National Bank of Canada Phish Part 3

Posted by Dave Yadallee on



sans-serif,'Open Sans';color:#000000;font-size:11px;line-height:15px;padding-=

left:6px">

<=

img src=3D"https://www.bnc.ca/content/dam/bnc/formulaires/modele-courriel/ico=

n-facebook-25x25.gif" width=3D"25" height=3D"25" border=3D"0" alt=3D"">
td>


sans-serif,'Open Sans';color:#000000;font-size:11px;line-height:15px;padding-=

left:6px">


ttps://www.bnc.ca/content/dam/bnc/formulaires/modele-courriel/icon-twitter-25=

x25.gif" width=3D"25" height=3D"25" border=3D"0" alt=3D"">


sans-serif,'Open Sans';color:#000000;font-size:11px;line-height:15px;padding-=

left:6px">


k">
/icon-youtube-25x25.gif" width=3D"25" height=3D"25" border=3D"0" alt=3D"">
>


sans-serif,'Open Sans';color:#000000;font-size:11px;line-height:15px;padding-=

left:6px">


=3D"_blank">
-courriel/icon-linkedin-25x25.gif" width=3D"25" height=3D"25" border=3D"0" al=

t=3D"">


































r=3D"#ffffff">














=3D"center">












f,'Open Sans';color:#686868;font-size:11px;line-height:15px" align=3D"left" v=

align=3D"top">






















:Arial,sans-serif,'Open Sans';color:#686868;font-size:11px;line-height:15px">


d_aem-forms-email_en&utm_medium=3Demail&utm_source=3Depush-bnc&ut=

m_content=3Dinterrompu&utm_term=3D" style=3D"color:#686868;text-decoratio=

n:underline" target=3D"_blank">Terms

of use
5px;font-family:Arial,sans-serif,'Open Sans';color:#686868;font-size:11px;lin=

e-height:15px">

|
:Arial,sans-serif,'Open Sans';color:#686868;font-size:11px;line-height:15px">


ard_aem-forms-email_en&utm_medium=3Demail&utm_source=3Depush-bnc&=

utm_content=3Dinterrompu&utm_term=3D" style=3D"color:#686868;text-decorat=

ion:underline" target=3D"_blank">Privacy

policy
5px;font-family:Arial,sans-serif,'Open Sans';color:#686868;font-size:11px;lin=

e-height:15px">

|
:Arial,sans-serif,'Open Sans';color:#686868;font-size:11px;line-height:15px">


-card_aem-forms-email_en&utm_medium=3Demail&utm_source=3Depush-bnc&am=

p;utm_content=3Dinterrompu&utm_term=3D" style=3D"color:#686868;text-decor=

ation:underline" target=3D"_blank">ABC's

of security


 


=C2=A9
pan id=3D"m_7846915511811232371current-year">

National Bank of Canada. All rights reserved. Any reproduction, in who=

le or in part, is strictly prohibited without the prior written consent of

National Bank of Canada.





National Bank of Canada, 800 St-Jacques Street, Montreal (Quebec) =

 H3C 1A3






en&utm_medium=3Demail&utm_source=3Depush-bnc&utm_content=3Dconfir=

mation&utm_term=3D" style=3D"color:#686868;text-decoration:underline" tar=

get=3D"_blank">nbc.ca





For options to unsubscribe,
s/withdraw-consent.html" style=3D"color:#686868;text-decoration:underline" ta=

rget=3D"_blank">

click here.















',serif">




CONFIDENTIALIT=C3=89 : Ce document est destin=C3=A9 uniquement =C3=A0 la pers=

onne ou =C3=A0 l'entit=C3=A9 =C3=A0 qui il est adress=C3=A9. L'information ap=

paraissant dans ce document est de nature l=C3=A9galement privil=C3=A9gi=C3=

=A9e et confidentielle. Si vous n'=C3=AAtes pas le destinataire vis=C3=A9 ou =

la personne

charg=C3=A9e de le remettre =C3=A0 son destinataire, vous =C3=AAtes, par la =

pr=C3=A9sente, avis=C3=A9 que toute lecture, usage, copie ou communication du=

contenu de ce document est strictement interdit. De plus, vous =C3=AAtes pri=

=C3=A9 de communiquer avec l'exp=C3=A9diteur sans d=C3=A9lai et de d=C3=A9tru=

ire

ce document imm=C3=A9diatement.


CONFIDENTIALITY: This document is intended solely for the individual or entit=

y to whom it is addressed. The information contained in this document is lega=

lly privileged and confidential. If you are not the intended recipient or the=

person responsible for delivering

it to the intended recipient, you are hereby advised that you are strictly p=

rohibited from reading, using, copying or disseminating the contents of this =

document. Please inform the sender immediately and delete this document immed=

iately.














--===============2055802396406754633==--

National Bank of Canada Phish Part 2

Posted by Dave Yadallee on

r=3D"#EB212E">












10px">


=3D"center">












Sans';color:#333333;font-size:14px;line-height:19px" width=3D"600">


















on-confirm-84x44.gif" width=3D"42" height=3D"22" alt=3D"">


ine-height:19px;color:#ffffff;font-weight:bold">

MESSAGE CONFIRMATION









r=3D"#FFFFFF">














=3D"center">












Sans';color:#333333;font-size:14px;line-height:19px">


ont-size:20px;line-height:24px;font-weight:normal">

Confirmation of W-8BEN Expiration and Required 2026 Renewal


 


Dear Client,



This notice confirms that the W-8BEN form previously submitted for your accou=

nt has expired and must be renewed. The W-8BEN is required to verify your non=

-U.S. tax status and to ensure appropriate application of withholding rules. =

Once expired, it can no longer be relied upon for regulatory purposes.



Our system indicates that your documentation is no longer current. To maintai=

n compliance and avoid default withholding treatment, you must submit a renew=

ed W-8BEN. Once reviewed and approved, the renewed form will be recorded as v=

alid through December 31, 2026, subject to regulatory standards.



To complete this update, please log in using the secure access link below:


Finalize =

W-8BEN Update



After signing in, proceed to the tax documentation area where you will comple=

te the renewal. The system will prompt you to review identifying information,=

confirm tax residency, and submit a new certification. Following approval, n=

o further renewal will be required before 2026 unless your circumstances chan=

ge.



Completing this renewal ensures compliant tax handling through the end of 202=

6.







r=3D"#ffffff">












15px">





r=3D"#d2d2d2">





=


12px;border-top:1px solid #a6a6a6;border-bottom:1px solid #a6a6a6">






















h=3D"630">












//www.bnc.ca/content/dam/bnc/formulaires/modele-courriel/spacer-social-media-=

1x1.gif" width=3D"630" height=3D"1" style=3D"display:block;max-height:1px;min=

-height:1px;min-width:630px;width:630px" alt=3D"">





=3D"center">




















h=3D"600">












//www.bnc.ca/content/dam/bnc/formulaires/modele-courriel/spacer-social-media-=

1x1.gif" width=3D"600" height=3D"1" style=3D"display:block;max-height:1px;min=

-height:1px;min-width:600px;width:600px" alt=3D"">










National Bank of Canada Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:48:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8LT-00000000Knr-3TBk

for dave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:47:39 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:47:39 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [87.121.218.234] (port=46718 helo=mail.hnyczh.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd7ox-00000000MhA-3XL3

for doctor@netknow.ca;

Tue, 06 Jan 2026 07:14:13 -0700

DKIM-Signature: v=1; a=rsa-sha256; d=hnyczh.com; s=dkim; c=relaxed/relaxed;

bh=hlLkFPXcnWt8vCOUT0EPbUVVz306ITpre5XIIMx6RAY=;

h=from:to:subject:date:message-id:sender; t=1767708793;

b=kwjipHfQm34NvtF+dk55pqdmGRcTA0tkdbg2tOo0QuM4fuuFIPJnNvxdRSwConW0u9zZ+CVyR

CtvzYvjjXoyxJ/OEBchCPerX5OyPbDMEzKO7r6CaF134UpgBkgUu3hGy5wKswmGJ5nWKx+C0Tht

UPOeuwY08k3FlG5y9cd1zrYX9xtJTC61Ij7rY//Fufwlm2EZRt/7RdeKTWdm8wzQuXDvo/1+Mya

UosTuUjsC+UHgtNcUJBwphG9aQVtXG8JV99VL4ymhYgqOrJWUDj7AzfPpM+RuIGYBV+0lsiJmO0

o5ykY/yf/3/SeMTWr44QSLuZWZqCSgh5h8H7ny4G/gnQ==;

From: National Bank Direct Brokerage

To: doctor@netknow.ca

Subject: Confirmation of W-8BEN Expiration and Required 2026 Renewal

Date: Tue, 06 Jan 2026 14:13:13 +0000

List-Unsubscribe:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-Mailer: Apple Mail (2.3445.9.1)

Message-ID: <176770879305.10062.8968705016475120347@127.0.0.1>

Content-Type: multipart/alternative;

boundary="===============2055802396406754633=="

X-Spam_score: 24.0

X-Spam_score_int: 240

X-Spam_bar: ++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Confirmation of W-8BEN Expiration and Required 2026 Renewal

MESSAGE CONFIRMATION Confirmation of W-8BEN Expiration and Required 2026

Renewal



Content analysis details: (24.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[87.121.218.234 listed in dnsbl.ahbl.org]

[87.121.218.234 listed in dnsbl.ahbl.org]

[87.121.218.234 listed in dnsbl.ahbl.org]

[87.121.218.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[87.121.218.234 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[87.121.218.234 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[87.121.218.234 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[87.121.218.234 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[87.121.218.234 listed in will-spam-for-food.eu.org]

[87.121.218.234 listed in will-spam-for-food.eu.org]

[87.121.218.234 listed in will-spam-for-food.eu.org]

[87.121.218.234 listed in will-spam-for-food.eu.org]

[87.121.218.234 listed in will-spam-for-food.eu.org]

[87.121.218.234 listed in will-spam-for-food.eu.org]

[87.121.218.234 listed in will-spam-for-food.eu.org]

[87.121.218.234 listed in will-spam-for-food.eu.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: bnc-nbdb-entrip.com]

[URI: hnyczh.com]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: hnyczh.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: hnyczh.com]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: hnyczh.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 MR_STRANGE_QUESTION URI: No description available.

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

3.0 VOWEL_URI_7 RAW: URI hostname with 7+ consecutive vowels

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

2.0 MIME_HEADER_CTYPE_ONLY 'Content-Type' found without required MIME

headers

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts

1.8 COMBO_IMAGEONLY1 Appears to be an image only message

Subject: {SPAM?} Confirmation of W-8BEN Expiration and Required 2026 Renewal



--===============2055802396406754633==

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: quoted-printable

MIME-Version: 1.0



Confirmation of W-8BEN Expiration and Required 2026 Renewal


Open Sans';color:#000000;font-size:11px;line-height:15px;padding-right:4px">

Stay connected

=3D"center">












Open Sans';color:#666666;font-size:11px;line-height:12px" align=3D"left" vali=

gn=3D"top">


"color:#666666;text-decoration:underline" target=3D"_blank">
://www.bnc.ca/content/dam/bnc/formulaires/picto/NB_2D_RGB.jpg" alt=3D"Button =

to the BNC website" width=3D"217" border=3D"0" style=3D"display:block">





r=3D"#ececec">


Geek squad phish from Google Gmail Part 5

Posted by Dave Yadallee on

/InformAction">
emtype=3D"http://schema.org/EmailMessage">
ntent=3D"7656138 435: ."/>
pe=3D"http://schema.org/Event">
tp://schema.org/EventScheduled"/>
mtype=3D"http://schema.org/Organization">
"Google Calendar"/>
=3D"aM9YtI48im5GtPvoCUx5wbISzX"/>
px; color: #fff; line-height: 1px; height: 0; max-height: 0; width: 0; max-=

width: 0; opacity: 0; overflow: hidden;" itemprop=3D"name">Arrangement no. =

WRYE8ADD update recorded
g=3D"0" cellspacing=3D"0" role=3D"presentation" align=3D"center" style=3D"w=

idth:100%;" class=3D"body-container">

lign=3D"left">
  <=

/div>
llpadding=3D"0" cellspacing=3D"0" role=3D"presentation" align=3D"center" st=

yle=3D"width:100%;" class=3D"">

=3D"left">


emprop=3D"description">.


=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" align=3D"c=

enter" style=3D"width:100%;" class=3D"">

id 1px #dadce0; border-radius: 8px; direction: rtl; font-size: 0; padding: =

24px 32px; text-align: left; vertical-align: top;" class=3D"main-container-=

inner">

size: 13px; text-align: left; direction: ltr; display: inline-block; vertic=

al-align: top; width: 100%;overflow: hidden; word-wrap: break-word;">
border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" wid=

th=3D"100%" class=3D"main-column-table-ltr" style=3D"padding-right: 32px; p=

adding-left: 0;;table-layout: fixed;">

d" style=3D"padding:0; vertical-align:top;">
=3D"0" cellspacing=3D"0" role=3D"presentation" width=3D"100%" style=3D"tabl=

e-layout: fixed;">

ft; word-break: break-word;;padding-bottom:2px;">

'Google Sans', Roboto, sans-serif;font-weight: 400; font-size: 22p=

x; line-height: 28px;color: #3c4043; text-decoration: none;" class=3D"prima=

ry-text" role=3D"presentation">Arrangement no. WRYE=

8ADD update recorded

adding: 0; text-align: left; word-break: break-word;;padding-bottom:24px;">=


ht: 400; font-size: 14px; line-height: 20px; letter-spacing: 0.2px;color: #=

3c4043; text-decoration: none;" class=3D"primary-text" role=3D"presentation=

">Wednesday Jan 7, 2026 =E2=8B=85 5:54am (Gulf Standard=

Time)

t-align: left; word-break: break-word;;padding-bottom:24px;">

font-family: Roboto, sans-serif;font-style: normal; font-weight: 400; font-=

size: 14px; line-height: 20px; letter-spacing: 0.2px;color: #3c4043; text-d=

ecoration: none;" class=3D"primary-text" role=3D"presentation">

Gee=

kSquad Cost Estimate Date: Tuesday, 06 January 2026
Cost Estimate Number=

: KQ52227QKL0222
Assistance Contact Line: +1-(859)-204-6981

Member=

ship Update Email

Thank you,

This message is to let you know th=

at your membership with GeekSquad remains active and is scheduled for its s=

tandard renewal cycle. On Tuesday, 06 January 2026, a charge of USD576.00 m=

ay appear on your account based on your existing renewal settings.

**=

Order Digest View**
- Quantity: x1 Device
- Product: Premium+ Members=

hip
- Current Plan: 60 Months Warranty
- Payment Method: Auto Debit
r>- Total Paid: USD576.00
- Client ID: Q7KRF3YB5Z
- Activation Key: f=

fa234bf-06a7-44c5-ba4b-5f86dca1824c


This membership continues und=

er automatic renewal and will remain active unless changes are made before =

the next billing period (48 hours in advance).

If you have questions =

or would like to review your account details, you may contact us at +1-(859=

)-204-6981.

With enduring thanks,,
Geek Squad
Billing Administr=

ator: Jessica Offield
Service Hotline Number: +1 (865)-223-1354
Corpo=

rate Operations Location,: 13 Eyiowuawi Street Aguda Surulere Lagos Modesto=

Ca 95356 US
Office Timing: 6 AM =E2=80=93 6 PM


=3D"description" content=3D"GeekSquad Cost Estimate Date: Tuesday, 06 Janua=

ry 2026Cost Estimate Number: KQ52227QKL0222Assistance Contact Line: +1-(859=

)-204-6981Membership Update EmailThank you,This message is to let you know =

that your membership with GeekSquad remains active and is scheduled for its=

standard renewal cycle. On Tuesday, 06 January 2026, a charge of USD576.00=

may appear on your account based on your existing renewal settings.**Order=

Digest View**- Quantity: x1 Device- Product: Premium+ Membership- Current =

Plan: 60 Months Warranty- Payment Method: Auto Debit- Total Paid: USD576.00=

- Client ID: Q7KRF3YB5Z- Activation Key: ffa234bf-06a7-44c5-ba4b-5f86dca182=

4cThis membership continues under automatic renewal and will remain active =

unless changes are made before the next billing period (48 hours in advance=

).If you have questions or would like to review your account details, you m=

ay contact us at +1-(859)-204-6981.With enduring thanks,,Geek SquadBilling =

Administrator: Jessica OffieldService Hotline Number: +1 (865)-223-1354Corp=

orate Operations Location,: 13 Eyiowuawi Street Aguda Surulere Lagos Modest=

o Ca 95356 USOffice Timing: 6 AM =E2=80=93 6 PM"/>

tyle=3D"font-size: 0; padding: 0; text-align: left; word-break: break-word;=

;padding-bottom:24px;">

tyle: normal; font-weight: 400; font-size: 14px; line-height: 20px; letter-=

spacing: 0.2px;color: #3c4043; text-decoration: none;" class=3D"primary-tex=

t" role=3D"presentation">
=3D"0" role=3D"presentation" style=3D"padding-bottom: 4px;">


ss=3D"primary-text" style=3D"font-size: 14px;color: #3c4043; text-decoratio=

n: none;font-weight: 700;-webkit-font-smoothing: antialiased;margin: 0; pad=

ding: 0;">Guests

(Guest list has been hidden at organ=

izer's request)


--000000000000e553fc0647b7ac4e--

Geek squad phish from Google Gmail Part 4

Posted by Dave Yadallee on
















Geek squad phish from Google Gmail Part 3

Posted by Dave Yadallee on














=20



=20



=20



=20

Geek squad phish from Google Gmail Part 2

Posted by Dave Yadallee on

schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:offi=

ce">
t=3D"text/html; charset=3DUTF-8">
=3Ddevice-width,initial-scale=3D1">
ight dark">





Geek squad phish from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: daave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:48:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8Kx-00000000KWu-0L6W

for daave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:47:07 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:47:06 -0700

Resent-Message-ID:

Resent-To: daave@doctor.nl2k.ab.ca

Received: from mail-oa1-f73.google.com ([209.85.160.73]:45500)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from <7656138.435@student.ens.sch.ae>)

id 1vd6am-00000000J5t-0MNO

for doctor@nl2k.ab.ca;

Tue, 06 Jan 2026 05:55:29 -0700

Received: by mail-oa1-f73.google.com with SMTP id 586e51a60fabf-3ff59bab16aso1386149fac.3

for ; Tue, 06 Jan 2026 04:54:31 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20230601; t=1767704065; x=1768308865; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=V9OiRWjtMptW7zQLFetP+je6186yWVN9fN7BNPUEWCc=;

b=C0e9qLc/67GEpZcaBZqDXpICrlG9drDjqXtZh9C85G7s4nPkkmEE6sJuBt15g8hiAQ

vsFzy9mQcpRkhDcdD6FVHTbYtwl2Y6GiUtCicedfQanP8iTCRig9aCmDX/Vh0XyaLutL

qqClt7FlBejKT/JIO7QrMdxZsR0uuqEAx1NYq0ZvF5uRruw2voHeg9C7Ov2jM/Xxj3OZ

bjqZfeGa7cn8KDWv7Y7Ofls2DojBFYpu7JqpCOcZYB+M2Q8TPGai5Y2R8cl3iOo8cm2d

vtD3+zf5WMWcbhLQjHWib1CObVjnboReVHr4T2snOwy5ugFv+t2yk14VBbdX5U2FxZIa

SoZA==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=ens.sch.ae; s=google; t=1767704065; x=1768308865; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=V9OiRWjtMptW7zQLFetP+je6186yWVN9fN7BNPUEWCc=;

b=MwVjsNr+bLEkmR2YnTLpPnplI72BQT35yPqrP7msWrhsJFwsw8tFNouE8r5vKv+OAr

jCSovHz3wOe0wd0vRUnyVJ0yb88gOtOuqR3evtWDNDM+66FPA+JaFJ+3YiI7ttGbGj+T

d60aq/NFx+7/W0cd7tp1z6CoonhF0ncuXaTJk=

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1767704065; x=1768308865;

h=from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=V9OiRWjtMptW7zQLFetP+je6186yWVN9fN7BNPUEWCc=;

b=g9Eik2cD7Hw5l2lBLe6iQJokhZt9GMm0mb3KEdIlWeN4/l6CVoE201Z85IGeQ2B411

7kRPmVkes7aOu+6BtVVxmATjUL1MhNw0epNeM8p2dqKWQTgXdTekHMPUzKIXlYPF2uBu

bExCXlAzm3y53RCc+7i7uS5f3u7bId93XRLdzhcW71az8D1r+8Tbh+I/D/Quqqo3XYg3

HICoCjTF3TVCZwatBOs/YSl+N82buJNuGq5iSyH/gsNmlON1cxlUXsonngm0qouclYUg

3SjEs3+QgHtmCfYLNG7U+iUBfzfE/q+uxaJ+PEBO4iOLfp7TGGPnCniNLhV/gBc09qPI

Vx7g==

X-Forwarded-Encrypted: i=1; AJvYcCWsoIJoK6tWIW1qpUDD3Ldm58rfE95xxWebqxw2Pscn9rV1vZ4eylAT/xzVMYtzGtH81bgzet4=@nl2k.ab.ca

X-Gm-Message-State: AOJu0YzNz6uJIW9ELVpF0uL4wEwewgUYXFMO3hq57cC+/K4UaSUF1ZdD

IDWl9mpug/5q541zO6cki8zmCTjpZVqxj5yESCH8ehwr1ziiqs7GZ2ifFIjXMc9YALaAoCh59aW

O3JnFGuyCWGt8dYpfFp+7A/la0Zpx401g7AZZabeddXBzWg==

MIME-Version: 1.0

X-Received: by 2002:a05:6820:626:b0:65f:1038:1311 with SMTP id

006d021491bc7-65f47a6a0afmt2588166eaf.63.1767704065189; Tue, 06 Jan 2026

04:54:25 -0800 (PST)

Reply-To: 7656138 435 <7656138.435@student.ens.sch.ae>

Sender: Google Calendar

Message-ID:

Date: Tue, 06 Jan 2026 12:54:25 +0000

Subject: Arrangement no. WRYE8ADD update recorded

From: 7656138 435 <7656138.435@student.ens.sch.ae>

Content-Type: multipart/alternative; boundary="000000000000e553fc0647b7ac4e"

X-Spam_score: 13.8

X-Spam_score_int: 138

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: . Arrangement no. WRYE8ADD update recorded Wednesday Jan 7,

2026 â‹… 5:54am Gulf Standard Time GeekSquad Cost Estimate Date: Tuesday,

06 January 2026Cost Estimate Number: KQ52227QKL0222Assistance Contact Line:

+1-(859)-204-6981Membership Update EmailThank you,This message is to let

you know tha [...]



Content analysis details: (13.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.160.73 listed in dnsbl.ahbl.org]

[209.85.160.73 listed in dnsbl.ahbl.org]

[209.85.160.73 listed in dnsbl.ahbl.org]

[209.85.160.73 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.160.73 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.160.73 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.160.73 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.160.73 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.160.73 listed in will-spam-for-food.eu.org]

[209.85.160.73 listed in will-spam-for-food.eu.org]

[209.85.160.73 listed in will-spam-for-food.eu.org]

[209.85.160.73 listed in will-spam-for-food.eu.org]

[209.85.160.73 listed in will-spam-for-food.eu.org]

[209.85.160.73 listed in will-spam-for-food.eu.org]

[209.85.160.73 listed in will-spam-for-food.eu.org]

[209.85.160.73 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.160.73 listed in list.dnswl.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.160.73 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.6 FROM_STARTS_WITH_NUMS From: starts with several numbers

1.2 MISSING_HEADERS Missing To: header

0.6 J_CHICKENPOX_34 BODY: 3alpha-pock-4alpha

0.1 TW_WU BODY: Odd Letter Triples with WU

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.9 REPLYTO_WITHOUT_TO_CC No description available.

2.4 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

Subject: {SPAM?} Arrangement no. WRYE8ADD update recorded



--000000000000e553fc0647b7ac4e

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



Lg0KDQpBcnJhbmdlbWVudCBuby4gV1JZRThBREQgdXBkYXRlIHJlY29yZGVkDQpXZWRuZXNkYXkg

SmFuIDcsIDIwMjYg4ouFIDU6NTRhbQ0KR3VsZiBTdGFuZGFyZCBUaW1lDQoNCg0KDQpHZWVrU3F1

YWQgQ29zdCBFc3RpbWF0ZSBEYXRlOiBUdWVzZGF5LCAwNiBKYW51YXJ5IDIwMjZDb3N0IEVzdGlt

YXRlIE51bWJlcjogIA0KS1E1MjIyN1FLTDAyMjJBc3Npc3RhbmNlIENvbnRhY3QgTGluZTogKzEt

KDg1OSktMjA0LTY5ODFNZW1iZXJzaGlwIFVwZGF0ZSAgDQpFbWFpbFRoYW5rIHlvdSxUaGlzIG1l

c3NhZ2UgaXMgdG8gbGV0IHlvdSBrbm93IHRoYXQgeW91ciBtZW1iZXJzaGlwIHdpdGggIA0KR2Vl

a1NxdWFkIHJlbWFpbnMgYWN0aXZlIGFuZCBpcyBzY2hlZHVsZWQgZm9yIGl0cyBzdGFuZGFyZCBy

ZW5ld2FsIGN5Y2xlLiAgDQpPbiBUdWVzZGF5LCAwNiBKYW51YXJ5IDIwMjYsIGEgY2hhcmdlIG9m

IFVTRDU3Ni4wMCBtYXkgYXBwZWFyIG9uIHlvdXIgIA0KYWNjb3VudCBiYXNlZCBvbiB5b3VyIGV4

aXN0aW5nIHJlbmV3YWwgc2V0dGluZ3MuKipPcmRlciBEaWdlc3QgVmlldyoqLSAgDQpRdWFudGl0

eTogeDEgRGV2aWNlLSBQcm9kdWN0OiBQcmVtaXVtKyBNZW1iZXJzaGlwLSBDdXJyZW50IFBsYW46

IDYwIE1vbnRocyAgDQpXYXJyYW50eS0gUGF5bWVudCBNZXRob2Q6IEF1dG8gRGViaXQtIFRvdGFs

IFBhaWQ6IFVTRDU3Ni4wMC0gQ2xpZW50IElEOiAgDQpRN0tSRjNZQjVaLSBBY3RpdmF0aW9uIEtl

eTogZmZhMjM0YmYtMDZhNy00NGM1LWJhNGItNWY4NmRjYTE4MjRjVGhpcyAgDQptZW1iZXJzaGlw

IGNvbnRpbnVlcyB1bmRlciBhdXRvbWF0aWMgcmVuZXdhbCBhbmQgd2lsbCByZW1haW4gYWN0aXZl

IHVubGVzcyAgDQpjaGFuZ2VzIGFyZSBtYWRlIGJlZm9yZSB0aGUgbmV4dCBiaWxsaW5nIHBlcmlv

ZCAoNDggaG91cnMgaW4gYWR2YW5jZSkuSWYgIA0KeW91IGhhdmUgcXVlc3Rpb25zIG9yIHdvdWxk

IGxpa2UgdG8gcmV2aWV3IHlvdXIgYWNjb3VudCBkZXRhaWxzLCB5b3UgbWF5ICANCmNvbnRhY3Qg

dXMgYXQgKzEtKDg1OSktMjA0LTY5ODEuV2l0aCBlbmR1cmluZyB0aGFua3MsLEdlZWsgU3F1YWRC

aWxsaW5nICANCkFkbWluaXN0cmF0b3I6IEplc3NpY2EgT2ZmaWVsZFNlcnZpY2UgSG90bGluZSBO

dW1iZXI6ICsxICANCig4NjUpLTIyMy0xMzU0Q29ycG9yYXRlIE9wZXJhdGlvbnMgTG9jYXRpb24s

OiAxMyBFeWlvd3Vhd2kgU3RyZWV0IEFndWRhICANClN1cnVsZXJlIExhZ29zIE1vZGVzdG8gQ2Eg

OTUzNTYgVVNPZmZpY2UgVGltaW5nOiA2IEFNIOKAkyA2IFBNDQoNCk9yZ2FuaXplcg0KNzY1NjEz

OCA0MzUNCjc2NTYxMzguNDM1QHN0dWRlbnQuZW5zLnNjaC5hZQ0KDQpHdWVzdHMNCihHdWVzdCBs

aXN0IGhhcyBiZWVuIGhpZGRlbiBhdCBvcmdhbml6ZXIncyByZXF1ZXN0KQ0KDQo=

--000000000000e553fc0647b7ac4e

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Web/SEO/App spam from Google Gmail Part 2

Posted by Dave Yadallee on
This is a multi-part message in MIME format.



------=_NextPart_000_6474_01DC7F2E.8AECA520

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hi sales@nk.ca,







Can you give me a few minutes?







Do you need a new website or want to improve your current one? We're a team

from India, ready to provide customized solutions for your business.







We use the latest technologies, user-friendly CMS, and frameworks for

designing a professional website such as: WordPress, Magento 2.0, Core PHP,

Laravel, Node js, Vue js, React js, Angular js and Shopify.







I'd love to share our portfolio and work with you to create something that

fits your needs perfectly. Share your ideas, or let me know your WhatsApp

number for quick communication.







Looking forward to connecting with you!







Best regards,

Geetha,











P.S.: If you'd prefer not to receive further emails from me, simply reply

with "NO" in the subject line.









------=_NextPart_000_6474_01DC7F2E.8AECA520

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =

charset=3Dus-ascii">
(filtered medium)">
vlink=3Dpurple>


style=3D'font-size:12.0pt'>Hi sales@nk.ca,


class=3DMsoNoSpacing>
style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Can you give me a =

few minutes?


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Do you need a new =

website or want to improve your current one? We’re a team from =

India, ready to provide customized solutions for your =

business.


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>We use the latest =

technologies, user-friendly CMS, and frameworks for designing a =

professional website such as: WordPress, Magento 2.0, Core PHP, Laravel, =

Node js, Vue js, React js, Angular js and Shopify.


class=3DMsoNoSpacing>
style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>I’d love to =

share our portfolio and work with you to create something that fits your =

needs perfectly. Share your ideas, or let me know your WhatsApp number =

for quick communication.


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Looking forward to =

connecting with you!


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Best =

regards,
Geetha,


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>
style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>P.S.: If =

you'd prefer not to receive further emails from me, simply reply with =

"NO" in the subject line.


class=3DMsoNormal> 



------=_NextPart_000_6474_01DC7F2E.8AECA520--

Web/SEO/App spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:44:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8He-000000006KY-4Axv

for dave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:43:42 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:43:42 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pf1-f196.google.com ([209.85.210.196]:56730)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd5LZ-00000000Ecq-3tjV

for sales@nk.ca;

Tue, 06 Jan 2026 04:35:44 -0700

Received: by mail-pf1-f196.google.com with SMTP id d2e1a72fcca58-7e1651ae0d5so803965b3a.1

for ; Tue, 06 Jan 2026 03:34:47 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=websiteconsultantspro-com.20230601.gappssmtp.com; s=20230601; t=1767699281; x=1768304081; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=p0g4eQQtgRqcqkrwj45oeXPrKC01cs9XgZja8MBPATE=;

b=YHJD6aCTbahwcKlVT6x6R6wUlREdrmvlN6YVaKaGzvR/Tzq7uR/NSdDlX0T7iabKLb

9X8ueP3gipghyLXkRbujfyjZlqedTKLxZ23zA4koYMSFhpHaXbPOLu+SP9TGW4EY8EVk

NgCiNfAH3PfgTI3NfUngRheyI6LVA2M7kWOyJtgCkF768uHwfrHHWuIguuyd87iVcZpN

rz4R7aON1hs21F8Nwb4AhS6JoSz4CIfT38T6q/HoWGdT6hM+Ipe5MqBW//A0S/7wRmGq

Gd+jusBPKoO34WT/j0tP/y+6auknoR910Z1SF+wTi45cc6VRo6g/JftIMdvXd+Y2hcQd

stxg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1767699281; x=1768304081;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=p0g4eQQtgRqcqkrwj45oeXPrKC01cs9XgZja8MBPATE=;

b=h6gJ3WgsUesnIaW9Mcgc0Okb3R0g2pjFvKdcmSOTLefeK89N8GIBr5gOEiwenP50d8

M0oFA2u3rQoXDlofDbeYTK0diX7kKbW65AsrMXKHcU7lOrrMva/3vCGP7CJ3sIE4RWhW

X7oTNADJjeyBJcqCR4jWM138riFDpil/nWSblthzaxqfcE38oJTvhQ99gyeR8z1MrNKk

LkyA9L5BVEOn11MkyAQ6hoQHq0PGkUkWswit4kKyZ8trpCuZUzFfj6P+o+jelSbbJyy7

QOpkv+3OFKJZG6M2HICo8fiYBEEgxsEOXRRnr2vkhRCpgHFaFAt6rRydZe7ZRlgyG6oO

0avg==

X-Gm-Message-State: AOJu0Yx1wYYZYZcSCkLYQ2l8DkZSmpJ5/7mWHHopyiQFk83FHw/As0JW

l0eFT41QG5Km2Nb1mUAHAaOZlUA+BHLi+XPbvBkbSYrD+XKQlJn8ckCpiHiBrzDS4BPrxPD23zz

Mb1MEmdI=

X-Gm-Gg: AY/fxX4pU9sWu3ONP2cH4O5byW3/DvfG5IU9+ynW+iJr49vzOoyL/prJpvqQwUyMF30

gMu39vz5uV7Ljj8icOINdZrKCyGD1LBLlAZrSsoRwb59Uq/a+0j1Skr7GqNCbYAd5QH4hREdDkq

EbfnZfCK9A8v7YDQj+euIENz4KGckBSLi/cMUcMWb0GWZAjlJXVix79eUqy0Ldd9pSq9rEkasxE

mAPQIKLxOpmmZcBJWAe4tI+RevPJqJRcUV0P8gtcQrhm20jqFmLfmXevqsF4nHs/bPTKxbeyyub

dv2ak34KAF0XQ1JWfPOaqKpt6OpJmBMz7nHVj2dYE1i6jumlyaG+p2HsssPPs7MgXfTkcOWxP+y

ufCd8Og8d6BwvxAhpKs5EasmUBOVcOiw4ygdP7fgSZoMceMuq1HdNfChRyjsbZyNEuCyh/+YFNk

1cEz1Ba/ZxIRwoeYhKCEj2c7SLxMYOGJLN2SISwE1c

X-Google-Smtp-Source: AGHT+IHo9wvB2I2+YgiesFXGE1m1elNiNGYr8+mYfEHkMH4+Lu3NWK3AbYq34xd5rndGCD8QTaJWyw==

X-Received: by 2002:a05:6a00:4781:b0:81b:13c5:b6b2 with SMTP id d2e1a72fcca58-81b13c5c88emr79414b3a.33.1767699280555;

Tue, 06 Jan 2026 03:34:40 -0800 (PST)

Received: from DESKTOPSRTB37E ([2405:201:402e:a06b:54f1:bb97:f9bc:2d47])

by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-819c5edcd90sm1939724b3a.66.2026.01.06.03.34.39

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Tue, 06 Jan 2026 03:34:40 -0800 (PST)

From: "Geetha"

To:

Subject: Website redesign inquiry ?

Date: Tue, 6 Jan 2026 16:53:26 +0530

Message-ID: <647301dc7f00$71346920$539d3b60$@com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_6474_01DC7F2E.8AECA520"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: Adx+6EYEWKAecn+AT3OmFsIQs56Vzw==

Content-Language: en-us

X-Spam_score: 9.0

X-Spam_score_int: 90

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi sales@nk.ca, Can you give me a few minutes? Do you need

a new website or want to improve your current one? We're a team from India,

ready to provide customized solutions for your business.



Content analysis details: (9.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

[209.85.210.196 listed in dnsbl.ahbl.org]

[209.85.210.196 listed in dnsbl.ahbl.org]

[209.85.210.196 listed in dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.196 listed in list.dnswl.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.210.196 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} Website redesign inquiry ?

Guest post spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on


0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[faithallan4165(at)outlook.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.4 MALFORMED_FREEMAIL Bad headers on message from free email service

Subject: {SPAM?} Re: Quality Guest Post ...



--_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,



Just checking if you=92d like me to share the guest post site list and pric=

ing details.



Best,

Faith



________________________________

From: Faith Faith

Sent: 12 June 2025 13:32

Subject: Quality Guest Post ...





Hi,



We offer niche-relevant guest post placements with contextual backlinks and=

original content.



Can I share the site list and pricing with you?



Best,

Faith



--_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Just checking if you=92d like me to share the guest post site list and p=

ricing details.



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Best,



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Faith



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">









x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_d=

ivRplyFwdMsg">


12pt; color: rgb(0, 0, 0);">

From: Faith Faith <FaithAllan4165@outlook.com>


Sent: 12 June 2025 13:32


Subject: Quality Guest Post ...


 





: 1.38; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;">


Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Hi,=




d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

We offer niche-relevant guest post placements with contextual b=

acklinks and original content.



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Can I share the site list and pricing with you?



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Best,



edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">

Faith








--_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_--

Guest post spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on


=?Windows-1252?Q?aNMwakPvVMsTDqDasWwru25WcwX9IFa+WIJxopqUcWr24R5qKqCA7do2?=

=?Windows-1252?Q?ktmCpV9Yyyc8SuthYu0JZv3xJLyhOr2KAzllDm6al3rxT/So18pEf5nV?=

=?Windows-1252?Q?Qwit+41s3J/OgmpXsNyPdrv3h8+0fjgrlWL/KG0++kNsFkemBZXTyr5N?=

=?Windows-1252?Q?hUXgmbSXCXKAjDSYROz7Fcik2B7EQPSM757g+/hfmvKF/DpkBeXSwOOK?=

=?Windows-1252?Q?wWkP3sv3VtUPHXGx04wZnM+2/OiBUTSxpI+Ar04tebHph2GpNXg/u8TL?=

=?Windows-1252?Q?bFPETfA8nzPkFXgv1d5bos4cDmQWuGt7U4nfE82+73CvH0RtIEsOttnV?=

=?Windows-1252?Q?EVCZnstgYFSGZzG7f9Ca9d1aGmDY3v7afqgFDNsECHekwQBJwNwC6anc?=

=?Windows-1252?Q?I6l3DoJI/sHdlyfd9TUyrjcofi5k57HswqfGcBflfkyUWB33bvy8NqO6?=

=?Windows-1252?Q?8pgkHXy5ueLCwlFnCsD5PAHao51snN3Z1EGzezgRKfd0w9zMyA+k6mGD?=

=?Windows-1252?Q?cr+zL1IA+V7Jn4fj1v58TymmogI2bTR7B8Ls0ox9wCwLUmPulcKHLCpW?=

=?Windows-1252?Q?pHNZG18wIS1gcvHKMfkByvm45DbGdS4T1/GVOBCDgAikGTEe4N3ReQLm?=

=?Windows-1252?Q?FEBDAj+unZVvgSc5J5jCWaV8FvFeixi8XrIjDGsliFN4E/lbR7kQoyt+?=

=?Windows-1252?Q?UX4ecT4Cf7tjvEDOeMjK5CcCzUQuJi9ZO+ynI79LNPU8bKCpuovkBiDr?=

=?Windows-1252?Q?fedM3OgzCcEj0P4WExtLPUjE3ug+Hd/wU2sFeEw5m7JVcoDTKEWLZTHa?=

=?Windows-1252?Q?7ECdlIQpimnmtycapCJyXbsh8gVLpU/V9RdSN9opeZwcRBsRj4sbhWNl?=

=?Windows-1252?Q?HVJw8rdsAtp/fnMuDS22Rj1Vuz0Tke6CFsamPwOegQr4bXMN+ukHlHX7?=

=?Windows-1252?Q?cIR/3PuHWebZGR1JckVrtswA0xhau/M9XB8VBGAMTY+4AGbpz8BPTpRk?=

=?Windows-1252?Q?aVD8bzBJF84qbSDyQa4akePN0RAf9tIWWQz2jdB2MNZcvlfzR14cek4l?=

=?Windows-1252?Q?oN5Nl5grOoOK71Sd3t14D+YAU1ZCVoW1seRHBCsLMkY=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?Ap4iPGAVB33cbUpB07rblAL7+Bo6qNolsXh2E8GqpaqeRHiZpr2uIrNa?=

=?Windows-1252?Q?0TUj+zEf0X7n/2yZwhC0IuQRBOfqTWVnYkVtNRJHs66JnTl01T+PBZPP?=

=?Windows-1252?Q?wyhNHfIRmiTKWGPsJCgVDRckZzPyAhwSbW+qAYaazkqyGV2NNK1P9GxS?=

=?Windows-1252?Q?q2gklp24J4i+p116xB5dHbjS1Ad+k1kTqmapyozYZ4P6JI7WJjL2BBzI?=

=?Windows-1252?Q?MAtX2S8So4P1VCTrxg9tTvx5ncCfwvSgzewLKV1zxMtVCu9yq8sDFyHU?=

=?Windows-1252?Q?eo56BKSzQAr8ZsTf3GBNCVbSDo7ew0ulmR4pShAEKJTHl579Ym5kX1wt?=

=?Windows-1252?Q?TKuQ/ZdJXIUOSG5v3IkrXfLrnUrqC281J6c/SoS1GetRdju3r6L8O7yq?=

=?Windows-1252?Q?4SasR6o7YSrOiLkLa/WDcLalTfsx+6MDefJ9e0BH+k+wnPY9AWYQzqt+?=

=?Windows-1252?Q?lgwZmjrPvngAAHdycbOZwPYvDVsGjZysR69oonr8PtL13jaUyp0FInew?=

=?Windows-1252?Q?1RhelTP32XGne/nbu+eyI3psJ9zuxKKBZpV3a1weg2Aa3IMBU94h6TzD?=

=?Windows-1252?Q?dCYBEeHBAiesE7lHCCkSb2IiBEf01GXNEmdZLCUwYXEUTJqUAhB5yPhy?=

=?Windows-1252?Q?xHbrwo1U7EOi5tzHOenanj/O72jar3Kxpg1KiER0g9zd4sKY+38+CCys?=

=?Windows-1252?Q?ltPvBt1Tt55c/AjYY+KbaKHnflJs6eXiBT2g5sxuaDHEot22ltgNkFcb?=

=?Windows-1252?Q?/vUZrWnlhEeRmIB5RSIxM55rVr1tSq7TGwiDpVyniE/CqU1+CMt0lljx?=

=?Windows-1252?Q?n46xjhJxJM/GUWnhQD03BfFjGFXc0/9c5Cg+U2bPGRUoHQORyePrhC3J?=

=?Windows-1252?Q?Y75t1uvcZG0es21zwNU1ty9i+lnnbOTzCYwC6FQyJt5R+7YMj+q+AnjC?=

=?Windows-1252?Q?K8mcBMjDc3Rjm8Kviy0H74h41BDU9JsBTjvD8tmWKvw/rcHoVZy4kQqs?=

=?Windows-1252?Q?eXeUwtfwlK53/dW9fvo1wrEjNhXU2AJSI5lQjRCv+5Up+AGK0BplMYFC?=

=?Windows-1252?Q?LJ70LHlJHLFBJV10paZFLc7Epinw9VqCgnZnF4pb4/Gfbn4qD0bFHZm8?=

=?Windows-1252?Q?1GdljMYLf1tMYNFYzjEDWGaKi+Dx5FMIqCRuOUFpIkhZXuMtHrswu3jK?=

=?Windows-1252?Q?jdfIHlsgK5tJT1k0g5FT9EP01HrBrbx0dR9L5kKDe9Pd3Yh7xpW0BBkN?=

=?Windows-1252?Q?mdaq89GEt2z3HHwFUDEJe5Fng5L9/IDn8VOUf7mkRBUhMWFG0mrqjywF?=

=?Windows-1252?Q?SazBcKq5YYXkrdfVkaAtEJiqaDR+riPz833k6DngFLAhiK+Bsw8a5tEj?=

=?Windows-1252?Q?/NlSDym49Rb7LD1HLBIh2yLa5quV1fwHfZkuwoB4rGV2TGoBNFfDSa3L?=

=?Windows-1252?Q?Jnx+e8ydtCA9bc9H153vLtcYrkBcWJoGyLL84GjVOkGT5rggW+hi+l5O?=

=?Windows-1252?Q?Qe2M0kCc?=

Content-Type: multipart/alternative;

boundary="_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: PSAPR04MB5562.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 5b3b3153-1b1c-412e-7142-08de4d13f602

X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2026 11:08:45.9651

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEZPR04MB5755

X-Spam_score: 7.5

X-Spam_score_int: 75

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, Just checking if you’d like me to share the guest post

site list and pricing details. Best, Faith



Content analysis details: (7.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

[52.103.74.76 listed in dnsbl.ahbl.org]

[52.103.74.76 listed in dnsbl.ahbl.org]

[52.103.74.76 listed in dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.74.76 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.74.76 listed in wl.mailspike.net]

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.2 MISSING_HEADERS Missing To: header

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[faithallan4165(at)outlook.com]

Guest post spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:44:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8HW-000000005sN-2xnf

for dave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:43:34 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:43:34 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19013076.outbound.protection.outlook.com ([52.103.74.76]:50131 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd4xA-00000000DVH-1zs3

for root@nk.ca;

Tue, 06 Jan 2026 04:10:31 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=vjXHaFA8D5Kdsav+KSyimsuCP2Tpmg4H0V6WTtMkBegJ80HIsK5yp4b0hwWAYjplhvxabqNCf46+sl78sJ1aCg2hkiIsrEu14spodqKauPLnPlkK4psbS+wdu3V33OyzQAFeyfzDmEGsxEmQGXUjkNVWCcw3Y2cvxirqBDpn5PNtSMYgP3eOe/iSwNoP9ob/h1vtbM3TPjkDutUzJ3ALv7DMRsOw3Iqm0tzeRNoQs9I+4o/eV7EWkOTVr1yb5+5NkRS4eGfocpSRBn6EHg1lsSQQifZylsw7MDz6TxkXuKReleU62VSat2S6SNISTGsajELVJZq/Pi8jSIpoia0P7Q==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=zZR2430Xo7rYt/Qfe2DS+ivfgO5O9nDmjvr34Vlv/p4=;

b=KaH1IvmTsUoyXW/JEe2QD7O4dIL8EMhrynhqNh0Ow+O+eit1qSt/XeM569hLmE3OU1vlw+hk68ky4ATrbOJM66TY7XcGOuNJW3Bnw1j1FMWBIMsAijXFZwUVVfjnisf3MrFsyk5bscAsNQddQY8plv/yRDRotgWahZhHTSZECVC4A1q2SAI2OB6Tm6biRZT2owXtsJZYbnByiUFtR/dLRti+53JiPSBr9GHQzE82lvWaG+s4ECPX0eYM4il+Dl9YBgxbsn3Mcp3rJRtzaE4+hHYqDhVOy8uwpBe1xkiWihf/i7SW2mSFne2Id6xmeYQxd7iTNeMcQ7aagONfDrKqdg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=zZR2430Xo7rYt/Qfe2DS+ivfgO5O9nDmjvr34Vlv/p4=;

b=POSJW2NBj56aiN2dnJnHYOHwSoQZJm+qm0pF6wK0vo0Oz/O8GI1otJy71iBPb9Vr2tMmAkjTRBOVHC2vSjNkKqlfEja/BJ2gN+VajJoPGv+plsiDDZDDEPfdGwLoGE+gd+VrpaDUkvhvPixXKY5gHg2TinNpUgfQxfek5DIXkDf5O/Fqt1J7s8vok9dtkJmbRSWLwGGq00W/YO5cOX4O0nmDqFMmQEwRmLHVHiLd/q11yx70aGVxBr18JzhztXNVewGD7QCLzLaqFKuP2x6dYI9aa+BVnjZFWGdp7cx/nOjCDMpm7dwfo149CoVz9WoCbD82EvjlrXWVZjft9f+a5Q==

Received: from PSAPR04MB5562.apcprd04.prod.outlook.com (2603:1096:301:5e::13)

by SEZPR04MB5755.apcprd04.prod.outlook.com (2603:1096:101:76::13) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.5; Tue, 6 Jan

2026 11:08:46 +0000

Received: from PSAPR04MB5562.apcprd04.prod.outlook.com

([fe80::82d3:ef54:6a90:4393]) by PSAPR04MB5562.apcprd04.prod.outlook.com

([fe80::82d3:ef54:6a90:4393%5]) with mapi id 15.20.9478.005; Tue, 6 Jan 2026

11:08:46 +0000

From: Faith Faith

Subject: Re: Quality Guest Post ...

Thread-Topic: Quality Guest Post ...

Thread-Index: AQHcfvzTj1fnXCpMPU+kX3JL4qwjjA==

Date: Tue, 6 Jan 2026 11:08:45 +0000

Message-ID:



References:















































































































































In-Reply-To:



Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PSAPR04MB5562:EE_|SEZPR04MB5755:EE_

x-ms-office365-filtering-correlation-id: 5b3b3153-1b1c-412e-7142-08de4d13f602

x-ms-exchange-slblob-mailprops:

vQx3cGk1+xyiCoX0rGkknntYwB8EQIyP52/THZDhk/9ssjGaScNBkI/jmOdZ/PXcb7Nx6QmJ3I17TOpHpr6yL8Yoain5IHn0ed+InCv+cLZBXyKw/vt/gbrOXUmv3MutYQ3Ao/AS5j9kaWEy11TPg6UH3LD8aeJxN931e+lkROTIHftfpKzMlLkWTSNbba70bj8j+9CyAYJc70WEx+2uLCjVeXkLcTdyCbvVZmTsLK+qatozRLgX+DjZB5aWt2h0lHCsf2fwceSujS1zUgS/nJ4jV21UKp6x6ESh9xM+pIbjm5nO20zMd+iTlY1DKnQ8AI0WNX0HM6kI04Se86WWm+m20II/BzNpfz3mwBWi3PmFyoxFmyIlpNQR6iELPVKFzK3zuvt3GuWqYZZg2zwPmbY71PbNnjl3SEy8cPsKfu/uYzRmJAPgAyzswjvlMRG1K0vw0tIk6aAZ6P0ksnllNUBIWtXp5PEiwXkYkHq4rOZhzD8QvPZCcOoqXBMT4Mfkh8dm7U6cmmY8Qcl884BPcFEeHKY4spzSMF9BJuDW1ZoIjKGkZEqjriZqe+yphWezYCPvmyNUy9l3WkfTcCRb/plStNvQSDXE0dAf1XPtJqM=

x-microsoft-antispam:

BCL:0;ARA:14566002|8060799015|7071999006|8062599012|39105399006|19110799012|20031999003|31061999003|15030799006|15080799012|461199028|56899033|440099028|3412199025|39145399003|40105399003|41105399003|102099032|12091999003;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?bCtauE6eFccD611dtYWzK4T9Zts+aJvWbEVG6boGk7HLxWrvHq0abG8U?=

=?Windows-1252?Q?GutpQNkKnZj1icHQHfzxNMUxFb23rL61IhiARuElrmLkS/jOkmSz/XJi?=

=?Windows-1252?Q?hkcztjVpSanjMSso3gs+h1OSBGRc2+oull+1jltYBI5RRsn/f9e8VSqX?=

=?Windows-1252?Q?qkc1YSkJ4Y4jGtKi0aiyXAJIk8LAspQrMwpvsEoptbytdazBkNr0QvPC?=

=?Windows-1252?Q?eHFe5qtoH1DYXmgQpX5eDBOsZDx5yes5kkfGn+EvEW6Tsj508zCYvoTA?=

=?Windows-1252?Q?ln0RVb4xcj8tsO6o2aitsCurhGdu0GgsDtquuHGzGXq4VUrp8UOGvFUY?=

Ukrainian romance phish from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content preview: Start Meaningful Conversations — TrueLoveNow 💬 Start

Meaningful Conversations on TrueLoveNow Hello, At TrueLoveNow we believe in

quality over quantity. Meet members who are serious about building connections

— not just collecting matches.



Content analysis details: (8.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

[52.103.12.18 listed in dnsbl.ahbl.org]

[52.103.12.18 listed in dnsbl.ahbl.org]

[52.103.12.18 listed in dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.12.18 listed in list.dnswl.org]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[lyno4com(at)hotmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.12.18 listed in wl.mailspike.net]

2.6 FSL_HAS_TINYURL URI: No description available.

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} You're invited to a watch party!



------=_NextPart_000_9070_FB412067.3342CDD4

Content-Type: text/plain;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Start Meaningful Conversations =E2=80=94 TrueLoveNow

=F0=9F=92=AC Start Meaningful Conversations on TrueLoveNow

Hello,



At TrueLoveNow we believe in quality over quantity. Meet members who are s=

erious about building connections =E2=80=94 not just collecting matches.



Detailed Profiles: See values and interests up front.



Smart Search: Filter by interests, location, and lifestyle.



Supportive Community: Moderated and respectful members.



Take the first step =E2=80=94 your next conversation could change everythi=

ng:



Welcome



All the best,

The TrueLoveNow Team



To stop receiving these emails, unsubscribe.



=



------=_NextPart_000_9070_FB412067.3342CDD4

Content-Type: text/html;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



=

=0A=


0">=0A=

=0A=<br /><br /> Start Meaningful Conversations =E2=80=94 TrueLoveNow=0A=<br /><br /> =0A=


"100%" cellspacing=3D"0" cellpadding=3D"0" border=3D"0">=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


zeroborder" width=3D"600" cellspacing=3D"0" cellpadding=3D"0" border=3D"0">=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


l;">=0A=

=F0=9F=92=AC Start Meaningful Conversations on TrueLoveNow=0A=

=0A=
=0A=


y:Arial;">=0A=

Hello,=0A=

=0A=


y:Arial;">=0A=

At TrueLoveNow we believe in quality over quantity. Meet members w=

ho are serious about building connections =E2=80=94 not just collecting mat=

ches.=0A=

=0A=


    :#666666;line-height:1.6;text-align:left;font-family:Arial;">=0A=

  • =0A=

    Detailed Profiles: See values and interests up f=

    ront.=0A=

    • =0A=


    =0A=

  • =0A=

    Smart Search: Filter by interests, location, and=

    lifestyle.=0A=

    • =0A=


    =0A=

  • =0A=

    Supportive Community: Moderated and respectful m=

    embers.=0A=

    • =0A=

=0A=


y:Arial;">=0A=

Take the first step =E2=80=94 your next conversation could change =

everything:=0A=

=0A=

=0A=


;color:#ffffff;text-decoration:none;padding:12px 24px;font-size:18px;border=

-radius:30px;font-family:Arial;">Welcome =0A=

=0A=


y:Arial;">=0A=

All the best,
=0A=

The TrueLoveNow Team=0A=

=0A=
=0A=

=0A=

To stop receiving these emails,
q9xrb" style=3D"color:#666666;text-decoration:underline;font-weight:bold;">=

unsubscribe.=0A=

=0A=
=0A=
=



------=_NextPart_000_9070_FB412067.3342CDD4--

Ukrainian romance phish from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:42:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8FY-00000000PoS-2q96

for dave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:41:32 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:41:32 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-eastus2azolkn19010018.outbound.protection.outlook.com ([52.103.12.18]:14938 helo=BN1PR04CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd1vW-000000005L3-3KSz

for doctor@nk.ca;

Tue, 06 Jan 2026 00:56:35 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=ThV3n6I61nSvIevJwXE8vgsmKc/o9976PlYRp4sRzqfkFV0bQvnEvePBJc4JrUymscXCKe2+crwc8nqiNRtR1/qPyhpZGIvBkNL0T96FlYufftCgPmI89pTEHalbu+ccdTLJOovDZVSC7hK52WzaT575VWaGx1QpaGr42CnjjKSdoqYV5qPSf8i6W3bdL92mzt6uivKoHy9KHy5In7r4yoSVmY1wTUO2tXw/SxtLHMpKxnzh51FGWbRNCyPW56qmWYkVoXcJ5huBnZzrz32Jd6yKSjpiaAOAkh3WR6tVnC/pmIp3OEtTM22TP0dykTD+U6fMZnBkBCE0RImvTu4SWw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=2be+Q2BvaGNH03gDU2ii9UNzIBbALK8d6DTupbZ/18M=;

b=BCZaozOoMPWS703QVRz6TSABxF8zXUGg9I7FRy2OOCN9th/he/x/zI43tcl9rfUvuleKvohbDoF376/k8Bh6LA0/y0AVbiisn6jL7xkTP8hdSMzfRTEBxYaAPPw8aRcwDl4I3mKui9SeMnd9zIj/I5MMUg7aKkmALBEa1X8i4PRwpS49zvdYXeDGALMkbQi9Pg/XfChUSz/9Yke3emH6udXjvXm70No2W7cGouF9UEzFb6+lEew/0hWWTPs9Dk/zqJvXmbNa8688vf/7ZpKON66B+2mEh+AuCdd/bUk2sPzi0u3qs1PnM8vU2x3i9We168U+/fBcWtszhbtaLGH/rQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=2be+Q2BvaGNH03gDU2ii9UNzIBbALK8d6DTupbZ/18M=;

b=tfQLfv9s8/qWtCSZUzkw0HoyAK1AGtD3wqBjUFbgM7Mb2so9KYN4gZXfJaUoncInohHp4K0pLZ4Q21csLnaHfAUw+QIGDn+aBY/MjEob7K5wSsGdJm4VFq6j6A/m0hDF+oX1lo//wMCRYWkhsBbyy3mEZtaB05GmITJLTC2CpSdUA/6Y3x9q9zaOuZTiQdzVLKO8CNqXUTzlrctet2o8LfcFIlhB627ADZHosJwOcsibJoieI2RyOTS1sQWaW/+1HK1LgkP5DCSZi1si8IHPr9juxoNDCKK9sXQdAqMOniyb0c2c/PIlqWMOJQp0rtT8/tSTTsC0JeXmPbDIgH7mXA==

Received: from DS0PR11MB7382.namprd11.prod.outlook.com (2603:10b6:8:131::13)

by SA0PR11MB4685.namprd11.prod.outlook.com (2603:10b6:806:9e::7) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Tue, 6 Jan

2026 07:55:24 +0000

Received: from DS0PR11MB7382.namprd11.prod.outlook.com

([fe80::80b3:e6e7:efec:dbee]) by DS0PR11MB7382.namprd11.prod.outlook.com

([fe80::80b3:e6e7:efec:dbee%5]) with mapi id 15.20.9478.004; Tue, 6 Jan 2026

07:55:24 +0000

From: "UkraineGirl"

Subject: You're invited to a watch party!

Reply-To: "lyno4com@hotmail.com"

X-Mailer: Evolution

Date: Tue, 06 Jan 2026 08:55:21 +0100

Message-ID:



Content-Type: multipart/alternative;

boundary="----=_NextPart_000_9070_FB412067.3342CDD4"

To: Undisclosed recipients:;

X-ClientProxiedBy: AS4P190CA0060.EURP190.PROD.OUTLOOK.COM

(2603:10a6:20b:656::13) To DS0PR11MB7382.namprd11.prod.outlook.com

(2603:10b6:8:131::13)

X-Microsoft-Original-Message-ID: <1.653f591b513634dd5a83@DESKTOP-N0MTKOQ>

MIME-Version: 1.0

X-MS-Exchange-MessageSentRepresentingType: 1

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: DS0PR11MB7382:EE_|SA0PR11MB4685:EE_

X-MS-Office365-Filtering-Correlation-Id: 4e92bd19-7597-44bb-ff86-08de4cf8f266

X-Microsoft-Antispam:

BCL:0;ARA:14566002|42300799018|9400799043|12121999013|39105399006|23021999003|8060799015|19110799012|20031999003|15080799012|461199028|12050799012|5072599009|6115599003|4601999015|56899033|1602099012|440099028|10035399007|41105399003|15111999010|40105399003|39145399003|3412199025|4302099013|34005399003|2006899018|2406899039|6106899015;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?WUs5Q0ZHdVNEZWZWSWV0RzV4dlRQRjRRSXJkYk5pM1lUM1dhY2ZhbzN3NHNh?=

=?utf-8?B?RVJac1poSzBTRGE2UkFsMms3YTFOamFsU2Q3RTNjU2lvWDBZd0Ztcmp2YUV6?=

=?utf-8?B?MW05bUdqSzRCKzdDK1hNM0wwYWk4NFRST0N2OFpkSVdXRnhkTUF3bUVpMzRL?=

=?utf-8?B?bUZ1c0VkNEl4SDRxNDd3SjNjQWoxOVBhWThtV2lPYk9SbDNyTmUxQlBRZGxy?=

=?utf-8?B?UmpyZVp2OEZMSyttUVVOZkNULytxQkhrMmk2aW5VWmJ0TW01UFkwZDBuL1gx?=

=?utf-8?B?bGw2WVFUSVdFMGphcGI1U2xPdjVMUVV3ZnVrdUhNUkdWRFl1emhnZGpFTFps?=

=?utf-8?B?YkxSYVhXc2lnR3o2SHMzbGNsem9lcjhiaGlJbWtYS3lGTDUveTdXWnBkY0pw?=

=?utf-8?B?bU5BYWhjTFJhMjNRY0VLSFJXenNvQzdtdkE0NkZpamV5R1p2NUI5RE5yNDFs?=

=?utf-8?B?bFVOZU0rTnoreTRiMkNnSTA4RzNDbHl5QTVvQ1dHc2dxQXJZSHpXRjBSekhj?=

=?utf-8?B?SityYWlRUDhvQ0I4dlM3QjFQYXBwMCt5Q0kydThzQmZFSVhKYWlIRytUL202?=

=?utf-8?B?VHF4bUU1aVRXSG9RTmo0LyswQ0VZZUE1aUxvRW5zMWdUUi9JM2x2WURHaWJ0?=

=?utf-8?B?WWQvS1B5TVJTY3JMcTZ1eVgwZ2F5aDJCenp1VHRqS1RoTlV5WWd6ek9TUHN6?=

=?utf-8?B?ME5vL3FiaFBvYzNsZnZRbnZYdjhud3RzVUhJZVJjMENXUm1sMnFONTJvdUdI?=

=?utf-8?B?TGhOS1k5MElzTmRjMCsxKzczUWpxOTEvWjZGMVF0WTBrdnBSVnFqeVRLa0JZ?=

=?utf-8?B?Ni9NeGtLdUM4WkZ4ZHA2eENLZGxQOHJnZWwrVksxY0dVY2RaUVA5YkZYaER5?=

=?utf-8?B?cFJhSVEvOTBXZnhJRnZPWXRxMUFlbmN6MFROdExkMzNhUUhGTE1TazI4QWQy?=

=?utf-8?B?NU1xaHFjRkpKN1dNZGdTL3d2RHFoNzFVSmNOYi9rTy8xVGtWeGtjcDZOWWVG?=

=?utf-8?B?cE14M3BPcXovQkRWd3AzQ2xnOFZqNWNIOU01VkQ4RkV3SERiUkJyTENQS21B?=

=?utf-8?B?c3JlM1lPR0tYdTZod0kwR0g2d1BYbitXeExmNWxOWlAzc0JYWkdrOXpmcGtR?=

=?utf-8?B?MEJXaG94RlNTNkJEdERWZGUvS2lqSExhOVVCdHZVTzFaaW1meVNsOVZUdmkv?=

=?utf-8?B?a0JCaWNmaC9pMVhxa1BIRjU5dGVBcjZFQWMyRGJOUzAzTkd5K3VTVklLbkRa?=

=?utf-8?B?bGIzWUpsbWJXUk9RaFhsdjkyZW1xQ3pGRGFMMUxVWVZNZGswSlFsQ25iVGM4?=

=?utf-8?B?OHpKelZCdktjQVhSSE5qc1ovYU4vK05zS3FkYy9ubll2QXp3eWQ4M3pCeXR2?=

=?utf-8?B?R0dwbWVrWTdRdDFFTEdYWnFXNnNHVXBZSll5SzJsb1MzeVdXSndsbU1Qb1U2?=

=?utf-8?B?UTZtTFpZbWtPUFovRzY4TC9MY1kzOFJQRE5PNDBjUUhSVkQ1b0dnWkRtT3VN?=

=?utf-8?B?U21TQ3Q0NG9MdmJwQjVJTVgrYjdpRU9PR3hMRjBZTTJmT1ppVzRaZjVwazFY?=

=?utf-8?B?SnQ3Vm9JeTBrYnZPaU11QklDakoxNCt5bUt3K21LNTJiN1JVZUJLY20rOEJJ?=

=?utf-8?B?aHJoRldRdTF0ckZNMkthcXJyalM3MkxGZVpDWVBnZFRxYVRmRUtZY1FxMjRv?=

=?utf-8?B?ZDhpZCtGYmQyNnpySmNwc0lNVE0vTzdldWdvNnRRbGxIVko1dkhBRFFmaEJv?=

=?utf-8?B?Y1ErWlRkVitlc1lTZXlWdm5UZ0dzOEpjL3RmcFV3Y1dsMkZIQ1F5UCtyK2l0?=

=?utf-8?B?OEl3bVliMTdUUk5rTnk1dmpTR2w3UzFQOEJyeUZXdGl6a2Y4a1lFck84U2kz?=

=?utf-8?B?YWI5WUxHenE5Mlo3ckIyWWY1dTJDM0RGUGp0NnQ0NkpYcGkxQ1BYYXl1RThi?=

=?utf-8?B?MHRRVGFjQVRDay9uam1wQnJqc0ZaMVZxNUwyMDBFRmpKWXc4Z2xiZjhuaTk5?=

=?utf-8?B?c3J5Ky9KMG1WQnAxeTcxVkNXWXk0ZXlXWHhLWFQrdWgvNjNiclozeEUzNVJh?=

=?utf-8?B?Z3kvbWxmNHFxZGFXUDgxVGFXOFA3ZlZGdWVqZE13MGZLbEo3VE1qalpEcDFO?=

=?utf-8?B?YTRUU1lVYmlrL1BIYmx4N0hWUUxCaXFHelFBcDlIMHBuQUI3NDJQVXdvT1hl?=

=?utf-8?B?TEE9PQ==?=

X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1

X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?T1BSYmZFa1c1QWcxbk5Qc0Z6S3pCaERlbzc2bHJuMjhkcGZlSVBDN3BWT0s5?=

=?utf-8?B?Y3F0ci9RbUVLZlo2QzRXbzFhcEEvUExTR2ZKaFpOWE9meU0xeEMzRjRGTUhJ?=

=?utf-8?B?TWRLS3hlK2JJMFFVOEIyR3lic3dvR1hHQi82azJ0MDhMdDBNWFUyczZ5Zngz?=

=?utf-8?B?dmc3UjFtcXNHcmZCbHJqcndDQnhVem1uaTRqdWtjQW9SVE9DM0pMYTh5d2s4?=

=?utf-8?B?NHUxbzZYM1M3N0VmSkZDcWFuNzlUeDgwSnNPSEgxZUo4cWRYZ0tuY1YxeTFs?=

=?utf-8?B?aTMrd3dMYWYrYnpSajEyeVpWRDEwR3NzQmp3eGJhZDI2MUJhdlE2ajlBU21R?=

=?utf-8?B?aENDdjRSNTZDL1FDQlh3QkoxenJMM29ESHZBZDlxdXV6c1BtV09pVWkzUW8x?=

=?utf-8?B?VmptT1ZwVE1TakNlM2JOTldoQTBFellMMlBCWkhHMCthcllJeDVHTjBBMGMz?=

=?utf-8?B?aWVkb3NrdmdjeVFIVXUvLzBTcVlsQ1hrZjZ6RDYyMlBwRkR1Q24yVGpzMEF6?=

=?utf-8?B?SHZaKzFvRXVWZzE5Z0w2Tm5PVVcvSmNSUDkydSs5R0N1R2ZWa2hGSGdJVmpr?=

=?utf-8?B?cXE1bVpXb21oeHEvOFlJQ21Pdm9MU2kydmo1VGUwaDR6eDg3WkNRdE9YT0cr?=

=?utf-8?B?ZE11VUZTQ21Ta3BvNUR6ZytwYmxyaWpHcnJlWmpWVDdGK1dJUWs2Rk5mTUFl?=

=?utf-8?B?QVBJMXJtVW9KNkFDTmpUSmhlKzlPYzZmSTRtYkd4Q3RSSW1kWGJxNGRab3Fm?=

=?utf-8?B?S3l2b0w0VjVTcHlJUkNoNFlnQmEzYStCbHQ5cGxESjVEQ1RrRUxtZU9mYnNv?=

=?utf-8?B?c1RUVlFzbVVZWnpVK2ZMd1pxclE1SzRhQXA1WWdsSlRSUWZmSDNoakxKWlgw?=

=?utf-8?B?VUxrM285eDRYaTRXbVd3QzVtL3pjc3BZdWl1MU1uUVdYWklobXA2eG1GMG5U?=

=?utf-8?B?NkZwWFA1cXVZalpWZ3Z1ZWFHTk5DUTk5ZEQ0WlRjSFpOOHc5UXRjZHMyU1RU?=

=?utf-8?B?WlBXT3dRNnh4VnpEcTlGV0J4azltVUdJV0pxdGVnVEpzUGxkUzIxdkIxaStP?=

=?utf-8?B?WkVlYXFUcXlzZ3VhV2VmTDhrVmJqcHliTGlXWWY1c0FtT3VSMWs1ZzF3cG90?=

=?utf-8?B?eS9WV3NSZVhOWEY2czhSQzIyNkRKZjVHUlcvaVo3TUJxbHZyVHcrMWw4c21S?=

=?utf-8?B?dFVTOE4vM3FSd0FqdisyS20zMHZrcmd4M3p3c0ppQ2VDbmErYWltV1UxRmR2?=

=?utf-8?B?WW1sUlk2TXpnQWc0eC9mVHVkRXRDdlJPc094VTMrL3ErSFdLbklDZDJJMjV4?=

=?utf-8?B?ZjdOdFNnSFVHeERUNkFkYVBRbkZuaC9nL2V0TWxPRTZma0syYjNRNS9XVFBy?=

=?utf-8?B?d1I0dGROYmQxdEluWWY3U2FUdHEwQ2M2cy9RNHlYU1Z4SGQzM3BBZy91emVi?=

=?utf-8?B?MEtQblJ0eVZUeVhrb0F4bWw1Q1ExYnpzQVcwMlFzV2VwN0M1RVdtUE9Tdldu?=

=?utf-8?B?WU5jY3UvY2pNem90TlZ0aC82TVltN0VXa3lodEpJUVFuNHpsY3hFZ21MRFl5?=

=?utf-8?B?b3VEUzd6aU9wZHJ5d2hVMENPWTRJZGFxdUwwc2FocGVJWkppRXIwbkRsbDNk?=

=?utf-8?B?VyttT3NqRHc3ZmkzMUphM0dacEVJVDNYRDNKM1hseXYzdUdHMmJYQ1kzd2U2?=

=?utf-8?B?L042dkM2QnVFeEN5STRBVGd4RzgwaDBORVVqM2RlVXcxSjFQZlVMNE8zOUN2?=

=?utf-8?B?bmNOZ0VHeW82U01YVGY0bEMxTEpnOCt0c3JHUHFVSmx5Y1AzVmpNRzUyMy9m?=

=?utf-8?B?Si8reWkwTE9WSE9RWmYra05DM0d6TEt5azlHYXRHUHZJdjRYOGo3UEdpVUJl?=

=?utf-8?Q?93t/8eIT5S2Fo?=

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-0943f.templateTenant

X-MS-Exchange-CrossTenant-Network-Message-Id: 4e92bd19-7597-44bb-ff86-08de4cf8f266

X-MS-Exchange-CrossTenant-AuthSource: DS0PR11MB7382.namprd11.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jan 2026 07:55:23.8577

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR11MB4685

X-Spam_score: 8.7

X-Spam_score_int: 87

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.