbIOce+PdwykKCOGGPT7lr4rc3jI08EmI0bPiceHhoR5?=

=?iso-8859-1?Q?7iJEEUDDZazedyuQ9erQUIF9Di3Xc3bRHyf1zoZxsh/eXacobyzRHav7Ol?=

=?iso-8859-1?Q?YPAGw/IGJ3wgzGiAI7wHbWmoZ+xNyJLcW/T/kwRTt7PrKlSNsl+grfB0eP?=

=?iso-8859-1?Q?kuodyQLtf09RiXiobmcSpvlAy5A80dzg9huH5B96AQRYpqMMiARye6wwKB?=

=?iso-8859-1?Q?PFyZCCVUvxd3Sj8qV15tymushGld6YsBAu8HB7WA0NATDjxNlqXYn/wmlF?=

=?iso-8859-1?Q?GFgM5LaAi+J17DMEQQBVfa8REs9KHfDEIx8Pz8r1FYWPAqzZY+xYM+mDqz?=

=?iso-8859-1?Q?P9zXOGnw1s0kMHqKLKXd3mJYtaMihxktDwIyF9crG0VmV7Jtr90BHtInXh?=

=?iso-8859-1?Q?KLgNnAY2pBpQDLx345MDnizsPNjEgSn/47r8jIGyhaWalUf/vCTVrFd5VM?=

=?iso-8859-1?Q?9P/BjiXhCTfduyh0m0JniqEAESHrq7kwQhoEIpXBIFAOFZQA19OKLWVK++?=

=?iso-8859-1?Q?UXUWfdOgTKCrysMpJqMbIbIayn/wBttMzcRFUAlom3L/DZqlWPY/ga1ncY?=

=?iso-8859-1?Q?O6IEMhbsOhrrhxpNA0qL1fNSp+xDol1/4x3w9YPfbVt2TJ6yCy4flzR0sd?=

=?iso-8859-1?Q?ZHfqxR4tmrkLaWLPYEbPa2oDk6F0WXYwlXEU+dF4XgvildcgHODQTIzXkl?=

=?iso-8859-1?Q?asDwJY9pFiv0Pw81D3BG7yoIX/wItnlhK/4Wq7qruqFpq4R2m0j4I/q9fG?=

=?iso-8859-1?Q?/7IF/2i0z69eHTcq3UL+XaoMD3Wyv8fsUYGbkdAJUXKHyhmGHFWMhdu21f?=

=?iso-8859-1?Q?DMHJEk2nifsFzG9OJ77WRzeYy+G2ROVTXYA+cWsOq5/11KNJEvRs4QmQFj?=

=?iso-8859-1?Q?H3vDa9a6YKZ34IjQME5JGNrNP5uXlAiW2wWhscVMXeD5a2m+icF/Vj94Ln?=

=?iso-8859-1?Q?WB9zDCFyt6zovCFf2/HbC/KjdwQ+xVwWhcxfHMLRf/kvD90W+ZVKLsP7Jk?=

=?iso-8859-1?Q?TPGRGVkZWH6C7gw2?=

Content-Type: multipart/alternative;

boundary="_000_SEZPR01MB7680DE50526DF23F5ACE8C13AA4EASEZPR01MB7680apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEZPR01MB7680.apcprd01.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 1c06406c-2a3d-4978-2a87-08de850e7d78

X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Mar 2026 16:50:41.4048

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEYPR01MB5868



--_000_SEZPR01MB7680DE50526DF23F5ACE8C13AA4EASEZPR01MB7680apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,



Please share your Website link & target location, and I will send the SEO p=

rice details.

Thanks.

________________________________

From: Isla webrank

Sent: 17 March 2026 09:28

Subject: Send Demo Sample

Hello,

Search Engine Optimization is all about making your website more visible to=

people who are using search engines to look for your product, brand, or se=

rvices.

Kindly please share your Website URL and Target Location with keywords wher=

e you want us to promote your site.

Looking forward to your response?

Thank You,

Isia,

WEb/SEO/App spam from Microsoft outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Mar 2026 15:27:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2yPB-00000000Flu-1umd

for dave@doctor.nl2k.ab.ca;

Wed, 18 Mar 2026 15:26:17 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Mar 2026 15:26:17 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19013083.outbound.protection.outlook.com ([52.103.74.83]:62958 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2u7g-000000003ah-46eK

for sales@nk.ca;

Wed, 18 Mar 2026 10:52:08 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=hr670LcxCZPobHFwQAObg6IdNH5ZI2i4vTD6aXBGDAC4KQM90grYqC+s8nSNIDB7hzKxgQwSdc0HonbDnU/9S9NE4j3vgcdYQckBMd6wsB0GkO0Q7mGLoxChbb1zl8vcnpb6MP2vdrYIXpw5EOxEgwwzLnZMFJEFzks6+BEXY53SGgaYCYEaMTW1dOm0syvuDaMzBQor5JhGXBu8XNXpPq2I9KCA59ZiIyYCVTzh4rhDlk0WoQafHnFGCebAE3YRfvWLaUccWb9cinnvd+KSDqKPed/fVkr14tAG+6V/blp9HihS7xsopVjG9P7FrwuH7HTcPyZ8PeoNrSLrPUwbvw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=UTsGKxwXo7Ce8hpcN0U7MdCKoN33BseLVWuXxpcY5S0=;

b=YR9xNnaZ8o7JhG2uw6IBul3yrF4mJbTz6ITH8wRFdqWTJCttQkbdzcZfskR67pemIuw+rlqu622q+NkNxqYOjrVoxzdUhI3m4hfpD9Djj9APMIknh2PZ9+cEYcRz7Jj2Mx0hXvmFrBHdukD0uN97KquAB5Nb6Ffg2PWqw7grHoBFVDteTqJ2TAverEzF49Z7M29YIbXFnT7B50DkaXNWMljRBWlGnsvxGgS0l9GhP0UKRfK9Xhv0wxVz1JTAReK4KAnJK1QaiXta4Zvde70C74EqCWVYhedaDE7XNIj/I/lgZqV3BJ7DW9HajYWWhsLYqpQWAw2x2mK+ldQKZcCjBQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=UTsGKxwXo7Ce8hpcN0U7MdCKoN33BseLVWuXxpcY5S0=;

b=eo1MTK84UAtnu78ayJleoZllPZ5Jc4aTpfPnKBYvkj19PeQ7Iu5q3xeqFDt49igmbkr3N5XT0EN/Nui4NAh4V5BusZqBHOItXOp3YD9n8lxZGNzfPZQqMh1gfsC3a1+CiqAVmFxXg+jruE5wjYtmEIGG5XgvkeaHcQYzdmoN5+3rfP5fWDDzTm5puPXFpQE2xSEUNhAb3Kand7GhPGbebQjWVI5V1G1t/A9I+IsuuS715RQ6QoPAy/B5aU1OzTvfslWgBjulzS06V5TTIuUWXambtY3D8JxV/YLeSo9DLVCi1P1NduVpCEi8iLll5CPTFbbDDksmfPaTQT2DYi5jag==

Received: from SEZPR01MB7680.apcprd01.prod.exchangelabs.com

(2603:1096:101:2a0::12) by SEYPR01MB5868.apcprd01.prod.exchangelabs.com

(2603:1096:101:1a5::9) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9723.19; Wed, 18 Mar

2026 16:50:45 +0000

Received: from SEZPR01MB7680.apcprd01.prod.exchangelabs.com

([fe80::c8cd:5504:dd82:9617]) by SEZPR01MB7680.apcprd01.prod.exchangelabs.com

([fe80::c8cd:5504:dd82:9617%4]) with mapi id 15.20.9723.018; Wed, 18 Mar 2026

16:50:41 +0000

From: Lily webrank

To: Lily webrank

Subject: Re: Reminder

Thread-Topic: Reminder

Thread-Index:

AQHcrwpAYXck1ir/lECEQq7Lze6r9rWktuDbgALNTxWAAAJOgIAAAKIigAOYdqWAAAeM54ABk2kHgAAAPpmAAABcOYACy6cagAABhseAAWJ/LoAAApjvgAOQVhKAABLUoQ==

Date: Wed, 18 Mar 2026 16:50:41 +0000

Message-ID:



References:





































































In-Reply-To:

WEb/SEO/App spam from Microsoft outlook Part 2

Posted by Dave Yadallee on




--_000_SEZPR02MB705833D5BCF3DB8CE9DC938FDC4EASEZPR02MB7058apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,



Please share your Website link & target location, and I will send the SEO p=

rice details.

Thanks.

________________________________

From: Ivy webrank

Sent: 17 March 2026 12:38

Subject: Tech Connect

Hello,

Search Engine Optimization is all about making your website more visible to=

people who are using search engines to look for your product, brand, or se=

rvices.

Kindly please share your Website URL and Target Location with keywords wher=

e you want us to promote your site.

Looking forward to your response?

Thank You,

Ivy,





--_000_SEZPR02MB705833D5BCF3DB8CE9DC938FDC4EASEZPR02MB7058apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,



px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, H=

elvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">







ht: 1.284; margin: 0cm 0cm 8pt; font-family: Aptos, Aptos_EmbeddedFont, Apt=

os_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: r=

gb(0, 0, 0);">

Please share your Website link & target location, an=

d I will send the SEO price details.



ht: 1.284; margin: 0cm 0cm 8pt; font-family: Aptos, Aptos_EmbeddedFont, Apt=

os_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: r=

gb(0, 0, 0);">

Thanks.







11pt; color: rgb(0, 0, 0);">

From: Ivy webrank


Sent: 17 March 2026 12:38


Subject: Tech Connect





eft: 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Cali=

bri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hello,



eft: 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Cali=

bri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Search Engine Optimization is all about making your website more visible to=

people who are using search engines to look for your product, brand, or se=

rvices.



eft: 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Cali=

bri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Kindly please share your Website URL and Target Location with keywords wher=

e you want us to promote your site.



eft: 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Cali=

bri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Looking forward to your response?



eft: 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Cali=

bri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Thank You, 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Ivy,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">












--_000_SEZPR02MB705833D5BCF3DB8CE9DC938FDC4EASEZPR02MB7058apcp_--

WEb/SEO/App spam from Microsoft outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Mar 2026 15:27:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2yOx-00000000FlG-3NJW

for dave@doctor.nl2k.ab.ca;

Wed, 18 Mar 2026 15:26:03 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Mar 2026 15:26:03 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012050.outbound.protection.outlook.com ([52.103.43.50]:8925 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2tzT-000000003D4-0bhi

for root@nk.ca;

Wed, 18 Mar 2026 10:43:37 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=SMcftwSCg7V/sYfzlZYWcliyz8toUTpKoqhkhOLubFaTfQP4+mr3w9/32T8gbB70wRhKhKtYNbwIObJuvRRq4GEWeY2GkuaHASwe2aWfqUPSZ2G0lhTj/z9gT4Nk9GgSoUgvr3mCjv8is2ToXX8WP3AZA+nz9d/jp/ysDFRkDw04QMWeYzpVpS7QOeNABkr8iac0omaJv5IOnBKTcYSHV+KL3B1N29hn+lpgbTz3w+HG5Dfb8s/NvXaLVtAym44ygvkFS5CYEKPWgPocqwYd2DpGsl5XoE/4c/XhVz8qUZeixUDvABmro1IuLLVaDXfyv3ePyBbOrRO+XvKqvRZpoA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=1w+NLoVGsxjHHyzlh2swkLjyaWtbhqbppAEUujHeU4g=;

b=Rk2M1tvLWfKb7dFGzTcyMz9eXbOYp3q9jm6LUxV769jrqkRHgqAgxh8uO/mOfUsVIlsx9wOTT03Rb4kb/ZPZJM+Uz8PF7QEojH/R0Rm+oEIf1NOX6eQ2BKfGn8k67Ql/vOE6obIAff7BIVcABGTT4ml7PTV7qHC6A43WNEBFPjnLLjY4mB1ZV31LiH3FWVzSHj09BTp6Wizz16Lk1ofahv05lurbcQI01VpKvjm9bZvGu+/drASStzEPQJEIW45rHEjWQTtS3m5ZBdzlE/r1SWYEMQYwCvt3iePSfeziId/JgYzicMKGhKGYsAvIzhpuWZFAplcODziK6/OEiBJIxA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=1w+NLoVGsxjHHyzlh2swkLjyaWtbhqbppAEUujHeU4g=;

b=kA9ppytvrgLOyvAi+LP3s4+TCl5V7VdXBhCAn7kqVSGuqrOPI/eQITbRBTkL2TrShSXWRpI9HlpeN+pbVoWi1w34za9bjS8gnSRXBrDg3qoyGW8hrUP+YQl9LYCuUFIHETlBW2YOx6iegJotjYHW2IyjWSL12XNNoBUBpJrFqkIbuIDJDOnuqcOOCtqJTJIJLs8ZGQZRRhq7sf2fg6PT/pGF0M1uLnb2iY42bw4LcwrKxQTqo8E6apnUqmW2s+yyXTm490Kz3gP3KJibtcUrQ19oejN4U8iSO0YZ/q7rsVY3+A+bBRqqivOW6KKbzPEJau5pE+A8gk9bX42icDsWAA==

Received: from SEZPR02MB7058.apcprd02.prod.outlook.com (2603:1096:101:19e::8)

by PUZPR02MB6305.apcprd02.prod.outlook.com (2603:1096:301:fb::6) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9723.19; Wed, 18 Mar

2026 16:42:14 +0000

Received: from SEZPR02MB7058.apcprd02.prod.outlook.com

([fe80::4245:d921:e9b7:866f]) by SEZPR02MB7058.apcprd02.prod.outlook.com

([fe80::4245:d921:e9b7:866f%6]) with mapi id 15.20.9723.018; Wed, 18 Mar 2026

16:42:14 +0000

From: Ivy webrank

To: Ivy webrank

Subject: Re: Reminder

Thread-Topic: Reminder

Thread-Index: AQHctvVELcTafyFVwUusc6M2qbhhIbW0fl6a

Date: Wed, 18 Mar 2026 16:42:14 +0000

Message-ID:



References:





In-Reply-To:



Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEZPR02MB7058:EE_|PUZPR02MB6305:EE_

x-ms-office365-filtering-correlation-id: 460fab9e-f4d6-46af-b345-08de850d4f36

x-microsoft-antispam:

BCL:0;ARA:14566002|8062599012|15080799012|19110799012|39105399006|22091999003|8060799015|15030799006|24121999003|37011999003|37102599003|31061999003|461199028|51015399003|40105399003|3412199025|440099028|102099032|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?H6K5MAiwbY4k2VM6Oct8OtC77Ek8zIY9UkFlI8x/JiRIUjOKWXnuM8ujPr?=

=?iso-8859-1?Q?J3X9wb/IhYfaEyIlaW5WDauksJek9E0zmtnS/gCvrYyhuumQjRzJ/oPb0D?=

=?iso-8859-1?Q?oB8r85jZ2pt7Dlf9S7GJA9UYtQhHW9gnaxi8vZRP4JuYGp3lbE8Sx+ZBYA?=

=?iso-8859-1?Q?1PlrbMEsDySrsn1Vze08UJCW67UizBOudavwtfe8TwSuF/P1j0UxfEBswk?=

=?iso-8859-1?Q?XC6XI/qVtcgYChcldsQmkrLXFoHo3xAAIhGXVZDyopqDeG26FIQYkGiGPg?=

=?iso-8859-1?Q?cPTK5dlcPucIPuxz2M1VI+c+9oHJtKD11Vj+QZ0h1GErFRInWIvSqjiUL4?=

=?iso-8859-1?Q?IbZV5q6yqUgWGU9NqMGVD9fNPeWQZ2iAnO5u0jLErwSkgrj7DseKN4VW52?=

=?iso-8859-1?Q?Ys4wHmaQb1q75kk9dGu3YWka8NBp1xIGfYoftloon6nCz7mVkYu0t6i0er?=

=?iso-8859-1?Q?y4PaRp+aJ65j00ISe3wcI8oeSrxcU7RO7FH5otqA2rBooENUTWk2RKpQ2t?=

=?iso-8859-1?Q?s+w1fXZrzExqsV9Qpw58mkvx5HeH5L1FZdmpIe5fuED23l9qXjaTBp7c85?=

=?iso-8859-1?Q?lUdSIYGQdRTF2e2g7kbytBJjVhBimu/WpBz6Yxi7+LdHoylsKWARo82TJw?=

=?iso-8859-1?Q?cD8nrT05LbMYJ+wY91HDzc3i5UDGQmdao90H7de0Speoej+i1kLDx6PFrc?=

=?iso-8859-1?Q?HjUjKVH9FXBCqFN9dvr3dHgFupzOt95z/EVTySIUMxp2rjzhTQe4j1FR2w?=

=?iso-8859-1?Q?/HSwUWA0rK6JtXZIvk7hLMYc/kxbsB/yCK52kPTpmicf55Bl1ROMBZQ+NN?=

=?iso-8859-1?Q?wYFeyPXZn1u2hk9Trk5gKfAb76YvvUiKz0TWmFlQgAcBTMp5HpThlWHYIY?=

=?iso-8859-1?Q?0NFLINErQtB4nW3pdgABV+9MUhXJHcONEEwK3sRxqOmTDDEyZdk3iUxQtg?=

=?iso-8859-1?Q?iw5j3Aq073ZpsJxSHC79GI7U1qent0T1m8qIhE3El1NPHvwYqNj1eYkU7H?=

=?iso-8859-1?Q?wpi1x1y/tTHEKCspr1iBeODSSJgnWKhXKj7SejNCZ5N9tdh/dt8kyVy2A1?=

=?iso-8859-1?Q?9k6GrhmJaRo3tg246sdU7Cata2sMxbO8bt9fKZqB/C9ERvdGqcB3qxHj4N?=

=?iso-8859-1?Q?/GxF/33qpnTjXCtGYYCvXbxb3rvyEMGew4zuXqZNaUHdZCPlut?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?9CTj3w0BE3Uq/tZvuyKgCr/nwnsDyfL/iWgUsU812fs3YFRiyKxD9bNn9f?=

=?iso-8859-1?Q?RcmiWzSUf3aIs763/4W0kSBhvHsZLm8waLcRsNkCioVbUkA0PyrUc+P0G4?=

=?iso-8859-1?Q?urbYI7f4eCLPbpDnIdgYQAF9004h8tHnkhOr335zPCFtA8NZOEDiGmLLPt?=

=?iso-8859-1?Q?klxoswUibkgVm+rhYlKFSBonfYa6FKgPufZ/BSztvCKCDXtuwQsj1Trh9b?=

=?iso-8859-1?Q?ZZ3/0cOahEPG/NkQ2St46ujl/l3Zw4qKr70XTmOP8oKFo/g7/4lHRaF+Ja?=

=?iso-8859-1?Q?iRcqHPBHKstlGZlomsm7FcrhyEr55C51XSzAX9ccS5x5K3UGfKSogrlkdR?=

=?iso-8859-1?Q?Y7aHoh5bJ2Hj09VMG+l3X+KkRPqN5Hwz0SJCKrHQQI4/8IygaWLSW81dpk?=

=?iso-8859-1?Q?2F8SPw+oXK2vNxuv13We5HYafT2P1cROseeALP2gsvi3+LJ+TEW9qkEYq8?=

=?iso-8859-1?Q?gxgj2jJUL9NT7k46/3edn+avBAUVX6eJcBNTGtefIIaUIC08IPKTg2SIfZ?=

=?iso-8859-1?Q?47rvl1mr/2sXzXFLpFxN9mBCGVqgI814s4CSga2SJ/uSONzPK90lPqk1M/?=

=?iso-8859-1?Q?59qEd/GN68Ccpi71rHNk7LsRnJtP5Uen34SCgU4dDf7VdV5fHS9ej/raUi?=

=?iso-8859-1?Q?48ij6y+RGFm5GMBSA+zPpkTuHgxH/fDnobhw4kYrnA83x04r/UvvUT4slR?=

=?iso-8859-1?Q?myToY/kdIy3WQmBaqvUfcWXYjKhxSdtN7sDgm8e0lRDOO2iK4aKhYlUwRW?=

=?iso-8859-1?Q?toh5fOXMIkH2V5Z9NMiMrrI9KLWDEEIrtjyRJ+jWMnhsyC1QEESVb+5QTh?=

=?iso-8859-1?Q?X1my4dS092Wst77eViO45fugk8f7kmhHqVk5rEV6ddgeeJyhcflH1gPR1M?=

=?iso-8859-1?Q?Qzqeyf62SiuICMfjzoYRZ+wjHqX5PzsGan7aG0FPNo5c5xzC/E6JYco9aP?=

=?iso-8859-1?Q?Dh1UKhLPCRnvoV3BCT2CkNXFl/1JSSEuDuAMFMzTBQMduu/09RwNf6nhWL?=

=?iso-8859-1?Q?95vIxOzrCh53R+aouAk8lwRbThBIOvbxTrWmV0GvOBbSlVPx2A4aO91+q7?=

=?iso-8859-1?Q?OEWJId0dyCAUbDR/c85qwiBU8JYl29qXO8F4lEROIsXn49M1FiDkZK/Vzd?=

=?iso-8859-1?Q?IV4TQ1CEdsQVLR7ofuYTzhOAkMz1QAFaOBe2dJgu3S0bVetP+wpR++hDoJ?=

=?iso-8859-1?Q?lX4M1f8ScK6/8tohFhPmUHW1SxdSw6qxPnkT+CESC6RJWVcsm/cQaRSvhq?=

=?iso-8859-1?Q?wpatmODXSKWnNhNMSW6FVgCB1KZaAOIYfaaR1WT7YMcws+JrBrpzrcZGEz?=

=?iso-8859-1?Q?RjTg2Uxs0ikz16xu1HRLWJoKJTTOQN7QhGtKsWNcQu1mzK4s1fEY9kOCd8?=

=?iso-8859-1?Q?cONcYCqDvolHI8EKamjVPfWHaNSF9hc2H8yAPQ5kBpLWBfM7IIbuA=3D?=

Content-Type: multipart/alternative;

boundary="_000_SEZPR02MB705833D5BCF3DB8CE9DC938FDC4EASEZPR02MB7058apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEZPR02MB7058.apcprd02.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 460fab9e-f4d6-46af-b345-08de850d4f36

X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Mar 2026 16:42:14.3157

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PUZPR02MB6305

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 6496e922-708a-447d-e72f-08de84dad3ad

X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Mar 2026 10:38:28.1445

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR02MB6060

X-Spam_score: 5.2

X-Spam_score_int: 52

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Good day, I sent you an email a few days ago. I didn't get

any response back from you. May I send you a quote? If interested! Thank

you! From: aarna pal Sent: 08 Febru [...]



Content analysis details: (5.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:37:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

[52.103.43.87 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.43.87 listed in dnsbl.ahbl.org]

[52.103.43.87 listed in dnsbl.ahbl.org]

[52.103.43.87 listed in dnsbl.ahbl.org]

[52.103.43.87 listed in dnsbl.ahbl.org]

[2603:1096:400:37:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:400:37:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:400:37:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:400:37:0:0:0:5 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.43.87 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.43.87 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.43.87 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.43.87 listed in dnsbl.ahbl.org]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[aarnapal125(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.43.87 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS

Subject: {SPAM?} Re: New Look



--_000_TYZPR02MB821683A6B94AC7986535AACAEA4EATYZPR02MB8216apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Good day,

I sent you an email a few days ago. I didn't get any response back from you=

.

May I send you a quote? If interested!

Thank you!

________________________________

From: aarna pal

Sent: 08 February 2026 14:07

Subject: New Look





Hi,







Can you give me a few minutes!







Would you be interested in a possible Design/redesigning of the websites or=

designing new website, with addition feature that might benefit the overal=

l usability and user experience which usually leads to better sales.

Web/SEO/App Spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on
If you are interested, then I can send you our Price List & other detail.







Please let me know of a suitable time to discuss.







Kinds Regards,







Aarna Pal,



--_000_TYZPR02MB821683A6B94AC7986535AACAEA4EATYZPR02MB8216apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








ptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

Good day,



ptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

I sent you an email a few days ago. I didn't get any response back from you=

.



ptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

May I send you a quote? If interested!



ptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

Thank you!









11pt; color: rgb(0, 0, 0);">

From: aarna pal


Sent: 08 February 2026 14:07


Subject: New Look


 





>
pt; color: black;">Hi,   




>
pt; color: black;">   




>
pt; color: black;">Can you give me a few minutes!   <=

/p>


>
pt; color: black;">   




>
pt; color: black;">Would you be interested in a possible Design/redesigning=

of the websites or designing new website, with

addition feature that might benefit the overall usability and user experie=

nce which usually leads to better sales.   




>
pt; color: black;">   




>
pt; color: black;">If you are interested,


ze: 11pt; color: black; background-color: yellow;">then I can send you our =

Price List & other detail.
quot;sans-serif"; font-size: 11pt; color: black;">   
span>




>
pt; color: black;">   




>
pt; color: black;">Please let me know of a suitable time to discuss. &=

nbsp; 




>
pt; color: black;">   




>
pt; color: black;">Kinds Regards,   




>
pt; color: black;">   




>
pt; color: black;">Aarna Pal,









--_000_TYZPR02MB821683A6B94AC7986535AACAEA4EATYZPR02MB8216apcp_--

Web/SEO/App Spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Mar 2026 05:10:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2omA-00000000BFS-3AQ3

for dave@doctor.nl2k.ab.ca;

Wed, 18 Mar 2026 05:09:22 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Mar 2026 05:09:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19013087.outbound.protection.outlook.com ([52.103.43.87]:26889 helo=TYDPR03CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2oLW-000000009sy-06cL

for sales@nk.ca;

Wed, 18 Mar 2026 04:42:00 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=rZFCMK6mZO6BuJ/Yv3HZqHdn/ePc4Vl+tlLoo6aF8bEOq/xVrqh1CmXXpxAOVKmkz3lCx5Uw/WmOc9ek4TPWcZlNFHhOAAnqnYOZ4R9IItN/oLY76QmrAEtzBefy2LpNXn5to8WUAMzwPUsccqXRyDrN8SgjOlYLE5eseS00YYFgykpg7+TuOPLUH+2ui3xB5LJsn990wy203QBszwNlm22kdxWx9tDq95gNI6mOhPYJRJMwE7VLX0mutPf3HKQp6V+MMRm4JTmFTQojI4XWHHX94sQo4P0cE7Yvi8SWj+9KQsu86NpzZcKQ1lFp/dnlaYK7F4CatZLgI/C8VcQlpg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=oLnXK8uOZrDkR7mkBitJ8NOiJ8PeMLEDKk/3icEsHCQ=;

b=V7v5FSRaptPzRg+GqpyoWthJkG/WHhnqsJQRhsiGCBsMyJoFAWZDy5AjzFxruDqGXZr91fCaUHroOf6bppZpWzyBY9AkQh/QLXuBzp4TKDJKeQ3clzCGmsU+nxx0dxI0c87UDUTQLAYOqP9mLlVj00vMVbfkLLbG3sxRbQkwuDA6dIKBghaeXS9AIVM2OjrZHOh9m3dD9ZGIhEgCAD0Q3t7h+AhySMzGDRRhIY/DPEVe3prNTGAY2+nXgxx24p9sl/QMAVZ+M7XmR2ypOfSMyR+WYiWgqW9eygDgQO2ah4aJgAPJjBlG6bu3htw1N/lmDYBsNBZ8KK32DTn7FCbgbQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

Received: from TYZPR02MB4703.apcprd02.prod.outlook.com (2603:1096:400:37::5)

by TYZPR02MB6060.apcprd02.prod.outlook.com (2603:1096:400:25e::13) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9723.19; Wed, 18 Mar

2026 10:40:52 +0000

Received: from TYZPR02MB8216.apcprd02.prod.outlook.com

([fe80::dabc:7bca:10c5:3d74]) by TYZPR02MB4703.apcprd02.prod.outlook.com

([fe80::dabc:7bca:10c5:3d74%5]) with mapi id 15.20.9723.018; Wed, 18 Mar 2026

10:40:52 +0000

From: aarna pal

To: "sales@nk.ca"

Subject: Re: New Look

Thread-Topic: New Look

Thread-Index: AQHa1rMgTlGhN1CyyEaAEs4dZ7phe7W31ZBA

Date: Wed, 18 Mar 2026 10:38:28 +0000

Message-ID:



References:



In-Reply-To:



Accept-Language: en-US

Content-Language: en-IN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

suggested_attachment_session_id: 874ac0e1-a3ea-51b3-c947-58a2e4738384

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: TYZPR02MB4703:EE_|TYZPR02MB6060:EE_

x-ms-office365-filtering-correlation-id: 6496e922-708a-447d-e72f-08de84dad3ad

x-microsoft-antispam:

BCL:0;ARA:14566002|39105399006|19110799012|8062599012|8060799015|461199028|15080799012|15030799006|31061999003|40105399003|3412199025|440099028|26131999003|102099032|26104999006;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?BCxcBwl4IkM+H0Hj2+AGfSZ1HPk1cuMmwtloElxCBn9APouwisexWVOAtp?=

=?iso-8859-1?Q?2uAftetBGjRobtrAvRBxhC4ydEh1nVxWczemR9AlMqh5FRc+2NpDBbM/10?=

=?iso-8859-1?Q?hZAJcvxGSt5LEatxaihP41uAF46Dg43RhTuyPVRAx0TerRT9m0guWeNsOW?=

=?iso-8859-1?Q?GuNA6KZPbgDcq6Uj82heCYsQYGmQ+bgk26RrhUibacBF+ndSpDPHJHsKHI?=

=?iso-8859-1?Q?7R9me03iIEkRBMnmzvgbx+wSm93qwpl/M/GCVYIg63ICtfoshp/YGN5GC1?=

=?iso-8859-1?Q?WMCe400Werpe4vZBTgFbZux+45TkVGqHi+DqjtLkkYrncGk0hzHV2T9j6K?=

=?iso-8859-1?Q?Uwd6wTfu9L6ZoQHBOyzfP5MedSmjDAuvZ9XYtu/DREMRF6LsdyUMYu+WEC?=

=?iso-8859-1?Q?Kfvhk5kSkdqjeX1cJdB2XkLYtGUukanCaw/BhO3mCVvXhXylsUj+NVtt43?=

=?iso-8859-1?Q?OTDqAee5KA3nlLLvT/rkO/52Eh7/DxMp5S7fhexW5aDGyUkqz2yDtWcDJH?=

=?iso-8859-1?Q?MRerqKbYmJSIw7JPflzSUvxtzUazk0E46OF3q6WPXsBILfnI/JdOgdatcX?=

=?iso-8859-1?Q?+nzTSq0XegFdnLU3lV4USPoel0LfnRC+T7TDlfxkrRadH7qrMLkdcE2HKW?=

=?iso-8859-1?Q?enVEX7/OIxJ2daGVqRRtwJwTO2bq+ZzUVyWnEgcbD8ylRN+24WYmD+2EfW?=

=?iso-8859-1?Q?tga3JnbMSr/XHyvb2lTGmNgh44WllqDZ2h+aE+nDvzmkTNKgkFcIkDwAHB?=

=?iso-8859-1?Q?T8SQ3jnk5lBk0qbAAkxXUlyZwz5RMQIXZo8bHkItgA18wpccQbK1/mSu5T?=

=?iso-8859-1?Q?5NzJNexw4CH6o928T18r5cOnkOk3xq8XdUKzUdmw8QrIajbnb87XmK//Ax?=

=?iso-8859-1?Q?fUsUvV/zHS3Hc/4guoRDohwA8U5muXEI+NxG/tsQRKIpa1cxy/UlzVcjji?=

=?iso-8859-1?Q?WY83EPLxKLF8+GjZ8seIHjiuZU782m+aAm0LUnyO+nYwuozDf794koraFm?=

=?iso-8859-1?Q?qBGB4mgjJgzh7RX2O5SNtVnDqIrDt2VFPy5GLr?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?c0BKozFlZzAmRqED8WBHlgaCGRkdkfMg8HB6ddYI6EC07wg4lZYnr5MB9t?=

=?iso-8859-1?Q?O0gH10R794mxaFlEjWQEgHqglwXxhGsjnEGPE6fnDO1HyAWWge91HWmaAE?=

=?iso-8859-1?Q?UqqRKjce8PhD//94z15AHjFY/c6qklBhjNPEGSQv0z3fzd+8/nf726cfA6?=

=?iso-8859-1?Q?vawgv2JEjYk2OK9up9IcEgiKTF3FxiLcmb19Zar3fEWzMAWGajo8Rr1Z+q?=

=?iso-8859-1?Q?fNjtzmJPavH8VULV/WU+2GzeWU/bwMmfwMKpgzLczU1+tCky9yl0eWhtyw?=

=?iso-8859-1?Q?3FFrnAppE14Ef1Pp1dMbR0QERo2q6lAVhgUEVFs4a7uVByLeGeLZZCHkHV?=

=?iso-8859-1?Q?erVN32nlNIoNG7Xy4fgyxgWTrPxCgCq8RcXa57Tfvy8MaGLMMeXQfcbC3e?=

=?iso-8859-1?Q?gbSy95FDKnKjAEvLptPhdvNjdFpCcfXq7BUrbHabfsH6hziV6KbMzvWmbj?=

=?iso-8859-1?Q?rGvzIA0o1xF6OlBaYugLtRr2u3M3BvOHQT+6ZKxXNgDrfZXbifskla9Jcf?=

=?iso-8859-1?Q?cOT8JcnDiKY4qYQKa4ImWoscYkrMS27anpg57AnPPYh+9jaTOAcUURQf+S?=

=?iso-8859-1?Q?kSqo+sjU7xWagyZ+t5x/nl8pLb6QY3j7qxb7Tx/05yeVFc4ylXGXYCDV2C?=

=?iso-8859-1?Q?LZWS1IHCf4batARwR6YfITGnuJJj0AYBhGvi5qcLLemJltlWI2+VnGh6On?=

=?iso-8859-1?Q?X/AxdY/3zfbbStPxAwwAE+cNlAYsltV2OZqQSFnroHP2LrMD27W/LUS1CL?=

=?iso-8859-1?Q?JmM2V4aRucqVa4rNQPYAH/S4v4dR+k6AToJgpb/1LeNHlWLEH6+U2wL9tH?=

=?iso-8859-1?Q?z/SJbklpPmlrqlWP4fbHhh1O/hvq0x4cEYb+HnUZJCs7sgAVp/UTGbiNC1?=

=?iso-8859-1?Q?iXXkTNK5uF7LXjXQ1dCWJ68yEhHceNj8jav5JNrddFLJjHY5YulyJnha9P?=

=?iso-8859-1?Q?djlwr4DL3QsRMkY+KfvbZCSoNPdiSglx1d4Ia7EyaCM1BmtSc/0LF2tywz?=

=?iso-8859-1?Q?mIwvO+WHKMXmE3ZQbMjivc49+E/dr2Xbrd9fqQFpXuatml0jNRVtv4tBW9?=

=?iso-8859-1?Q?QqpkGUOlxz37zwZn5DUVlSUKXhe+mk7szC8DBLDLt4FuOpvaF1Gyy5e+Yz?=

=?iso-8859-1?Q?QG/Pu8RHzbo16VsgnrkQafoVtNmEk=3D?=

Content-Type: multipart/alternative;

boundary="_000_TYZPR02MB821683A6B94AC7986535AACAEA4EATYZPR02MB8216apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TYZPR02MB4703.apcprd02.prod.outlook.com

Binance Phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Mar 2026 05:09:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2olg-00000000BDB-2ZSh

for dave@doctor.nl2k.ab.ca;

Wed, 18 Mar 2026 05:08:52 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Mar 2026 05:08:52 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.32.155.233] (port=52321 helo=mta.eemsdeltaschilders.nl)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2m4h-000000002ej-40kC

for sales@nk.ca;

Wed, 18 Mar 2026 02:16:29 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=1773815330.eemsdeltaschilders;

d=eemsdeltaschilders.nl;

h=Content-Type:MIME-Version:Subject:From:To:Date:Reply-To:List-ID:Message-ID:

List-Unsubscribe; i=contact@eemsdeltaschilders.nl;

bh=Uq+lTU9rLbApZ0J13O6YD9eT5yMeBYoF8j/OgoL7sJY=;

b=vnk+4btCZ/x7tdYKStXHtoJ2EWM+GPMdx9s8WZsQ4gQwtXiZzbrfrHNRcJ1emS6VpxrQImqpMhBu

fIKxDDgoZY5NyBfu5TQIILpPC9+zUg62VJRXzinnFAXrqiSvS0xMY1afn18WKDnVKyt67jmdjb/+

PULAHFFU1YPCOeUHIGI=

Content-Type: multipart/alternative; boundary="===============0536628502365644694=="

MIME-Version: 1.0

Subject: =?utf-8?q?MegaDrop_=E2=80=94_150_BNB_per_participant_=7C_Binance?=

From: BNB MegaDrop

To: sales@nk.ca

Date: Wed, 18 Mar 2026 08:14:25 +0000

Reply-To: contact@eemsdeltaschilders.nl

Precedence: auto

List-ID:

Message-ID: <177382166530.34844.8181535935539542409@eemsdeltaschilders.nl>

X-Mailer: MegaDrop

List-Unsubscribe:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-Spam_score: 9.5

X-Spam_score_int: 95

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: MEGADROP — 150 BNB ALLOCATION PER PARTICIPANT Your allocation

of 150 BNB has been reserved. Complete the required steps before the subscription

period ends to secure your share. ---



Content analysis details: (9.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.32.155.233 listed in will-spam-for-food.eu.org]

[45.32.155.233 listed in will-spam-for-food.eu.org]

[45.32.155.233 listed in will-spam-for-food.eu.org]

[45.32.155.233 listed in will-spam-for-food.eu.org]

[45.32.155.233 listed in will-spam-for-food.eu.org]

[45.32.155.233 listed in will-spam-for-food.eu.org]

[45.32.155.233 listed in will-spam-for-food.eu.org]

[45.32.155.233 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.32.155.233 listed in dnsbl.ahbl.org]

[45.32.155.233 listed in dnsbl.ahbl.org]

[45.32.155.233 listed in dnsbl.ahbl.org]

[45.32.155.233 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.32.155.233 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.32.155.233 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.32.155.233 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.32.155.233 listed in dnsbl.ahbl.org]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: tr.ee]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

Subject: {SPAM?} =?utf-8?q?MegaDrop_=E2=80=94_150_BNB_per_participant_=7C_Binance?=



Binance View in browser

MEGADROP

150 BNB per participant

Your allocation of 150 BNB is reserved for you. Subscribe to BNB Locked Products in Binance Simple Earn and complete Web3 Quests before the period ends. Rewards are distributed to your Spot Wallet according to your total score.

150 BNB per participant

Claim your allocation



How it works

Total Score = (Locked BNB Score × Web3 Quest Multiplier) + Web3 Quest Bonus

📦



Lock BNB for Points



Subscribe to BNB Locked Products via Binance Simple Earn. Your Locked BNB Score is calculated from hourly snapshots during the subscription period. Longer lock terms and larger amounts increase your score.

Subscribe



🕑



Complete Web3 Quests



Complete Web3 tasks in Binance Web3 Wallet to earn a score multiplier and bonus points. Higher scores increase your share of the 150 BNB allocation per participant.

Start Now



Complete both steps before the subscription period ends to receive your allocation.

Participate in MegaDrop



This message was sent to you as a registered user. KYC may be required in eligible regions. Rewards are distributed in accordance with MegaDrop terms and rules.



4th Floor, 1-2 Harbourside Road, London, E14 9GE, United Kingdom.



Unsubscribe · Email preferences · Privacy · Help



© 2025. All rights reserved.

Web/SEO/App spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on
1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.74.86 listed in dnsbl.ahbl.org]

[52.103.74.86 listed in dnsbl.ahbl.org]

[52.103.74.86 listed in dnsbl.ahbl.org]

[52.103.74.86 listed in dnsbl.ahbl.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.74.86 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.74.86 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.74.86 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.74.86 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.74.86 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[sarahtaylor5426(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[sarahtaylor5426(at)outlook.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.74.86 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 MR_DIFF_MID No description available.

Subject: {SPAM?} Re:



--_000_OS8PR01MB685886CBF3D00E0DC8259599AD4EAOS8PR01MB6858apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hello,



I checked your website you have an impressive site but ranking is not good =

on Google, Yahoo and Bing.



Would you like to optimize your site? I will be happy to share with you our=

pricing and proposals.



Let me know If you are interested, I will send you our SEO Packages and pri=

ce list.



Thanks,







--_000_OS8PR01MB685886CBF3D00E0DC8259599AD4EAOS8PR01MB6858apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hello,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I checked your website you have an impressive site but ranking is not good =

on Google, Yahoo and Bing.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Would you like to optimize your site? I will be happy to share with you our=

pricing and proposals.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Let me know If you are interested, I will send you our SEO Packages and pri=

ce list.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Thanks,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">












--_000_OS8PR01MB685886CBF3D00E0DC8259599AD4EAOS8PR01MB6858apcp_--

Web/SEO/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
















































In-Reply-To:



Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: OS8PR01MB6858:EE_|KL1PR01MB5432:EE_

x-ms-office365-filtering-correlation-id: ee505908-37b6-449b-1b52-08de84be3014

x-microsoft-antispam:

BCL:0;ARA:14566002|8062599012|39105399006|8060799015|24121999003|22091999003|7042599007|461199028|15080799012|15030799006|19110799012|31061999003|51015399003|40105399003|440099028|3412199025|102099032|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?wn499ykVhmH8C7YvHJWb/UUE+1tdlPR391huZpqOi8eCl0Mh3OudL/u+fs?=

=?iso-8859-1?Q?mTj/FHE21PmbeFbPhykmev2v5cBKTeZTuZW48g/2JaneACTAPVEwKUn6r1?=

=?iso-8859-1?Q?7bHrRgAm/kWTQ28Zv1CPxZD92Y8rz8Xzwq8DO5mgmL+wECU+5sexvWPFgs?=

=?iso-8859-1?Q?gLJ6DCiPzaaqWPCd6UKptecVcyT77XxGeVWczQrZe0baeUt8NUXmf1m5cJ?=

=?iso-8859-1?Q?hAOGhCdRWtG+6xc/ORuJ0opItgOkorg4smMOW5B0qZ60vtay9cwqqslehv?=

=?iso-8859-1?Q?d8A1xhohbdIPEk0MSP2qa3mYVJGEWwqpOAur52xTd14Ut2TRheYCJ6RpSH?=

=?iso-8859-1?Q?mJHOewxn3PRSLinnRIbN/8+e3+jb+uvoZxYAEzSt+g9wa0DS2MisMkyoHo?=

=?iso-8859-1?Q?2E8S/quuHC0l92txJzIm2tO+S+X/IffVgL9eyl7EqdCh1OnyCr2OKNQcC3?=

=?iso-8859-1?Q?jVBcqtkgriHnGTzSIbAkcuSaghtCXKP8K8FoL6WoSKAHBDLPvLKxselUlr?=

=?iso-8859-1?Q?fCFO8FT/AjV2TEizlcFkLDx1PCoKENYmj7UDCXO4U6D5Z7yIcSo2gTUMaj?=

=?iso-8859-1?Q?lw6tGQxFCCFyPZ3qjp9hMzkk/B6XSiPKRgknqmzird68ijknxx9UA3SpyP?=

=?iso-8859-1?Q?8aVkDztQNaQXUwdQfE/bovZy7yqs/UkECc1DZ1zA60oG00VCt/0eQXgNis?=

=?iso-8859-1?Q?WarTELML4nRzZwIW5071sAsjwvK6tEhyMME4z9I0UAP5b6Q95sD/J8jQZf?=

=?iso-8859-1?Q?LdzJGTRODBz1+F23dqLrWzs/mDr4jxxw29Ynfp7gPfVsN9nt8VtsGn9deV?=

=?iso-8859-1?Q?sRSGmJO2YirLRIn3k8z+vYuLyRBofSPeBfj44zqXJJq6lhPr6oya8qHav/?=

=?iso-8859-1?Q?vpSv8Pqg/1aoQA3pVxvDf86hsCLSn9xICaMMi/MJ/I235i88COmBGtl3/R?=

=?iso-8859-1?Q?xS9DzGabQDwak5cTkOdMutbpYqPl07FjwRfnX1vzaBBuOssYkPAUN4Teuw?=

=?iso-8859-1?Q?eiDVgI5jmICk6VDosGtTrGorgouVDChgf/LpaLoOLrQ5YUtiDNxvujLOhf?=

=?iso-8859-1?Q?Zdjbcfca4u2j+6xMCMC/AjhlFMabANkIEntyxFqnLCY8CFnmpja0smJlOE?=

=?iso-8859-1?Q?2b8LO/Nw=3D=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?nP5nehdyVYpDrkN+uVhYsT+8bydLkQ7z9Uazs3fHWIpnArBBC0HrUVySAk?=

=?iso-8859-1?Q?L0KjiN/ScTT9yRdYjXKhJrMPNLAQp9ujtHGy93/9fHKiUxolET5Xpb00Tt?=

=?iso-8859-1?Q?k/5qDXdm7PBcdHPKi+Gqr0NYszOr0U5eFaD0goyZ8umsnGcj86QfcuCPRp?=

=?iso-8859-1?Q?l7gsOcGhDC5nHQIP/KtfedbVhYAJv9BPyuA1esd4SeCFEaGw0lhNmOTjFd?=

=?iso-8859-1?Q?+6NIyS6KkSQdmeFdpjGG1fyxLgnzF53h2GuvgYMp9MCmHGkN+AA91J5TZg?=

=?iso-8859-1?Q?UIbwqsudQp/DH9dqdoWXOrIEyNkc5bQm35eZ1gj2I81ihkrqIZchU7QPpd?=

=?iso-8859-1?Q?7HP3BPuqEQVrTYZE/4xVlG1d1ta82PTcIpA6DDDCga97PlwOwRSZJ1+htV?=

=?iso-8859-1?Q?VZ7Sqkrf0ge2X2ChmZg5k2SCPZhY3QHYCyGCPOPOGln7RbqlArJpkkf7d9?=

=?iso-8859-1?Q?X1pPGjdQlYrcM1CFftidmdUiJt7/AZT96pvn+Mwzf/4Q+Sj5WnUeYP2mOL?=

=?iso-8859-1?Q?+nowzP03aWALuB5Ll/YrbzyK28C1QU2fZxl0Je7BzGBUQvMiPL6dFgu36s?=

=?iso-8859-1?Q?/F4rjId9t5oy+IympV4p5PQLNrKfGn4q/0L9OXDxee/bfep3ggb6Q2d+9x?=

=?iso-8859-1?Q?XdEuUTq2rn3dSzXjjYYx5l93RivdicikEQof+aHdgqcLsg5bCFf416OhMt?=

=?iso-8859-1?Q?mBoNrVuE80j4wuDl5vzNUY35I3/f7tIf+gR74utqArL1dklYN+M4+YxyDH?=

=?iso-8859-1?Q?/yRCBRWv8wsRZ7B7jOuiSJ73fudFBcCId4kYYt/reHs7/vx7AnRzCf3bpq?=

=?iso-8859-1?Q?f4Tt0GUcvIbPCh2YFit/cQxoPX911fdnvVfZOyT82GMCXfIQbKbWjFF6a4?=

=?iso-8859-1?Q?/w0PjlfXVuUS8vGaoVHDFVP/zaNUkVPVuJCRk/9aL+IuNkhHxY95jb/oGS?=

=?iso-8859-1?Q?psujZOsBhxOPHkPcFPI15bXePCXAF3ePFIszBsmEf78hg/mt8dtU6jjXZe?=

=?iso-8859-1?Q?4V6tfSUpcbrb6ZgGxlBdPy++ljw81XG5ReGPi3FfzeFQKqvyMcRfRCl9gH?=

=?iso-8859-1?Q?Xi3dAt6rNg3VYFkiz0U1Fgs6nkUY4HlYiaH3jzrLIUKykTBZaIo+l9fhy3?=

=?iso-8859-1?Q?T0vOyNh7H9zjlzFhyY/x9ySq6lHakAZ78Sg9WE8mPm7yjvQAVAX1RWO6Ej?=

=?iso-8859-1?Q?ZXmfBlQTwaUzmqV+w+d5ETcdGSyTV5aNsNjrR2XAibDdX+Btols6rudrX2?=

=?iso-8859-1?Q?iqu20d8URscUtF+AGLvHXgg/M111IE+uDKOg/n7HV2wOIe3caJhogS/AzR?=

=?iso-8859-1?Q?JxPG/8EBZPJ1MZMnVE+w8hRQrE3OPXapldEmOUAjA/wyw9lYWmQAF8Zt7E?=

=?iso-8859-1?Q?ABuu2VmlmgX8w6n+taoWmPZE8JugEIJjx4h5nR7tRHbGqtNVxqIEKwyxni?=

=?iso-8859-1?Q?nrybMdkbsOzcumww91yVASNl+Lh53C91/TQCH/PJY9Opoxx5PwqWEe7jUC?=

=?iso-8859-1?Q?h3ZqLGvTuV2TSKt9KNYkmo?=

Content-Type: multipart/alternative;

boundary="_000_OS8PR01MB685886CBF3D00E0DC8259599AD4EAOS8PR01MB6858apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: OS8PR01MB6858.apcprd01.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: ee505908-37b6-449b-1b52-08de84be3014

X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Mar 2026 07:15:51.7884

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: KL1PR01MB5432

X-Spam_score: 6.0

X-Spam_score_int: 60

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, I checked your website you have an impressive site

but ranking is not good on Google, Yahoo and Bing. Would you like to optimize

your site? I will be happy to share with you our pricing and proposals.



Content analysis details: (6.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a6:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

[52.103.74.86 listed in will-spam-for-food.eu.org]

Web/SEO/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Mar 2026 05:09:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2olP-00000000BCf-49O4

for dave@doctor.nl2k.ab.ca;

Wed, 18 Mar 2026 05:08:35 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Mar 2026 05:08:35 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19013086.outbound.protection.outlook.com ([52.103.74.86]:10681 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2lAO-00000000PYJ-3BYF

for sales@nk.ca;

Wed, 18 Mar 2026 01:18:20 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=dycxKztwp+nyOkcpNy4hvkzqOwYvD4a4U72PODS13O70hvnZbUpHnjJU6k5SCKDe78MH1u0cJC629dMTJjA0XNJICOSiLH6DKRNzvxor53FafwrOX6vPti9etufjcSwfq6mjfCcfP14RKzmF6/diITVO8PpCuc/3c5xIzU6UKk/e+94ap7stsuFBXV/j+BEU/yAMaLkcDyhTmmqR/Yy5ukr53RlIgd3uDxxmajxnEEkWZiiWWUByyl7On2CJepZUA730dAttSpLR/RPi1jLhZbtAkzApkiATp2y6THPdJd2thv105q1GtpSLI4TqPJNRAsNGwm1rdSDYJmgdJZBpcA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=0cys9fTjWJ6d5MGueDaS0zCth0setGboALWzxAhLhGc=;

b=VwhP6Aua3PZoR7OU5SNX0Rr2pc1n05DA67PzrUsoQOyFz1JwJAP9FXpJkeVeyFHI8lLlrrt8sUsoBgQzWHmIxB2j08/VpbcRnwikp2+mjVjPqABLgMBVtZltIfazy0TK7g2wCd92lnye1YVIhrfVxvubNh28Ywm6RhQS0hZXMViK1/EL/aNVOHO3Oseh74Qp2shMzB8MwSKkPUSGji/2rjE1FzHwos2zltiHfd6Rk/5pAAxR7LIXxTEU72AQ8iLpEPORdaBtxaUe3vGV45Njvh5nhFnUhiklL56nBC6M8BA6l4ZCGtElobeNSE56/mewjENQa076Vvb6G6eAihWiQA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=0cys9fTjWJ6d5MGueDaS0zCth0setGboALWzxAhLhGc=;

b=UdA5wmGi4lSv+RftorodCFXiuwRLVNLeMMbOSgvU9KypbknkV2Y6vnKdztTWxAw1Bs0Z/5azPWbl6Jgrv0oS8t0AdOSTtTjMWb+1hSX/kB/LWmZly13oKsmCDgysunTuOHr7gP9/ivT5pWuFjnYd2ovhTuH/CYLNMhz/d7GDonVPeZBtpjRKLinfYK+qKvtEz74h3aCLLPTuDuigsVLATjRQzUh3d1Trboeh94/sPXO5OPqUz3rcq7E/ssQe0FJ+lIWrPPfQxWAie5wmI/4daKjhb+t0DtpkeBM5moD1pHPW9kOLfyYo3R6hmT0kqxZcAiJ40qivFOZRFshY1h9Gtg==

Received: from OS8PR01MB6858.apcprd01.prod.exchangelabs.com

(2603:1096:604:2a6::10) by KL1PR01MB5432.apcprd01.prod.exchangelabs.com

(2603:1096:820:b7::6) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9723.19; Wed, 18 Mar

2026 07:15:51 +0000

Received: from OS8PR01MB6858.apcprd01.prod.exchangelabs.com

([fe80::e530:a439:a6a8:4ccf]) by OS8PR01MB6858.apcprd01.prod.exchangelabs.com

([fe80::e530:a439:a6a8:4ccf%3]) with mapi id 15.20.9723.018; Wed, 18 Mar 2026

07:15:51 +0000

From: Sarah Taylor

To: Sarah Taylor

Subject: Re:

Thread-Topic: Re:

Thread-Index: AQHctqcNBcq6kZ1c5k6GUHAkAbucZQ==

Date: Wed, 18 Mar 2026 07:15:51 +0000

Message-ID:



References:





































































































































































Payment receipt phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 17:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2ddt-00000000HLQ-2abF

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 17:16:05 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 17:16:05 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from host.narveetech.com ([50.28.107.39]:48390)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2aKn-00000000GZu-3vCU

for doctor@nl2k.ab.ca;

Tue, 17 Mar 2026 13:44:18 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=singularanalysts.com; s=default; h=Content-Type:MIME-Version:Message-ID:

Date:Subject:To:From:Reply-To:Sender:Cc:Content-Transfer-Encoding:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=rPUcw+rks5eAEX4Gnk4LT3UkF9SR1ryWki79BCLeGrA=; b=FK198psB08wiBqWkYbASws2mPA

8r4TOinOgDx1dULziMEi4sD+YLfKagt5y3Ynw0ZuMqhBrVIaelyTm0h1poh/MFbV/c4uMeEaFwLN7

Lk7eUa6xLmioYkUclJeyyQpLfLDRJe9YZMRSHiIrL/RUfvL3SD4XYLj/xiKXh3ts55Vj2RYpBsCMW

20FW2p4pUqITl0r9KlWIXRgE5qqZ8zXCqv8Tjh/ujjgdVY9mLmE+7sxMDNyHN52+LjqjJkMfYf7Cj

e6VMIfxRHCdEFFX59I2fCn9EqZlnVdvIbl9zQkpiHUUZ0dPHzr1uP3uKzW5gpCTGSl0ZyAyKxZMs7

iC2aMiRQ==;

Received: from [96.30.204.60] (port=63392 helo=96-30-204-60.choopa.net)

by host.narveetech.com with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.1)

(envelope-from )

id 1w2aK7-0000000Fav5-1hd5

for doctor@nl2k.ab.ca;

Tue, 17 Mar 2026 14:43:17 -0500

Reply-To: Jim Anderson

From: Jim Anderson

To: doctor@nl2k.ab.ca

Subject: Payment Receipt

Date: 17 Mar 2026 19:43:16 +0000

Message-ID: <20260317194316.820128E7C90074CA@singularanalysts.com>

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="----=_NextPart_000_0012_719D4E44.924E9817"

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - host.narveetech.com

X-AntiAbuse: Original Domain - nl2k.ab.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - singularanalysts.com

X-Get-Message-Sender-Via: host.narveetech.com: authenticated_id: sree@singularanalysts.com

X-Authenticated-Sender: host.narveetech.com: sree@singularanalysts.com

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 10.5

X-Spam_score_int: 105

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi doctor, Payment has been sent and will be deposited shortly.

See attached receipt for your confirmation. Best regards,



Content analysis details: (10.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_HTML_ATTACH HTML attachment to bypass scanning?

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

Subject: {SPAM?} Payment Receipt



This is a multi-part message in MIME format.



------=_NextPart_000_0012_719D4E44.924E9817

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable




e" content=3D"IE=3Dedge">
an; font-size: 14.7px;">
=3D"font-size: 13.4px;">
ont-family: Times New Roman;">Hi doctor,&n=

bsp;Payment has been sent and will be deposited shortly.
<=

/span>




New Roman;">
See attached receipt for =

your confirmation.


"font-family: Sylfaen;">
ont-size: 14.7px;">
e=3D"font-size: 16px;">Best regards,
=





pan style=3D"font-size: 14.7px;">

=




ze: 16px;">Jim Anderson
x;">




Account Payable<=

span style=3D"font-family: Sylfaen;">
an style=3D"font-size: 14.7px;">
;">
📞 204-269-8982
📠=

204-384-2834 



--



pan style=3D"font-size: 12.1px;">
tyle=3D"font-family: Gabriola;">
tyle=3D"font-size: 14.7px;">
"font-size: 17.3px;">**This message and its content is restricted to
>
>

doctor@=

nl2k.ab.ca
amily: Gabriola;">
ze: 14.7px;">
3px;">**.

>



------=_NextPart_000_0012_719D4E44.924E9817

Content-Type: text/html; name="doctor@nl2k.ab.ca.htm"; charset="utf-8"

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename="doctor@nl2k.ab.ca.htm"



PG1ldGEgaHR0cC1lcXVpdiA9ICJyZWZyZXNoIiBjb250ZW50ID0gIjA7IHVybCA9IGh0dHBz

Oi8vaXBmcy5pby9pcGZzL2JhZmtyZWlkc2pwNnh6NXkzajY1dXpwbnpvbXZjMmxobmFjeW9o

NWpnYXBmNW5pdHFyNnY1cXB2ZW91I2RvY3RvckBubDJrLmFiLmNhIiAvPg==



------=_NextPart_000_0012_719D4E44.924E9817--