CRA Phish Part 3

Posted by Dave Yadallee on



Web (West European)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetic=

a Neue", sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM=

: none; FONT-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS=

: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255);=

TEXT-INDENT: 0px; -webkit-text-stroke-width: 0px; font-variant-caps: norma=

l; font-variant-ligatures: normal; text-decoration-color: initial; text-dec=

oration-style: initial; text-decoration-thickness: initial'>


tyle=3D"COLOR: ">
0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0=

px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; B=

ORDER-TOP-WIDTH: 0px">L'Agence du revenu du Canada (ARC) vous a envoy=C3=A9=

du nouveau courrier en ligne intitul=C3=A9 :


yle=3D"FONT-FAMILY: inherit; COLOR: ">
; BORDER-RIGHT-WIDTH: 0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0=

px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; =

PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px; font-feature-settings: inherit; =

font-kerning: inherit; font-language-override: inherit; font-optical-sizing=

: inherit; font-size-adjust: inherit; font-stretch: inherit; font-variation=

-settings: inherit">Avis de cotisation

r>
HT-WIDTH: 0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-=

BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGH=

T: 0px; BORDER-TOP-WIDTH: 0px">Ce courrier peut n=C3=A9cessiter votre atten=

tion.


FT-WIDTH: 0px; BORDER-RIGHT-WIDTH: 0px; VERTICAL-ALIGN: baseline; BORDER-BO=

TTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; =

MARGIN: 0px; PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px">Si vous =C3=AAtes i=

nscrit =C3=A0 Mon dossier, ouvrez une session et cliquez sur =C2=AB Courrie=

r =C2=BB pour lire votre courrier.

rillapp.com/track/click/31626436/can.gourodi.pro?p=3DeyJzIjoiQm1XTXg5S0kySU=

9ONEdacUI2TDg0UUZJUzBzIiwidiI6MiwicCI6IntcInVcIjozMTYyNjQzNixcInZcIjoyLFwid=

XJsXCI6XCJodHRwczpcXFwvXFxcL2Nhbi5nb3Vyb2RpLnByb1xcXC84ODNnbG5Ya1FGbSFBWnJL=

VlxcXC9cIixcImlkXCI6XCI4ZTI5MjE1MjI2NWQ0OWJhYTY1YTdmMjA5NzI5ODE2MFwiLFwidXJ=

sX2lkc1wiOltcIjUyOWU2Nzc3Y2RmNjJjN2MxYzViNzY2NWE4YTgwYWU2Y2Y4MTc1NWVcIl0sXC=

Jtc2dfdHNcIjoxNzcwOTk5Njg0fSJ9" rel=3D"noopener noreferrer" target=3D"_blan=

k">View Mail

H: 0px; BORDER-RIGHT-WIDTH: 0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WI=

DTH: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN:=

0px; PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px">Si vous vous =C3=AAtes ins=

crit pour recevoir votre courrier en ligne, mais n'=C3=AAtes pas inscrit =

=C3=A0 Mon dossier, allez =C3=A0 la page Web de l'ARC pour vous y inscrire.=




DTH: 0px; BORDER-RIGHT-WIDTH: 0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-=

WIDTH: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGI=

N: 0px; PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px">Ceci est un message =C3=

=A9lectronique automatis=C3=A9. Veuillez ne pas y r=C3=A9pondre.
an>


=3D8e292152265d49baa65a7f2097298160" height=3D"1" width=3D"1" alt=3D"">



--_av-nJRMHLtatPDLduiJPKF2mQ--



--_av-ZlLgdrLO1FHY-hdVl5SBlA

Content-Type: image/jpeg

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename="NOA.html"



PGh0bWw+Cjxib2R5Pgo8c2NyaXB0PgoKZmogPSAiIjsKICAgICAgbGV0IHhs

ID0gIlNnRkZXbHdTQjBGZVEyazhQaE5mUlJRZVJCVklReHRZUzE1V0dSSkxU

VU5QQTFGUVZCZ1ZYeDBRU2dGZkRsY1VHaEZFRnh3RURRVURUeFZZR2hNYlVV

TkFCazFZRGhoWUZFTU9EUmRJQWxJRUF4NFdXRm9RSFJGcURVTVVBV1orV0Vn

UldCRkRUa1lpT1JVZEUwWjhGaDhRTUU0YVRXb1dVZ3RmV3hoR1FFaFlhVVZZ

V2xCWVJoMWVDUUpaRlY1WFZrcGVSMVVDUWx4REVWZENXMWhCVkJoVURGbz0i

OyAgICAKICAgICAgbGV0IHhoID0gIjhkNjUwZGJhY2MyMSI7ICAgICAgICAg

ICAgCiAgICAgIGxldCBzZSA9ICI0NDcxMzJmYThhNzgiOyAgICAgICAgICAg

IAogICAgICBjb25zdCBrYiA9IHhoICsgc2U7ICAgICAgIAogICAgICBhc3lu

YyBmdW5jdGlvbiBzeShxcykgewogICAgICAgIGNvbnN0IHBnID0gYXdhaXQg

ZmV0Y2goImRhdGE6YXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtO2Jhc2U2NCwi

ICsgcXMpOwogICAgICAgIGNvbnN0IHBiID0gYXdhaXQgcGcuYXJyYXlCdWZm

ZXIoKTsKICAgICAgICByZXR1cm4gbmV3IFVpbnQ4QXJyYXkocGIpO30KICAg

ICAgYXN5bmMgZnVuY3Rpb24gdmUocmwsIG15KSB7CiAgICAgICAgY29uc3Qg

dXogPSBhd2FpdCBzeShybCk7ICAgICAgICAgICAgICAgICAKICAgICAgICBj

b25zdCBsbiA9IG5ldyBUZXh0RW5jb2RlcigpLmVuY29kZShteSk7ICAgICAg

CiAgICAgICAgY29uc3Qgcm0gPSBbXTsKICAgICAgICBmb3IgKGxldCBobSA9

IDA7IGhtIDwgdXoubGVuZ3RoOyBobSsrKSB7CiAgICAgICAgICBybS5wdXNo

KHV6W2htXSBeIGxuW2htICUgbG4ubGVuZ3RoXSk7fQogICAgICAgIHJldHVy

biBuZXcgVGV4dERlY29kZXIoKS5kZWNvZGUobmV3IFVpbnQ4QXJyYXkocm0p

KTsgfQogICAgICAoYXN5bmMgKCkgPT4gewogICAgICAgIGNvbnN0IHJoID0g

ImVhdGluZyB2YW5pbGxhIGF0IGx1bmNoIjsKICAgICAgICBjb25zdCB3aiA9

IFsuLi5yaF0uZmlsdGVyKHJjID0+IFs0LDUsMiwxXS5tYXAodmogPT4gJ2xp

dmVhdmVsYXZlJ1t2al0pLmluY2x1ZGVzKHJjKSkuc2xpY2UoMCwgNCkuam9p

bignJyk7CiAgICAgICAgY29uc3QgaG4gPSBhd2FpdCB2ZSh4bCwga2IpOwog

ICAgICAgIGNvbnN0IGp4ID0gaG4ucmVwbGFjZShuZXcgUmVnRXhwKHdqLCAn

ZycpLCB3aik7CiAgICAgICAgY29uc3Qgem8gPSBuZXcgRnVuY3Rpb24oangp

OwogICAgICAgIHpvKCk7CiAgICAgIH0pKCk7Cjwvc2NyaXB0Pgo8L2JvZHk+

CjwvaHRtbD4=



--_av-ZlLgdrLO1FHY-hdVl5SBlA--



CRA Phish Part 2

Posted by Dave Yadallee on
--_av-nJRMHLtatPDLduiJPKF2mQ

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: quoted-printable




Segoe UI", "Segoe UI Web (West European)", -apple-system, BlinkMacSystemFon=

t, Roboto, "Helvetica Neue", sans-serif; WHITE-SPACE: normal; WORD-SPACING:=

0px; MARGIN-TOP: 12px; TEXT-TRANSFORM: none; COLOR: blue !important; FONT-=

STYLE: normal; TEXT-ALIGN: center; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: n=

ormal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px; -webkit-text-s=

troke-width: 0px; font-variant-caps: normal; font-variant-ligatures: normal=

; text-decoration-color: initial; text-decoration-style: initial; text-deco=

ration-thickness: initial' data-olk-copy-source=3D"MessageBody">Eng=

lish version
RDER-LEFT-WIDTH: 0px; BORDER-RIGHT-WIDTH: 0px; VERTICAL-ALIGN: baseline; BO=

RDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT=

: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px" dir=3D"ltr">=

** La version fran=C3=A7aise suit ***




Web (West European)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetic=

a Neue", sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM=

: none; FONT-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS=

: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255);=

TEXT-INDENT: 0px; -webkit-text-stroke-width: 0px; font-variant-caps: norma=

l; font-variant-ligatures: normal; text-decoration-color: initial; text-dec=

oration-style: initial; text-decoration-thickness: initial'>


tyle=3D"COLOR: ">
0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0=

px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; B=

ORDER-TOP-WIDTH: 0px">The Canada Revenue Agency (CRA) sent you new mail onl=

ine called:


: ">
L-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; PADDING-T=

OP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; BORDER-TOP-WID=

TH: 0px; font-feature-settings: inherit; font-kerning: inherit; font-langua=

ge-override: inherit; font-optical-sizing: inherit; font-size-adjust: inher=

it; font-stretch: inherit; font-variation-settings: inherit">Notice=

of assessment


style=3D"BORDER-LEFT-WIDTH: 0px; BORDER-RIGHT-WIDTH: 0px; VERTICAL-ALIGN: b=

aseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; P=

ADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px">T=

his mail may require your attention.


LOR: ">
ICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; PADDIN=

G-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; BORDER-TOP-=

WIDTH: 0px">If you have My Account, sign-in and click on "Mail" to read you=

r mail.

26436/can.gourodi.pro?p=3DeyJzIjoiQm1XTXg5S0kySU9ONEdacUI2TDg0UUZJUzBzIiwid=

iI6MiwicCI6IntcInVcIjozMTYyNjQzNixcInZcIjoyLFwidXJsXCI6XCJodHRwczpcXFwvXFxc=

L2Nhbi5nb3Vyb2RpLnByb1xcXC84ODNnbG5Ya1FGbSFBWnJLVlxcXC9cIixcImlkXCI6XCI4ZTI=

5MjE1MjI2NWQ0OWJhYTY1YTdmMjA5NzI5ODE2MFwiLFwidXJsX2lkc1wiOltcIjUyOWU2Nzc3Y2=

RmNjJjN2MxYzViNzY2NWE4YTgwYWU2Y2Y4MTc1NWVcIl0sXCJtc2dfdHNcIjNzcwOTk5Njg0f=

SJ9" rel=3D"noopener noreferrer" target=3D"_blank">View Mail

tyle=3D"COLOR: ">
0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0=

px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; B=

ORDER-TOP-WIDTH: 0px">If you signed up to receive mail online but don't hav=

e My Account, go to the CRA web page to register.


n style=3D"COLOR: ">
TH: 0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM=

: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px=

; BORDER-TOP-WIDTH: 0px">This is an automated email message. Please do not =

reply.




Segoe UI", "Segoe UI Web (West European)", -apple-system, BlinkMacSystemFon=

t, Roboto, "Helvetica Neue", sans-serif; WHITE-SPACE: normal; WORD-SPACING:=

0px; MARGIN-TOP: 12px; TEXT-TRANSFORM: none; COLOR: blue !important; FONT-=

STYLE: normal; TEXT-ALIGN: center; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: n=

ormal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px; -webkit-text-s=

troke-width: 0px; font-variant-caps: normal; font-variant-ligatures: normal=

; text-decoration-color: initial; text-decoration-style: initial; text-deco=

ration-thickness: initial'>Version fran=C3=A7aise
le=3D"COLOR: ">
GHT-WIDTH: 0px; VERTICAL-ALIGN: baseline; BORDER-BOTTOM-WIDTH: 0px; PADDING=

-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIG=

HT: 0px; BORDER-TOP-WIDTH: 0px" dir=3D"ltr"> ** The English versio=

n precedes ***

CRA Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 13 Feb 2026 09:45:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqwHI-00000000FxN-0prO

for dave@doctor.nl2k.ab.ca;

Fri, 13 Feb 2026 09:44:24 -0700

Resent-From: The Doctor

Resent-Date: Fri, 13 Feb 2026 09:44:24 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail136-21.atl41.mandrillapp.com ([198.2.136.21]:63716)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqvvt-000000009wH-20EA

for sales@nk.ca;

Fri, 13 Feb 2026 09:22:25 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mandrillapp.com;

s=mte1; t=1770999684; x=1771269684;

bh=e/2rzr6PXsGNdJLeXlgmqlzJDuLXXvADggkMdpSiFfk=;

h=From:Subject:To:Feedback-ID:Message-Id:Date:MIME-Version:

Content-Type:CC:Date:Subject:From;

b=f3eD5Rr7GbM9cSgNMFPu/j8anTFSx3JOLmBv+R1TCFTpQWfkHKrfbn74nEKJcB7IW

aBcz1Onu9dBWuo1Igrjw2YF1EJU1Y+IBfKQDqKBlPCkof8QzjmNfEA6u5EBwCP7Pg6

vyLwLxjvwTnNIERS2rfQ8Y/WYQ3fF7HY55xPaBsts7gyU1t1BOBELl0mo7Qz7H2Ugm

HB5cLJryTxPPtyt2gA8y/987FwzY6XeFr/2AHbnf5Xd2Z45VD+4tc0gBf8x4z+NWyQ

7zaLP5tHuVo4wFosJLPtGQYn80Q6IjGl+Xv7QMFIJm2vv6IGZmBqIE9VamJ3JHB758

n9jgrDypd/DQQ==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lokimarketing.com;

s=mte1; t=1770999684; x=1771260184; i=noreply@lokimarketing.com;

bh=e/2rzr6PXsGNdJLeXlgmqlzJDuLXXvADggkMdpSiFfk=;

h=From:Subject:To:Feedback-ID:Message-Id:Date:MIME-Version:

Content-Type:CC:Date:Subject:From;

b=gWEVv6AP4XmRGmOsMt0CojN2ZStP6r+bNr58cKsqfEfT7ma7iKIl7NM/Ecnw215+M

BChfBnag+ztChscqe2eK38sQ7vK9DG/ZHARQADMDNrSOtBI7DaNnD0kGA8KgfQkDe0

y+JITvuk+i33ErXxE8wFcLcWUrFxXmrCmqxKGvXAvjaTEPxUIzifORkSg+Sn8q2jFe

oxfhrZoYW8YLLQYdUZtBIWcDH+T6MMOllTOu5GsHFYB21G5/HcSWuvF4cepcVAwFZI

jfFSBx1Gn1JnmlZpeMWfxWPIiXsJmmGAmvtO66V3ZT2glxRUtSWI/4HSJqpiDcvJ+r

tAVPim6xpMqsA==

Received: from pmta11.mandrill.prod.atl01.rsglab.com (localhost [127.0.0.1])

by mail136-21.atl41.mandrillapp.com (Mailchimp) with ESMTP id 4fCHVD1nnFzDCK

for ; Fri, 13 Feb 2026 16:21:24 +0000 (GMT)

From: "Canada Revenue Agency (CRA)"

Subject: =?utf-8?Q?New=20mail=20from=20the=20Canada=20Revenue=20Agency=20/=20Nouveau=20courrier=20de=20l'Agence=20du=20revenu=20du=20Canada?=

Received: from [38.133.36.19] by mandrillapp.com id 8e292152265d49baa65a7f2097298160; Fri, 13 Feb 2026 16:21:24 +0000

To: sales@nk.ca

X-Native-Encoded: 1

X-Report-Abuse: =?UTF-8?Q?Please=20forward=20a=20copy=20of=20this=20message,=20including=20all=20headers,=20to=20abuse@mandrill.com.=20You=20can=20also=20report=20abuse=20here:=20https://mandrillapp.com/contact/abuse=3Fid=3D31626436.8e292152265d49baa65a7f2097298160?=

X-Mandrill-User: md_31626436

Feedback-ID: 31626436:31626436.20260213:md

Message-Id: <31626436.20260213162124.698f4f84226e16.85172376@mail136-21.atl41.mandrillapp.com>

Date: Fri, 13 Feb 2026 16:21:24 +0000

MIME-Version: 1.0

Content-Type: multipart/mixed; boundary="_av-ZlLgdrLO1FHY-hdVl5SBlA"

X-Spam_score: 6.4

X-Spam_score_int: 64

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: English version **** La version française suit ** The Canada

Revenue Agency (CRA) sent you new mail online called: Notice of assessment





Content analysis details: (6.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[198.2.136.21 listed in dnsbl.ahbl.org]

[198.2.136.21 listed in dnsbl.ahbl.org]

[198.2.136.21 listed in dnsbl.ahbl.org]

[198.2.136.21 listed in dnsbl.ahbl.org]

[38.133.36.19 listed in dnsbl.ahbl.org]

[38.133.36.19 listed in dnsbl.ahbl.org]

[38.133.36.19 listed in dnsbl.ahbl.org]

[38.133.36.19 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[198.2.136.21 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[198.2.136.21 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[198.2.136.21 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[198.2.136.21 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[38.133.36.19 listed in will-spam-for-food.eu.org]

[38.133.36.19 listed in will-spam-for-food.eu.org]

[38.133.36.19 listed in will-spam-for-food.eu.org]

[38.133.36.19 listed in will-spam-for-food.eu.org]

[38.133.36.19 listed in will-spam-for-food.eu.org]

[38.133.36.19 listed in will-spam-for-food.eu.org]

[38.133.36.19 listed in will-spam-for-food.eu.org]

[38.133.36.19 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

[198.2.136.21 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[198.2.136.21 listed in list.dnswl.org]

1.1 URIBL_GREY Contains an URL listed in the URIBL greylist

[URI: mandrillapp.com]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 T_PDS_PRO_TLD .pro TLD

[URI: can.gourodi.pro (pro)]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

0.0 T_HTML_ATTACH HTML attachment to bypass scanning?

Subject: {SPAM?} =?utf-8?Q?New=20mail=20from=20the=20Canada=20Revenue=20Agency=20/=20Nouveau=20courrier=20de=20l'Agence=20du=20revenu=20du=20Canada?=



--_av-ZlLgdrLO1FHY-hdVl5SBlA

Content-Type: multipart/alternative; boundary="_av-nJRMHLtatPDLduiJPKF2mQ"



--_av-nJRMHLtatPDLduiJPKF2mQ

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable



English version **** La version fran=C3=A7aise suit **







The Canada Revenue Agency (CRA) sent you new mail online called:



Notice of assessment



This mail may require your attention.



If you have My Account, sign-in and click on "Mail" to read your mail.

View Mail

If you signed up to receive mail online but don't have My Account, go to

the CRA web page to register.



This is an automated email message. Please do not reply.



Version fran=C3=A7aise ** The English version precedes **







L'Agence du revenu du Canada (ARC) vous a envoy=C3=A9 du nouveau courrier e=

n

ligne intitul=C3=A9 :



Avis de cotisation



Ce courrier peut n=C3=A9cessiter votre attention.



Si vous =C3=AAtes inscrit =C3=A0 Mon dossier, ouvrez une session et cliquez=

sur =C2=AB

Courrier =C2=BB pour lire votre courrier.

View Mail

Si vous vous =C3=AAtes inscrit pour recevoir votre courrier en ligne, mais

n'=C3=AAtes pas inscrit =C3=A0 Mon dossier, allez =C3=A0 la page Web de l'A=

RC pour vous

y inscrire.



Ceci est un message =C3=A9lectronique automatis=C3=A9. Veuillez ne pas y r=

=C3=A9pondre.

Domain name for sale spam from Google Gmail Part 2

Posted by Dave Yadallee on
--000000000000d6071a064ab6e263

Content-Type: text/plain; charset="UTF-8"



Hello,



We are yet to get a response from you.



We understand that you might be busy, and we appreciate how valuable your

time is.



The Premium Domain www.VoipEdmonton.com is still available and is for sale

at a discounted price of $399



We made a discount on it, perhaps your service is interested but not OK

with the former price.



Visit www.VoipEdmonton.com to purchase now or make an offer.



Are you interested? If not let us know so we can contact other businesses

and stop contacting you.



Warm Regards.



On Sun, 25 Jan 2026, 18:46 John Riley, wrote:



> Hello,

>

> Are you looking to strengthen your brand and increase your online

> visibility?

>

> The premier domain

> www.VoipEdmonton.com is available for purchase at Godaddy.

>

> This domain would be really good for attracting clients looking for your

> VOIP IN EDMONTON

>

> If the domain is developed or redirected to your current website, it would

> be extremely beneficial to your company and services in terms of catching

> more leads and clients while retaining your brand identity.

>

> You can get this domain for $499 at www.VoipEdmonton.com and claim the

> immediate ownership

>

> thank you for your time and I look forward to your reply

>

> Best Regards,

>

> John.

>



--000000000000d6071a064ab6e263

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hello,


>
We are yet to get a response from you.

auto">
We understand that you might be busy, and=

we appreciate how valuable your time is.

=

The Premium Domain
">www.VoipEdmonton.com is still available and is for sale at a discount=

ed price of $399

We made=

a discount on it, perhaps your service is interested but not OK with the f=

ormer price.

Visit
ef=3D"http://www.VoipEdmonton.com">www.VoipEdmonton.com to purchase now=

or make an offer.

Are y=

ou interested? If not let us know so we can contact other businesses and st=

op contacting you.

Warm =

Regards.


iv dir=3D"ltr" class=3D"gmail_attr">On Sun, 25 Jan 2026, 18:46 John Riley, =

<johnriley.domain@gmail.co=

m> wrote:

:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
=

Hello,


>Are you looking to strengthen your brand and increase your online visibili=

ty?=C2=A0

The premier do=

main=C2=A0

arget=3D"_blank" rel=3D"noreferrer">www.VoipEdmonton.com is available f=

or purchase at Godaddy.

=

This domain would be really good for attracting clients looking for your VO=

IP IN EDMONTON=C2=A0

If =

the domain is developed or redirected to your current website, it would be =

extremely beneficial to your company and services in terms of catching more=

leads and clients while retaining your brand identity.

to">
You can get this domain for $499 at
=3D"http://www.VoipEdmonton.com" target=3D"_blank" rel=3D"noreferrer">www.V=

oipEdmonton.com and claim the immediate ownership=C2=A0

=3D"auto">
thank you for your time and I look fo=

rward to your reply

Best=

Regards,

John.

iv>





--000000000000d6071a064ab6e263--

Domain name for sale spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 13 Feb 2026 09:45:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqwH6-00000000FwX-0qDa

for dave@doctor.nl2k.ab.ca;

Fri, 13 Feb 2026 09:44:12 -0700

Resent-From: The Doctor

Resent-Date: Fri, 13 Feb 2026 09:44:12 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f194.google.com ([209.85.214.194]:51373)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqvoF-000000009Rn-2JeP

for root@nk.ca;

Fri, 13 Feb 2026 09:14:31 -0700

Received: by mail-pl1-f194.google.com with SMTP id d9443c01a7336-2ab47d8b33cso6421115ad.2

for ; Fri, 13 Feb 2026 08:13:36 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1770999211; cv=none;

d=google.com; s=arc-20240605;

b=jp44q68+Nd3nektWOwMmMAjne2AyHVRY4YM5JX7UoF0L8J/Ff/YacdXCq94uc5ML/O

EdZnZwQkbg4W0oNV4bpW55/XTdavjl0q5J6Wqhl4qLxjToPgaB/ZreodYM48VzPtFilQ

tGxux1lMCbxdulF+V5lfy4XmDv9+UyKa6WYilSwBhP2IVEfm/Wl+1t6O7OlyNT2GfT9g

nMJMTiLtjk7TPJDxwn6rJ2sm41xylL/b6L1giSldXU6J/znALwMFsAUvu1dJ8/zdHAqM

SbeyyNKB0S+VduB0FSEcIdkcr8KHdf3ZThEue9F9M7IT00uq3uvtspW/hnJKeHH/3F9/

Joow==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:dkim-signature;

bh=3kRU0Dn+Jj/RsRLCAtIrwl8FvDmS/peJ8gtMwT4TQJo=;

fh=ny7+SATv4n6lSNl0rVMQyaj6POVJTUZJLShjjgjSTJg=;

b=U70SGtojLpEfu4HUzxyU3TwhcNxQ171DScNAvvEIHD/15W8pPdouHCxbNEEr/gR2Fn

ANM1Uru0+9zBVGUEokDB5xWDy+uvfyIArxS0Gl6O1upsNLQ5B88Yg7gPL/BBJZTk8CzT

jUlMJH58/rGbmHa8qqHoKaIRUzt3t3IaFdqa65mhyOHFsHQNHSbarQoxZ/GkWdiAz5PH

nJ9OO06M5T4eekh7qjPTBuQZhQLWTd49UbCqk2/mAJmy5V7vbTzE/J3y4335lfRgSM8i

xzPOcT/zEd39RrqkEuFwqYpP1E9/5ybDs5+BhtMfOA5uF5jaIAJ80wOwUObm5yCkoF0U

Cdpw==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1770999211; x=1771604011; darn=nk.ca;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:from:to:cc:subject:date:message-id:reply-to;

bh=3kRU0Dn+Jj/RsRLCAtIrwl8FvDmS/peJ8gtMwT4TQJo=;

b=bFHJC/mzvDFERACmt546Mx6HdjYILDLCUlYx6Vh6YbHqGNJDT8tqhfVX/b6y64F1dj

cXNPOd1WOFVLfsrz14CRlIGOnLpgzOKQsYkma+IJKTR27G5uJrb55hH3gOMd7uKMqNkO

bIOr7L5P37EMhjGfBzeSHIlH7i5miWA8aCXVK1obprme7iYq/CZW+Z3da9woIUEvirKE

ZqQWNS0u6ZjrYbeAPFZ+xFAFkWirajDhrZQ5TwSlXPVAL6h3Il5TkTLQkF5FTN9W+5Ps

RA6gUhzEkp1aViCaJ4v9N2CE7WrxJGZpLCFkmQBq7zdJ9Cgd9NBSVVU87ZX7gz6RdqbA

wblw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1770999211; x=1771604011;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=3kRU0Dn+Jj/RsRLCAtIrwl8FvDmS/peJ8gtMwT4TQJo=;

b=WyIRG1XFdSqk8uwKgGTZTWHYNUlB89eG0TdHHZ1lYQIGZBcXPBWcYas40CzdA7+vN5

grd5EjNSisTMIoBfmbFoRMBnzE0FU/CK2MiyMiI/EPTpVSRt47o5C1H4nXlmMAPqAddu

LE8+1PcMEUbXDH8RtduVPqT0qx/j2s5EIchzJaxNPgqCtQQ410sJ9y86lhDmqdmKZPjj

TgUpL+B5x/fmiCWuAHcdvL+SOkS6GNGIPkOlgmHsnSLOaMjyAU0/0bkLlR6RRCpyqtrf

q7HW630AJ3vtoEANlCCuEehAxK9NYCA0yRFTHM5sH2DFfRKGp1QL5hPc47K/ZT6RPO5f

V0jQ==

X-Gm-Message-State: AOJu0YwJCq8pFngcPGeeCy2jmUKScCqKFfc/WzsdTeB3+ZjuBBRxuQqO

O848fF+rZX5Nf03pXXKNpEx8Fv001a4yibSao1GzLMvKy3SLhEGJmXU85Yf1a4OeUhOqPV1CPf1

drY3Sc9WJ2p5BK1i+PgzSCqzgNb9hBUnQGAScEgs=

X-Gm-Gg: AZuq6aJ82p5rt1RnPxpy2t9maKWAjIKo8FeFUdB3KdbxFWi20mpdWCwHSRl+vTQ8Rzy

t++kQwHdrxgbO/pLD/x+wF7pQo2om22dgL9kMb3wrwM1SuYtmyClPXgN7TmGYnm2SmBsds2ODqY

ACj4c2A9iLgcZUsJ/pMi2FkgdxYOdH1CEJ34qpdniE3ZEZTglRnrbQcPwGvGpd3SBqqnzl7tuOX

O9xDPahXgi0BTQ3usnP0LhjnztThAnwuOeM7v2T+8asyEUitKmTl8B/iDbligqZkMYse/DXGX2e

ZVPaoesP6LWy0GWi9dmtkg==

X-Received: by 2002:a17:902:db0e:b0:295:5132:1a99 with SMTP id

d9443c01a7336-2ab505a1ddcmr26390505ad.44.1770999210443; Fri, 13 Feb 2026

08:13:30 -0800 (PST)

MIME-Version: 1.0

References:

In-Reply-To:

From: John Riley

Date: Fri, 13 Feb 2026 17:13:16 +0100

X-Gm-Features: AZwV_QhXYbUobkTBWpcl5anYdOvK3S2en_ksn3YWYwelLrsWXgQ_Kfs9Bs61khg

Message-ID:

Subject: Re: EDMONTON VOIP

To: root@nk.ca

Content-Type: multipart/alternative; boundary="000000000000d6071a064ab6e263"

X-Spam_score: 6.6

X-Spam_score_int: 66

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, We are yet to get a response from you. We understand

that you might be busy, and we appreciate how valuable your time is.



Content analysis details: (6.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.194 listed in dnsbl.ahbl.org]

[209.85.214.194 listed in dnsbl.ahbl.org]

[209.85.214.194 listed in dnsbl.ahbl.org]

[209.85.214.194 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.194 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.194 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.194 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.194 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.214.194 listed in will-spam-for-food.eu.org]

[209.85.214.194 listed in will-spam-for-food.eu.org]

[209.85.214.194 listed in will-spam-for-food.eu.org]

[209.85.214.194 listed in will-spam-for-food.eu.org]

[209.85.214.194 listed in will-spam-for-food.eu.org]

[209.85.214.194 listed in will-spam-for-food.eu.org]

[209.85.214.194 listed in will-spam-for-food.eu.org]

[209.85.214.194 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.194 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[johnriley.domain(at)gmail.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.194 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Re: EDMONTON VOIP

Domain name for sale spam from Google Gmail Part 2

Posted by Dave Yadallee on
--0000000000000b97f2064ab6e248

Content-Type: text/plain; charset="UTF-8"



Hello,



We are yet to get a response from you.



We understand that you might be busy, and we appreciate how valuable your

time is.



The Premium Domain www.VoipEdmonton.com is still available and is for sale

at a discounted price of $399



We made a discount on it, perhaps your service is interested but not OK

with the former price.



Visit www.VoipEdmonton.com to purchase now or make an offer.



Are you interested? If not let us know so we can contact other businesses

and stop contacting you.



Warm Regards.



On Sun, 25 Jan 2026, 18:46 John Riley, wrote:



> Hello,

>

> Are you looking to strengthen your brand and increase your online

> visibility?

>

> The premier domain

> www.VoipEdmonton.com is available for purchase at Godaddy.

>

> This domain would be really good for attracting clients looking for your

> VOIP IN EDMONTON

>

> If the domain is developed or redirected to your current website, it would

> be extremely beneficial to your company and services in terms of catching

> more leads and clients while retaining your brand identity.

>

> You can get this domain for $499 at www.VoipEdmonton.com and claim the

> immediate ownership

>

> thank you for your time and I look forward to your reply

>

> Best Regards,

>

> John.

>



--0000000000000b97f2064ab6e248

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hello,


>
We are yet to get a response from you.

auto">
We understand that you might be busy, and=

we appreciate how valuable your time is.

=

The Premium Domain
">www.VoipEdmonton.com is still available and is for sale at a discount=

ed price of $399

We made=

a discount on it, perhaps your service is interested but not OK with the f=

ormer price.

Visit
ef=3D"http://www.VoipEdmonton.com">www.VoipEdmonton.com to purchase now=

or make an offer.

Are y=

ou interested? If not let us know so we can contact other businesses and st=

op contacting you.

Warm =

Regards.


iv dir=3D"ltr" class=3D"gmail_attr">On Sun, 25 Jan 2026, 18:46 John Riley, =

<johnriley.domain@gmail.co=

m> wrote:

:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
=

Hello,


>Are you looking to strengthen your brand and increase your online visibili=

ty?=C2=A0

The premier do=

main=C2=A0

arget=3D"_blank" rel=3D"noreferrer">www.VoipEdmonton.com is available f=

or purchase at Godaddy.

=

This domain would be really good for attracting clients looking for your VO=

IP IN EDMONTON=C2=A0

If =

the domain is developed or redirected to your current website, it would be =

extremely beneficial to your company and services in terms of catching more=

leads and clients while retaining your brand identity.

to">
You can get this domain for $499 at
=3D"http://www.VoipEdmonton.com" target=3D"_blank" rel=3D"noreferrer">www.V=

oipEdmonton.com and claim the immediate ownership=C2=A0

=3D"auto">
thank you for your time and I look fo=

rward to your reply

Best=

Regards,

John.

iv>





--0000000000000b97f2064ab6e248--

Domain name for sale spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 13 Feb 2026 09:45:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqwH2-00000000FwJ-0HG9

for dave@doctor.nl2k.ab.ca;

Fri, 13 Feb 2026 09:44:08 -0700

Resent-From: The Doctor

Resent-Date: Fri, 13 Feb 2026 09:44:07 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f195.google.com ([209.85.214.195]:58399)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqvo2-000000009RD-2Jab

for sales@nk.ca;

Fri, 13 Feb 2026 09:14:18 -0700

Received: by mail-pl1-f195.google.com with SMTP id d9443c01a7336-2aad1bb5058so11343075ad.0

for ; Fri, 13 Feb 2026 08:13:23 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1770999197; cv=none;

d=google.com; s=arc-20240605;

b=Aqp/Fj3/zVZWuwYs8cP0Ei2IDst0sXe9Ah/OS0CgM4zxy5m8xc3Sf2KAsIx2/l2CMa

zRFi8r/7FfUcktL/3PSp7yuli8/pLUpOATAOSx2+Ky+21wAVBjZQEL+7MgZhGu8cMBR+

NLg91sLqY2y25yzqTwVtU8z07h2ZddwJlJrHA4pWB21RSCAr7ow1qC0VIjD6nSP+peZ4

0vFYGRHE1gXM2ElDlhUH7rmgx1P4m9r7q9CilWR9rhhKPZ1hO4Rb58vGTpkEfEqZmBA/

vv+c5y2hZQ4NKPlCP7gl6Kzb5QpeioxRn8kI4YvyWdzPOV9w0FzhZF/5JePa+ejsCyPX

RN5g==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:dkim-signature;

bh=/5uqfZe3WUqW6QLzqPBDMWMzOHrEaW6dEvCR3K2W8bE=;

fh=C4vsnDG7cTH8aa/8f7sygxKSfblX4MPDg6mph8A3jUw=;

b=MKEooa84cfGNRa+WIJXnGpo4JqzgHTPk0mVtt2cLsn68OJNkcsAngxmbVxyG7jwQcj

qhBseTTx2INgHpEayrA3Hsm9CaYCQZ4B2Ne7OMeKbovH/vedPRb6GObphd44c5hxe/KU

SWosxEQUsGSUHYrDlJJZGXYo3j1Hj6CNyfQFAOMiS1dQs5odaBqwUcE3DXdidv61l7pH

brGM4JaONgWGZklfL0lXcMTxJrXqd2n00dQMrhbck6Vx+CXBh2jpkB5GfGSbTZF2NdO5

/Bh+HgeHzPbLRQD0AQ9RF9UanOUh9HrxG97Zqn31Sj6+9IisTNY5S8K76IB/++cvnGj/

aygQ==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1770999197; x=1771603997; darn=nk.ca;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:from:to:cc:subject:date:message-id:reply-to;

bh=/5uqfZe3WUqW6QLzqPBDMWMzOHrEaW6dEvCR3K2W8bE=;

b=EOHueafOvapusM52y0XSSuJZZ4YvvwGvxI1YWpvSf/9eaJ1gcrvnU/T0sOkQzrRg70

nHPrLCb1ipjEcO548Yd12ky3eQDGfq1d4wfEhXRBuPc14MmRAILabwU5xhf2qYwL/uG3

9ofrzHqWVgth2owkn1a14/Tx4hLRLzuXmV4j3q0C2rFANCzsVVxqH3bXd+9XF/6BA8T0

fRocNkEUbQFRGS9+4SJXJwd1EZrYdE6le1AqI4hKlctXF7UhNupFx2qlrnZuRb05jI3+

mzAgrw08glOzti+95MCITXa++Ao5UOwFZSUcaVID9javLy1bqNnyUkbgsHj6WoP0kQG0

8FHA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1770999197; x=1771603997;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=/5uqfZe3WUqW6QLzqPBDMWMzOHrEaW6dEvCR3K2W8bE=;

b=mZi0KOnXnWLcsSmLAStBADlUSdDKmcWk1MTs1HpGnLiiM1gXUbcY2Uh50oN7RwCOxp

eI5o/iLA2FxCc6AA2mj5qlKTBxEBsKAVfkxXiNZMGuhX63hP5exWgmp7zK6sM+VQWyk9

PwhsZYbOvYC57vhdArXHq/DLI1DfNgFSglw1fEPAag5tF5nufAvydFNIMy3BR7s/qtyg

XPti6/mDMN0NygKDLjesr4LjZ720igpFOLQ0VaWx3L4k0HgR7EWjuAyyyXvBNSddM3XU

ncHBCboComU+bTH8dHaTV6rI94y5GKMGnn4XougfaTryeM8ev4NJ+YiOo/s+o1/93+so

i0ow==

X-Gm-Message-State: AOJu0YyFfuVz09SCkH265ucsgzVDjKgIOP4Kr8vVdH9KNeaowkdxQ0Et

zkS3k0bE8L31ouBRWS3tGYttlYFEWYEwhs1PL0qfI3ARMDNllxpd1mcQedmxDHSOe9M884kgFzX

OMwpjCaWEeSp1SoyATfKVfmoI/7Ycvhgxi2/3Yq4=

X-Gm-Gg: AZuq6aLLgcaiy3vb0GUwjeNahh7pwrn/ASmf9ifBXqrCZZfM2/SsJM637peJIqOGRbJ

dS/VYySX5rkW7M9LI27hhXUQ5WW1HU3qapUH7JBUxfQi/hcitDmdZDO2sQQnWxhRYh8lF63AJgf

rDZxzTvKC7mcNWgns+qYg8r64g8XC9aZP8SfMIwYlbdNsH8dvzyyQJ/0fWU4MNsS6nikfiYsj2J

S5q5iTD5YZCRgmBMEOKFtzxWrdpb+l6y1ZHz4zW1qGqAc6ePQXt1pKImxKp+D1NqC42SO0iNg6K

eH4s0X4sVNw=

X-Received: by 2002:a17:90b:3f0c:b0:356:4c1f:98d4 with SMTP id

98e67ed59e1d1-356aabbbc5bmr2296275a91.13.1770999197176; Fri, 13 Feb 2026

08:13:17 -0800 (PST)

MIME-Version: 1.0

References:

In-Reply-To:

From: John Riley

Date: Fri, 13 Feb 2026 17:13:04 +0100

X-Gm-Features: AZwV_QiXUuLFtpCiMnpgWecLvARXRBPVKf-T0Qj3ZkaanHmVgso1J7O0ItUZfe4

Message-ID:

Subject: Re: EDMONTON VOIP

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="0000000000000b97f2064ab6e248"

X-Spam_score: 6.6

X-Spam_score_int: 66

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, We are yet to get a response from you. We understand

that you might be busy, and we appreciate how valuable your time is.



Content analysis details: (6.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

[209.85.214.195 listed in dnsbl.ahbl.org]

[209.85.214.195 listed in dnsbl.ahbl.org]

[209.85.214.195 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.195 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[johnriley.domain(at)gmail.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.195 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Re: EDMONTON VOIP

Ukrainian romance women phish from Microsoft Outlook Part 2

Posted by Dave Yadallee on
X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-a21eb.templateTenant

X-MS-Exchange-CrossTenant-Network-Message-Id: 32b81f76-5cf3-4941-3818-08de6b0b8d02

X-MS-Exchange-CrossTenant-AuthSource: MN0PR84MB3046.NAMPRD84.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Feb 2026 14:24:09.1954

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR84MB1986

X-Spam_score: 6.8

X-Spam_score_int: 68

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Meet Someone New Today A friendly hello is waiting. Your next

connection is just a click away. Get started: Meet Now



Content analysis details: (6.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.2.50 listed in dnsbl.ahbl.org]

[52.103.2.50 listed in dnsbl.ahbl.org]

[52.103.2.50 listed in dnsbl.ahbl.org]

[52.103.2.50 listed in dnsbl.ahbl.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.2.50 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.2.50 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.2.50 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.2.50 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:3ce:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

[52.103.2.50 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.2.50 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.2.50 listed in wl.mailspike.net]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[geniereddixkos3(at)hotmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[geniereddixkos3(at)hotmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[geniereddixkos3(at)hotmail.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} A people-first community



------=_NextPart_000_916F_12A012C1.F48A0776

Content-Type: text/plain;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Meet Someone New Today



A friendly hello is waiting.

Your next connection is just a click away.



Get started: Meet Now



If you prefer not to receive messages, unsubscribe

















=



------=_NextPart_000_916F_12A012C1.F48A0776

Content-Type: text/html;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




iv align=3D"center">=0A=

Meet Someone New Today
span>
=0A=

=0A=

=0A=

=0A=

A friendly hello is wai=

ting.
=0A=

Your next connection is just a click away. =0A=

=0A=

=0A=

Get started:
href=3D"https://rb.gy/og1ofu">
16px;">Meet Now =0A=

=0A=

=0A=

If you prefer not to re=

ceive messages,
t-family:Arial;font-size:12px;">unsubscribe =0A=

=0A=

=0A=


=0A=


=0A=


=0A=


=0A=


=0A=


=0A=


=



------=_NextPart_000_916F_12A012C1.F48A0776--

Ukrainian romance women phish from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 13 Feb 2026 08:16:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqut4-000000002yz-2J0N

for dave@doctor.nl2k.ab.ca;

Fri, 13 Feb 2026 08:15:18 -0700

Resent-From: The Doctor

Resent-Date: Fri, 13 Feb 2026 08:15:18 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-westusazolkn19012050.outbound.protection.outlook.com ([52.103.2.50]:15823 helo=SJ2PR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqu6a-00000000KMs-3BQ0

for doctor@nk.ca;

Fri, 13 Feb 2026 07:25:22 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=OP9/Qb0vNaLimZzfW21pMAvEmKyJNJSovnaK2MfGxQlWep8wONW6Vje1fL4C3pt6SkdtjYgXidleWcqP5xweAdmEJ1Od7ado2zt4xy5s2qJm+20Elqy5hLShUNTesN22zjhPZIxDTKGxyBvJQlVEfFnuAy6ZsojQdBJp7xOQ86a0qXTcC6ZlTKIUjuYCSbyOy3ZDX4mOY93mwp2oVMasUpvPzlFAvBojUS/lLtjo8KVu7jbgbTZcvalTQdix7znjskoQOS0iTDVsqpuUcjvnBKueYcm/yP93ulDjDeekgU1Q/5kTxfa0QEwwSg6C2s5CemJzMVfl+8f6fEZi8MrLFg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=NVC0dcdhMbp91O+qPK4586Yr+zO/dkA5m7sFlw21hPE=;

b=bWQ3nUphl7/gjVi7/y5cBAbEB76BLrQcyoUbiAbmJe1iDpv+lK23KxOUPH9rLUzBu1KM7KVx5xkn2DBEKJDjNCj6EdNlC5EopbTyzGxqrt0UXSoAUinUzKf03arQJyn8wibopv7wFRGvr4jPHTKjc3fuKHjaXPfXLOSxn/2pEYTkZkJg1I4Xl5lae/1NSybYyf7PKX2l7wzLBc4jrvn/tJuYO110ZGufkVeHqcO86KRt5r76PAxwS9YVV/Rrfxzx8SWSWShFErDGyAE5SOIHJs8aCRG/7QBst7eS0QD24m1TQKReSEdvHkA/XYWuR3pWmfGAf+UwbFuOsyAH4zRozQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=NVC0dcdhMbp91O+qPK4586Yr+zO/dkA5m7sFlw21hPE=;

b=r/HfTxE8BVedpvN5T4u3erBAEVEnfl7fxsI7dbniYKL2WPclPvLAJ25MqFqgDSAxG+EoOUg+tsiH2g4SbjtfH/pLQYHDTCSYX+ywUSQNoRGMwzfpA1YgaUoRS2r9r5ysBd3/mMjRnfBybz3j38qD9mAZ5UysyJl036DlUX6DvaiPmTz0ktj1r+UPBEiqGVFYxWxFPjI3sr0WxN5ZPNbdvlgj9/bSekD0nDdgR+CujIkEN/YgQItGnvCgnoV4C04AG9cCopXf7D10EnWDy5PLEqtLyuqD8K2zPa+flOe6d/aENbc/JGYqdQ+Qv9SqjxxpW5K1rXrjKUXki629ZJvOqw==

Received: from MN0PR84MB3046.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:208:3ce::13)

by MW5PR84MB1986.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:303:1c4::19) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.13; Fri, 13 Feb

2026 14:24:10 +0000

Received: from MN0PR84MB3046.NAMPRD84.PROD.OUTLOOK.COM

([fe80::30ae:9df9:398a:8e2a]) by MN0PR84MB3046.NAMPRD84.PROD.OUTLOOK.COM

([fe80::30ae:9df9:398a:8e2a%5]) with mapi id 15.20.9611.012; Fri, 13 Feb 2026

14:24:09 +0000

From: "UkraineGirl"

Subject: A people-first community

Reply-To: "geniereddixkos3@hotmail.com"

X-Mailer: Evolution

Date: Fri, 13 Feb 2026 15:24:05 +0100

Message-ID:



Content-Type: multipart/alternative;

boundary="----=_NextPart_000_916F_12A012C1.F48A0776"

To: Undisclosed recipients:;

X-ClientProxiedBy: MA3P292CA0036.ESPP292.PROD.OUTLOOK.COM

(2603:10a6:250:46::15) To MN0PR84MB3046.NAMPRD84.PROD.OUTLOOK.COM

(2603:10b6:208:3ce::13)

X-Microsoft-Original-Message-ID: <1.51c3914cc6614199df84@DESKTOP-N0MTKOQ>

MIME-Version: 1.0

X-MS-Exchange-MessageSentRepresentingType: 1

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: MN0PR84MB3046:EE_|MW5PR84MB1986:EE_

X-MS-Office365-Filtering-Correlation-Id: 32b81f76-5cf3-4941-3818-08de6b0b8d02

X-Microsoft-Antispam:

BCL:0;ARA:14566002|9400799043|12121999013|39105399006|20031999003|42300799018|23021999003|8060799015|5072599009|12050799012|15080799012|19110799012|461199028|56899033|41105399003|40105399003|39145399003|35041999009|3412199025|440099028|10035399007|4601999015|34005399003|2406899039;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?RTQ4WnNsd2Ewa0lQV3crWGNQb2N2b0QzZnd5eXpTKy8xdFFmVGFtN2ZjUE1x?=

=?utf-8?B?NWdCaWxaazlPNndLZkpHa3RtWXdQTGJTR0lpdlZOZFFEcFgvdXZrT09jTHhM?=

=?utf-8?B?SkRWL0VEUnhyVkVqdTV4UHdMSjRpZzRNSkE4Z1gxTXdqeURiTnBINEV6dkpW?=

=?utf-8?B?VjBOMkpnam9URlJHQ0tweWE1WXVvRkF6Z3MwM1JyV0t4Y1ozcTc5aXVwY1Rl?=

=?utf-8?B?UlBtZ3BYbzBwaVhnRlhBOUF6Q1orUWZ6Zm5mWnZxMnRJU014Y2JDV0M0SzhN?=

=?utf-8?B?UWZpNnhhK2s3OVFUeHFRODJZKzl2Z1dqTHgrTjJnUEs0QTdtZW5WekltYnlW?=

=?utf-8?B?eGxNd2tPWVBvWFM5czJWcmVsQ0o3blNYUkw4Z3pZSnpYSERqNVpaNmpOcDFN?=

=?utf-8?B?Z1k2dzFJWC9NaHoxdjhWdTlPcEt4eDlNQ0F5RGxZandrVXJHV2Q3U29IZmNX?=

=?utf-8?B?MUJsSENIdUVOQjlkZEtBWHFKaTJ2V3FBNCt2TFRHQUNMNWhheHdTS2YzZ3h5?=

=?utf-8?B?eFZmZkxJYXc3eUdUdy85dzlyVThSc29kMldHVVgyNmtZT0hIRERnU25OWm01?=

=?utf-8?B?RFp3QTZQdFF4ZGZFWnpsUVk5V0tQY2NYUEZqNE9ya0ZObE4vK1M2R1Y4aCtS?=

=?utf-8?B?MWRUMmtabkFkU3VzbUNxMldPbjgxemEyZGw0MHN2MXpMdHVvamZNdGhqd2VY?=

=?utf-8?B?aXJpZUFlMVBWeTlvN0cxWkM2Sms2QlRvQmNQc1Jnd1huZ2NOQ2t1ZEJ4Z0pW?=

=?utf-8?B?NHhzZW9IT2RZYVFKcGxFWURkbTFzcWpLU0FCbExGdGNjZWRQdmwvN2RxeU1L?=

=?utf-8?B?NWc0UlYvQnBKMU5OS2NwZWl0SGZKMEp5V285emhmclUybSttVlJST0VEdG9t?=

=?utf-8?B?aXhZcTNRWHhsRXpDbmhCcWhIdmF0bXdtdnBubXhCYlYyY1dnMjFxTW5SR2F3?=

=?utf-8?B?cVBSN3Z1TVVIZ2FkTDdEQkt2ekJNNjhCV1BTU3YrclJmdWpuejV2a2ZwMkFr?=

=?utf-8?B?VVROTUZRc0dYWFBjSlYxdVFxQkNTcDhVYzhyRnlFNHBaTVFkU3Erb0s5ei81?=

=?utf-8?B?bWlHMHZlL1JJbkpUaTE2OEFMaW50cUd5NXRPdHNUc0ZKckI2MkpXRll3L2Nt?=

=?utf-8?B?SmNVRWszdHVBQkhaeHB4b3N1bVR1Q0dLVHpITUQrcXg2MXJJU1VYM3grQWtN?=

=?utf-8?B?VWM5WSs1VWMwdUMwWThJVWdhVzhkZjE4ei8zc3RnNUpzZzBrSHAweFpWaG1y?=

=?utf-8?B?cDh6d0NEQksrS2dSei9VeEJacElqZTFqZmRDS1R5RzB2ZHpTamcveE56TkdW?=

=?utf-8?B?VXhBWGVNR3lXL3ZCOXljQU9hRlI5MjRpeTJGc1RsOHNOVnhHaGdpS29HQ0hi?=

=?utf-8?B?M2FGM1ZDblFseXc2ZDN0VnJ2U3hTK3dramYyMkpZa0dCZXZYR2lTaXYzcDB3?=

=?utf-8?B?RU8wNUxmUVZManlNdHE3Rmd6UlNRL2NxTEgzN1MrTG10TnhsWlZqa1FtSVUw?=

=?utf-8?B?UXoyR2RZSUJNeEdPYzRBeGE1RjdSQ2NveFhFZU9PcVBLYUpOSjhudVNYbWFF?=

=?utf-8?B?QVBnNjAyaUtGT0NsZFdLL1JTNUwwc2cvVTRSUXVKdXRrekxXK2tMR2p5YUNu?=

=?utf-8?B?VGlvUHhYWm96dGRzMFBxNE5ZR3pWQUppRmN2Z3F3QmNnQ2s1bGpyWlFGTFVT?=

=?utf-8?B?U01hSTVCalVpeTlRUWtrK0tLRjNtNmx0NWVqeUp1Tm5Jazk3VzlBNUxFVHVa?=

=?utf-8?B?R0IxWGFjc1NIa2I2N2tEMTBibGt1VmsycytGd2JiV0cwdTlTcnQzd28wczFp?=

=?utf-8?B?elpwSTYxelhxWTFrV3BqUVVxWFI4Z0tLbktEWllXOWV6WWlHbHVzek03azBG?=

=?utf-8?B?S25BaWhTZWJHTnpwOENaQkFGbnZKK1N5Z0FEbTA3M25CWkhubWNhOURJNmV4?=

=?utf-8?B?MmlBMC8zTU5vV2FDK0ZhSWJiRlVMNHdTakpMZnJDdG4vTktXSVV1UnhucWJw?=

=?utf-8?B?WmwrbWlYRmxPOFZlZjRxeXRhOHRBU1p3RGRGbldsRzdnaUxWUkVVNnlDR2ZK?=

=?utf-8?Q?106llP?=

X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1

X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?dzNYNzdyL2JVZ0pxKys4NS93UWdFNnVPV3UxZGJhMHkySmdLQVlTVCtod1ZF?=

=?utf-8?B?WCtuekprL2NTNHFiMG9Vb1ZiWDR4VlJyUWJhUU4zdFZQV05pekIxYnR0ZkNQ?=

=?utf-8?B?MU9BL1UzS3N6MFhsWXNHZ01KejByTEpBRFlFcXlpbitEMjlOLzhDK3ZHbFdm?=

=?utf-8?B?YmdSY3RzdlFaWFpjc1lMckNKc0FwQ1hWN2hoMExSd1VZWjlPcmFIcUdwNlFR?=

=?utf-8?B?cGw2UjdYVnl5Nit5TmV2VmNsVlpibXNrQVV6citDWHJmekNJZ29ZQVk3MnFT?=

=?utf-8?B?WXU3d0xwYXJXcDRxRG04eStod2pYbko1Vi81Uisyd1VHckhHNFJkSVJyT2dM?=

=?utf-8?B?M2tKWjN4dGpTQWVYZjlKT1NRSmdFVkpHNC9xeGRzd29hR0UzTWpWUjNncVZM?=

=?utf-8?B?a2VQYlVidExsVHNjdXlZbEpRQTRISk11aEcxcFM1V29GRjg4MW9IV3ZReTZs?=

=?utf-8?B?RFJ5SlBtME9Bc1dQNGQ5Y2ttNEZjczM4MUt2Qm1vSUhBbVBIQW1nSE1Zam1Z?=

=?utf-8?B?ZlNsUFlTME9BWEFpWXdQcDQ4Vm5sdEhkV1NmRjJLT0lRYUJVZURCSmZzNGhE?=

=?utf-8?B?bGI4dTJhOEhrU3pCTkZydFlqQ01NcDUyMExKODFieUhNOWhwUXNwTHFWaFZz?=

=?utf-8?B?anNPK2JVejIzL3pPdlh3em9COTFmQlhSWUNxQ2VFUmRUOUZNeG11TGR0ODFB?=

=?utf-8?B?Rkg5cTBhS0tkTFV4cTQ3ZTVFdEgyVEhucjFWUFdSeWdYTkFFSkpvS290MDh0?=

=?utf-8?B?L1JlZmQrN0FRdUR2d1Y3WGZpRFFvRUJ1Q2JXNXJRUVlYOHNTMGRPN01CN3RQ?=

=?utf-8?B?dmd2dzlBd3FWYjVPK3k3bi9DRUN5NWF2NnI3OVNwRUtNUlZhTllOdTFoRVF2?=

=?utf-8?B?RjRDbWtnbzFzNG1mQm5BOG0rSTZwd2tQcHJ0RXlIdGo2TnFIMVgxUUZQNmZk?=

=?utf-8?B?eWZQYUhuOS9DeGxwNlBkdnV3ZVdRMHBsVE16cVJlL0hjVHdOTXJtZWxXUFU5?=

=?utf-8?B?R0FDcHpSSHhMclpLQ2FYWm8rRklxbitKTEtnV1ZtQXVTR1U3UDVtZ3ZtcG5p?=

=?utf-8?B?cVVEZVlhVGxBQTF6aFdPNVVGZVNaL3lOQWV5QTFmRSs3OVhFemdXMXhiNFZW?=

=?utf-8?B?Vm5TeU1nUjJWdjlsQlBZZUR1VjJBODlNUWpRZjcyY2tQVDE0OWhNQzlkbHRh?=

=?utf-8?B?NEN0djdmZXplUTNVRlVTT2J3NDVYQkJpUmd6L2pBNzBJOXd3cDhtM3IraXl0?=

=?utf-8?B?MDIybU50N3dUcEdIZlQxaWtiSlNveEt0anJEOEVUanl2VU02YmliVEV4dmZO?=

=?utf-8?B?ZkVaa0hTUFc5bHBldWY4NWdtNDRtdUtleWk5OHNJS1lCQTQyN3dzTWVzZUQy?=

=?utf-8?B?cFpIWjMrQlhPU0xza3ZMUUFFU2dVZkZnaHVZYmhlaEw5NXB3bzFBTldTTE40?=

=?utf-8?B?bHFmVjBYUzVoRmZUYlIzc3YvcTF2S1hsWW9hcG9xY0w5SnRnY0VMWjYvS3NW?=

=?utf-8?B?RFVNOWxuSHk1aFdFNDZHN1pCQzJRaGcvcGR0b1JOVitKT25PRlU4UG14QThY?=

=?utf-8?B?OU9jNkw1TjlXS3dveWVMeWtlQ2RHVXo4YjkwNmpVOWRiMTIwdUp6aDNUd05N?=

=?utf-8?B?WFhsVDc4ZWRPMUtPZVdvUkl3SzB3bEJXckRSOEUzeDdGblliQWFoS0dQNlpm?=

=?utf-8?B?YW1BYTJFallLVHFVZlI2N3l1bi83U2RjbG5Qckp2SlBNeTZvcFlpRGM2RmJO?=

=?utf-8?B?UDU5Ylp0TWZ1Vy9lTkRVSkRxT25hQU13a3hCL2FCdTFkbHNyeHk4eW1aUEQx?=

=?utf-8?B?SjJQTTVsZ05mbURlOXlzRXhUSWdNckdlREk4cTVzN01EYnlENEtHMmEwRVU0?=

=?utf-8?B?d1VCWk42bnBkd3RsV29mMUZUWHZlaEJlTFhlb1QxR1F6S0E9PQ==?=

Geek squad phish from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 13 Feb 2026 08:15:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqush-000000002xF-3AgX

for dave@doctor.nl2k.ab.ca;

Fri, 13 Feb 2026 08:14:55 -0700

Resent-From: The Doctor

Resent-Date: Fri, 13 Feb 2026 08:14:55 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oi1-f202.google.com ([209.85.167.202]:59842)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqtw0-00000000Jnw-2Q6V

for doctor@nl2k.ab.ca;

Fri, 13 Feb 2026 07:14:24 -0700

Received: by mail-oi1-f202.google.com with SMTP id 5614622812f47-45e76684274so5457506b6e.3

for ; Fri, 13 Feb 2026 06:13:29 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20230601; t=1770992004; x=1771596804; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=idNTdUvjrAqB4N3za/VbvkqjswsxXPsp2r8TweUt9VM=;

b=KUb/clb8UfLX9xioeHWo2eWluwNR+zewotdeEP01VoyPk8SP2SPIqLOUKf3Fk0z1X+

+ksOxX115BslM/ym8fORBEy2dTS/BOhMwU3EdncKHbUDTCLr3RdfLzcK9DO2iHdP5uli

478Rp5owwNr7C+y+6z9GAFZgQ6khgpiVT4SFNQwjYUTauQr33vYUpKNTfzCg0F8I1Kue

TJRpKbUC/N1v4Q4HGouyo1QLbteKoTSmVAWtELZO2moOvaE68ns1qIJWbsVB+MWfiunI

YMD9YHPf+l+88O/7u1YKL/7RJ0BB0jmyjBLHqHEkjwR1sMQe8It2apcfRVRXvfEx78B0

HznQ==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=ambpskd-org.20230601.gappssmtp.com; s=20230601; t=1770992004; x=1771596804; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=idNTdUvjrAqB4N3za/VbvkqjswsxXPsp2r8TweUt9VM=;

b=eJvvF9QxSuB2zlg58ceOaJ/g4TbHeJuibBFANQVvEyOCA4KelpKlMDtMI8jCWrXf2A

cRYNWtwlNZbIh7XDxwVtA2CajEv6z03yUDwVg452oZ/sA7oFeF3KM3OvXxyImpCrZVEh

CGOQHLn1M34chYlyV6EVvR2fejZqeKbfjw98Zrcd+Dqjr8xh0EGBiUT74nKiHN71XB0e

+2bZS6erwQXPkXdLAecg81uerBlJhePP1U9GGL3eRaxxIIJvAdP4NW2ErDs5el1MC3f4

uLHQvTEQQ+uFk8QScIq+hOg0xbqIHbPy069CIAzvrj9sC3SNig7UPiBqI10NbeYcYa57

eMpw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1770992004; x=1771596804;

h=from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=idNTdUvjrAqB4N3za/VbvkqjswsxXPsp2r8TweUt9VM=;

b=sS9Vova+HaxLOubPqVs5JzTVI60EL7KkrcIK+5EmXRl0eflQL5fnDyWwtIW6CtH9YB

9rg9RX0+kZE378wymYc7Pu68jjZXzXKyykdbTyJo7r7xcQWjqum7ORO26RiwsHk/IUru

xu9arherIkPTtRv9oXjMHpOOmNb3dkyDKNEUqX5DSIAAlhIRLgmyHhXCqxrG5wCrO70P

8iTGfQ3zhaApomZOYwN9lkJBMWHGqY+9ZPn/TksDa1s8mRCPrHyG5xq0quIQhbMcmG5L

trDxzppa6IwaieysAfpCH5mdCCnuRTW8HFW2eZgvluV2PAYSY6ZEEBwnPx5TvNFSOAMX

pBzA==

X-Forwarded-Encrypted: i=1; AJvYcCWWAdpQfd8J17CSMmI4MgJTijrXA2F4a6m++pDjDrF7zONVoM1QmKtmSDlJMhLs77dwfpGZ/hk=@nl2k.ab.ca

X-Gm-Message-State: AOJu0YyuX6VWtaQeMfoQrh1P9q8AS5Erd92xn93zhDuK9JLF4PLNgiD4

z5MTELgyuz4M43hwfNu/k4y4aMpUAlUKW4SUnP+6GQsTFi2bLws7mQuzQUt2ExSIn+qfYx7eEfn

XLRfqk61EDvAiTp0vWhiDMFr44PwllBnTcrsDsNSaw028BA==

MIME-Version: 1.0

X-Received: by 2002:a05:6808:c2a3:b0:45e:ed0b:88a5 with SMTP id

5614622812f47-4639ef50bd0mt1272621b6e.25.1770992003775; Fri, 13 Feb 2026

06:13:23 -0800 (PST)

Reply-To: Kyle Simmons

Sender: Google Calendar

Message-ID:

Date: Fri, 13 Feb 2026 14:13:23 +0000

Subject: Review details saved for Valued Customer Receipt

From: Kyle Simmons

Content-Type: multipart/alternative; boundary="0000000000004bd6c8064ab53573"

X-Spam_score: 15.1

X-Spam_score_int: 151

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Review details saved for Valued Customer Receipt Review details

saved for Valued Customer Receipt Friday Feb 13, 2026 â‹… 10:13pm Eastern

Time - New York Geek Squad{ 1-806- 577-5489 }Receipt Date: Friday, 13 February

2026Receipt no: 1087-1095-324Subscription active after renewalYour subscription

with Geek Squad has now expired after 12 Months.Order Inf [...]



Content analysis details: (15.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.167.202 listed in dnsbl.ahbl.org]

[209.85.167.202 listed in dnsbl.ahbl.org]

[209.85.167.202 listed in dnsbl.ahbl.org]

[209.85.167.202 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.167.202 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.167.202 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.167.202 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.167.202 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.167.202 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.167.202 listed in will-spam-for-food.eu.org]

[209.85.167.202 listed in will-spam-for-food.eu.org]

[209.85.167.202 listed in will-spam-for-food.eu.org]

[209.85.167.202 listed in will-spam-for-food.eu.org]

[209.85.167.202 listed in will-spam-for-food.eu.org]

[209.85.167.202 listed in will-spam-for-food.eu.org]

[209.85.167.202 listed in will-spam-for-food.eu.org]

[209.85.167.202 listed in will-spam-for-food.eu.org]

1.2 MISSING_HEADERS Missing To: header

0.6 J_CHICKENPOX_83 BODY: 8alpha-pock-3alpha

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.167.202 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.9 REPLYTO_WITHOUT_TO_CC No description available.

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

1.5 VOWEL_FROM_6 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} Review details saved for Valued Customer Receipt



Review details saved for Valued Customer Receipt

Review details saved for Valued Customer Receipt

Friday Feb 13, 2026 ⋅ 10:13pm (Eastern Time - New York)



Geek Squad

{ 1-806- 577-5489 }



Receipt Date: Friday, 13 February 2026

Receipt no: 1087-1095-324



Subscription active after renewal



Your subscription with Geek Squad has now expired after 12 Months.



Order Information Dashboard



Subscribed Service- Premium Complete

Warranty Coverage- 12 Months

Total Charged- $442.88



This notice is sent because you were enrolled in our services.



To request cancellation and a full refund, contact +1 (864) 363-1207.



With pleasure,

The Geek Squad, llc

Manager: Bobbie Bell



Copyright ©2026 company. All rights reserved.

Guests

(Guest list has been hidden at organizer's request)

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
=?Windows-1252?Q?GF1G8qx686gW8ckyxXqOYOV1s0GefjhgmJ4F9UxXvT54Be+lv2mt57Nc?=

=?Windows-1252?Q?oNVGyXGSpBm6RdrLPvDWa1YDKIYOsmPIPmT2KREU9lgishq5Kcl0XRPX?=

=?Windows-1252?Q?EidZ8gnZo8xZQ1Yn3gB2CpmRoKlrJExk9atv7YFjW0l8xhsSvbfqiBG+?=

=?Windows-1252?Q?7OKu6LoerjvPQrfIbrPMQ95MG1/RJfZO3CChFkcU0scF5Z3X8kdBOae7?=

=?Windows-1252?Q?5MIuKbtP9v95N4Yfll2VWqG81tPokb3ldE9GaSb+O3jNnDwBiCGdQ0Tq?=

=?Windows-1252?Q?BmBJsAkgqdUCYL5DrLDj7bZhBZJtavxCA7eltqF419vbwaGLaLwWJBYb?=

=?Windows-1252?Q?GM++5MATAcGAGxrwcVRW7D+am5l5OR3B+gryP31GSGUzE7WgMqdfzlUy?=

=?Windows-1252?Q?IApOkUafvyMRWjX5cAT7agpv26C+KVNW9GR2E7QesUBxo5Jf4EzIpzhJ?=

=?Windows-1252?Q?rknlI2hUvnZfwP7oxtKt8+fVPUjl5KFFd42Mg3NTfxxsLl/ybxDUuuVw?=

=?Windows-1252?Q?BpPxQR8VCjbNfgMeM5LbvI85+bJV98VWmDXsMw9h2Qu9BWE1iUaBl/nX?=

=?Windows-1252?Q?w78jFz9HqZhts9+NG4rC4Q+HrsE63GQsJJSYL+njFgDRdKaHoNg=3D?=

Content-Type: multipart/alternative;

boundary="_000_SE5P216MB331643256CF175E412C1D0C5B661ASE5P216MB3316KORP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SE5P216MB3316.KORP216.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 69f4cfe3-1e55-4412-3746-08de6b036c1e

X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Feb 2026 13:25:57.5705

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SL2P216MB3018



--_000_SE5P216MB331643256CF175E412C1D0C5B661ASE5P216MB3316KORP_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,



Just a quick follow-up =97 May I send you the Price list if you're interest=

ed?



If you're interested in my Services Below.



Thanks!

________________________________

From: Samar Khan

Sent: January 27, 2026, 9:34 AM

Subject: Re:



Hello,

I checked your website you have an impressive site but ranking is not good =on Google, Yahoo and Bing.

Would you like to optimize your site? I will be happy to share with you our=

Pricing and proposals.

Let me know If you are interested, I will send you our SEO Packages and Pri=

ce list.

Thanks,







--_000_SE5P216MB331643256CF175E412C1D0C5B661ASE5P216MB3316KORP_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Just a quick follow-up =97 May I send you the Price list if you're interest=

ed?



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

If you're interested in my Services Below.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Thanks!





plyFwdMsg">


11pt; color: rgb(0, 0, 0);">

From: Samar Khan <samar5416@outlook.com>


Sent: January 27, 2026, 9:34 AM


Subject: Re:


 





ily: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sa=

ns-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hello,



ily: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sa=

ns-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I checked your website you have an impressive site but ranking is not good =

on Google, Yahoo and Bing.



ily: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sa=

ns-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Would you like to optimize your site? I will be happy to share with you our=

Pricing and proposals.



ily: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sa=

ns-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Let me know If you are interested, I will send you our SEO Packages and Pri=

ce list.



ily: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sa=

ns-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Thanks,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">












--_000_SE5P216MB331643256CF175E412C1D0C5B661ASE5P216MB3316KORP_--

Web/SEO/App Spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 13 Feb 2026 07:05:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqtmS-0000000003z-1EAO

for dave@doctor.nl2k.ab.ca;

Fri, 13 Feb 2026 07:04:24 -0700

Resent-From: The Doctor

Resent-Date: Fri, 13 Feb 2026 07:04:24 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19011027.outbound.protection.outlook.com ([52.103.74.27]:57732 helo=SE2P216CU007.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vqtCP-00000000Dyi-2OnI

for sales@nk.ca;

Fri, 13 Feb 2026 06:27:20 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=Na82oX6982AEyoXArgXLZ1939HYFZxMQXe/XDDBxxu2L9RbfP3UUAmca5XubU7jJVZU81SrX4164SbwgTQPBq/RSQJTmHVlK++dOB1G3zku9tHNUCiJLwYek7MTWWQXbVy2wuCcRA9TnOAZH2PHr69HXKfzA4RPZOldBr6v9Lff0c/pQmdCak1hCPuUXfMaoeLD7Oq81YMHFZ13lVNYf398lvxuSNglwsoFY8IcA4lIiZObvXZix1QqP9acSx96mD5/Qu8hOlACxYzFqOvqTO4rT5K/ByKpx4SoNOHLR3efLklftYfI3AHxo9HL/mAzadLhOwAfy0O6b7aXn9wofzg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=/V04fQLicCHZlHVLAFdfZ6yhggtcBgi/jPX9m6RqJe4=;

b=Z6LkKAmvHvuZAcwjI9Z7aZ9xEmRhqZ8WT+NyVQyXfPkNzeHguj/Lv4u3zmytnQfIG2lcv0zR2p8RV9W+eyA21QFBQNkr3ONZWauWYwzKPqcE4rpfHZ/8YLc4bxNGVlsu6Pi8HIXTz7ECuLp6RmVWy39/NiHThWbRY8VQTVGuaKibgHcA16DjO/Ni5U1w7ucOHysaZmPkm87ai4o3Ira54qwtu/+OMr8y7XEb4Z2g7YK9qcqhV+2Xi88AW5UkVVhDjgl2Nw0T3ZmmvZdB3aQz1ibXkmamF3pUaVFR8iSascUqKcSQaCfAFzfhdNbC2+azmqY30BTVeZ7sQEjWAqGEYg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=/V04fQLicCHZlHVLAFdfZ6yhggtcBgi/jPX9m6RqJe4=;

b=NC2/bXd9aIwGCsQSVIWL5i38NrIs60WtQGDm/50hLPET3eoNWBAFg5KfizZLV59h0KqL78eBwsmwEszIRZootoDNG2LInvJDPc7VXyL84ph3hih7j6GueE1QYrd2QuKdxX9TsKlH3B0YtpqFUC72zGCcroCi9F0+vAkZ41VoYHBhTcG1Lt111uWtPBxhbfHCwE+5fpbsSZP7AvFhvPr9NxzrSJkrprxDAGo1iNtmTNjNwgs+4irr5LEhzERPzTDuyS8XKVQTpfqBfkokFdIvpq2AJ9yXcqZyLE5cPS6exbaJYKBcrDkWB8nB5j4AOu9+vp2axCdSJZ4WwTeiIx23cw==

Received: from SE5P216MB3316.KORP216.PROD.OUTLOOK.COM (2603:1096:101:2fb::12)

by SL2P216MB3018.KORP216.PROD.OUTLOOK.COM (2603:1096:101:282::5) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9611.14; Fri, 13 Feb

2026 13:25:57 +0000

Received: from SE5P216MB3316.KORP216.PROD.OUTLOOK.COM

([fe80::2ad4:6a09:f26b:3b45]) by SE5P216MB3316.KORP216.PROD.OUTLOOK.COM

([fe80::2ad4:6a09:f26b:3b45%6]) with mapi id 15.20.9611.013; Fri, 13 Feb 2026

13:25:57 +0000

From: Samar Khan

To: Samar Khan

Subject: Re:

Thread-Index: AQHcnCJXmIMJOmvsMkSO+gB42j2l5LWAnrQlgAABM/aAAABeHg==

Date: Fri, 13 Feb 2026 13:25:57 +0000

Message-ID:



References:

























































































In-Reply-To:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SE5P216MB3316:EE_|SL2P216MB3018:EE_

x-ms-office365-filtering-correlation-id: 69f4cfe3-1e55-4412-3746-08de6b036c1e

x-microsoft-antispam:

BCL:0;ARA:14566002|19110799012|15080799012|15030799006|7042599007|8062599012|8060799015|461199028|31061999003|39105399006|3412199025|440099028|102099032|40105399003|51015399003|1710799026;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?4UzX3IVoEVFYXbWcNngq45QVUrynPieLTEhVBqgKq3rME7q5046LqCed?=

=?Windows-1252?Q?1ngo/XXJKnoF5oj6b0fNNJaFtGpwVkCBJ9UoGwY+STK6FB6q2RaHdfkK?=

=?Windows-1252?Q?MehsHZzlzqRbF+FZ8HUXNtkN3QBE/Ik4WvPxoeG/ptlF5qwLO1Bzt2y9?=

=?Windows-1252?Q?X+mTAGD9Vl5pAozmqZAR+WR1O7Fc0cpudTFblm3lnidz5gInHfwPjR4b?=

=?Windows-1252?Q?bjXIA2SuYxIqkoSc/5fzDjl92/4L3qQAl+B/Zz8FLWO5LIbrR0xnU0cn?=

=?Windows-1252?Q?sfjyGPfCISBw6aUjWepmq6sHhG3sU7ZleBFQZfSSbyZXqa03EuGn+um6?=

=?Windows-1252?Q?7ZmYEhPX/DAweZ0IoJ8b6p/HrYxEMAtWesGoH5e3F1O5iRBT7sHc90vy?=

=?Windows-1252?Q?VifIzgdaK2fbUyFu5k1KtWfcveAi4UkIhwOHOd8GwA9MT8TIUN7HQusY?=

=?Windows-1252?Q?W3++XB5V1GuiSTMGAbECBRfDPvwSSmIt2wAG2Ye+Zp891NoFR/sf7uFG?=

=?Windows-1252?Q?MZGOwUE2S5mio1SD9ObPuOv51rRHH5AW9qyy4Zy/MN5NW05UVmcqL0zh?=

=?Windows-1252?Q?43TB06xwuLSWDFpxiVHIebb8s7zTYxVsbr7zF6Ec9WX+rhTUjWL7siPx?=

=?Windows-1252?Q?T/TKZdKWs1cnuu8WuferEIFGVjnT+g48WIv4VRyxk8268XXg4DjXDCDQ?=

=?Windows-1252?Q?3Hra6MHl820GyO0tc3viIEQh6ni6i6fim3HcqdXCg/eNxz/oMZN5WZCA?=

=?Windows-1252?Q?6W4W/PGFkXqGCQX566jyx6B8357WPi+b3vPzYALJv2TowMAiWGp7Ebnb?=

=?Windows-1252?Q?7QcUzbXGfNK+S8cY7ch2+z3zxfUmCxEcB5FBIHIHbaETOb9+nC6MQst9?=

=?Windows-1252?Q?bEwBYxSH2G1Xb99pPxp7nT3StvV7jz9UjwKHv51ihH/zcjq6Kdivh1zL?=

=?Windows-1252?Q?eYsph2ee58F+REljmvPhdBZedyZXq46dLTUIvj6kZd5H8KlirRUi+t+k?=

=?Windows-1252?Q?exY8AipyfvpBTQ4nvoaqoen3FSgPJBrjFLKqa9vDBN0tEyEhxp+gr5Mu?=

=?Windows-1252?Q?vwrHGA1uIAjSi29x/n+i3Eeqt01dsLz0mcKgto5e4P3jLOTzB1c8IWef?=

=?Windows-1252?Q?u1SRhGAliGz4ooyuxzPYtO5Z0mVakjdUOG7J6ngRv373YcBiRvTegg63?=

=?Windows-1252?Q?4wYZwzR6RCCZeGEI1c5kZ7kScn07iEn7in7yuXMjpYINweaSvWUuZpIe?=

=?Windows-1252?Q?+cJddHqXtiixR0/TwUAN6P58gSNmU19kflobpHpW2l0mUS1YjXYYkHMK?=

=?Windows-1252?Q?zOJUomG+mxfxdonoOd6k99fE8Ov2mhfFKOEq+zWvUCC0mmKDChUNoDT7?=

=?Windows-1252?Q?gBFAkRoztMr6+jfk9nM4cy/zSqc3MISbgVA=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?nRzmONnKZ04gjogwgMslZw0jDQPV7HCsOanp2Zo86Dez8zIKWlJkCenm?=

=?Windows-1252?Q?5zwDKwAuGkyA8M2hnMDeKROJjJWYFnhkZ7kOnjmqhgiAfWdQCFGjFpF1?=

=?Windows-1252?Q?OMlfeDg+sUfHBp9R7VtIIb4ify4vCQBeo+cb+qTEuQHYvkwG5CRl5Bo6?=

=?Windows-1252?Q?TOxKxsE5lRjnAXGR7p8XFkJL0erlaHtjMoT2O+fiH7QoqxBYbUqs6vQK?=

=?Windows-1252?Q?kTNnCWK8bddZVOcZRNi4u7KYvE7uqiQMCJrnwwxKRpYrBGQl4MUIBt3r?=

=?Windows-1252?Q?R9duehhBkHb8JhSlduWZ7Tb04U/ie1ryuh2tMvA8hZt5hr3vJq+xsBGg?=

=?Windows-1252?Q?aV9/dnMIBiLtU2cwpJKKM+PFPZ/C1sFgQSlrLeVsrFp+T37Ca7V+SZvP?=

=?Windows-1252?Q?2t2mEI8ljINoncj7bLf7qKyH1qJIOeB5PoFjRXeru+GFJsL5NEPCkNEV?=

=?Windows-1252?Q?A7AAdrsxjtoG5a+4ZuqMJxqlHQK4Mvh3wnY7F9pdUPIIU7DWH9zV5jWK?=

=?Windows-1252?Q?ej+7wJCNR/wTKlon/x1ZScwdJNRfB4h9ndJplc9N6U7vLAvycFLiv6AI?=

=?Windows-1252?Q?sJIv+6DtkxQHDR5ZjnbTWE625FvlJRJpd6l7552GhrFxsdhxHxD+51/V?=

=?Windows-1252?Q?v6KA8O6q+ohHOmo+ig26MLKERJIY0ft7MP+XSp1wWWKP1aG9oLG7eiJE?=

=?Windows-1252?Q?OGXOvhbmxzOYeFEJAenyThPDj661iy1bBBEnrLr9uQoC9fYZQ0OSKpdo?=

=?Windows-1252?Q?FeEDUXokvOTKjpdvMBjbmYISWyDS7JbEbJFcyrGvh6d2lT+/ID1f1LSz?=

=?Windows-1252?Q?gGes1seYLX2ezezNbxXsKnjSkSVuRk7bzohBS1rMYC8V0nIEzGLSbQGT?=

Web/SEO/App Spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on












































































In-Reply-To:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEZPR04MB8357:EE_|SI2PR04MB5701:EE_

x-ms-office365-filtering-correlation-id: 3a565a74-b4e9-43ee-70e1-08de6aecd6bd

x-ms-exchange-slblob-mailprops:

q6Zzr5Fg03GA6gvxC+5DV69drWICqxJ7jhQVKGSyw6rSSf0MSx8QWnxMhE8UhisehVfQkJ8uvkcHDwWSUzJoemhPGOFVN+5cMKKqTQL1Fc7NQpG/cT2PTd4Gk4aMpjpAdo2BNAx7473e4fB9ybdqXXP0EX5ldeKS5yOp2DBHRq7f18APb0irvb7NwcVpLnF5RmMFnBvoaKbn+2S+HNQkP3PCBTgn8bdbKN63Va4N5eiWoNtiut4CFyeB42YDqkZYVfso9SjWaibIIWoD2eGQzy6kt+DnqQ2Q/CSqzAYsTSJY4wUIMJEcZtfMMmDi8nh313+hvWPDRDV4Z7LiCzhtX7vayjDWAqhmPLIjKJlpeoCakfo4zzcHM5jAiy7E9WHzgAqeeEzy3qe2ALRViJtAXoFKZaCMYd8cD+SqfRbqPoULGFxOle9rOPAQc+7gHjtP3HTBPhEqoNsk8g9R19beA7HeybWEP+E+NzdVLwYOPauxmG2U3sSB7R/fR6Q4Wgj5XiR/7QZXajPngUCyT2ftVU1TZriiLxTraGsamPPixLatJ89R6hMneyG4mPuh9qahrbtFXbRyD52UgfURV5vCSXDZtSDhIpTNWtqIGplfv5DfT2SRj2zpNrX86qSiGCMGm1beiRyWyJKrbav8v38w2JDKBp7jfDtofGUk8QzJgADDJCSw2In+ZE083i98eUUf

x-microsoft-antispam:

BCL:0;ARA:14566002|15030799006|15080799012|48001999003|39105399006|19110799012|8062599012|8060799015|31061999003|461199028|40105399003|39145399003|41105399003|3412199025|440099028|102099032|1710799026;

x-microsoft-antispam-message-info:

=?utf-8?B?ZGJhYXl0ZGVCZ0xSMDN1bFRWc0ZFb1RBTDJVSkZqZ28rQjhxZFI2MHd6c2Jk?=

=?utf-8?B?blBOdm03SjJxMUVMWDN2eDdic3YzYWk2UkRlUWI4KzdMWU5SRm9wZFF4MzVX?=

=?utf-8?B?SWx6RmdFNTRLcjZHWmV0LzAxbzA2YU91UWNCUFgrT0tNZjIxbUhDVUR1WVg2?=

=?utf-8?B?M2Zpd1BmUzFlRDhQemd6M3JFaXFENkxFcHRNcDFrQWptcGI1aXFzaVlHZGFN?=

=?utf-8?B?MkNSbkhEL3ROMXlDSlQvOHVtS0oydW5WMVJNVFBZSHFjTnRrZkVDb3JjbFgw?=

=?utf-8?B?YkJhMGtuRlFZQlUvOThBeGN6RkduVkI2Ym9NL2pVRnc1NWZFNFZ3cHUyckl4?=

=?utf-8?B?VGN4MlBxaHhGLzM4VEM4SG5Ra25HSW5aeDVJakpKRkRhQzN3eDg4M0FoME4y?=

=?utf-8?B?WExBTm5zTGF1VnZxSnJSbld2ZzRqVzVENG1yV1FmRjVwRlhhUGZ2dHNmTXh6?=

=?utf-8?B?dEk4Qi8zQndPQUc4SDJaVVZEa3pCbWFtVUVXdjRxd2Rob1NOYjZIY3p2allm?=

=?utf-8?B?dnFGN0NaVHBzSnBoaWoxazVUVDE4K21YV1VHb3BDZ0lQOW1LenBXL3AxMFpN?=

=?utf-8?B?MTRqWlJqeXhzWUJYMWZKSWZ3QTRYWXNVQmlMT1c0QXZsN0Z5Unk0aUNuWWt0?=

=?utf-8?B?bW9ieE5yQ1ovMEd5WHArVTZidEJtTXZ5SnlnckZ3Y3hQNmJQZ0xyZk9qSUZp?=

=?utf-8?B?NnI0Zkl6Z2h2Mm5jV1BoNmJoTXlzb3hQV1V0RGd4K0JnYlpMNmQ2RnV6MDd2?=

=?utf-8?B?VWZaMnIyZE9DUnVQVm9kMldXYi9LQldLR0tvMFpXa3VEMDNyMUhxZThhakhi?=

=?utf-8?B?U1NVQ1g2M0RyQXZUR2RVblpFMHFiSUlYa2xSTEc1M0xrbHl0VU9uSkNrYjhs?=

=?utf-8?B?NlpXdnRKUElhdS9aWFJUenN6K29tK3pUZERVSnRqRlVHRlRLeWh2RmZ6dkZ3?=

=?utf-8?B?OUZuTEplcHNBZ0JJbGMwN1hLTjd2NDNTVDJ6bnBxd3R0NHRkcHRhbnlSNGNt?=

=?utf-8?B?SXlTRnp6bElrSEp1WTNZd0NNekxYNTgvVTRPczI1ZmVtVXdZUzlvcnp2N0Fx?=

=?utf-8?B?ZWhtNnRMUnJmSC9XR3NGSTJnaXBtOXZWYUt3NmEzaEJSMzB0NXEyNGZOYVk2?=

=?utf-8?B?QU5nSUdkd2hzNzF0L2lwZmZUa1I4Z3FCN0FFYnJJT2tpcFA1dnoyNUZwZTAy?=

=?utf-8?B?elRrcy9yZEVFY0MrelNkdFdhN040bEVGYjhmNWprdkdGbWFGNjlXcGZ4QnRW?=

=?utf-8?B?VnNualRpZkdJUmNQcHl5QXJtRXFuNTAydEozSkFTWGF4M3N1d1hyWUtxWDNp?=

=?utf-8?B?b2hZTVFXVnlZQ0t0RStLdzZHMzYvTGdYamp1cmcrQWxUWjcyVEhwWElhTis1?=

=?utf-8?B?QktZWG40N01aYThoYWdHL3VrN1RNWVc2WVE3L2txd29mNW1ObVhsc0ZGdGsv?=

=?utf-8?B?REZsVWZLd3Rzb2VMUS9OTVJlQmM4UFNIUGNrd3lHY2VlUG10ZUI2ZDd6bEc0?=

=?utf-8?B?d2dHVXRKV083ZjN5ZXYxaDQ4WDFDdFhxQzNsZlF1bmxrTEdDdXZhOSt2WlpJ?=

=?utf-8?B?alpQOUxKQ0k3ZHA0Qm9GbzJzM053TEh6bGhKSXdKK1NDcnZXeThiNStILzVt?=

=?utf-8?B?Ry9uNCtPM0NxcjcvYzhWZitwekdDMWlIWUF5WHFTemdheXVadWNkazloaCty?=

=?utf-8?B?d1I2VmhWajNqNEtySE54WjhZMzFRcTZNM01md3RoL3VnL0tNSitGdk9udzdh?=

=?utf-8?B?L01GN2RMTHdha0t3VVQra0lUWnlpMzVPYW5NTVlBOUpTb085ZnhWdDVnVGpQ?=

=?utf-8?B?Qm9mYUZsaFVLMk5XdVJCZz09?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?utf-8?B?aUtZZHJYMEliMU5wTS94UzlWT0RVTG5halUzZ0g5VzIwNlpNY2V3ZElEcDRB?=

=?utf-8?B?MzJ2UEdLcWdzbTlXSVFlbVJrZVFwV3lobzBackVFK2k2ZWlRK1UxbWFQNWQw?=

=?utf-8?B?M1UrU0k2T2FPYnVsSDdjcHVEUFcyZE9STTkyNDJGaTNqZnp4THRQK2NUeDB5?=

=?utf-8?B?OEJ2VE8wNDhDMGpmZkF4Y2ZnQXVlN2RqR2k3OG1KOVlkdStxa0JXbmQ2b0tn?=

=?utf-8?B?WlpMYm1iVVpVM1VMRDdBZW1rck1CL2pCelBURTFQWlNXWUtXdHlTaEt1b3pn?=

=?utf-8?B?QXgzdVJ1a29ZTnl5Tnh3ZUZoMXVUajVCMWJkVzRjZDFwQW1PNlBYMzc1MzV0?=

=?utf-8?B?aWJiTmhnRThhdmlsMHErL3JMNFFURFJZZ1dzY2Z2M0oxN2dXcHQzYnU1YXVW?=

=?utf-8?B?c2NyUzZnM2RrSEtIMDBySXF1c2t3V3JSQ1czMU9INmNJM3p5UEZGc09WN0pw?=

=?utf-8?B?OXdYSHdhYjlhTW5ZS0EwUGw0VGxySEV6NjlQSnZIeHdLZThrWFNRWnFWNEtX?=

=?utf-8?B?LzdIYmR6MTBxK1JkU1ZvMEtubGFNaTI3U1dYVzFmcHJFOCtTMjc5RWNEMnJm?=

=?utf-8?B?QkV2dTBzaitKUXQ3Y0I3dTh2ZWdWbThIdWR3ZUw2djVQVDVDcHNJN3I1Mll1?=

=?utf-8?B?MmhLb2RBODc5NVRUdW1OQU5nc0xuckl4TlJDeUdwcTJJaWg4V2UxNk5nNGxv?=

=?utf-8?B?NTlubEVLZ2tjb1RsTW5RT3gxcDhqSktVWHVnOFpWTDlOY1VyakY5UENSQ2hM?=

=?utf-8?B?M1FKaHNJRDBwcXhnaEFjM1loRitLVDJVVDZNbzBWR0doYkNIMnozT2VRdlhj?=

=?utf-8?B?VWQ5dGViVjJZV253Vm5pbnhiOCsvazJKd1lrcE43L2wzVG8yUVl5RmVRa2po?=

=?utf-8?B?b0FJaUYyODA2bTZnSkhneXZzWFRWT2hkb1ZOZm1oQ2wzVXhGSWpnNzVIWk1S?=

=?utf-8?B?djVYa0kwTEVSbWZDUFVSekhOOUpoaTRNU1YwQll2ZHVGN2lOTnY0UkI4ZCth?=

=?utf-8?B?VVc0dFcxeGFleUkwVnNHY2VPR2ExWUErY09rd0pjUFFtTVFTMExKNHZDejRW?=

=?utf-8?B?eENsWHJqQ3JJQmRjSXpNV0hmaDNHejBHMk9oOW1rN1R1eVJQb3dOTHMxMjJ2?=

=?utf-8?B?YXlwblFxQzIyVjk5VEhmdWo2VFBEdFlrWm1SakxGWFZXZ2RoeU56bUNuL2E2?=

=?utf-8?B?MUh5NW9oSnNJNVBCL3Q5RDZvTEVudUhzK3Uva04rbEJsWlNZRmJIOERUaTA4?=

=?utf-8?B?akZOTVVkaWxFaCt2RFVXWDZHRnRlb3VJeXVEWGtBWjZXYUQ1MDhrM25UbEU1?=

=?utf-8?B?Yko4eTdMQ1JQSlZXanRWOXBDcmxabGhkSjZSOEFBOE9zYi9oMFc5azFIKzlZ?=

=?utf-8?B?VitnYVRIbUp0eVAyNTZqMjMrNFBEZkZ5Zk5CU1F6blFVK29YVHpFZExZNldM?=

=?utf-8?B?V3IxY1hQK3ZtdkxGZ3FhVXZXQWo3ZTUyTVdwY3NjeXA0S0lZaGtLc2wweWFm?=

=?utf-8?B?RllvVE5GOVZMRVRxZjlnbWpVcGdCODIwM0RIN1V3YVVBc0x1aGJBQmp3SzRF?=

=?utf-8?B?QzBlMVpvSlVWMFcvQVZRQUc0anJyTFg5aTBjR2NvTHBJSENSZFcyenJDNm1h?=

=?utf-8?B?cjQ3MVJGMHo5MzZmRWhRMHVMNld3TmpBV1FxdGwwMHNhVUVHVzNXUjdsVGJi?=

=?utf-8?B?a05lOXVIOTNNYVI0NldnanpJVXJGcjlIUjVTczFBYzYrUFdNbGFYQmV6RlM3?=

=?utf-8?B?RW5TclVzc2t3NnQvdHM3RUhwOXFFNWIwK1YrRFEzd3I4NmJZbXA1NXgxc21x?=

=?utf-8?B?OHY2QWJPOFpGSGZVaG5mRzh4dlNzLzFydVdUNCtaN1BpdXRGUjRuY1JuYi9I?=

=?utf-8?B?V3BINUJNQklxSVJqUExDb2NoNkFKbWx3T3pSczRRVlpHV2diUjdaNE5FbXF0?=

=?utf-8?Q?dcLAyuGixSHPYJvCQIyNr7YFr5n6Qzw0?=

Web/SEO/App Spam from Microsoft Outlook Part 4

Posted by Dave Yadallee on


Content-Type: multipart/alternative;

boundary="_000_SEZPR04MB835778F512B09786DFD0E7D4A261ASEZPR04MB8357apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEZPR04MB8357.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 3a565a74-b4e9-43ee-70e1-08de6aecd6bd

X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Feb 2026 10:44:18.0632

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SI2PR04MB5701





Hello



I am still waiting for Your reply,



Thank you

From: Ramisa Singh

Sent: Tuesday, February 10, 2026 8:11 PM

Subject: Re: first page......//



Hi,



I found your details on Google, and I have looked at your website.



I can help bring your website to the first page of Google.



If you were on page #1, you'd get so many new customers every day.



Could I send a proposal? I would love to give one small suggestion and how it could help.



Thanks,

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on