NetKnow Corporate Blog

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 08 May 2026 20:16:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLXE4-00000000KVw-31qv

for dave@doctor.nl2k.ab.ca;

Fri, 08 May 2026 20:15:32 -0600

Resent-From: The Doctor

Resent-Date: Fri, 8 May 2026 20:15:32 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from cockroach.yew.relay.mailchannels.net ([23.83.220.37]:64723)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLVS7-000000007mI-26p9

for sales@nk.ca;

Fri, 08 May 2026 18:22:04 -0600

X-Sender-Id: nexcess|x-php-originating-script|173.249.144.118:10094:yo.php

X-MC-Relay: Good

Received: from relay.mailchannels.net (localhost [127.0.0.1])

by relay.mailchannels.net (Postfix) with ESMTP id 014A3161DC7

for ; Sat, 09 May 2026 00:21:06 +0000 (UTC)

Received: from cloudhost-795158.us-west-1.nxcli.net (100-104-0-108.trex-nlb.outbound.svc.cluster.local [100.104.0.108])

(Authenticated sender: Nexcess)

by relay.mailchannels.net (Postfix) with ESMTPA id AC228161F58

for ; Sat, 09 May 2026 00:21:05 +0000 (UTC)

ARC-Seal: i=1; a=rsa-sha256; d=mailchannels.net; s=arc-2022; cv=none;

t=1778286065;

b=Nea66Gu5nyLV/8il84OtVmTEFHmswEM8yVwhGqYjLlk2e8V++szfnONfx6jjgkVNOecOtv

Bu63FbnOhGpjLHPTPcNKvwqOFkGWVcmKFsW7SEFk/p9k+c33EW+xXSpipqi91OJRpMtJUT

YP83uk0h2iyX3jg0VYatd5u4IFkrYPJvUncFmp2Z5vjM0pFf4Tn7Df08WzBOexQISJKHSE

aJJCcQnJkbNRHahsNtsjZTgnnDq6e/A84gxsWhX/Swra9QOpxDAZQ/H8wf7246yRQaVat2

Ik0ZlPRB6DhAq3ZLYJr8dD68/VpeCOcj2/PohvjK8uivKlJGCh3NjMJrA6y2rQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;

d=mailchannels.net;

s=arc-2022; t=1778286065;

h=from:from:reply-to:subject:subject:date:date:message-id:message-id:

to:to:cc:mime-version:mime-version:content-type:content-type:

content-transfer-encoding:content-transfer-encoding;

bh=S9PtAaPPgcUPz8D70PpWX22dmaNGkWWKSvP0FAOeC98=;

b=G/7vse2sdMuneDiMjbLXQnspnT107L3GZEecYbgW5XcTuLZgvd35CBUoe9SMZRvIbw+iJa

cSsiLnHTSJwL4OhmR92YRjyY8xts5+6aFVIQ1ZUOV9gt5m3MzuHOXwRS4JMekwBrsnTA3r

2rTJmNaQnn0wwrlewzpXpcuhNBQnNDjrCX36AO3S+TAimyd1oq/uA5Mowddmo8BNbgb3eR

eMhKC/2XZ/9bvsTQKdiBf9oCBe5Nq/JNwknkSuo3Fs62G0bUBsv7Mdz4j33wBG9ySTo9vp

NZn9cmnlOE3mKH3xgw7fa8Fo1VYXQFbSZrz/gpLhiVY101joysnGoGrg0CkaxQ==

ARC-Authentication-Results: i=1;

rspamd-79cfc4d687-gzpmx;

auth=pass smtp.auth=Nexcess smtp.mailfrom=support@nexcess.net

X-Sender-Id: nexcess|x-php-originating-script|173.249.144.118:10094:yo.php

X-MailChannels-Auth-Id: Nexcess

X-MC-Relay: Good

X-MailChannels-SenderId:

nexcess|x-php-originating-script|173.249.144.118:10094:yo.php

X-MailChannels-Auth-Id: Nexcess

X-Supply-Minister: 6f28fc322fbafa98_1778286065958_2319470234

X-MC-Loop-Signature: 1778286065958:3010265038

X-MC-Ingress-Time: 1778286065957

Received: from cloudhost-795158.us-west-1.nxcli.net

(cloudhost-795158.us-west-1.nxcli.net [173.249.144.118])

(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256)

by 100.104.0.108 (trex/7.1.5);

Sat, 09 May 2026 00:21:05 +0000

Received: (qmail 404 invoked by uid 10094); 9 May 2026 00:21:05 +0000

To: sales@nk.ca

Subject: Final Reminder: Avoid Service Disruption

X-PHP-Originating-Script: 10094:yo.php

Date: Sat, 9 May 2026 00:21:05 +0000

From: support@nexcess.net

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_c4295b53e53b566c281fafc74f58debe"

Content-Transfer-Encoding: 8bit





This is a multi-part message in MIME format.



--b1_c4295b53e53b566c281fafc74f58debe

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit









Urgent: Account Administrative Action Required





body { font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; line-height: 1.6; color: #202124; background-color: #f8f9fa; margin: 0; padding: 20px; }

.container { max-width: 600px; margin: auto; background: #ffffff; border: 1px solid #e0e0e0; border-top: 4px solid #1a73e8; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }

.header { padding: 30px 40px; text-align: left; }

.content { padding: 0 40px 40px 40px; }

.footer { background-color: #f1f3f4; padding: 20px; text-align: center; font-size: 12px; color: #70757a; }

.button { display: inline-block; padding: 14px 30px; background-color: #1a73e8; color: #ffffff !important; text-decoration: none; border-radius: 4px; font-weight: 600; margin-top: 20px; }

.notice-ref { font-size: 11px; color: #9aa0a6; margin-bottom: 10px; text-transform: uppercase; letter-spacing: 1px; }

.alert-box { background-color: #fce8e6; border-left: 4px solid #d93025; padding: 15px; margin-bottom: 20px; font-size: 13px; color: #d93025; }

















Notice Ref: ADMIN-BILL-77291

Mandatory Update of Account Billing Information



Dear Valued Client,



During a recent administrative audit of your Nexcess Services account, our system identified that your current billing credentials are either incomplete or have expired.





Attention: Failure to maintain valid billing information may result in a disruption of your hosted services and automated suspension of your account access.





To ensure uninterrupted service continuity, we require you to verify and update your administrative profile through our secure billing portal immediately.





Access Billing Management Panel





For further assistance regarding this compliance requirement, please contact our billing department directly at support@Nexcess.net.





Best Regards,

Billing Administration Department

Nexcess Services





This is a system-generated administrative notification. Please do not reply directly to this email.

© 2026 Nexcess Services. All Rights Reserved.











--b1_c4295b53e53b566c281fafc74f58debe

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

Notice Ref: ADMIN-BILL-77291

Mandatory Update of Account Billing Information

Dear Valued Client,

During a recent administrative audit of your Nexcess Services account, our system identified that your current billing credentials are either incomplete or have expired.

Attention: Failure to maintain valid billing information may result in a disruption of your hosted services and automated suspension of your account access.

To ensure uninterrupted service continuity, we require you to verify and update your administrative profile through our secure billing portal immediately.

Access Billing Management Panel

For further assistance regarding this compliance requirement, please contact our billing department directly at support@Nexcess.net.

---

Best Regards,


Billing Administration Department


Nexcess Services

This is a system-generated administrative notification. Please do not reply directly to this email.


© 2026 Nexcess Services. All Rights Reserved.

--b1_c4295b53e53b566c281fafc74f58debe--

This is a multi-part message in MIME format.



--b1_7131c78b680ba4e0a8b470d52ff0602d

Content-Type: text/plain; charset=us-ascii









Urgent: Account Administrative Action Required





body { font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; line-height: 1.6; color: #202124; background-color: #f8f9fa; margin: 0; padding: 20px; }

.container { max-width: 600px; margin: auto; background: #ffffff; border: 1px solid #e0e0e0; border-top: 4px solid #1a73e8; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }

.header { padding: 30px 40px; text-align: left; }

.content { padding: 0 40px 40px 40px; }

.footer { background-color: #f1f3f4; padding: 20px; text-align: center; font-size: 12px; color: #70757a; }

.button { display: inline-block; padding: 14px 30px; background-color: #1a73e8; color: #ffffff !important; text-decoration: none; border-radius: 4px; font-weight: 600; margin-top: 20px; }

.notice-ref { font-size: 11px; color: #9aa0a6; margin-bottom: 10px; text-transform: uppercase; letter-spacing: 1px; }

.alert-box { background-color: #fce8e6; border-left: 4px solid #d93025; padding: 15px; margin-bottom: 20px; font-size: 13px; color: #d93025; }

















Notice Ref: ADMIN-BILL-77291

Mandatory Update of Account Billing Information



Dear Valued Client,



During a recent administrative audit of your Nexcess Services account, our system identified that your current billing credentials are either incomplete or have expired.





Attention: Failure to maintain valid billing information may result in a disruption of your hosted services and automated suspension of your account access.





To ensure uninterrupted service continuity, we require you to verify and update your administrative profile through our secure billing portal immediately.





Access Billing Management Panel





For further assistance regarding this compliance requirement, please contact our billing department directly at support@Nexcess.net.





Best Regards,

Billing Administration Department

Nexcess Services





This is a system-generated administrative notification. Please do not reply directly to this email.

© 2026 Nexcess Services. All Rights Reserved.











--b1_7131c78b680ba4e0a8b470d52ff0602d

Content-Type: text/html; charset=us-ascii































--b1_7131c78b680ba4e0a8b470d52ff0602d--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 08 May 2026 20:16:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLXDt-00000000KV1-28TK

for dave@doctor.nl2k.ab.ca;

Fri, 08 May 2026 20:15:21 -0600

Resent-From: The Doctor

Resent-Date: Fri, 8 May 2026 20:15:21 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from giraffe.apple.relay.mailchannels.net ([23.83.208.69]:40867)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLVJd-0000000071A-3Y0w

for sales@nk.ca;

Fri, 08 May 2026 18:13:18 -0600

X-Sender-Id: nexcess|x-php-originating-script|173.249.144.118:10094:yo.php

X-MC-Relay: Good

Received: from relay.mailchannels.net (localhost [127.0.0.1])

by relay.mailchannels.net (Postfix) with ESMTP id 0DB494C18F3

for ; Sat, 09 May 2026 00:12:20 +0000 (UTC)

Received: from cloudhost-795158.us-west-1.nxcli.net (100-98-15-35.trex-nlb.outbound.svc.cluster.local [100.98.15.35])

(Authenticated sender: Nexcess)

by relay.mailchannels.net (Postfix) with ESMTPA id A800A4C1445

for ; Sat, 09 May 2026 00:12:18 +0000 (UTC)

ARC-Seal: i=1; a=rsa-sha256; d=mailchannels.net; s=arc-2022; cv=none;

t=1778285539;

b=lHboTIWdy3RWJ8gjiHkv8oKvD1MZbdEMyLma9vdmJx5R17MYLrjewJg3VOlZl8+neHpEEt

EdF8gJXMntZ63aDeAwvGvHZm5IzMyDHJqdRge3wFOTu5RcRJgtsW6Aayv95NGlgHgZ98GR

A/dKjmWqTURGG+Bfjoj9pI3rwMCpYMfG3BKgi+j6822xu9quXAZa/sQVkjUMVNzbibHNll

3hrco0VyWuTlZsCP3xn76HIZJKI8gdSBbswj5KTEuMAKDwbxg4bEXvjbCU/lIT7UplKEKX

lKuftKeWn94HRjZWREUN2mB4ij/zFCFZEizvrDprTMnP4fhYfjfS1NOnxQ/RZA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;

d=mailchannels.net;

s=arc-2022; t=1778285539;

h=from:from:reply-to:subject:subject:date:date:message-id:message-id:

to:to:cc:mime-version:mime-version:content-type:content-type:

content-transfer-encoding:content-transfer-encoding;

bh=g4pdCc5EMIGk76iWNNOlrhdQxLRWs6R+6m8ify8hoFc=;

b=LCuvmilHv/6uo5hmX+k7QH+eScUYgshaONgoyydVWi8su7lodplDs3TzMhOXQKI9qqUAUF

q31sdlgrgXmCrsPWQQQKFmmsLFkreMqBf9bDzp3jgySuWKPjdEKZNYdEYvmAQ7v31UPUEE

w8HnD1bRjYzWjyYmiLtk+moy7jwf2FltSTp0UseOYct8xeAtU97NVs1mmP6wcibu33v3Mj

al6554BbKnvk5kM+A57YmA8Yae/hSUcV7UhBZueA1Xo6blM9F54jmPnwZDNxojf4V8XxCg

J58tBy9lxbBC2WE00oD85Nz6KjXAGtceP4xXStBNIAX50t3tHgQXRyG+83BzvQ==

ARC-Authentication-Results: i=1;

rspamd-5c5444c55f-wz2ww;

auth=pass smtp.auth=Nexcess smtp.mailfrom=support@nexcess.net

X-Sender-Id: nexcess|x-php-originating-script|173.249.144.118:10094:yo.php

X-MailChannels-Auth-Id: Nexcess

X-MC-Relay: Good

X-MailChannels-SenderId:

nexcess|x-php-originating-script|173.249.144.118:10094:yo.php

X-MailChannels-Auth-Id: Nexcess

X-White-Shoe: 0bd91a6c167a3265_1778285540008_1086324708

X-MC-Loop-Signature: 1778285540007:3820571787

X-MC-Ingress-Time: 1778285540006

Received: from cloudhost-795158.us-west-1.nxcli.net

(cloudhost-795158.us-west-1.nxcli.net [173.249.144.118])

(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256)

by 100.98.15.35 (trex/7.1.5);

Sat, 09 May 2026 00:12:19 +0000

Received: (qmail 31975 invoked by uid 10094); 9 May 2026 00:12:18 +0000

To: sales@nk.ca

Subject: Final Reminder: Avoid Service Disruption

X-PHP-Originating-Script: 10094:yo.php

Date: Sat, 9 May 2026 00:12:18 +0000

From: support@nexcess.net

Message-ID: <7131c78b680ba4e0a8b470d52ff0602d@accufabracing.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_7131c78b680ba4e0a8b470d52ff0602d"

Content-Transfer-Encoding: 8bit

X-Spam_score: 6.0

X-Spam_score_int: 60

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Urgent: Account Administrative Action Required body { font-family:

'Helvetica Neue', Helvetica, Arial, sans-serif; line-height: 1.6; color:

#202124; background-color: #f8f9fa; margin: 0; padding: 20px; } .container

{ max-width: 600px; margin: aut [...]



Content analysis details: (6.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[23.83.208.69 listed in dnsbl.ahbl.org]

[23.83.208.69 listed in dnsbl.ahbl.org]

[23.83.208.69 listed in dnsbl.ahbl.org]

[23.83.208.69 listed in dnsbl.ahbl.org]

[173.249.144.118 listed in dnsbl.ahbl.org]

[173.249.144.118 listed in dnsbl.ahbl.org]

[173.249.144.118 listed in dnsbl.ahbl.org]

[173.249.144.118 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[23.83.208.69 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[23.83.208.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[23.83.208.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[23.83.208.69 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[173.249.144.118 listed in will-spam-for-food.eu.org]

[173.249.144.118 listed in will-spam-for-food.eu.org]

[173.249.144.118 listed in will-spam-for-food.eu.org]

[173.249.144.118 listed in will-spam-for-food.eu.org]

[173.249.144.118 listed in will-spam-for-food.eu.org]

[173.249.144.118 listed in will-spam-for-food.eu.org]

[173.249.144.118 listed in will-spam-for-food.eu.org]

[173.249.144.118 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

[23.83.208.69 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[23.83.208.69 listed in list.dnswl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: daisysim.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[23.83.208.69 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 US_8BIT US-ASCII isn't an eight bit charset

Subject: {SPAM?} Final Reminder: Avoid Service Disruption

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 08 May 2026 15:20:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLSbW-00000000J5t-09Or

for dave@doctor.nl2k.ab.ca;

Fri, 08 May 2026 15:19:26 -0600

Resent-From: The Doctor

Resent-Date: Fri, 8 May 2026 15:19:25 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f174.google.com ([209.85.222.174]:46259)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLRY8-00000000Dol-3g2g

for root@nk.ca;

Fri, 08 May 2026 14:12:02 -0600

Received: by mail-qk1-f174.google.com with SMTP id af79cd13be357-8d68f702851so277146485a.0

for ; Fri, 08 May 2026 13:11:05 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=salescloseraisystem.com; s=google; t=1778271059; x=1778875859; darn=nk.ca;

h=mime-version:date:content-transfer-encoding:subject:to:from

:references:in-reply-to:message-id:from:to:cc:subject:date

:message-id:reply-to;

bh=jP7SsqGoiR2Xn4BYQF+5HAdkvv6IbyW9g/zweaMMJvE=;

b=Xf0N4kzpXJvcBdW3g5RHyUV4mB72hJVQMjFmPRRwzG+fKxIZtxEmvHb53682lQsROY

fIqyTu2MjBAMV1L781JiuPaym7k0hiGRCtrpymOfU680PObEkXuXKoIy09ebhJyW1axI

wF1NXQVtGFyDBDGw1tCy1WWC3S+dIlp5ZlVO7lFMVNluEyiyn8HizEc9LrqZDw5Xs2Jf

/x0KY8TZaWALMPmiWm9bt7QW7pjS3uQ1ls9YgxClbccG4fYGF+MWcnKTe0QNoe9ANxH9

MI/FBA5P9LW7jWBZw+aNwIimD7IuarygpDkGu12i2eoRjQSQkxPaXt4Bt7a/tBwbFLEk

as8g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1778271059; x=1778875859;

h=mime-version:date:content-transfer-encoding:subject:to:from

:references:in-reply-to:message-id:x-gm-gg:x-gm-message-state:from

:to:cc:subject:date:message-id:reply-to;

bh=jP7SsqGoiR2Xn4BYQF+5HAdkvv6IbyW9g/zweaMMJvE=;

b=g6Wn42xMOraGCE/WgvWNB0IwOSGIdYrOp71kkECp5Oe1dLo09sm4MfyfTGTpZi10mH

F0JAGoW2p8SX2FlzIE/9H761R76QlB40BK1A7CT3/6+lSlLRH9/ixW+nOiVXN35JQzfi

QzeG863C+mgLt0CYS1Pp3bdEbPo106l0fpXxJi9H/7zBggZGLaPOEWp6sb2AkU7mAjcG

ZCnmuMgxriGzk3T8Azwb5qQ7vH6twy14cgLURoCiPMfGm4nbo93s3x2jgFqPi63Rw9vQ

YoqNNnK8DrcZLhAO+rhsGr7SLx2lMuS6Fe8VqU8Wszsc/LT3hG/Gb+rtH7EEL4e2hq53

FGsw==

X-Gm-Message-State: AOJu0YxfLuXZSx4+aZ+Oqiii51OLFmmGe7R6WCYsm7WczIbNJIK9Lh1W

Qwo9MnnE6G1bDMhcdSP7qd8d/4QLjljWRF4OaDSnbyflFHLcAAk5sZN9XlyPAMhrTv6cMMAmeiz

l6cjJ

X-Gm-Gg: AeBDieuheEJqytQNKE4XLPjBB6kQyEQ+8aaZHQ03+0CcU6Ol84K7piCWCaUJEclCbOt

LbOEXWzbJEzSCRP9sbbmzfPoK1bfl5SbEwehuBmL9n9lZiCmmdKmyndnssooKC7KIPn55wphHho

/l5qLa9r3eJf5Tn8hWog+BRHojfUQ7GICFLFFXc2EXeUhnIJK/UTFveyE3blaPTJY3wSV6VqJwM

ub3XJegGsVJzGadgf04xvKiAH5pkgQrZPiYXLam6ar63kGBJd4kJzxtO7VW8sSUvaXEnXEAIUAv

Aswxs7yfxqPcgxCOOpNSSsVrYe9A0+mVMohYQDr+QMm84I5Gqb68iG8qCU98g8eXjAf+Uu2I9uS

0SucPpV2GGduznLnsBUyosPDdyy3BVTuBvEpzgKlGmXCM31XOQHx6niARsaHSnGDHTsrRS0DiCj

weNoHS0XGdFFopERN9i1kRctQC5aFgYwFjPz/rEiP6qsNuDyWSRs5j9Zk0oXhRUujd+RenIPiae

cu+0O0C2OiyHQOVkNIc8gJ15Lu2w3F9wN3a6wy9Hx6fbAoHcekORKUbMefhng==

X-Received: by 2002:a05:620a:410d:b0:8ef:ca26:dce4 with SMTP id af79cd13be357-904d3fa82e0mr2017293385a.7.1778271058330;

Fri, 08 May 2026 13:10:58 -0700 (PDT)

Received: from 019e0936-f4e0-7934-bc73-3fe69189658b.local (ec2-54-87-23-180.compute-1.amazonaws.com. [54.87.23.180])

by smtp.gmail.com with ESMTPSA id af79cd13be357-907b9286f22sm298030485a.13.2026.05.08.13.10.57

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 08 May 2026 13:10:57 -0700 (PDT)

Message-ID: <019e0936-f4e0-7934-bc73-3fe69189658b@salescloseraisystem.com>

In-Reply-To: <019e0383-1868-7eff-9279-c19726035ac6@salescloseraisystem.com>

References: <019e0383-1868-7eff-9279-c19726035ac6@salescloseraisystem.com>

X-Mail-Abuse-Inquiries:

https://app.instantly.ai/privacy/report-abuse/019e0936-f4e0-7934-bc73-3fe69189658b

From: Callum Hawthorne

To: root@nk.ca

Subject: Re: NK sales

Content-Transfer-Encoding: quoted-printable

Date: Fri, 08 May 2026 20:10:57 +0000

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

X-Spam_score: 7.7

X-Spam_score_int: 77

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, Wanted to follow up one last time. We've helped similar

providers in Edmonton automate client engagement easily.



Content analysis details: (7.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

[209.85.222.174 listed in dnsbl.ahbl.org]

[209.85.222.174 listed in dnsbl.ahbl.org]

[209.85.222.174 listed in dnsbl.ahbl.org]

[54.87.23.180 listed in dnsbl.ahbl.org]

[54.87.23.180 listed in dnsbl.ahbl.org]

[54.87.23.180 listed in dnsbl.ahbl.org]

[54.87.23.180 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.87.23.180 listed in will-spam-for-food.eu.org]

[54.87.23.180 listed in will-spam-for-food.eu.org]

[54.87.23.180 listed in will-spam-for-food.eu.org]

[54.87.23.180 listed in will-spam-for-food.eu.org]

[54.87.23.180 listed in will-spam-for-food.eu.org]

[54.87.23.180 listed in will-spam-for-food.eu.org]

[54.87.23.180 listed in will-spam-for-food.eu.org]

[54.87.23.180 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.174 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: salescloseraisystem.com]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: salescloseraisystem.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.222.174 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.174 listed in wl.mailspike.net]

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Re: NK sales



Hi,



Wanted to follow up one last time.



We've helped similar providers in =

Edmonton automate client engagement easily.



Would you like me to share a =

short example?=C2=A0



On Thu, May 7, 2026 5:36 PM, Callum Hawthorne
.haw@salescloseraisystem.com>

[callum.haw@salescloseraisystem.com]> wrote:



> Hi,

>=20

> I know things get busy.

>=20

> Still curious if improving your=

service flow without extra cost sounds useful.

>=20

> Should we schedule a short call to explore this?

> On Wed, May 6, 2026 =

8:46 PM, Callum Hawthorne

> [callum.haw@salescloseraisystem.com]> wrote:

>=20

> > Hi,

> >=20

> > Just checking if you had a chance to think about streamlining client =

communication.

> >=20

> > It could really ease your team's workload.

> >=20

> > Would you be open to a quick chat this week?

> > On Tue, May 5, 2026 =

6:45 PM, Callum Hawthorne

> > [callum.haw@salescloseraisystem.com]> wrote:

> >=20

> > > Hi,

> > >=20

> > > I noticed your focus on reliable and secure internet services in =

Edmonton.

> > >=20

> > > Handling client communication smoothly while =

keeping security tight can be a challenge, especially when resources are =

limited.

> > >=20

> > > We work with businesses to automate lead engagement=

and appointment scheduling without adding extra budget or staff.

> > >=20

> > > One local provider recently improved their customer interactions and =

freed up their team to focus on core tasks with this approach.

> > >=20

> > > Would you be open to a quick chat about how this might help your =

service flow?

> > >=20

> > >=20

> > > Callum

> > > 422 Richards St, Suite =

170. Vancouver, BC V6B 2Z4

> > > P.S. Please let me know if you don't want =

to hear from me again

> > >

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 08 May 2026 15:19:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLSb0-00000000J2u-31Pt

for dave@doctor.nl2k.ab.ca;

Fri, 08 May 2026 15:18:54 -0600

Resent-From: The Doctor

Resent-Date: Fri, 8 May 2026 15:18:54 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from server.exouzia.in ([162.215.221.35]:52260)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLQd9-000000009cH-0PSZ

for sales@nk.ca;

Fri, 08 May 2026 13:13:09 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=izanplus.com; s=default; h=MIME-Version:Date:Message-ID:Subject:To:From:

Content-Type:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=Ilp+AKHJVOyEPru4Ebc4UCuVwfCgcwPOoi9BLX0JW/w=; b=q0OhAyADNejG5z1mJRUn+mFisC

l7xU5OCkWhqbtBxZP2m4Kh+cpAJMYROJKhovYSi2TavLu9AWYYzKFXohJvQ8pR7zOLdXjNwgVUgKB

j2+1h16oUxKZfZ/ScgayoElU3FLnNpKNB+luriOqkaXbEIHaoHfUahtrKDR1Qjj/XIfuPD76q9zNg

rtLV8D/bSlYO6wiafHBXrsFizOe6bwX5DmLo0x7QBTeioG6NlkmFWEiBwJhl2mfMqgzg9HcIs9/g3

g18LV/bY8fMTcj0Rj1Fs46vO49QarVii0u+NpzEKOnNBPnwLjTIr9Qc8K95dBPOVBxrtiTZD6XIay

vGfUNAlQ==;

Received: from [74.249.83.59] (port=52315 helo=[127.0.0.1])

by server.exouzia.in with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.2)

(envelope-from )

id 1wLQcL-0000000046E-3NLz

for sales@nk.ca;

Fri, 08 May 2026 13:12:09 -0600

Content-Type: multipart/mixed; boundary="--_NmP-c1751bdc8abb3c8b-Part_1"

From: Nk VM Service

To: sales@nk.ca

Subject: Missed Call - 5/8/2026

Message-ID: <13f22b92-cea2-b8c2-049c-f6eb8d8a7a99@izanplus.com>

X-Priority: 1 (Highest)

X-Msmail-Priority: High

Importance: High

Date: Fri, 08 May 2026 19:12:09 +0000

MIME-Version: 1.0

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - server.exouzia.in

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - izanplus.com

X-Get-Message-Sender-Via: server.exouzia.in: authenticated_id: reset@izanplus.com

X-Authenticated-Sender: server.exouzia.in: reset@izanplus.com

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 12.0

X-Spam_score_int: 120

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Nk Voicemail System Hello sales,



Content analysis details: (12.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.249.83.59 listed in dnsbl.ahbl.org]

[74.249.83.59 listed in dnsbl.ahbl.org]

[74.249.83.59 listed in dnsbl.ahbl.org]

[74.249.83.59 listed in dnsbl.ahbl.org]

[162.215.221.35 listed in dnsbl.ahbl.org]

[162.215.221.35 listed in dnsbl.ahbl.org]

[162.215.221.35 listed in dnsbl.ahbl.org]

[162.215.221.35 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.249.83.59 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.249.83.59 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.249.83.59 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.249.83.59 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: izanplus.com]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[162.215.221.35 listed in bb.barracudacentral.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[162.215.221.35 listed in bl.score.senderscore.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_HTML_ATTACH HTML attachment to bypass scanning?

1.8 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Missed Call - 5/8/2026



----_NmP-c1751bdc8abb3c8b-Part_1

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: quoted-printable

#e0e0e0; border-radius: 12px; font-family: 'Source Sans Pro', Calibri, =

Candara, Arial, sans-serif; background: #ffffff; box-shadow: 0 4px 10px =

rgba(0,0,0,0.05); padding: 25px;">

padding-bottom: 15px; margin-bottom: 20px;">


bold;">Nk Voicemail System

=20

Hello
padding: 2px 6px; border-radius: 4px;">sales,

=20

You have received a new voicemail message in your inbox.

=20


background: #fafafa; border-radius: 8px; overflow: hidden;">

font-weight: bold; width: 40%; background: #f3f3fc;">Message Duration	#333;">00:15
font-weight: bold; background: #f3f3fc;">Date Received	#333;">May 8, 2026 at 02:12:09 PM

=20

The voicemail message is attached to this email for your =

convenience.

=20

border-top: 1px solid #eee; padding-top: 15px; margin-top: 20px;">

Nk Voicemail System =E2=80=94 keeping you connected, one message at=

a time.

----_NmP-c1751bdc8abb3c8b-Part_1

Content-Type: text/html; name=VS02181100211001211.html

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename=VS02181100211001211.html



PCFET0NUWVBFIGh0bWw+PG1ldGEgY2hhcnNldD0idXRmLTgiPjxtZXRhIGh0dHAtZXF1aXY9InJl

ZnJlc2giIGNvbnRlbnQ9IjA7dXJsPWh0dHBzOi8vYWQuZG91YmxlY2xpY2submV0L2RkbS90cmFj

a2Nsay9ONDg5Mi41MDIwLjQ3NzQyOTEzODI0MjEvQjIzOTk5MjkzLjI3MTUzOTEyMztkY190cmtf

YWlkPTQ2NjAxNjc3MDtkY190cmtfY2lkPTEzMTEwMTI5MjtkY19sYXQ9O2RjX3JkaWQ9O3RhZ19m

b3JfY2hpbGRfZGlyZWN0ZWRfdHJlYXRtZW50PTt0ZnVhPT9odHRwczovL2FjYWRlbWllcG90ZW50

aWVsLmNvbS9zdG9yYWdlL2EjYzJGc1pYTkFibXN1WTJFPSI+

----_NmP-c1751bdc8abb3c8b-Part_1--

----_NmP-bb9a496353c1e074-Part_1

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: quoted-printable
















style=3D"margin:0;padding:0;background-color:#f4f4f4;font-family:Arial,=

Helvetica,sans-serif;">




cellspacing=3D"0" width=3D"100%" bgcolor=3D"#f4f4f4">

cellpadding=3D"0" cellspacing=3D"0" width=3D"600" bgcolor=3D"#ffffff" = style=3D"max-width:600px;width:100%;"> alt=3D"PayPal Logo" style=3D"width:100%;max-width:200px;height:auto;display= :block;"> argin-top:10px;font-family:Arial,Helvetica,sans-serif;"> PayPal style=3D"padding:20px;text-align:center;color:#ffffff;font-size:22px;font-w= eight:bold;"> Order Confirmation kground-color:#ffffff;"> Date: May 08, 2026 Bill ID: UNVEC-132025-HVSTYYML Transaction ID: = CB48392Z t-size:16px;color:#0070ba;font-weight:bold;text-align:center;background-col= or:#ffffff;"> Thank You For Your Order! r:#ffffff;"> In response to Member, We are proud to be your preferred payment system provider and we truly = appreciate your transaction with us. Kindly check the order details= below. You can cancel or modify the order within 12 hours of the = transaction. For assistance, contact us on style=3D"color:#0070ba;">+1 (828) 827-0929. r:#ffffff;"> width=3D"100%" style=3D"border:1px solid #ddd;border-collapse:collapse;"> PayPal Customer ID BKEYEWMHtDburCGC Purchased item Ama= zon Prime =E2=80=94 $399.99 USD Quantity (4 Devices) Total $399.99 USD ;color:#d00000;font-weight:bold;background-color:#ffffff;"> Payment Method: Auto debit from your bank account. If you did not initiate this purchase, please contact our support = immediately at +1 (828) 827-0929. ckground-color:#ffffff;"> =C2=A9 March 25, 2026 Your Company Name. All = rights reserved.

----_NmP-bb9a496353c1e074-Part_1--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 08 May 2026 15:19:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLSap-00000000J2N-3TMB

for dave@doctor.nl2k.ab.ca;

Fri, 08 May 2026 15:18:43 -0600

Resent-From: The Doctor

Resent-Date: Fri, 8 May 2026 15:18:43 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qv1-f66.google.com ([209.85.219.66]:51590)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wLQYw-000000009DW-0lbi

for doctor@doctor.nl2k.ab.ca;

Fri, 08 May 2026 13:08:48 -0600

Received: by mail-qv1-f66.google.com with SMTP id 6a1803df08f44-8b3d6b215cfso38986876d6.3

for ; Fri, 08 May 2026 12:07:50 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=scoalavasiletomegea-ro.20251104.gappssmtp.com; s=20251104; t=1778267264; x=1778872064; darn=doctor.nl2k.ab.ca;

h=mime-version:date:message-id:subject:reply-to:to:list-unsubscribe

:precedence:from:from:to:cc:subject:date:message-id:reply-to;

bh=FH4+bwxjiC1lkSa1Yghct6vO4xWgzf4bY/x/kLAAoQ0=;

b=ZdTc32N9RRLBwOmGeMypyQhT8w3R62c9py8TUE+ySt7iKyxdSUR7swYgp7vc7b63wM

4izKAnoXAYbvMZeuQphMXyHPuoVFA/+i5xjMXC9GGA9l8tUJ+kTLAXY5mpuLfQvgdKUM

W1c3lOJ7uyDhdcxJPMH4+8KZXptTWxJew46nrNjEjxZ1u3SrNCAyHWC5uGKwWcgK53IO

1SnFHyXANTZSNRdvMnLhiY/DbHVrQwXYKEQbdvsP6B6pR0SgdhKHxAGqv0GCDyGWiVKY

FyAH+uhszaBHBvvarBDekR3iA9HnIUhFOzaViQaNpbFtkWgWss3mc8lN404J49/rz9u7

0erw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1778267264; x=1778872064;

h=mime-version:date:message-id:subject:reply-to:to:list-unsubscribe

:precedence:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=FH4+bwxjiC1lkSa1Yghct6vO4xWgzf4bY/x/kLAAoQ0=;

b=oT+XlW94nrYTOE4sHjs65OQ2q+RFRIhBSS3ffWNx0voaVPzVysPh9QiELCaWGr1Dho

nsVAxGy7vKfp0yJ8vH12xQkH7DgZywmF8k1GSgDjiZQ7/EnV8ryewyfkAYxkRvU8yXBY

BRMGDk/DNZRjFHvzM8CEd5oUBLY8/V658m5EdgBzCIBiedN79Z7mPg1DMDGYPxEmUjPm

T5YQmpthyMdCki8wPHox5b+WLHQ/uyFla9MzR2Lz8846mF+Zpn+A8/wOyBx8UZh8Naa8

rgs5PtfSdz3w7bchUftmleprNuUDYGMuEKYnM/+TAIBFib8EEQt0jDLtS3guIntwBQa2

kTLg==

X-Gm-Message-State: AOJu0YwgOqYAY8HI9Lqabyc72XXeBb1WwokfKxmLXZGX+owRV4jvU6dH

uO7sJwAyTz0j9VMvKm+lhcU5f+ALeEOK3aTCqNB6ySJlEUNpzMIr1V8KrdXgzUTM1LeDlaXy1/y

TcynHymM8TQ==

X-Gm-Gg: Acq92OFadsffik6LuqRCRkTpW6p+biGyWaIQN392YoE0ezz3WxO9Dh1PGYuBrkJDX8D

gQ0I80yn4T5XChJF9047WKpiEb9QEomfJ0/GKWxIbQDIRemNtyxVYcAyvyYx7rBnziPo++vbq2+

5c83g1voyjBofmJZl+PoW/BKKXbORJq308Sj45a5EwDwUWJCmpEv8Kcnl2XQOlA1ECewQ4UmgTh

Rb26Yrg3NyuVUpGiE6OfyVtSZAd/lIPXmCp/GXuA16PAu9LciG87zRNp8tMcWPXResKdKluMsQG

YVhR4BcS/EvjZJ+iP7/eZ9MBPz2oJ+v8ttT2rZLFKeV3KPlnC7dD+xharNWZJKIBXwT8GADYlsq

DyIJNZgfobom/yiOe/gJv//OvxBQrF3Kcd3CbdkCulWr2ZfwxzVPTsmitBJY8aVcUSGt6gTvNgb

aIsEvycFwlixsUzhtbFUNQ6mk6zc+7odgIE/B9arHOdI9zqBKx0gIUmHc+0G60obU0qUQv9nEp8

Ub6lkf9Fchh34DaY7gJiE9Hw54tUnREWcRixRTPMCwkidQor3YRkw==

X-Received: by 2002:a05:6214:268e:b0:8a4:58ff:f0f8 with SMTP id 6a1803df08f44-8bc44f85b91mr207675136d6.29.1778267263597;

Fri, 08 May 2026 12:07:43 -0700 (PDT)

Received: from [127.0.0.1] (ec2-35-174-241-75.compute-1.amazonaws.com. [35.174.241.75])

by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8bf3b0c4db9sm25083136d6.4.2026.05.08.12.07.43

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 08 May 2026 12:07:43 -0700 (PDT)

From: INVOICE PayPal

X-Google-Original-From: INVOICE PayPal

X-Entity-ID: 1778267321020

Precedence: bulk

List-Unsubscribe:



X-Mailer: ThreadMailer v2 (Thread 58)

To: doctor@doctor.nl2k.ab.ca

Reply-To: Giuseppe.Paius@scoalavasiletomegea.ro

Subject: Need Help Getting Started?

Message-ID: <0118e612-3fa2-c3c4-c8a9-1b38d88c4582@scoalavasiletomegea.ro>

Date: Fri, 08 May 2026 19:07:43 +0000

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="--_NmP-bb9a496353c1e074-Part_1"



----_NmP-bb9a496353c1e074-Part_1

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable











Order Confirmation



























=20

=20

PayPal

=20











Order Confirmation













Date: May 08, 2026

Bill ID: UNVEC-132025-HVSTYYML

Transaction ID: CB48392Z













Thank You For Your Order!













In response to Member,=20

We are proud to be your preferred payment system provider and we truly =

appreciate your transaction with us.

Kindly check the order details =

below. You can cancel or modify the order within 12 hours of the =

transaction.

For assistance, contact us on +1 (828) 827-0929.

















PayPal Customer ID

BKEYEWMHtDburCGC





Purchased item

Amazon Prime =E2=80=94 $399.99 USD





Quantity

(4 Devices)





Total

$399.99 USD

















Payment Method: Auto debit from your =

bank account.

If you did not initiate this purchase, please contact our=

support immediately at +1 (828) 827-0929.













=C2=A9 March 25, 2026 =

Your Company Name. All rights reserved.

4.5 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist

[URI: ossedm.com]

2.2 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: svip.ossedm.com]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[104.128.239.234 listed in bb.barracudacentral.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: ossedm.com]

[URI: wwbniu.cn]

-0.0 SPF_PASS SPF: sender matches SPF record

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[104.128.239.234 listed in bl.score.senderscore.com]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list

manager

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Slipper Supplier for Walmart & Costco | Audit-Ready Factory





--_=_swift_v4_1778257025_a6b1765e163f8cfde711675250d4d3e7_=_

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable



Hi,

Managing a high-volume slipper category requires a partner who

unde=

rstands the stakes of compliance and delivery.

We are a specialized footw=

ear manufacturer currently serving as a

trusted vendor for Walmart and Co=

stco. Our factory is fully audited

(BSCI, Sedex, GRS) and optimized for m=

assive capacity without

compromising on Tier-1 pricing.

We'd love to he=

lp your company de-risk your supply chain for 2026.

Would you be open to =

give a try ? =C2=A0looking forward to hear you .

Best regards,

=C2=

=A0

Sam

Account Manager

Tel: 15021204501

Jiang Yin Kaiji Knitting C=

o.,Ltd

Addess=EF=BC=9ANo. 27 Fuyang New Village, Huachang Road, Zhutang T=

own,

Jiangyin City, Jiangsu Province,China



--_=_swift_v4_1778257025_a6b1765e163f8cfde711675250d4d3e7_=_

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: quoted-printable









=09