Microsoft Teams phish Part 1

Posted by Dave Yadallee on Tuesday, June 9. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 09 Jun 2026 14:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wX2p5-0000000080P-0BY1

for dave@doctor.nl2k.ab.ca;

Tue, 09 Jun 2026 14:13:19 -0600

Resent-From: The Doctor

Resent-Date: Tue, 9 Jun 2026 14:13:18 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from go-lanjingtv.com ([141.133.172.76]:58737)

by doctor.nl2k.ab.ca with esmtp (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWyiT-00000000D9I-0yaf

for sales@nk.ca;

Tue, 09 Jun 2026 09:50:20 -0600

From: admin@nk.ca

To: sales@nk.ca

Subject: New File Shared with You in Microsoft Teams#67641033

Date: 9 Jun 2026 08:49:22 -0700

Message-ID: <20260609084922.D978BFCD48305D33@nk.ca>

MIME-Version: 1.0

Content-Type: text/html

Content-Transfer-Encoding: quoted-printable

=20=20=20=20=20=20=20=20

32px 0px; color: rgb(51, 51, 51); text-transform: none; letter-spacing: no=

rmal; font-family: "Segoe UI", Arial, sans-serif; font-size: 11px; font-sty=

le: normal; font-weight: 400; word-spacing: 0px; white-space: normal; orpha=

ns: 2; widows: 2; font-variant-ligatures: normal; font-variant-caps: normal=

; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-=

decoration-style: initial; text-decoration-color:=20

initial;' cellspacing=3D"0" cellpadding=3D"0">

255); border-radius: 8px; width: 100%; overflow: hidden;" cellspacing=3D"0=

" cellpadding=3D"0">

x; border-bottom-color: rgb(237, 235, 233); border-bottom-width: 1px; borde=

r-bottom-style: solid;">

"0">

=3D"margin: 0px;">

d: rgb(98, 100, 167); border-radius: 4px; width: 20px; height: 20px; text-a=

lign: center; color: rgb(255, 255, 255); line-height: 20px; padding-top: 0p=

x; font-weight: bold; border-top-color: currentColor; border-top-width: 0px=

; border-top-style: none;">MT

adding-left: 8px;">

b(50, 49, 48); padding-top: 0px; font-size: 14px; font-weight: 600; border-=

top-color: currentColor; border-top-width: 0px; border-top-style: none;">Mi=

crosoft Teams

b(96, 94, 92); font-size: 12px;">

tom: 20px;" cellspacing=3D"0" cellpadding=3D"0">

"margin: 0px;">

d: rgb(98, 100, 167); border-radius: 50%; width: 40px; height: 40px; text-a=

lign: center; color: rgb(255, 255, 255); line-height: 40px; padding-top: 0p=

x; font-size: 14px; font-weight: bold; border-top-color: currentColor; bord=

er-top-width: 0px; border-top-style: none;">AT

adding-left: 12px;">

b(50, 49, 48); padding-top: 0px; font-size: 14px; font-weight: 600; border-=

top-color: currentColor; border-top-width: 0px; border-top-style: none;">ad=

min@nk.ca

b(96, 94, 92); font-size: 12px; margin-top: 2px;">General • Finance T=

eam

b(96, 94, 92); font-size: 12px; margin-top: 2px;">Shared a file with you
iv>

b(96, 94, 92); font-size: 12px; margin-top: 2px;">6/9/2026 8:49:22 a.m. (UT=

C+02:00)

WEb/SEO/App spam from Microsoft Outlook PArt 3

Posted by Dave Yadallee on Tuesday, June 9. 2026

11pt; color: rgb(0, 0, 0);">

Thank you

x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_divRplyFwdMsg">

11pt; color: rgb(0, 0, 0);">

From: sanaya parween <sanayaparween550@outlook.com>

Sent: Monday, April 27, 2026 7:21 PM

Subject: Re:

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Hi,

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I checked your website you have an impressive site, but ranking is not good=

on Google.

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Would you like to optimize your site? I will be happy to share our pricing =

and proposals with you.

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Let me know If you are interested, I will send you our SEO Packages and pri=

ce list.

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Thanks,

--_000_DM8P223MB00786C195D8A266A0F3515A8931D2DM8P223MB0078NAMP_--

WEb/SEO/App spam from Microsoft Outlook PArt 2

Posted by Dave Yadallee on Tuesday, June 9. 2026

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?fN1bObw36XIBA6X9MW9BwxRwMdhp+FeG3ALBDTJv5izqXnSXj42ITjRW6m?=

=?iso-8859-1?Q?hzxZHT7LJlfI9C5bp3i5Nrj7afEQdgngthvzq0sxZ0dGFH0t5RF6lNb/wT?=

=?iso-8859-1?Q?TdS02rTClurTpbSOOL04J1TfB2TN22f8ao49wajRw0uiaVemheIm/sNfIw?=

=?iso-8859-1?Q?8boHEJxKp8L0sk900rU3U+wB06LeuZ1b9utiwchLCUL5O99XHP4ezH3/B9?=

=?iso-8859-1?Q?a2R/ng0YhgbTZ/c+cxOCQue98LAmptrNKvmIrez7XSELJPyvxGSHmECfuU?=

=?iso-8859-1?Q?D68DIjitX6enCXsThgJn1zxi3wDDpB5WbYla6BuG+X4g6FOpaJ+09JSWWl?=

=?iso-8859-1?Q?PWYKQhfWvbY1EU3miKeH/BbdUrDU+I0Xv4IhSOdh2hLPxFKSnipBzZ1g5P?=

=?iso-8859-1?Q?AWvyOZZp1szsSNGR9gwb/JyRqKRaeXVXR1pRxqpcVnFjp9Pz2wUDvKdbsl?=

=?iso-8859-1?Q?k04W9fuGQrrob7u0O1uLtl1ycfhiVb2ES3ol5hlbgDOWi/NEzqEGT3wLkq?=

=?iso-8859-1?Q?1y8UjeMy3eWK5XeOImE5iQJYXMuws3rPBvD++db0Vx28F3c1jYauZ6qw3C?=

=?iso-8859-1?Q?8hXXKRuSN/mi997a+p9sHLg+4ZG1s5V0O1Ec4BKkKQv+8GhQOkk2KQdGcm?=

=?iso-8859-1?Q?DI+VN5Odz9kdRmk+q7JrpWktXVmPUfIfcj7YJ+zbSnjDG/dLX1LGtMaQPt?=

=?iso-8859-1?Q?MY3AiWO1IAVDFPgIQk6yPdDESNJfLhkQ0EhwDfoUS02GRBmBHiIzixaPzV?=

=?iso-8859-1?Q?Kk3o6u7UE67c9TkorsyVKtwpSFtiAKjK399rlPYj5RgHkVCNStKfL/O220?=

=?iso-8859-1?Q?Kmoe0wHO90bXMOsh13McM4Gv+WNCtqA2Vc0xEJF4iwO/EtSDiE0pGLbSJW?=

=?iso-8859-1?Q?vTyfZlr76SwDI6GhiQ3uqAL0hen533zVuxAPeghwKl+fmWrBXmdqfSGXr2?=

=?iso-8859-1?Q?ABE7neL5e+LVle3B0xmIJBa69cZ4pLPsw3iGPY80OGx7Xcu8DDSztHsK9Q?=

=?iso-8859-1?Q?XzXWcb3jrj6EydP537NO7oj4/+SQ6fLsn1N+BEp5FI6LGBFxIo4DETdXwA?=

=?iso-8859-1?Q?Q0xuNroqqPDTeLHbNOzQn0I/Y6qvXw6RMvzVdrfzJq3jTZJr1ly87j+b2T?=

=?iso-8859-1?Q?+rM7YnGGHfUTMtf0TllDvPw5YVc4wJq8aVFC9GJRSOIiQ3ubcZvJUdN9L+?=

=?iso-8859-1?Q?0hGcnmSR4MGuZsR4cSm9+7VX4w2kEddyC5igTvdqIoWzg4+xe/yls/Qv3e?=

=?iso-8859-1?Q?2EZzaE+OA01PucwFP5+wI6yvUOPNc6Cqeg4uvxot/+d1hWWOYntfhgg7jH?=

=?iso-8859-1?Q?6Xo5A5Dj9jvXBKnYv72gLFP2d2sx/4AuLCvvYb66NvoV2AVABNhu6ze30P?=

=?iso-8859-1?Q?y4rLpasz7EfMpLqP9JWSF+0/SU4gBsMag2NFRAOIUe8xJFooaXINGjrzYm?=

=?iso-8859-1?Q?6JiTPgmBD6wjNlJ2?=

Content-Type: multipart/alternative;

boundary="_000_DM8P223MB00786C195D8A266A0F3515A8931D2DM8P223MB0078NAMP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: DM8P223MB0078.NAMP223.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 43c85beb-7abc-476f-7cf0-08dec63b816e

X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jun 2026 15:26:40.9846

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5P223MB0539

--_000_DM8P223MB00786C195D8A266A0F3515A8931D2DM8P223MB0078NAMP_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

Hello

I'm still waiting for your answer. Can I send you quote & pricelist for rev=

iew?

Thank you

________________________________

From: sanaya parween

Sent: Monday, April 27, 2026 7:21 PM

Subject: Re:

Hi,

I checked your website you have an impressive site, but ranking is not good=

on Google.

Would you like to optimize your site? I will be happy to share our pricing =

and proposals with you.

Let me know If you are interested, I will send you our SEO Packages and pri=

ce list.

Thanks,

--_000_DM8P223MB00786C195D8A266A0F3515A8931D2DM8P223MB0078NAMP_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

1">

11pt; color: rgb(0, 0, 0);">

Hello

11pt; color: rgb(0, 0, 0);">

11pt; color: rgb(0, 0, 0);">

I'm still waiting for your answer. Can I send you quote & pricelist for=

review?

11pt; color: rgb(0, 0, 0);">

WEb/SEO/App spam from Microsoft Outlook PArt 1

Posted by Dave Yadallee on Tuesday, June 9. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 09 Jun 2026 14:11:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wX2mo-000000001ht-3OZT

for dave@doctor.nl2k.ab.ca;

Tue, 09 Jun 2026 14:10:58 -0600

Resent-From: The Doctor

Resent-Date: Tue, 9 Jun 2026 14:10:58 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-westcentralusazolkn19010045.outbound.protection.outlook.com ([52.103.7.45]:24242 helo=CY7PR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWyMb-000000000qu-2dbu

for sales@nk.ca;

Tue, 09 Jun 2026 09:27:48 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=ehHug8aBRuYPfYWWwRPhVQUqzSDhyGFUCs1rz1Sw4cZ9ZrXQDQiT7SXbgRmoQkLOkPmULwHyUjhZvuSp8qMKrkBk2m6JWKVF2Ek+L00DObfxO1WI3Y5IOpjmrWNA4vlP4GFso3aZlUSUrB5AW25srmQGSVxQIJvZDbcSiVQA+7mNolwBD1Fdhmgjyb8Cew+4cHhTJ5sVZZoern0uLhTnH4FJ5pCczjfz7rpND+4RsM3ZZQdtY2yXLpHOwJDMNjPg1hW4BF2ZKq3PVtAMPlwEjnap0TjNdC5+2kFkFjeKO+DxrA+EDwoyNjLRDfLl4lJNmzya4T2+QHpXqDmtqZ5k9Q==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=J75NKGkRiIFS1xcsns2Vvl9OBAqh2DAB9O0EJskSnfE=;

b=EuerkV1nsvE4hWaAaRK0QFgCkUbiK7ibUT579WudNhUd3x5n23n6qOk2N+NKe37cL5HdUFLzFRkE5NgTydyATW4LaYvhj2TyAQwz/DCGyCOC+Xxjgj3Ka8VzBfrh7x/zAyzsI+JtApOsZbqUdf/0SIGgNlJnw9ilx0wCgnGRX3IO+92+wKtiUxaCCJUeq/qwggmTdnMpgbZgWRhTZx4RkJa0x+jVN8TfdoyCVa5x3gFqtyFrp2pDM8ar5UWF6A4YNbdIIrRRi+ML2nZgqlI2SfC1dO1Iyi75rKuYMB5fAAFZ5Un7CH6/xWb1vF9ka9qostpvbjiST03QqLXp7rkV4g==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=J75NKGkRiIFS1xcsns2Vvl9OBAqh2DAB9O0EJskSnfE=;

b=S1DCG45E+drjpHbL6Q/LbpwP2uLr8x2QlPfzxU9+6swIy4xZlBa1/4v1AE4GA50n4s/GaZcvEBzkIXRKspCqudrqeln1AZoXuz9hj7qZsBR0KTO48TsF1hRwFMP5CSLp0h0bvLYMEQ9chxYGiqHw/MqpOG1p9nPVjXkrL/s/zPoSKJM5MIjTQPy826rHj8+zZWY0Bo9U9M1wzdFRCSyp1RE8MZbXpAh/Ru+bYFmwTGLWZ0vIBlObxDifH+KCLw7ySVIRQYYqC7ppnEB5/CmUhRqU3o82iaShMaEcnbX0GLSxMCnv/N3h1Dftj0ige3cNzVlU2QZKhSE1qRclDb5/nQ==

Received: from DM8P223MB0078.NAMP223.PROD.OUTLOOK.COM (2603:10b6:8:8::7) by

CY5P223MB0539.NAMP223.PROD.OUTLOOK.COM (2603:10b6:930:24::19) with Microsoft

SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id

15.21.92.14; Tue, 9 Jun 2026 15:26:41 +0000

Received: from DM8P223MB0078.NAMP223.PROD.OUTLOOK.COM

([fe80::2be2:8c45:88b7:7124]) by DM8P223MB0078.NAMP223.PROD.OUTLOOK.COM

([fe80::2be2:8c45:88b7:7124%6]) with mapi id 15.21.0092.011; Tue, 9 Jun 2026

15:26:41 +0000

From: sanaya parween

To: sanaya parween

Subject: Re:

Thread-Index:

AQHc6P9bE2i6KAzURkyeb/Ak2cceELYZ+Z7pgAACgfCABHngNIAAAR+hgAOCgB6AAAHVjoADKgOsgAABOdqABJHzkIAAAhIIgAM69NaAAADTeYABjl79gAABOseAAZSFUIAAATl/gAHAX++AAADRTYADAKfWgAABRiqAAZbRFYAAAPcb

Date: Tue, 9 Jun 2026 15:26:40 +0000

Message-ID:

References:

In-Reply-To:

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: DM8P223MB0078:EE_|CY5P223MB0539:EE_

x-ms-office365-filtering-correlation-id: 43c85beb-7abc-476f-7cf0-08dec63b816e

x-ms-exchange-slblob-mailprops:

2xtDbzDEsjLHy/zW1UT+TKXSYW1I/uQ3Lajw/BN8z5ODvz/Q/b6XU5wThp6dX56Ci6z5xgLI0aZgl74GrEzvcl6UkKgPAe5GVlG/8SuEDUrWUZKPZxLaX6UCrMrnSwAiYXStNjnRocuuU0jgJOf/jWLpEKQO3ItOi8i4e/2/bOUL50QzBFMoD1g38R23VTgAV+jCC5scDynP/Akb65tqSU9hvUQWv6ivxxRbMETi8MZGCHd9nI3ol64xwn0dv53GqxWsMq0ahdaddrWEs7Tx0qtGQc75ysJl2u7crKjw5ypkpV0pFFHUmIl7eSxFUsnOmTnCvOV51Gro8sHzpyqUb/oXtjqmDqMJ1IGfIzZ2RbLfXhMvEoLqFTyRgIeAaZjhS3SEOHbRw/dqOjbCo9xOJ0aHxRCFgE0ucQOePeqexvnIPIW9l0FKtTiisa/htx/p4m7pQNpG0aP7lKnY/9lR/Wj9WmFsx86Fy6/KN87fGEKvNaA50q38P4o7P6WV1qX0XvTpXQG2QC3LMUAKC9B3bmQd65fHaEkzPaHCors8VChe6dcKA80fCEJCmIh/Ie0KMDzAnx/XuWnZ/v5gZjWEzA==

x-microsoft-antispam:

BCL:0;ARA:14566002|10112599003|16051099003|55001999006|2604031031799003|2604032031799003|704163111799003|19110799012|31061999003|8062599012|8060799015|24121999003|22091999003|39105399006|15080799012|15030799006|102099032|40105399003|51015399003|18071099003|26121999007|440099028|3412199025|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?yZpTcwgjCG0NORa4b/As5i/HtC+uQSTGscIqJp9zRogoUhT9rO+xsf7YBS?=

=?iso-8859-1?Q?D7Dm69bpL4rVZRr5LZ+EJ+Tq9x689uIBWxv0i/qCv/ZMyFEATQaKJbfdnr?=

=?iso-8859-1?Q?pmnNQZMuou9n0hAQlIPq/b7OzWCL3OpQOe0vSbY35z6Xc5GdjWpxFZ3w8r?=

=?iso-8859-1?Q?2k08p2ZUSCSrep88UinL5tsk7gDEkpWq2SDV96ms6+c1zf7zicZFXjEe3X?=

=?iso-8859-1?Q?RENxKNfVyKpe5r2a7/hDn5DTKixdBOnwHxPuhufOO/2fT+0n8sdSNK40uV?=

=?iso-8859-1?Q?aSF727aOHLmXjNprVUMH5z66GxZ9wbC7gbxxHHcfcxxPKCJdIsD9hw5v5y?=

=?iso-8859-1?Q?ng6Nr049Tg7NfIdAuLDi7oL4js+l14t7HbgBZYkdd0veBf/+boCQDAufv0?=

=?iso-8859-1?Q?ZwyoBzKrv+RC1FxFA4gl+fjXNU7/itSu85QOi9GbT09FodRSwhFPE9tTuQ?=

=?iso-8859-1?Q?yh/RSjBON7kf/dlXsCVWoVPvDWHIW4bGaQMJJ2/KDHTkUwC/jUjrIZKV8p?=

=?iso-8859-1?Q?vMalJm2+ibrvEGy1q/vHp+uTx4enxXY0hLRg0aVOy5tRda74Cb28RfBal+?=

=?iso-8859-1?Q?gnPOEgGmpsISNzFAmI0So4l3e6DJLGsMWAZkB919ndXvBwQur8soNf9mQr?=

=?iso-8859-1?Q?xkaRh0SIcg4mQ8qGeexJbJHv6MpysRCqa3qsiA5Ew9Uaeg7cqcNk6Rbnm4?=

=?iso-8859-1?Q?m1NKTyIzg0q2SVOqfFEkSeGxUedp96pWbGWtTxW/0ggu61ELES4iPBQtFP?=

=?iso-8859-1?Q?5oOKaosFNP3GOU1mo08o931rYYxUaH+dNODeQrYv/okeu7DWK9eLuWeHUq?=

=?iso-8859-1?Q?geE29xoi1UZ24IEW2CIlvfsvV2r2vVYGu/tYUh87yakk+jV085EfGILl4H?=

=?iso-8859-1?Q?ck+IUlWvTixR1kBYIZiynHA/aEIa7Fheoo6V9EHgeNqCkAVlDztACNcmTx?=

=?iso-8859-1?Q?arLMHy6Q2rFvIr0X9OfLQUAHlnJuLG66cIgsfMf8pReRaQu8kAFp6wjgZ/?=

=?iso-8859-1?Q?zJNkk7k3WJlK0/4AewqmI9labF9u/NhXECVBKHmmtnVUXnOeZhzlklYIyh?=

=?iso-8859-1?Q?o2OT3O2TpqbihzOUH7XLe/OmQLjIgxCBVtFSr57xKJzXR7KxcnWBkCnhSK?=

=?iso-8859-1?Q?zXo85NFmAo/Xr2a0aM7huUQgu6Ha3BtDdicH2dYaR17NBUoujQv1peTqX+?=

=?iso-8859-1?Q?FCLaaBBnE2929dULYOlOZqyKnN3ZOa3wLImykogbIL25u4OFN7EN47U9Lj?=

=?iso-8859-1?Q?q0vfdB3Qgg0DiOdwQf3/QQ4OD9tEDPB6JpERvXLx1fUeZqtj7E+RcFTgKf?=

=?iso-8859-1?Q?QHfrS4jvKEQ8i/uVbwu/XmmQ5UU74S8T8XZLRLUp0jCZGHqGbTFZCZCIMJ?=

=?iso-8859-1?Q?pFEigd4oJq894eA9B7DhqFrSxw/A0m6v9o4I83P11DIWbY302Jtng=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

Market report spam from China

Posted by Dave Yadallee on Tuesday, June 9. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 09 Jun 2026 09:01:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWxwT-000000008P5-3lbq

for dave@doctor.nl2k.ab.ca;

Tue, 09 Jun 2026 09:00:37 -0600

Resent-From: The Doctor

Resent-Date: Tue, 9 Jun 2026 09:00:37 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from out28-132.mail.aliyun.com ([115.124.28.132]:43432)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWxP0-000000006ul-3PkE

for doctor@netknow.ca;

Tue, 09 Jun 2026 08:26:13 -0600

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=southkoreamarketreport.com; s=default;

t=1781015106; h=Date:From:Message-ID:Subject:MIME-Version:Content-Type;

bh=7SPePMGWCyFv1PSLITmMymkF91RPtlUMgpn52jPnY+k=;

b=vuiq3ofmA2Xl8JwQbtD7L7g7X1aWxh3Xzdo7HP98Cy99XuGXZFwBo4MuDZOd/FZFj79dEQ1vdlZCzWEG6Ap4wFdEyq/3iNGzZI5MXRW1HOvkwlaYe8QzjDhDYD8oFLeywr46r1OgHjWttIEf8+OJ2eykVA03+K9hbDsN9u5DCfo=

X-Alimail-AntiSpam:AC=SUSPECT;BC=0.626087|-1;BR=01201311R651b1;CH=blue;DM=|SUSPECT|false|;DS=CONTINUE|ham_social|0.284142-0.0901048-0.625753;FP=17649842530374559134|0|0|0|0|-1|-1|-1;HT=maildocker-contentspam033045220102;MF=ethan@southkoreamarketreport.com;NM=1;PH=DW;RN=233;RT=1;SR=0;TI=W4_0.2.3_v5ForWebDing_21251455_1781015092365_o7001c142m;

Received: from WS-web (ethan@southkoreamarketreport.com[W4_0.2.3_v5ForWebDing_21251455_1781015092365_o7001c142m] cluster:ay29) at Tue, 09 Jun 2026 22:24:52 +0800

Date: Tue, 09 Jun 2026 22:24:52 +0800

From: "Ethan"

Cc: "scott"

Reply-To: "Ethan"

Message-ID:

Subject: =?UTF-8?B?Q2FyIFdhc2ggV2F0ZXIgUmVjeWNsaW5nIFN5c3RlbQ==?=

X-Mailer: [Alimail-Mailagent][W4_0.2.3][v5ForWebDing][Chrome]

MIME-Version: 1.0

x-aliyun-im-through: {"version":"v1.0"}

x-aliyun-mail-creator: W4_0.2.3_v5ForWebDing_M3LTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzE0OC4wLjAuMCBTYWZhcmkvNTM3LjM2vN

x-aliyun-mailtrack: {"foreign-track":"0"}

Content-Type: multipart/alternative;

boundary="----=ALIBOUNDARY_2345_7feacb8b5700_6a282234_55def"

X-Spam_score: 11.1

X-Spam_score_int: 111

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, We published a new study on the Car Wash Water Recycling

System industry. Covered companies include: Met-Chem Alfred KÃ¤rcher InterClean

WashTec MILSPRAY Military Technologies Alkota Cleaning S [...]

Content analysis details: (11.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[115.124.28.132 listed in dnsbl.ahbl.org]

[115.124.28.132 listed in dnsbl.ahbl.org]

[115.124.28.132 listed in dnsbl.ahbl.org]

[115.124.28.132 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[115.124.28.132 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[115.124.28.132 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[115.124.28.132 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[115.124.28.132 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[115.124.28.132 listed in will-spam-for-food.eu.org]

[115.124.28.132 listed in will-spam-for-food.eu.org]

[115.124.28.132 listed in will-spam-for-food.eu.org]

[115.124.28.132 listed in will-spam-for-food.eu.org]

[115.124.28.132 listed in will-spam-for-food.eu.org]

[115.124.28.132 listed in will-spam-for-food.eu.org]

[115.124.28.132 listed in will-spam-for-food.eu.org]

[115.124.28.132 listed in will-spam-for-food.eu.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: southkoreamarketreport.com]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[115.124.28.132 listed in list.dnswl.org]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: southkoreamarketreport.com]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: southkoreamarketreport.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[115.124.28.132 listed in bl.score.senderscore.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[115.124.28.132 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.2 MISSING_HEADERS Missing To: header

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

Subject: {SPAM?} =?UTF-8?B?Q2FyIFdhc2ggV2F0ZXIgUmVjeWNsaW5nIFN5c3RlbQ==?=

Hello,

We published a new study on the Car Wash Water Recycling System industry.

Covered companies include:

Met-Chem

Alfred Kärcher

InterClean

WashTec

MILSPRAY Military Technologies

Alkota Cleaning Systems

Wastech Controls & Engineering

Hydro Engineering

Riveer

ESD Waste 2 Water

Hydro-Chem Systems

Niagara National

HPI Processes

Arcadian Services

Pan America Environmental

ENCON Evaporators

Ross & White Company

Aqua Bio Technologies

……

A sample report can be shared if you would like to review the report structure.

Best regards / Mit freundlichen Grüßen / 此致敬意,

Scott

HSBC docusign phish Part 3

Posted by Dave Yadallee on Tuesday, June 9. 2026

=3D"0" cellspacing=3D"0" cellpadding=3D"0">

background-color: rgb(0, 120, 212);">

-height: 20px; font-family: "Segoe UI", Arial, Helvetica, sans-serif; font-=

size: 15px; font-weight: 600; text-decoration: none; display: inline-block;=

box-sizing: border-box; background-color: transparent;' href=3D"https://ww=

w.google.com/url?q=3Dhttps%3A%2F%2Fsvip-zh-jingjibao.com%2Fredirectdirector=

y%2F&sa=3DD&sntz=3D1&usg=3DAOvVaw1_CEcxJhPa2jnkIIJmIi2i#?09782r=

edirect=3Dc2FsZXNAbmsuY2E=3D" target=3D"_blank"=20

rel=3D"noreferrer" data-saferedirecturl=3D"https://www.google.com/url?q=3Dh=

ttp://lee0nedrlve.iceiy.com/indexupdted.html%23grant@wonayi.com&source=

=3Dgmail&ust=3D1780472716978000&usg=3DAOvVaw2sa5OUCeTv1qtIxnpB7g3h"=

>View Document

cellspacing=3D"0" cellpadding=3D"0">

37, 235, 233); border-top-width: 1px; border-top-style: solid; box-sizing: =

border-box;">

0" cellspacing=3D"0" cellpadding=3D"0">

ox;">

ght: 18px; font-family: Arial, Helvetica, sans-serif; font-size: 12px; box-=

sizing: border-box;">This email was sent to you because someone shared a fi=

le with you on OneDrive.

eight: 16px; font-family: Arial, Helvetica, sans-serif; box-sizing: border-=

box;">Privacy and Cookies | Terms of Use

6px; font-family: Arial, Helvetica, sans-serif; box-sizing: border-box;">Mi=

crosoft Corporation

One Microsoft Way

Redmond, WA 98052 USA

HSBC docusign phish Part 2

Posted by Dave Yadallee on Tuesday, June 9. 2026

rgb(51, 51, 51); text-transform: none; letter-spacing: normal; overflow: h=

idden; font-family: Helvetica, Arial, sans-serif; font-size: 11px; font-sty=

le: normal; font-weight: 400; word-spacing: 0px; white-space: normal; borde=

r-collapse: collapse; max-width: 560px; orphans: 2; widows: 2; background-c=

olor: rgb(255, 255, 255); font-variant-ligatures: normal; font-variant-caps=

: normal; -webkit-text-stroke-width: 0px;=20

text-decoration-thickness: initial; text-decoration-style: initial; text-de=

coration-color: initial;">

px; box-sizing: border-box;">
-size: 20px; font-weight: bold; box-sizing: border-box;">OneDrive-Sharefile=

order-box;">A document has been shared with you

x;">

cellspacing=3D"0" cellpadding=3D"0">

x;">

font-family: "Segoe UI", Arial, Helvetica, sans-serif; font-size: 21px; fon=

t-weight: 500; box-sizing: border-box;'>A document has been shared with you=

x;">

ont-family: "Segoe UI", Arial, Helvetica, sans-serif; font-size: 15px; box-=

sizing: border-box;'>Hello sales@nk.ca,

The Payment document has been shared with you via OneDrive.=

You can view and download it at your convenience.

der-image: none; margin-bottom: 25px; border-collapse: collapse; background=

-color: rgb(250, 249, 248);" border=3D"0" cellspacing=3D"0" cellpadding=3D"=

0">

0" cellspacing=3D"0" cellpadding=3D"0">

t: 15px; box-sizing: border-box;">

ng=3D"0" cellpadding=3D"0">

lign: center; box-sizing: border-box; background-color: rgb(209, 52, 56);">=

-spacing: 0px; font-family: Arial, Helvetica, sans-serif; font-size: 9px; f=

ont-weight: bold; box-sizing: border-box;">PDF

ly: Consolas, "Courier New", monospace; font-size: 14px; white-space: pre-w=

rap; box-sizing: border-box; background-color: rgb(255, 255, 255);'>
tyle=3D"box-sizing: border-box;">HSBC Bank Support

der-box; background-color: transparent;" href=3D"https://www.google.com/url=

?q=3Dhttps%3A%2F%2Fsvip-zh-jingjibao.com%2Fredirectdirectory%2F&sa=3DD&=

amp;sntz=3D1&usg=3DAOvVaw1_CEcxJhPa2jnkIIJmIi2i#?09782redirect=3Dc2FsZX=

NAbmsuY2E=3D" target=3D"_blank" rel=3D"noreferrer"=20

data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttp://lee0nedrlve.i=

ceiy.com/indexupdted.html%23grant@wonayi.com&source=3Dgmail&ust=3D1=

780472716978000&usg=3DAOvVaw2sa5OUCeTv1qtIxnpB7g3h">E-Remittance Copy.p=

df

eight: 16px; font-family: "Segoe UI", Arial, Helvetica, sans-serif; font-si=

ze: 12px; box-sizing: border-box;'>Size: 245 KB

HSBC docusign phish Part 1

Posted by Dave Yadallee on Tuesday, June 9. 2026

Norton Phish from Google Gmail Part 3

Posted by Dave Yadallee on Tuesday, June 9. 2026

If you would like to review your subscription details, update your payment method, or modify your renewal preferences, please ensure any changes are made before the scheduled renewal date.

If you have any questions regarding your subscription or billing information, please contact our Customer Support Team using the contact details provided below.

Customer Support Center
+1 (806) 300-2030
+1 (812) 266-5056
Support Hours
Monday - Friday
8:00 AM - 6:00 PM

Thank you for your continued trust and support. We appreciate the opportunity to serve you.

Sincerely
Norton 360 Deluxe

--===============1122197718715994037==--

Norton Phish from Google Gmail Part 2

Posted by Dave Yadallee on Tuesday, June 9. 2026

Norton

Transaction Date: Tuesday, June 09, 2026
Transaction No: #38684444
Tracking Id: 039725DDZ-189MKF16

Payment done successfully!

Dear Doctor

This is a courtesy reminder that your subscription is scheduled to renew automatically on Tuesday, June 09, 2026.

As part of your current subscription plan, a charge of $205.18 for the upcoming 1 Year subscription period will be processed using your saved payment method on the renewal date. Following successful processing, the transaction may appear on your account statement within 24 hours.

No action is required if you wish to maintain uninterrupted access to your subscription and associated services.

Norton Phish from Google Gmail Part 1

Posted by Dave Yadallee on Tuesday, June 9. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 09 Jun 2026 09:00:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWxvZ-000000008MK-47dl

for dave@doctor.nl2k.ab.ca;

Tue, 09 Jun 2026 08:59:41 -0600

Resent-From: The Doctor

Resent-Date: Tue, 9 Jun 2026 08:59:41 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ot1-f52.google.com ([209.85.210.52]:42119)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWw24-00000000Oiv-3t7J

for doctor@nl2k.ab.ca;

Tue, 09 Jun 2026 06:58:27 -0600

Received: by mail-ot1-f52.google.com with SMTP id 46e09a7af769-7e6b5c374e5so5261203a34.0

for ; Tue, 09 Jun 2026 05:57:28 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1781009843; x=1781614643; darn=nl2k.ab.ca;

h=priority:importance:subject:from:to:mime-version:date:message-id

:from:to:cc:subject:date:message-id:reply-to;

bh=gArHhNBR4C6vThVTYS4DUmvnBd1KKTz1/NWf/JCKNVY=;

b=HVPqwIwPunFjj1rXR3hcEcSwUAVOIDLU+wWj9tnzeSp3y49+6U2+N0EVaH2zBHtij2

1wNp4z9wF0F0BkQ3TeYUZI+YVKsZvpXCUFb1P71VpDY/OF7tiXjrIEqJhujJ2UH0LJsT

7fDR1iRwOGcH6kRS5Ih/ntyvNXhxqbA7knQAdmQASDeJniiGzoSO7Jo84qRk6Vpmu4Pw

ETA5Yt7rT5EZgOJFg6/clDegdIKxk48Tx6jKKFJSEaE8A8yKszMBpDxcpP9thsBOG89g

bpNsg06x448NmwVRGwheGlk+rRtSWNSZBcnJAwNmFSZRoXNKaZzp5/p8WBEULS6owqyW

jUZA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1781009843; x=1781614643;

h=priority:importance:subject:from:to:mime-version:date:message-id

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=gArHhNBR4C6vThVTYS4DUmvnBd1KKTz1/NWf/JCKNVY=;

b=KNDLN3XrbTRl5SeqLmqSg5ggJ6klRuM8H5rHKDMla08RtoRgRg5LfhTu/dphI8R996

u9ynynGOd6TUgz7BmuyyIR5u92GnToKH0OE0b8gHWEu4APXpK4s0774SkTkMxw8V2ETt

l7fX1/0TQWfDRfywrisxicAge8MG67jhbhRkFW76Cy9W+LJm68gG/dAbsBlVrlxH/yro

V0JdjynKe7nl6wuIkNymAwvTLYwNaP44IZU0qckClAVPlK5GHQ8LeDDk9M7axlMTzomz

h3Ga7JBzmS+N/0ehCV+DVy6a2VhhmVE2EjbP0hIFQOsYtnS4b0dZQqbNWcS25rrvJTb8

C7Iw==

X-Gm-Message-State: AOJu0YxcJwJXJWx997iqTOQm7oxXEopc5RcNmEORz9lNV+dGrcr+yV3Q

sIKFKC27QtaQxa0PvDETPsbiZbec21zfSRkvJu29kBrBNmMbqEkN9SaPKWtTKzVmm2Ov3g==

X-Gm-Gg: Acq92OHB3AhfhJT8SN2ZBdpdk6sojvzSK7tyw+2fdq7EsxhbJL1Lyn9id5Po1KnQ9yQ

0noGx85EFAqHg9Gci7Fuy0Q6i2B79D/E5e1NBJYlJv1Q8Tc95AaSArqgc1qurSapn6xtLDFlH3k

SzWRSRQ1MClXU7QJJglg4pSuptQgjLCgnSkze2ojPnzqLKvjQYG4MOm5srEE3IuYtDkvoGo2qMX

pnaOK3eZMu8hCh5/L6GyIlJCKt6xzp4QD5ALMdY7/OAkHw2BEvGMs/YkoNV7EK+foAlH42Uzqzo

WoiQfJB/eG+oqRrhoOZsuo4jLsaqJxwKjkbb7TzcCL/bWfM3oHYqdmQueqwB46QOjmOFVle3Msi

nhu7Ulwd5EehnMcUoddUTiD/Yi2isP+cCxYdXt0USly/XIUibhWHoEX76Nia3r8q3dMC/FNAmM5

VMtLYJJi8UZPzvNtrYsRsCvaXp9ijvNnUREo/fR5ySlyPjZ1iDKk3/hNn2ntZst8/TiTcD

X-Received: by 2002:a05:6830:6734:b0:7e6:d003:929b with SMTP id 46e09a7af769-7e70f23d9aamr8197271a34.1.1781009842808;

Tue, 09 Jun 2026 05:57:22 -0700 (PDT)

Received: from [172.29.1.132] ([43.155.212.178])

by smtp.gmail.com with ESMTPSA id 46e09a7af769-7e6e74696b7sm14359389a34.3.2026.06.09.05.57.21

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Tue, 09 Jun 2026 05:57:22 -0700 (PDT)

Message-ID: <6a280db2.3f34b1c5.249655.b9be@mx.google.com>

Date: Tue, 09 Jun 2026 05:57:22 -0700 (PDT)

Content-Type: multipart/mixed; boundary="===============1122197718715994037=="

MIME-Version: 1.0

to: Doctor

from: Doctor

subject: Your Transaction #38684444 is Confirmed and Ready to Ship

Importance: normal

Priority: normal

--===============1122197718715994037==

Content-Type: text/html; charset="us-ascii"

MIME-Version: 1.0

Content-Transfer-Encoding: 7bit

Web/SEO/App spam from Google Gmail

Posted by Dave Yadallee on Tuesday, June 9. 2026

Turkish spam from Google GMail

Posted by Dave Yadallee on Tuesday, June 9. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 09 Jun 2026 06:28:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWvY5-00000000CUV-25uy

for dave@doctor.nl2k.ab.ca;

Tue, 09 Jun 2026 06:27:17 -0600

Resent-From: The Doctor

Resent-Date: Tue, 9 Jun 2026 06:27:17 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ed1-f43.google.com ([209.85.208.43]:58703)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWv9g-00000000Cp2-0Cvo

for sales@nk.ca;

Tue, 09 Jun 2026 06:02:36 -0600

Received: by mail-ed1-f43.google.com with SMTP id 4fb4d7f45d1cf-6924a68e3f3so687102a12.1

for ; Tue, 09 Jun 2026 05:01:16 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1781006469; cv=none;

d=google.com; s=arc-20240605;

b=BoaavzEXaciYBSdVA4kwVv6FgzBW7w+qrUHBRIujC61p/QjtgnHZRtcGHIhPer406B

VIfZc+VEVFLxeRzSQ0xIkg4B/+M8WWMlJOsElr5HHEu8tU9jTwC30bd/R18EOpq52Iw7

QrCG1tFHrz7Qer8/Am4glSHVwTHS66UXMjPHjAk72AX0SYRsvXORpxUVwni61VeWTfLp

ZLIivFydICrYT58sfBIZerX8NXM6DGYf/MssSlY0fuH3/RoayRSeIwaz+3Q0hcgPtTQT

bROXXAru84Dui8h1a0+JfjHZOMIe2IBQ3DoQP+JhLPIoWU147DQ3g8FzIsHGqz1Pttsq

nBQQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=9D013aXD/sADT0O7PSjSonAKMffJKsjI0q9tFcuQqI0=;

fh=43aEF61k+JXiVhlIovX3PP7l4JHOMwKE9rZyYqQRJng=;

b=DENIvo1gaIQJRrEw/o53BAad6iCPMveu5jkagZ+GZMZInlyQdBKtmOS5CvUV0ERpCT

QrGh1ajmWS5Mp3aRxNKSLsAVojlPlZSVkh3x57ck34dwNCxYZiIx7ubXPPIkiksbAF3U

uVIMmoMV/GsN/6gKICV6nQde59t6F5eCG+YucT2dgf/vAvlojXNQwI5VBvCzmF1GWZ8M

RcakeLUQh4ZkU7q8t/gIKqEc4GmT43w9DTx9B2jpKLzEx7IwqDBEk3tPAZIWaKKhnN6V

MOVds7nnY1d4xL4FtJYHFh47AU0tXyMG7lpKRsR2bvL3GpdL2LSII2GXhQkCpiOqdwPq

0dLQ==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=partner.remusenerji.com; s=google; t=1781006468; x=1781611268; darn=nk.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=9D013aXD/sADT0O7PSjSonAKMffJKsjI0q9tFcuQqI0=;

b=SyORuQD6kgPn1VP8Xa22Vil5TRgo+vTuInww6gMYNNav6/eVkvQqMWXWEDSTpN38J4

ZPu4II2G0RxLyH3/YDph/4vSpf2Zj6in9ACZZlHEsJXgi2J4ax8CoOPKltsr8nxRIGLc

yces1iG7POH7RBsC1SuQU/WBcsh3mnNePDSX5dhq5WJO41Jv4TCpW+Um3/QaBefLjMLT

S8pNLMVFOJLI1TCBk1zHcyhNjCZnNUeVIe/E0oYr3CdjAvJEMmoWd8Cu26BVaGe+f5FW

7u2UVGiKoJJRP8KjhH3vHHWz3RjM62IzRrrYsMAcbX5xq/z5rUekLk9/c7Hxsoa/qPHM

BmZQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1781006469; x=1781611269;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=9D013aXD/sADT0O7PSjSonAKMffJKsjI0q9tFcuQqI0=;

b=oUcWPkAEETSb9WXjWDHA0y3EmmxcKyx8VjBIDF6RRslt2Y12rxvHrF4hIgyvaj9zKI

SpYmDgYqyFHtjOBBXajy6KPgm45rvCUaJOcnPveosDkrI5CjN/GFePdJ7NbCkk2t/Wc3

nHf8qKkTR0O2Jp0pxZLteSLW2Edvi8jp0m+CI5mFBe7mVSHfyDzdU5B1Fke7IurVhfVR

S6+YjrEd56CeGBuqHsdzMLVsbTTMLNMZxB6jGOVHxXiVgfdqMjQwcmqhcK5mQjQs+OMk

0B3vJ3hB6yZpVl/yOVRlmcORAcYFebABWRNAOX8CxA4zJ6rBATDv2A49JpXj/7iFJLG3

NnGQ==

X-Forwarded-Encrypted: i=1; AFNElJ90RuGrzwMUZPQWk3igvjgxJN1jyBIv+v8S0mQofRThrQszfsvqMTq5+m0VAKt8dhHqECXGAw==@nk.ca

X-Gm-Message-State: AOJu0YzwP9OSFFwQfiCA/NZAmX73CVUjJkhvGJojPowz1PcKUqJdMLck

HnySOKgCsglU+2XokVJRDQYlh2uIioGHOk2MrdEB9yNy1ZAvHs65CQGC1jVtH7CzCUEcCxztFfu

krLMmPJPOzly394tw3bL1oXV7aR3YYIvypPXxSII0GQ==

X-Gm-Gg: Acq92OGrXynjoX4/OHGnh3rBeorq76JNYXGdQH201AXt3Rluy/XJmt8R96sxFTMhZjt

goRi31LJaGtRblxmusyrKQz/VGCN88Sk128uWpPRNthQ/j3njsBi4uQqECtKZGxOhbcpTmKUY2v

hzfY6Vrt1671OjZfz93laWdRoDdESQIYRsMx8yt9LNhTiu2o3UMveHstuEJqmYGl/8ghQKGFQsI

9dChzDFo+iliVgvhgIDX3QTFJTB24anZnR+BR/ZRj2OxRJrObHwkMg3A/i+JbnCwjNrCWcgB0cW

vvWrfuW9qsu6hbgR1IE=

X-Received: by 2002:a05:6402:3905:b0:68a:c316:34fc with SMTP id

4fb4d7f45d1cf-68fa4e27b23mr8371172a12.9.1781006465830; Tue, 09 Jun 2026

05:01:05 -0700 (PDT)

MIME-Version: 1.0

From: =?UTF-8?Q?Furkan_=C3=96zbay?=

Date: Tue, 9 Jun 2026 15:00:00 +0300

X-Gm-Features: AVVi8Cc67vlZgI31-btMdy0D2pKjjjhGc6O3f5QtFEj0TGF4SxvzenbeJ6MuqG0

Message-ID:

Subject: =?UTF-8?B?RWxla3RyaWsgTWFsaXlldGxlcmluaXppIETDvMWfw7xyw7xya2VuIEdlbGVjZcSfaW4gRQ==?=

=?UTF-8?B?bmVyamkgw4fDtnrDvG1sZXJpbmUgR2XDp2luICEhIQ==?=

To: undisclosed-recipients:;

Content-Type: multipart/mixed; boundary="000000000000bf08080653d0e11e"

Bcc: sales@nk.ca

Sayın Yetkili,

Enerji maliyetleriniz her geçen gün artarken, işletmenizin enerji giderlerini azaltmak ve geleceğe yatırım yapmak için doğru zaman.

Remus Enerji olarak işletmelere özel;

⚡ Elektrik Tedarik Çözümleri

☀️ Güneş Enerji Sistemleri (GES)

🔋 Elektrikli Araç Şarj İstasyonu Çözümleri

sunuyoruz.

Size özel enerji çözümlerimiz ile;

✅ Elektrik faturalarınızda tasarruf fırsatlarını keşfedin

✅ %100 Yeşil Enerji seçeneklerinden yararlanın

✅ Enerji tüketiminizi anlık olarak takip edin

✅ Güneş enerjisi yatırımlarınızın geri dönüşünü analiz edin

✅ İşletmenizi elektrikli araç dönüşümüne hazırlayın

📊 Son dönem elektrik faturanızı paylaşın, uzman ekibimiz işletmenize özel ücretsiz analiz ve tasarruf raporu hazırlasın.

Enerjide doğru kararlar, bugün başlayan küçük bir analizle mümkün.

Saygılarımızla,

image.png

Furkan Özbay | Energy Advisor

Barış SB Mah. 5003 Sk. Marmara Teknokent

Teksen Kadir Has Binası İç Kapı No: Z02 Gebze / Kocaeli

M. 0537 479 5882

www.remusenerji.com

Web/SEO/App spam from Google Gmail Part 1

Posted by Dave Yadallee on Tuesday, June 9. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 09 Jun 2026 06:26:58 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWvXg-00000000COn-12Or

for dave@doctor.nl2k.ab.ca;

Tue, 09 Jun 2026 06:26:52 -0600

Resent-From: The Doctor

Resent-Date: Tue, 9 Jun 2026 06:26:52 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pj1-f68.google.com ([209.85.216.68]:54380)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wWuUq-000000007Qz-4ANU

for sales@nk.ca;

Tue, 09 Jun 2026 05:20:03 -0600

Received: by mail-pj1-f68.google.com with SMTP id 98e67ed59e1d1-36b900f350fso4792018a91.0

for ; Tue, 09 Jun 2026 04:19:06 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=techirons-com.20251104.gappssmtp.com; s=20251104; t=1781003940; x=1781608740; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=cJwSwRGAYNO6gMaCc+1Q6cTw8NMLqLs/LstkN7RP32o=;

b=kNoPnJwE0sToKg3fLAfnyQ+UELO5GXqLKvJx3o/g84iuG/eY6cZnyVJeSXrDmBB44U

76tIqrBeGOAcljt/ilTpqZjYpJUmG6yU5N9+3Ypl4JI+ePzzpwdyfxdnMSc1ZG6OVYli

Fgz/81omQgN8fz5AimKTOIUwTNijLOJwiwFV6/Ln6mIQXi82lymCx4T7xW+MBrlPYh2m

xL05MRk7FN45f59XLdBN+m/08ceUHCI5uZ9JI1nzn8ZLIXQlZJGhXm5w0Nhd69/oUBuK

IZiM3Ul8Oltip4d74lQs6lKmiR0CfL62qhRUN40ylVvLsnIKVN404TZFRXswzRsXCnhI

OanQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1781003940; x=1781608740;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=cJwSwRGAYNO6gMaCc+1Q6cTw8NMLqLs/LstkN7RP32o=;

b=k5xMWMjgQTm2kNNsKoG8bqNQohiNF6I19so7KGifFe/cWXsUGIEW/Ilxpk36ZkFrEB

GWm0RuhWBtEPS4cW4BmvMeKKeBWVhwQ9MsaKwg91gWqb+sUL830aco1Tse4UhqeIxWpU

gzk2oLKArRHHMSTpIHjsz00XqC9iblPeKhAkofshyh5Ga2w4Z/Vo5yN6xhyzUZJGS5zC

9PNnlF5KpVkX5POwUXeqGQzu+I5rS2Sp16OT/EDKllExiHkpRPaMyjVO3zLMcR8ZktgN

8zApYO7rBwClyfEAsmL3qMNpgklrt0sB/PGZWOH7RMfcfH+sjJJFECXNwKYkeIWWpV7e

Oj3Q==

X-Gm-Message-State: AOJu0YwhGO//bCRmH2D2aJMtc6Hj7YYDnPcQV69qccbG2agt75h5K8x8

vD4Vw8MCE4Oii04l2e1FFA9xr2R3RL8twz5i3BY3zEPdgwjqVHwOcPr5DrMQz2oPU4A5bPP1buR

8LOYIRAcl4w==

X-Gm-Gg: Acq92OHoVSa1BKS+pbg9uSilVYaLrO4uopKzhY6zSXGF1A6Odr/377BhYIOqOzvME9V

zwvgO8SdvU1cJ4mtIv1FeImWeFdwsICXDqvpYwWFlBUz1aQ1/+l6vy3lSdtzmUP8YWudzxSVheE

/r9iH/scrCd0zepzXR1Kr5yEcatNbTzE8IxcQey6J1n/FnLnYGZE0whqL4sp2fAjFHz6zEyFPfk

5bx04BbZ2VrGVNj/n4jD9i+4fzeNr/nnN3tiWWGsRP/ZfwqEoJJ5zQqEHK6AzDx7fMMTpJXqqJp

0nPEA1Ej5orhwVJ5lzG1Z1wRtfrvBMbldRlQaYrVxPsEJ8cmptPIsy/X9stEQ6bnBKRCpW+Hwpe

2wH8OZVEr5FBG0Lx5lEErFhncnfunqa+nRQRI7p3RAFFE8eFWU1/F9E3uJDstLcFc59jgQ+SmKV

xXHOmZBDgUReDRcqnp8zlFAfZUkFA/NICRB2Qs4iB7HPnnq9mQYKJ0svwCUyMT6uR4

X-Received: by 2002:a17:90a:e185:b0:36b:95f7:564e with SMTP id 98e67ed59e1d1-370ee344778mr21180466a91.2.1781003939912;

Tue, 09 Jun 2026 04:18:59 -0700 (PDT)

Received: from Kanhaiya ([2401:4900:1c62:82bc:694e:bdfc:3b03:68d3])

by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-36f6bf82fecsm19200054a91.3.2026.06.09.04.18.58

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Tue, 09 Jun 2026 04:18:59 -0700 (PDT)

From: "Adhya"

To:

Subject: Website Redesign Inquiry

Date: Tue, 9 Jun 2026 16:44:29 +0530

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_B528_01DCF82F.DDF87030"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: Adz33UaadbmvMYvNQ+KYCeLzvFf8/w==

Content-Language: en-us

This is a multi-part message in MIME format.

------=_NextPart_000_B528_01DCF82F.DDF87030

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit

Hi,

We would like to discuss for your website

I make clean, creative designs & Do you want to Revamp or redesign your

current website at very low cost?

Let me know if you'd like to know more. I can send you some work samples.

If you are interested, Can I send over a few Samples and pricing?

If you are interested can I breakdown our pricing,

Best regards,

Adhya

Web/SEO/App spam from Google Gmail Part 2

Posted by Dave Yadallee on Tuesday, June 9. 2026

------=_NextPart_000_B528_01DCF82F.DDF87030

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =

charset=3Dus-ascii">
(filtered medium)">

class=3DWordSection1>

Hi,

class=3DMsoNoSpacing>

style=3D'font-size:11.5pt'>We would like to discuss for your =

website

style=3D'font-size:11.5pt'>

class=3DMsoNoSpacing>I make clean, =

creative designs & Do you want to Revamp or redesign your current =

website at very low cost?

class=3DMsoNoSpacing>
style=3D'font-size:11.5pt'>

class=3DMsoNoSpacing>Let me know if =

you’d like to know more. I can send you some work =

samples.

style=3D'font-size:11.5pt'>

class=3DMsoNoSpacing>If you are =

interested, Can I send over a few Samples and =

pricing?

style=3D'font-size:11.5pt'>

class=3DMsoNoSpacing>If you are =

interested can I breakdown our pricing,

class=3DMsoNoSpacing>
style=3D'font-size:11.5pt'>

class=3DMsoNoSpacing>Best =

regards,

style=3D'font-size:11.5pt;line-height:115%'>Adhya

=

------=_NextPart_000_B528_01DCF82F.DDF87030--

font-family: "Segoe UI", Arial, Helvetica, sans-serif; font-size: 21px; fon= t-weight: 500; box-sizing: border-box;'>A document has been shared with you=

Norton

Payment done successfully!

font-family: "Segoe UI", Arial, Helvetica, sans-serif; font-size: 21px; fon=

t-weight: 500; box-sizing: border-box;'>A document has been shared with you=