Intercom phish from sendgrid

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 09 Apr 2026 11:22:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAt4n-000000003hF-3jeo

for dave@doctor.nl2k.ab.ca;

Thu, 09 Apr 2026 11:21:57 -0600

Resent-From: The Doctor

Resent-Date: Thu, 9 Apr 2026 11:21:57 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [159.183.224.105] (port=39010 helo=s.wfbtzhsw.outbound-mail.sendgrid.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAssF-000000002kU-3G8z

for root@nk.ca;

Thu, 09 Apr 2026 11:09:08 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rnxicca.com;

h=from:subject:date:mime-version:to:content-type:

content-transfer-encoding:cc:content-type:date:from:subject:to;

s=s1; t=1775754479; bh=SjrheF0qTe2xAhHs/dw4txUkWrxA6cp/X1rW9cfXIKI=;

b=P4XtGgrf6B5FOzuQY+xRl6sLm/6Tm1DG91Erfl1vJomlW+w4zzNvKIHfkvK/bzjjABIo

AoJ7CWTnBxHrmxU1E8bakanjSVK5p4N24iJgtDrRs9uiU7zLJZse7qB5fTb7SC0p8VAHBC

ssx2tYtJ+3Kejt8BL1yzwpE04UK9T9Hjixhh8wVjiElk8VEv8UlmVPnrP6A9Gu8m2N3lkd

f8KK/xN/A618FaeuJ3lsJfEOlRTklrRKt3VA9U+1xRlyKjWi+pr/1KjjaqqZxaweGjZhax

pfndLsc3KC1RNFY6b32iCxAHm21IXNO1x2SVkgz3LJzymlFVLg7530yhgcYrwV7A==

Received: by recvd-79b8648bc8-vx66k with SMTP id recvd-79b8648bc8-vx66k-1-69D7DCEF-C5

2026-04-09 17:07:59.658695377 +0000 UTC m=+850260.225931298

Received: from menuiserie-ardeco.com (unknown)

by geopod-ismtpd-17 (SG)

with ESMTP id I_oj8Bk3QHKfb5SrQ5z50w

for ;

Thu, 09 Apr 2026 17:07:59.596 +0000 (UTC)

Message-Id: <26d14ef340aade6becd362f8204817d7@rnxicca.com>

From: Intelcom Express

Subject: Action Required: Update Your Delivery Address

Date: Thu, 09 Apr 2026 17:07:59 +0000 (UTC)

X-Priority: 5

X-Mailer: zymdsorgufuveui 569.6227

Mime-Version: 1.0

X-SG-EID:

=?us-ascii?Q?u001=2EGM1ezKrRA2nnkzmYqQfR9eLy+bbNMnyvYZM2y5llpx0Ky45GfN+aRH+Bs?=

=?us-ascii?Q?QsbCruswe=2FYt+WS2wEAmM9Ijk544nZFTCuuQQ3g?=

=?us-ascii?Q?o=2FxsbS4eG6LvMqDJJXpf=2FqmgEDMtebjEAOebVNv?=

=?us-ascii?Q?a9aYgHmq5jHLeWkL2+EnaDJvTVQfV9djzE6dJQt?=

=?us-ascii?Q?eBfYTef=2FyIKjyEh5qvxVgDBf8RNMCvvLuUCRF1M?=

=?us-ascii?Q?xLffR2o=2FoTRF+9UgmhOMrA=3D?=

To: root@nk.ca

X-Entity-ID: u001.qH2fZMCyZKfMzlR7q72mOA==

Content-Type: text/html; charset=us-ascii

Content-Transfer-Encoding: base64

X-Spam_score: 31.6

X-Spam_score_int: 316

X-Spam_bar: +++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Delivery Exception Notice Dear Customer,



Content analysis details: (31.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: xfonyfg.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: intelcom.ca.xfonyfg.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[159.183.224.105 listed in wl.mailspike.net]

1.0 HK_RANDOM_FROM From username looks random

15 GR_DOMAIN_SENDGR1 Received contains spammer id (sendgr)

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 MIME_BASE64_TEXT RAW: Message text disguised using base64 encoding

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.0 XPRIO Has X-Priority header

3.0 VFY_ACCT_NORDNS Verify your account to a poorly-configured MTA -

probable phishing

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

Subject: {SPAM?} Action Required: Update Your Delivery Address



Delivery Exception Notice



Dear Customer,



We were unable to complete the delivery of your package because the address provided could not be fully verified.



To prevent any delays or the return of your shipment, please review and update your shipping details as soon as possible.



Current Status: Address details are incomplete or unclear

Action Needed: Please confirm your street address, unit number (if applicable), city, postal code, and phone number

Hold Window: 48 hours before the package may be returned to the sender



Review Delivery Details



For your security, please update your information only through the official portal of your account. If no updates are received within the hold window, we may be required to delay or return your shipment in accordance with carrier policies.



This is an automated notification from our delivery system. Please do not reply to this email.



Let me know if you need further adjustments!

Web/SEo/App spam from Google GMail Part 2

Posted by Dave Yadallee on
X-Gm-Features: AQROBzD-ruJZ-zklBd8j8KudrxKZAwqc_UnsoTjEzQDF6f29pDdUyc0rUAobziA

Message-ID:

Subject: $ Cleaning & Food Delivery Mobile Apps Development!!

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="00000000000066cb2c064f08ceef"

Bcc: jasminealex73@knitinfotech.co.in

X-Original-Sender: jasminealex372@gmail.com

X-Original-Authentication-Results: mx.google.com; dkim=pass

header.i=@gmail.com header.s=20251104 header.b=JgClyryD; arc=pass

(i=1); spf=pass (google.com: domain of jasminealex372@gmail.com

designates 209.85.220.41 as permitted sender) smtp.mailfrom=jasminealex372@gmail.com;

dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;

dara=neutral header.i=@knitinfotech.co.in

Precedence: list

Mailing-list: list jasminealex73@knitinfotech.co.in; contact jasminealex73+owners@knitinfotech.co.in

List-ID:

X-Spam-Checked-In-Group: jasminealex73@knitinfotech.co.in

X-Google-Group-Id: 1002268789410

List-Post: ,



List-Help: ,



List-Archive:

List-Subscribe: ,



List-Unsubscribe: ,



X-Spam_score: 5.8

X-Spam_score_int: 58

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello Sir/Ma’am, Good day! Are you interested in building

a website, mobile app, or custom software solution?



Content analysis details: (5.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.218.72 listed in dnsbl.ahbl.org]

[209.85.218.72 listed in dnsbl.ahbl.org]

[209.85.218.72 listed in dnsbl.ahbl.org]

[209.85.218.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

[209.85.218.72 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.218.72 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[jasminealex372(at)gmail.com]

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.218.72 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list

manager

Subject: {SPAM?} $ Cleaning & Food Delivery Mobile Apps Development!!



--00000000000066cb2c064f08ceef

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hello Sir/Ma=E2=80=99am,



Good day!



Are you interested in building a website, mobile app, or custom software

solution?



Apps included:



1.) Cleaning Apps

2.) Taxi/Cab Booking Apps

3.) Travel Apps

4.) Rental Apps

5.) Medical Apps

6.) GPS-based Apps

7.) Food Delivery Apps

8.) Restaurant/Hotels Apps

9.) Logistics Apps

10.) E-learning Apps

11.) Scheduling Apps

12.) Event management Apps

13.) Healthcare/Fitness Apps

14.) E-commerce Apps

15.) Real Estate Apps

16.) More Apps.



Kindly let us know your mobile app idea and the exact features you need.



Thank you!

Jasmine



--00000000000066cb2c064f08ceef

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hello Sir/Ma=E2=80=99am,

Good day!

Are you i=

nterested in building a website, mobile app, or custom software solution?
r>
Apps included:

1.) =C2=A0Cleaning Apps
2.) =C2=A0Taxi/Cab B=

ooking Apps
3.) =C2=A0Travel Apps
4.) =C2=A0Rental Apps
5.) =C2=A0=

Medical Apps
6.) =C2=A0GPS-based Apps
7.) =C2=A0Food Delivery Apps
>8.) =C2=A0Restaurant/Hotels Apps
9.) =C2=A0Logistics Apps
10.) =C2=

=A0E-learning Apps
11.) =C2=A0Scheduling Apps
12.) =C2=A0Event manage=

ment Apps
13.) =C2=A0Healthcare/Fitness Apps
14.) =C2=A0E-commerce Ap=

ps
15.) =C2=A0Real Estate Apps
16.) =C2=A0More Apps.

Kindly le=

t us know your mobile app idea and the exact features you need.

Than=

k you!

ily:verdana,sans-serif">Jasmine




--00000000000066cb2c064f08ceef--

Web/SEo/App spam from Google GMail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 09 Apr 2026 10:44:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAsTu-000000001CH-32Ps

for dave@doctor.nl2k.ab.ca;

Thu, 09 Apr 2026 10:43:50 -0600

Resent-From: The Doctor

Resent-Date: Thu, 9 Apr 2026 10:43:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f72.google.com ([209.85.218.72]:50647)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wArTz-00000000MkK-2kSW

for root@nk.ca;

Thu, 09 Apr 2026 09:40:02 -0600

Received: by mail-ej1-f72.google.com with SMTP id a640c23a62f3a-b9bfd3b1c92sf106212866b.1

for ; Thu, 09 Apr 2026 08:39:04 -0700 (PDT)

ARC-Seal: i=3; a=rsa-sha256; t=1775749138; cv=pass;

d=google.com; s=arc-20240605;

b=Nok98M1BBRV2SWuT8m3bbazISl9Brqa/jSFjByED4SM1WcFjLefxhhOLILyiyFOgrG

MOQ7J/8X7Gs1jRn/p1qKJvdtrgbhiInmRKtSMX1n4W5+Yticl6PCn4nCL8fIltHFh8ai

c01/q5yx6oGnq3NifJNJ7AndClWxW0ISsFgjEemw/RYM9m/w2YpPzBrfjlToMLQK0BN+

OO2l5YxajKoxMo6OTEyOSKhdRDgLgiPgd8Fl25GoSwZFdO/AoBOSi22ysLIjwxu4GWMP

KNHDcPuX1+qevy9bv9cKLswIbkuDjZ2VPNF6ObdOTQ3ZCYpQNaEYs9jkfweKcc1BN95O

SuOQ==

ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:list-id:mailing-list:precedence:to:subject:message-id:date:from

:mime-version:dkim-signature;

bh=GI10PwmvtvaqVfuw6XKm14t66R5baw21gI0kynfgtV8=;

fh=8CJWL3fodC0pNfbbZZDeEHKJLWxvsjw4gMPLSnosQh4=;

b=OKwxlsBFLKeLvVCaK/zseGPVxXFyfjvDYARi4q+BsDDZsj+6h/OzHE+7zIeX4pzHoK

bLSfVZzw9ey57XQA9+Opc3HppGJCSMvYjfLz7bK+uR3/sqxYZu90bQQoa+XEKsoPQcB2

Eqv9eEDgGD71NofVagWerE0Oo1cjRGVQKAQ/fHkp/iyLIrpEgnZWElTHVTXehESqvMh5

HTol4yvedU+3g/FX9HIuzgBLV0DY2zssA5tmeaQFSBdgq5Ko8cxGX88BkB2IQ9kcnnmh

OaqA1J/UmplW5MKfU88KJB9K7+pZXM4JjK3nxqcjlEtTNhbI/uu/5POS7FPk42lSPQN5

cnqA==;

darn=nk.ca

ARC-Authentication-Results: i=3; mx.google.com;

dkim=pass header.i=@gmail.com header.s=20251104 header.b=JgClyryD;

arc=pass (i=1);

spf=pass (google.com: domain of jasminealex372@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=jasminealex372@gmail.com;

dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;

dara=neutral header.i=@knitinfotech.co.in

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=knitinfotech-co-in.20251104.gappssmtp.com; s=20251104; t=1775749138; x=1776353938; darn=nk.ca;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:list-id:mailing-list:precedence:x-original-authentication-results

:x-original-sender:to:subject:message-id:date:from:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=GI10PwmvtvaqVfuw6XKm14t66R5baw21gI0kynfgtV8=;

b=d4TOvGtZHx27E5tE40Uev3s9LXhM/x79uCLnZbRJIIcbeVB4xUN5E4dMQtB8a0fyny

wTuyOOAnfEqXEtpzneTSnwN1ScSynDviduqEBmjqhV7yf7k7YQqA2EOtu7Su5zZw53S+

U34Nqcsli0ngpgY9AO3YTcR9hNUeIdsn4PNTLASWyYfIn39au3wP2/zk2l7yqc/+sQDj

EvGbOIY4f6Hr4njg9FaUlcDM/mtVUGKOUMM7W73avxOT5HBH8YY0hhSFXDuRkJXVpIt9

MqaQN9aouJH6pC68+HPrJG6kIoLnHzvSjbV9VXPpBX4oYwf7qFn5JZWT9d/kDY6Jb03S

kbfg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1775749138; x=1776353938;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:x-spam-checked-in-group:list-id:mailing-list:precedence

:x-original-authentication-results:x-original-sender:to:subject

:message-id:date:from:mime-version:x-gm-gg:x-beenthere

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=GI10PwmvtvaqVfuw6XKm14t66R5baw21gI0kynfgtV8=;

b=lwso+XLNHWFlIzI+UQVpQ5BTA6GtFQM2aAN+lX07w2d1HjTd89liWixhsEGfFlgaS2

ZUFbqAou95ORAYGyJCj8fFtCxoyfXJ/M0shEq5vPU+BVoGzSsl++SBN3lxbim+Ge3Oz+

y4UmwXWKP3t10c1qMlEfdWGJtjLWACGOnlK/ItrlCwpzM80UxG86D+BxLcw7L5fmQqiA

n1b3fP1XaclQr6onCTGF5pfiYyILcVbUA+FVZFzszgMO4XxO/ZzvSR+rGwXvre3xKsrB

MufCO+tdZWVtQrnNyWquiv7mRs9j1Q/+xCjiGiUhaytr0HS60yiPp8mNRYj0k3MdNchn

xnjw==

X-Forwarded-Encrypted: i=3; AJvYcCW+046nuGduGI4u5anG6yrCxrfvZLOYKsFKOffbTaHEq80n1vg1pD2hBvzpD5P9Qd3CJ6fT@nk.ca

X-Gm-Message-State: AOJu0YxW40yafzWdKDpTC/EUr2ylhpK/TNgbbGx8XjBsYA0/D+GDEOip

LdXcYfcDb5Sf0pXeW/7+7U4cZKJWq7TEFPxzdNP785YME8QXeGKwS5zDllHiRPzk9Gg=

X-Received: by 2002:a05:6402:1f03:b0:66e:68e1:fd18 with SMTP id 4fb4d7f45d1cf-67004c940c1mr2074213a12.23.1775749137616;

Thu, 09 Apr 2026 08:38:57 -0700 (PDT)

X-BeenThere: jasminealex73@knitinfotech.co.in; h="AYAyTiK3KEnhcc2oxejIq+HhXm64A6OSzLMG976PBieXxDQFtA=="

Received: by 2002:aa7:d698:0:b0:66e:7b5f:f4fb with SMTP id 4fb4d7f45d1cf-6706df57f2bls41637a12.0.-pod-prod-04-eu;

Thu, 09 Apr 2026 08:38:22 -0700 (PDT)

X-Forwarded-Encrypted: i=3; AJvYcCUXIIQcJQ/JRMFoERDznSz4P0xjJbSgLnPQtzP9gndc1HgpcsoFkQLgcU8fQrLeDFryocjfrhnOn2lau5lP@knitinfotech.co.in

X-Received: by 2002:a05:6402:35ca:b0:670:24ea:893f with SMTP id 4fb4d7f45d1cf-67024ea8a1amr1604746a12.16.1775749102657;

Thu, 09 Apr 2026 08:38:22 -0700 (PDT)

ARC-Seal: i=2; a=rsa-sha256; t=1775749102; cv=pass;

d=google.com; s=arc-20240605;

b=fLWnex2O5p5x19/rF3gHBRXb88Gi6MQQbOJfRtohyF2oFoDFMEuPr/rsybW1/XRJXW

QPURSbOussiBaowffOiF2rP4S3p3T6EJX7/Q2DRPF2lMczaijDwWLY7VJodnCgV9OCkA

hVYgvV4QCVSfQF9RNS1o+gOqkoeqO431f2uqdwxgRt6yQVuI3geMYwGUrg4J3teP43aQ

rgz3jar/QUrQayPRsjoWDrnWnYz73b8ZwCsCZg/xVuH0YVH1FQefyvK/zqgZTxyhT9Bp

G9/TgaJDj3gRD4DyTaum8ucIpjD/YgcK5Qt8owwhbRDIPhQo90ipnOyHQhU46RBnFyDL

XGUw==

ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=GI10PwmvtvaqVfuw6XKm14t66R5baw21gI0kynfgtV8=;

fh=RzdJO2byeV7MkxwnEGiNpmw8mKBx9Vbqk2xYc4w9rbg=;

b=jpo+wz7sqlvEqoOxs2wDhldiWTsEpgD7Q0myHWGxLBEc0N4Zn9589s2coK8K9yPqY0

XC9LwyjahcT+OpL6pS2bUxtLNBBgexQliTVepNNrdTEOxDpP2J7CrDcI7CWgdRYZk6RA

v0xriGps+J/nr4JPKdsrJDD1WKJ/j9QuBNSDC46g0uy7kw4BxLFaL0VcA5ETa+Bup3VQ

rHsYWc+eYha2Uorxx+juLConzrztxj8X+gNtf1vhY9zdKh152XzIS8iUQpXgkCEqCzHi

VeRjs3SeNuNfqVPlk4Gx0sQIJgcfFRSZ72M1f6MYE5CeqWihiZdZVcQtrt+hy4YTHTXv

LNJg==;

dara=google.com

ARC-Authentication-Results: i=2; mx.google.com;

dkim=pass header.i=@gmail.com header.s=20251104 header.b=JgClyryD;

arc=pass (i=1);

spf=pass (google.com: domain of jasminealex372@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=jasminealex372@gmail.com;

dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;

dara=neutral header.i=@knitinfotech.co.in

Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41])

by mx.google.com with SMTPS id 4fb4d7f45d1cf-66eb9c8f4afsor3840713a12.0.2026.04.09.08.38.22

for

(Google Transport Security);

Thu, 09 Apr 2026 08:38:22 -0700 (PDT)

Received-SPF: pass (google.com: domain of jasminealex372@gmail.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41;

ARC-Seal: i=1; a=rsa-sha256; t=1775749102; cv=none;

d=google.com; s=arc-20240605;

b=Y/yEsGj12aAOju6L8H7seIec/FRvLUQjCWDu0jsLjK3CB3iR9H9UvLmOD7G8hs0fCs

XPLZiv5etdBchk1ZXF2p2bsgHAcHtHHnCJK68yGRGshw1ECGiTBaogQnLMLE5HmTax/B

vLImFSdFiQhMb6mUbRKeRHampDVjNTn2pdyvU32TCNH1hl1yFoc+ie87t9biZ38L0TDY

BjI3n6HASH8mWVXA8jfC/2T3v/x6EYQS5vQf5q5/UfgSnD2oZufZBq4HyHP0lspVCLAY

i25v77bk+fZFyYiiDy3HBcCC7j55J6V1y71IsoCur0NEO5Ni/9//8Witul4VMwGS88vS

fPww==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=GI10PwmvtvaqVfuw6XKm14t66R5baw21gI0kynfgtV8=;

fh=RzdJO2byeV7MkxwnEGiNpmw8mKBx9Vbqk2xYc4w9rbg=;

b=RwpxEcNcKKhQ+cQwKEv6m3Wm2+sel+P3IPkzgCf04UvV7W66Yzo7ZWlM4gHIEpc1Xy

7cq9yBnSZofb20wZRmZQ5HB41I2XNt6YWmJhZ2PY/ekJ9Ig/0kOZOsmaD5e4sJTg67TH

msvQ5yRT+okalTuLX5ZpBc1U24A243aKOrT4m8C3osRGhHTfi0qFzBpUziMzG4wTpNHY

DovdGbYT42WN2tqrLR9vWgPVXmkxZSe+RuZouV4T3fAfufaO9EBYLqq62VrGRnITy41w

0dKTXXs9zcbJSH03buVmOtpU0Seog5/Hu2joyRdTLRkDShK7wa6K/YH6ubnL+M0ZeoJY

DGXw==;

darn=knitinfotech.co.in

ARC-Authentication-Results: i=1; mx.google.com; arc=none

X-Forwarded-Encrypted: i=1; AJvYcCU4zArrvBdI5bmGHk4PhffiXylpzBAio+bTeCtZR9UZUaYVaOcv5VukBSJINwceZ6fFCuYYftEAzsK3HVil@knitinfotech.co.in

X-Gm-Gg: AeBDievLhlMhFbDTOUoYhsE+DuW7vKyT6TtKAyfbKTQRtqTSSzx0/fEwG5v4QlxTbPC

o4EAEdwgQIqNtG7rvfe/bcEittJKjO6rxHUuBKejz+/t5pPoXlwnc2DwSdbqENNxh9zypfddDZ0

VTeZghu/QqiWR8gHh8Lm1DTdwAeTG2YNYOvHaasNIfaTglRZ7no/ZJQHkVh7okkW+RfRxb8Y/c4

c2yufO35cU2Ae5XFoQROOKMleJvsRjMIyHX9fr3RoGax93gefRa6XRHrDDM/cKWZIU3TrMivwju

NJ5FZ8FoXbGe3gZyaJCd9bEAThkxMOL2sjjE

X-Received: by 2002:a05:6402:2742:b0:66e:559f:3501 with SMTP id

4fb4d7f45d1cf-67004f83667mr2351618a12.26.1775749101438; Thu, 09 Apr 2026

08:38:21 -0700 (PDT)

MIME-Version: 1.0

From: Jasmine

Date: Thu, 9 Apr 2026 21:07:00 +0530

Charity proposal spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 09 Apr 2026 10:44:03 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAsTm-000000001C0-3gnN

for dave@doctor.nl2k.ab.ca;

Thu, 09 Apr 2026 10:43:42 -0600

Resent-From: The Doctor

Resent-Date: Thu, 9 Apr 2026 10:43:42 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [204.152.218.206] (port=37738 helo=mail.novomuse.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wArBr-00000000LkX-3x2P

for doctor@nl2k.ca;

Thu, 09 Apr 2026 09:21:16 -0600

Received: from novomuse.com (unknown [172.94.9.215])

by mail.novomuse.com (Postfix) with ESMTPSA id 0E6456115B

for ; Thu, 9 Apr 2026 16:20:12 +0100 (WAT)

List-Unsubscribe: ,



List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-ID:

Feedback-ID: campaign-1775747:novomuse.com:mta:sx

Date: Thu, 9 Apr 2026 23:20:49 +0800

From: "Mr. Bernard"

To: doctor@nl2k.ca

Reply-To: b02064377@gmail.com

Subject: doctor@nl2k.ca, your input is needed

Message-ID:

Content-Transfer-Encoding: quoted-printable

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

X-Spam_score: 9.7

X-Spam_score_int: 97

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Did you receive my previous charity proposal? I have written

to you twice, I await your response. Best Regards, Mr. Bernard Arnault. 4/9/2026,

3:20:33 PM ‍‍‍‍‌‌‍‌‌‍‌‌‌‌‌‌



Content analysis details: (9.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[172.94.9.215 listed in dnsbl.ahbl.org]

[172.94.9.215 listed in dnsbl.ahbl.org]

[172.94.9.215 listed in dnsbl.ahbl.org]

[172.94.9.215 listed in dnsbl.ahbl.org]

[204.152.218.206 listed in dnsbl.ahbl.org]

[204.152.218.206 listed in dnsbl.ahbl.org]

[204.152.218.206 listed in dnsbl.ahbl.org]

[204.152.218.206 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[172.94.9.215 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[172.94.9.215 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[172.94.9.215 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[172.94.9.215 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[172.94.9.215 listed in will-spam-for-food.eu.org]

[172.94.9.215 listed in will-spam-for-food.eu.org]

[172.94.9.215 listed in will-spam-for-food.eu.org]

[172.94.9.215 listed in will-spam-for-food.eu.org]

[172.94.9.215 listed in will-spam-for-food.eu.org]

[172.94.9.215 listed in will-spam-for-food.eu.org]

[172.94.9.215 listed in will-spam-for-food.eu.org]

[172.94.9.215 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

[204.152.218.206 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[172.94.9.215 listed in sbl-xbl.spamhaus.org]

[172.94.9.215 listed in sbl-xbl.spamhaus.org]

[172.94.9.215 listed in sbl-xbl.spamhaus.org]

2.6 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL

[172.94.9.215 listed in zen.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[204.152.218.206 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[204.152.218.206 listed in bl.score.senderscore.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[204.152.218.206 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[204.152.218.206 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[b02064377(at)gmail.com]

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 HK_NAME_MR_MRS No description available.

Subject: {SPAM?} doctor@nl2k.ca, your input is needed



Did you receive my previous charity proposal? I have written to you twice,



I await your response.

Best Regards,

Mr. Bernard Arnault.

4/9/2026, 3:20:33 PM

https://novomuse.com/unsubscribe?e=3Ddoctor%40nl2k.=

ca&c=3Dcampaign-1775747255363-ecibcrrnp&h=3De2ae0b936df75f9e

=E2=80=8D=E2=80=8D=E2=80=8D=E2=80=8D=E2=80=8C=E2=80=8C=E2=80=8D=E2=80=8C=

=E2=80=8C=E2=80=8D=E2=80=8C=E2=80=8C=E2=80=8C=E2=80=8C=E2=80=8C=E2=80=8C

PAedophile accusation phish from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content analysis details: (7.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.101.201.86 listed in dnsbl.ahbl.org]

[52.101.201.86 listed in dnsbl.ahbl.org]

[52.101.201.86 listed in dnsbl.ahbl.org]

[52.101.201.86 listed in dnsbl.ahbl.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.101.201.86 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.101.201.86 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.101.201.86 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.101.201.86 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:5c:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

[52.101.201.86 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.101.201.86 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.101.201.86 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.2 MISSING_HEADERS Missing To: header

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} RV: TR: Complaint



--_004_BL0PR02MB46607BC21D6630660034495F93582BL0PR02MB4660namp_

Content-Type: multipart/alternative;

boundary="_000_BL0PR02MB46607BC21D6630660034495F93582BL0PR02MB4660namp_"



--_000_BL0PR02MB46607BC21D6630660034495F93582BL0PR02MB4660namp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable







________________________________







Dear Sir or Madam,

Please find attached a document intended for you.

This email is neither spam nor a mistake.

We look forward to hearing from you.

Best regards,



--_000_BL0PR02MB46607BC21D6630660034495F93582BL0PR02MB4660namp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">









Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">








 




 





quot;, "Aptos_MSFontService", Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);">

Dear Sir or Madam,



quot;, "Aptos_MSFontService", Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);">

Please find attached a document intended for you.



quot;, "Aptos_MSFontService", Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);">

This email is neither spam nor a mistake.



quot;, "Aptos_MSFontService", Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);">

We look forward to hearing from you.



quot;, "Aptos_MSFontService", Calibri, Helvetica, sans-serif; fon=

t-size: 12pt; color: rgb(0, 0, 0);">

Best regards,








{False jpeg attachment}

PAedophile accusation phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 09 Apr 2026 10:44:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAsTZ-000000001BJ-3f96

for dave@doctor.nl2k.ab.ca;

Thu, 09 Apr 2026 10:43:29 -0600

Resent-From: The Doctor

Resent-Date: Thu, 9 Apr 2026 10:43:29 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-westus3azon11020086.outbound.protection.outlook.com ([52.101.201.86]:20771 helo=PH7PR06CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAqxm-00000000KnO-0J6P

for root@nk.ca;

Thu, 09 Apr 2026 09:06:48 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=CYAoEIGyG7i4X2mfr7UlrX7ZIkaZOh8GFMCdLQlgzNsHlpE+6q9CehGoM3iDEzBlQmYh08bRdkvYlBgeh2FV6ArA+Qn6BMPVrEHBMGue4dDOcY3UiCuOcaykz/65FIIWZxv6TcvSVYweYm1iO5LwqviQcr9mneUQa7PjdGBm6Q8x4mNa8QrV8W8A6rI4zSoH1GtxcNZg/x0AVrfFEtvlV7Gi+kjIKVb6T47XVaqT5nb0NNJBBLGIoopxVS0RtlOv9W7Ymlsg8PHZ6O9K5jOb0qyu8ZCL5Tkj04k+Gfg5YzRu9EzExTkCm8vDE+P+aZkbjBLZwGOT+G5SV8msEbqgxQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=vcZgud39flslGwXNiz6uEka6MGWl9UwDXBLO4wxvoz8=;

b=IdhsA4w8AWbwTevnI/9vYmDyBCzTyIcSfBcx/6WJpSg232Vo8/qJ3ZiX5VPxasUNWas6bOOMv0GOqJPhxTIHaGrkecMqfH8/OxmNB7ePhE0H3Zsou7WkpL+UWykuMfGgtuj3o5Qlx0xOSfweOSpbudI4PST4kSKoG7buTbLgCW5DeduDspY/2m1R74iMPmcMq/Hz/8wduYeM1w+SzKn+6VeRiOLZb7swXx3ZEy6z1PZ1NCs9AXb+r8Mz7QdWHdMRYWRoX/fTh11UNi6IX3mzB/T9vTejIbbk0GSTOa5xWLJtzBMG0itx/Jul9kPmvf55L7uKA9+ndurRatKfIu6lWg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass

smtp.mailfrom=anahuac.mx; dmarc=pass action=none header.from=anahuac.mx;

dkim=pass header.d=anahuac.mx; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=anahuac.mx;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=vcZgud39flslGwXNiz6uEka6MGWl9UwDXBLO4wxvoz8=;

b=HfakbdngE+ai18Q91mWhDoPB1cWskjQUINKCE2YKabMUhM5OO/DXgaNOwXiRtxT6NiAxBJ/9f+5ysQxptLaQHLVciFvthrBXEiOvapkoXzYLpfpiSZwonX6xo3BgHNACaMkbPVwh1KOMC59v3LlXOpDj1EcuYb8KI6i+fzctALwZaF+iDozpnbbD7MdIt40Ywruj4HuvZakdKW9Trz1XoYIpSe6WzHoWbjUHMvYIerBSTBuQDUX5OH1uoo+WhrEQ3TTy0cEE/nx9WVFhe+7Nu9Xsy5b+eJVWPDBfwXfZ8/OxyTSMzkPVZneo4Lpdn47abiJClB6ahkXSxLl7eEFmLg==

Received: from BL0PR02MB4660.namprd02.prod.outlook.com (2603:10b6:208:5c::13)

by BL3PR02MB8891.namprd02.prod.outlook.com (2603:10b6:208:3b2::6) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.42; Thu, 9 Apr

2026 15:05:25 +0000

Received: from BL0PR02MB4660.namprd02.prod.outlook.com

([fe80::ccaa:3400:9f5d:5cc7]) by BL0PR02MB4660.namprd02.prod.outlook.com

([fe80::ccaa:3400:9f5d:5cc7%6]) with mapi id 15.20.9745.035; Thu, 9 Apr 2026

15:05:24 +0000

From: =?iso-8859-1?Q?Greis_Luisana_Graffe_Garc=EDa?=



Subject: RV: TR: Complaint

Thread-Topic: TR: Complaint

Thread-Index: AQHcyDFbfJZ9/v9lJEOqbnxNVndf27XW1CY8

Date: Thu, 9 Apr 2026 15:05:24 +0000

Message-ID:



References:



In-Reply-To:



Accept-Language: es-ES, en-US

Content-Language: es-ES

X-MS-Has-Attach: yes

X-MS-TNEF-Correlator:

msip_labels:

authentication-results: dkim=none (message not signed)

header.d=none;dmarc=none action=none header.from=anahuac.mx;

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: BL0PR02MB4660:EE_|BL3PR02MB8891:EE_

x-ms-office365-filtering-correlation-id: d9333a29-d5e4-4863-9082-08de96496d95

x-ms-exchange-atpmessageproperties: SA

x-ms-exchange-senderadcheck: 1

x-ms-exchange-antispam-relay: 0

x-microsoft-antispam:

BCL:0;ARA:13230040|366016|786006|1800799024|6049299003|39142699007|31052699007|7416014|376014|10070799003|8096899003|55112099003|4053099003|38070700021|22082099003|18002099003|56012099003;

x-microsoft-antispam-message-info:

yNWJe+6VpgFYasKXLkJAmsDuNFdZgR6cWd4bpTgo0qCunfza7xUcjhZuZOyGV9C25RsMlZ4ivF76I7MtfIJ6EbmmkmegSJuAmgRzEX0XHXkwRX01AsiZvPoeBHM4jIqhSRa0HFMvh7s2tXEC/lo8q6VJ2kmDEa6y/LmrgS73h9oqoscqQ9dBaaHB9/2EImcQGtPAP6u7lxNLZoEnhgh4lPeqjNDy2IwszGgPgBwsqxKZ62mNmejiN3QqsrUt6MnydYWt/PuXhtlAsCCFvfkOuqIZiI4SJKoVVamnncZUZ9fjQQgMo+R2TYb6DFZy6X2hvfw1GbUYiTA7oqYuH56ykk3VXyclgRSkTS9+YgnlEHjLp93phvssZm0zlvMy9PkDKxmaNscVSjqLtPysAK4+dpvCtcizB1rBokDrilzFqyHe/SIZHKy2jj7orPwvJrK6x39/wKSAjvySRNOt+z8aurpksm29LxRNWIcsTza8NM3j9F42ZK7/5+OrRNohNfIMuWZERIYiHryxHEKsbPWDti92dHlBW3l8ky4U4rW60ld4OPQ+AetAfKub4ZyoygwSlLfvzb/F6t12aIPS/fqOv9jC3DibvdGxBIU8c4TkmFtwHB3CcJcOHO1fvkzX3uq9qpwo4NxebsNMYzyOaYEzgGhBPwkNsI8KMF4cYxMf+xzYfJTwEdLZkIdYYEBiYC/KzoqeHltQBkJcqGdVXcvbGoGiqDiMQI26mTyBdmdTjZos1tk6hfj0RvNXPlG5CCNW60U905PgUbDZbjE3igjo+n9GAsY0fJ6P+dyXIEiny60=

x-forefront-antispam-report:

CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR02MB4660.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(786006)(1800799024)(6049299003)(39142699007)(31052699007)(7416014)(376014)(10070799003)(8096899003)(55112099003)(4053099003)(38070700021)(22082099003)(18002099003)(56012099003);DIR:OUT;SFP:1102;

x-ms-exchange-antispam-messagedata-chunkcount: 2

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?TxwBdMzBi3pvHjdF05mrvSfl4RdjXA7ICrpqmalaoB7yMfFTHgPOUoLMmt?=

=?iso-8859-1?Q?D7vTzMXvK51xl+nme/F8gNEcSOXdgQeUnkD/uNOZ7nCVOSS2YADwviQq0n?=

=?iso-8859-1?Q?c0bXAoW1J+wyEAK50XTVaKwVT1Jbt5BO5KvlEJr+FZfWEGG/ShogvcCiYW?=

=?iso-8859-1?Q?4iG9XkheAWWKdH+PCTw+BD/UOophDmMqoMnSwzzK50btgQmyHlDUssykCI?=

=?iso-8859-1?Q?eHRYUWhAGHaw74QjSydojUKPwSAiS4JnBn1qsOo1Xgp0cN68rdNhvJzQ7z?=

=?iso-8859-1?Q?onilbFk2v160jl0yG4vd2l3OLi5EOAz2CTCNS9e/Ycoq6LZKbAG/cldfw5?=

=?iso-8859-1?Q?/jtf7udfW1FKbrffXKQGFHqccj3VTrCT4NBmW+pxnq9lBzck6ngo8SJXYg?=

=?iso-8859-1?Q?IRx1QJmSK+cyDpEqPh/8QGa3OiQuNvp//P6iJ7HTxE5hz/01+f+9a6bL/X?=

=?iso-8859-1?Q?MTtwrBITfwnLMvAqlxtSlbu24B5tPlJBOlV/WgwBP6eb6dD7d3+/VRvA+z?=

=?iso-8859-1?Q?OUme9pm+2SxJhRsBwamm25EBUDdSAJFlV024t9ujieBUotdCXoufM/7KmE?=

=?iso-8859-1?Q?sztPSlGqODXG5Q1YzP+RZGPvKzZbO/VhJJvIRzowlje7+jJAHfvEJAv0n1?=

=?iso-8859-1?Q?Fw9Qnjm4/tqXYxpKXa8EQK30DE1gYnqj3/X6Xn/lX6Ra9G6J2n8iQoy4Gw?=

=?iso-8859-1?Q?3tATF/WzzbmZpoZ4FpbBV9q/Fquxz3GLm/WswxmrZ0X0ZQ3oNjegfbQWXL?=

=?iso-8859-1?Q?/tToFDkzyelCQe0grndXQ1CZUVWTAqiO3Kexj0bo9HRXYaYl/8K0sMikdy?=

=?iso-8859-1?Q?DHRP0LkFILl9xsKGG0sB3cfGsOamZI5kVjI9j1DOHQVrkuQowDwfTSyym9?=

=?iso-8859-1?Q?TBJWaNYwf7DXoOiF1YQ7dqpMOXX8ytPPc7FvMACPVx2/A7iwm89V6/WpeJ?=

=?iso-8859-1?Q?/FlAJeYs7SfQjJnwSQT1kow+NTFVbSRqZyndbmwjNaUn+sgD+HWoAIHmgy?=

=?iso-8859-1?Q?jCj6wIe5fQsGAfzzSlZNMhf9Iey+R1kvhaNJAOcIb3pIIwveYSof0UlTS7?=

=?iso-8859-1?Q?BAmpzmLnATNh3e/aLzl3S+3tSk6o9z30KyhgAzB2EJ5yh3gn7Al/X1KURz?=

=?iso-8859-1?Q?a8stMyagOBlf2XCxyU2oQIYQbY0jFFQ4oSIyYrAobATfD2HJ4P8Nl6BC5M?=

=?iso-8859-1?Q?nUMsV5ZFEbQHYT/XVbgxUfrSmmDH9nOH7e26f/k7aArfWsaGSmcRb3PdZ3?=

=?iso-8859-1?Q?cZjHSyaDZon+xq8zegT1/CCWjjVyMNpRoUrihyukiWP1u/JGrAcrDC9TSA?=

=?iso-8859-1?Q?wT55DkSIkibO8ZVVVQOlqxFoCxfqLWWWPdVwmtYowdCzP+2JK7zLNN6+mG?=

=?iso-8859-1?Q?7sJWoxdBu7rO8CH0jYGheYIl9lUsKzgNfdr5ompnuMxce7P12bckMEBVzu?=

=?iso-8859-1?Q?ejbVHyuI+0/Dcla2FNorpv8qypaD4bh8k+jVvtcssj0VszRgauCr40SNZh?=

=?iso-8859-1?Q?MwEQ8kvW+T+XRDToRyoTHwQBQFXTpkAdCRgNQzvp8Uhphhf/yN9JEOt4y+?=

=?iso-8859-1?Q?LIMt9s5RAjqsPqKnbMDjfkrHNzsHlu1hhVNftaVXZeAwR5ce6uKcjx78k4?=

=?iso-8859-1?Q?YwMXHJyQ7M8u3sDoe9vMsfp3I7/UtEOcUHHALoD8rQym2fRgHuXU4TRcAY?=

=?iso-8859-1?Q?VD6k9BFGkXaGEdo9RvjjCAyI5VbQtPs70tq6X0hwolnK2B647R11uDTkd2?=

=?iso-8859-1?Q?AKT+SQxhkKkJGAryD2vsRKsmac7FWTl/QlZvPAGgHRzTo1hGMycvL1C2i+?=

=?iso-8859-1?Q?7AFHedCULTvUD6I4rXT55F5tPDIKzQGUpWPrIyc/V3nSC48Uq4zJhYMGjQ?=

=?iso-8859-1?Q?cy?=

x-ms-exchange-antispam-messagedata-1: pHByYNre8a1emw==

Content-Type: multipart/mixed;

boundary="_004_BL0PR02MB46607BC21D6630660034495F93582BL0PR02MB4660namp_"

MIME-Version: 1.0

X-OriginatorOrg: anahuac.mx

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: BL0PR02MB4660.namprd02.prod.outlook.com

X-MS-Exchange-CrossTenant-Network-Message-Id: d9333a29-d5e4-4863-9082-08de96496d95

X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2026 15:05:24.8208

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 0d8d6b97-e05d-460c-b6b5-19b7d020f47a

X-MS-Exchange-CrossTenant-mailboxtype: HOSTED

X-MS-Exchange-CrossTenant-userprincipalname: KzCZJkRGecH7X4PaoAJvvCK6lEu83+Jdug6ECyoH8r90lYXsc4/Tcga5B9iCQr1s25XRuSuoGSQ+DXRZ1/9FsM6I0cyyhRxOnPvNfhRSRUc=

X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR02MB8891

X-Spam_score: 7.9

X-Spam_score_int: 79

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Sir or Madam, Please find attached a document intended

for you. This email is neither spam nor a mistake. We look forward to hearing

from you. Best regards,

Web/SEO/App spam from Microsoft Outlook

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 09 Apr 2026 10:44:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAsTM-000000001Ar-25jP

for dave@doctor.nl2k.ab.ca;

Thu, 09 Apr 2026 10:43:16 -0600

Resent-From: The Doctor

Resent-Date: Thu, 9 Apr 2026 10:43:16 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-uksouthazolkn19011030.outbound.protection.outlook.com ([52.103.37.30]:8343 helo=LO2P265CU024.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAqpX-00000000KJg-23qt

for root@nk.ca;

Thu, 09 Apr 2026 08:58:14 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=TxqekENc3u8W3BimsfyZj3aGW11W0z1Mmr4ferN5G8yBpb+x+PSzr8+V5ClQDeuQavXQuNBUXAsJ3/wc9/Cz9r9Fqo1cN47fzZTnKbYaaz8yYV53gvuz3l8gsr24IIEEgcaZNsO2Y7gawPzw3aTwTQAsVxktJD5E9MvIUd0bm6zZ+oUudZScDPRo4EpF0lMHXuV7GwTiBHpEcNsVELR3Tai/XeWrGskKUzXCso1Eqp/Znx/w0aWRmDtwQQlowz1GU+T0hhxdnrSRyuqAvDpc3pmg91VibpgBH3AwoLYQg8OOELvpoi2JoTux8NzbaxQrfpG+Wa8LVY0BNRjVLgZvcw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=Gr9mWIPpbp+3UKOAhL3mLxEoiGwdXAOCHLsEfmF+1wY=;

b=HZt/y+rf96rgWnfdCts6xiTHmbzWCJRSgwrRmGWPy5edGW2RoMidmG7hRi4BAPGxU2/eSkMOQPdPjJ4z3PHGvlK61Btopcv7awTgJa8aLCLo4zcQsFeLykHnPa2EIcqCeKuyXMELblaIYQfjJ69zH4VfPmRg9FmtNjROd6BaAc2aZpUQP+sp073gATqFyfbdc/lTdLDy8VPTc7S2jQs5UTkn9koLvU0ORKsVonYT9uvrfumlE+TNKVt3mNzwpbX66Ze9t0CzeSAxdbQ4Yw0BrfOcAuvcTjJJY9VCLAxw7ZsWatt5ciKU4NEs6I9D0d3hjzHXeP3OTi/2twxqqX+T4Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=Gr9mWIPpbp+3UKOAhL3mLxEoiGwdXAOCHLsEfmF+1wY=;

b=W/g+bwz30u7jLt3YSz5+2mg7fjSxjjnwISdXAWX9jp/PDHkdIxOIFz8fh1s1ZrArvhg0BPJZ6okhWjQsdqKDTIvAvsp6AIJATkvASGK39aiWAroNKbV69zShsb0FMFcKhDDKQgoTknJzbZoLhpGr6zpgjLCOmxra/Q5LsGCsD2hHXRlNL2nZKcsDL5N12ZQwJHj3ZRCXELWpi/gASz4EFvPTF9JQw7ERkr4j4l27yCOSImNlBMKUJf4XvIK+5IbTfjjyfk2n01M3Rxy2pn4tSruijeco7SzJghINLEi5/9Kmbut+j3cKBL9jRK9xzgPJ489/xD0Wj7qB1D7CvsQKpA==

Received: from CW1P302MB2243.GBRP302.PROD.OUTLOOK.COM (2603:10a6:400:25e::18)

by LO7P302MB2384.GBRP302.PROD.OUTLOOK.COM (2603:10a6:600:476::6) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.39; Thu, 9 Apr

2026 14:57:07 +0000

Received: from CW1P302MB2243.GBRP302.PROD.OUTLOOK.COM

([fe80::e1fc:2b57:77ac:a898]) by CW1P302MB2243.GBRP302.PROD.OUTLOOK.COM

([fe80::e1fc:2b57:77ac:a898%5]) with mapi id 15.20.9769.017; Thu, 9 Apr 2026

14:57:07 +0000

From: Mia Alvarez

To: "root@nk.ca"

Subject: Start Your App Today

Thread-Topic: Start Your App Today

Thread-Index: AdzIAgtQl93Q1ds3RS2vJdp3irk/8w==

Date: Thu, 9 Apr 2026 14:57:07 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: CW1P302MB2243:EE_|LO7P302MB2384:EE_

x-ms-office365-filtering-correlation-id: 385d3fda-25c8-47ea-7fb7-08de96484544

x-microsoft-antispam:

BCL:0;ARA:14566002|24121999003|39105399006|22091999003|31061999003|20031999003|8062599012|8060799015|13091999003|5062599005|19110799012|37011999003|24071999003|461199028|15080799012|40105399003|440099028|3412199025|102099032|26104999006|26121999003;

x-microsoft-antispam-message-info:

=?us-ascii?Q?RsjTYam09YtH035VOIj9NDDfyVVbin+7t7qMMp6x/FazQ/3i1dw+Y44yyoBu?=

=?us-ascii?Q?gOPBOYbm0BmaOM8KOxF1x8YDvPZei4ZNS8rXZGpLZlU8tkxY9Wix9uquVPAf?=

=?us-ascii?Q?5oFmP9IySgstlT7aezRSrgOkY4XGBlhOZhA6iETQeO9vbb0ZHUxuanbBj/cp?=

=?us-ascii?Q?xNCqDu9O+Sw63Ggs7H2qPWip7EUsxI2rRnMYAV5sRdrJ05Ji4h9Wllq4QUZ8?=

=?us-ascii?Q?ZRY3rGtQr+4dq6s/MXOcm3wYNr1+g40XCf1DcMxi366CVRH91s2C+McbwBKC?=

=?us-ascii?Q?s8XW8WF7d18gr+Iep5VYbm8fXXFobVNoNL73/Yu8dJiH+Ls8gNXIGXSbCb1f?=

=?us-ascii?Q?Pr5pDvi4Cix+f0d9+yCNbJxRRkwnrml7qSt7Rg/jC3G6aQfmx8efcAcSkK/e?=

=?us-ascii?Q?ScjaqFTQHB6bGFeNShPD/EejeWww1cRjWWQPzips0yadKre+WbFQrNdO1aGa?=

=?us-ascii?Q?j5PwO8ZoA6NXx4+MHy7P2G9jWWzHKEO8rpT9Vgk+I9VgawBeSTuZAu+RpOyG?=

=?us-ascii?Q?vJSziJS4QoRAUAJRqMDMCr4XJyRBYoCW6zn8Bi+5PLF0+4nbVKNgAMZB0NK2?=

=?us-ascii?Q?DX2cepUXIDAV7JWlgdSeb5RB99vXXkpan+MCbqgk0HNgICuvviP+HYlp/x6B?=

=?us-ascii?Q?YNgdgsldkQe0cNdd01FBnA5YvD3lDZaO7tCocsLCM6UJqnJFmIQo5YoN5xzD?=

=?us-ascii?Q?/6mitjHsxoAZyHx1vsDxWt2JmJ5qtEhotzX7jmgZVlYZR2eDJhQtO9JnZef+?=

=?us-ascii?Q?fGSRpxH0otrtOx33ai7de6rlWlkqOoVmHi+1ckFjn4WwvqXzJe9Ey9Bu3mFo?=

=?us-ascii?Q?z73579r0rKV6WSkDDo7JseVFjBNW+fgU/vIwG8RBvFcbMUCgteJ+zxDnoOmx?=

=?us-ascii?Q?ZA5kZ/U9Y9NWuwqdxymZmphoNyE/60fHSyYnuZEU8hF87/FonzF4u4BYa4xb?=

=?us-ascii?Q?ChfURjIjGuX+qKFKPpPU5cpTa/4LmjLcLiTmDIzuaWTUppcUklRGSRRc5Owd?=

=?us-ascii?Q?j2JOB2mfx38K+nwx0kwF5uQtGbllYG+XldASuHyIAHN4nwe4sh8vOL8TXSVr?=

=?us-ascii?Q?wiQ0gVlw3z2XMUt91TuuGlUn83ESJyq7ueXo1z7U2oX/QT1CCxefqlQDhN2s?=

=?us-ascii?Q?OVIv6VvfYsiWZbcFA47rxtasxYvlsqeLEM/xFFv3KCYQaJS5LHfzHu/vyYWr?=

=?us-ascii?Q?K1fWdxSJfKqDflEx?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?us-ascii?Q?1Hi+ch3Ixytpy9pGjiPS8d54A0RL+T9EBVADzGaTXwqsChGh8VTX/8DTDx6y?=

=?us-ascii?Q?4jXRKI+ZJnYa4rL9fs8vOc/9ALONNF0+5iMXPt2+7Eh4u905uh5VaE2zpp0z?=

=?us-ascii?Q?xr/T0XW4TD8sHDBRIQGOB3j2sKrVrxCixp6AhTnBBOiKipUjtlT69sEHtcZq?=

=?us-ascii?Q?/Xrv7PCAaulIUkS5oh3mqpDwUosy9jJKxIfKKXCx0hWz37J4js4Kkeq/zSNU?=

=?us-ascii?Q?HwBD3rm4Uvo1TuEQ/Xq0i08G1IEkG8nB5wwTI9BKa0YUmPRH7h3nwNANg6fe?=

=?us-ascii?Q?KK1TGtUS7lpWHhPS85GjRiqxYe7HX1Ye4Vea/KwBuzT1G+uzy1AgUxj29lus?=

=?us-ascii?Q?IcVk/ZDsT5T2rxgFW9e2hcwk3DUfhqGEFvfLhM4BhMjcrNtcaaUE9J/jSXy+?=

=?us-ascii?Q?PnrSFc1JqMw2tBtHx61HEWrgBJenluhIVfy/S/f04G1LpAQfoWABnNxuOeKE?=

=?us-ascii?Q?XaAj4U2EdKdbqTMcwYYuXwrHRoxEF1vqMjPC+pdiTTiHc+lAD4e70abQEB+W?=

=?us-ascii?Q?AutoDWTvBhFvdeM287wfMOgQXI4TZZCbNTh87wF7JVuCIWWO4QiF1hguAKfP?=

=?us-ascii?Q?xAMwdFZ+tR+msPc68p+5jdcRsge1kO4toEIujyv7vDq5ZAIetyDF8hdB+9mg?=

=?us-ascii?Q?AHMojlFGokPrn8YvOIFVnNH2/XE3XtLKlUYpo3AZZCI/0TyPTKQrqIddC10M?=

=?us-ascii?Q?3DcKXInjvD5AJxwQ/2oKu0SpxmT3CCs8enKWRElnB2zNcg715e8joWNS7Wel?=

=?us-ascii?Q?WkESPk8Buipxa33cfKs3fsXREL/DUC1U6ni51pZwbotJF25QdGzgE4ci5J8s?=

=?us-ascii?Q?nEuPx853HXhk+iRClhTY2pAuZbz9G+Nx7uKyE5CatFFhgKvIYaUtbFY+P/J1?=

=?us-ascii?Q?tG4Lt1ZtUMUPkpkJVcedjAN5xcHCo7hbaaoBB5v/zn33pqM1ugqq1/yi7bc9?=

=?us-ascii?Q?CiSvQOMyJDD8iSqb3z2jXTW4A9k3YhPRlXjsKD4+1w2cVphmTPGM9oqt/FQR?=

=?us-ascii?Q?D8Q4mcH6Rct2dstvZU8ARWkz4UzAXbaFEHGb+ki+DLtK6nGKa35apDXNxInz?=

=?us-ascii?Q?q8HBNiJGIr1IM732nkistMeqNfmi7JVHMOILI63e3ZLnTtDtQGKJY5J4wFlA?=

=?us-ascii?Q?yJjN7mA1A8I1M8rEDwy+3xjJmR8KKXTh64T0Q5egm7XQqPYLBojpc+NYxL87?=

=?us-ascii?Q?d10xftGBls9240P9Xsc8Qp9AOO36avol52kNVveZ8LI1RHr0SdT7T9VhiqAu?=

=?us-ascii?Q?N2wNVxPM579duNwvyyLIXMMqcUWKhCA1KufT/4RahKO3/RPdU25FOa3nIPmj?=

=?us-ascii?Q?Bg9MalzNjzEXso8blEfZPkTpfcCpJtBrdPMP/3CHToZSKybOX4XI7WnwUcEe?=

=?us-ascii?Q?OhZxzDxnhBJp0H9yhXtHOlvXQjux?=

Content-Type: multipart/alternative;

boundary="_000_CW1P302MB2243999B135EB3798086752CD9582CW1P302MB2243GBRP_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-644ca.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: CW1P302MB2243.GBRP302.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 385d3fda-25c8-47ea-7fb7-08de96484544

X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2026 14:57:07.6851

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO7P302MB2384



--_000_CW1P302MB2243999B135EB3798086752CD9582CW1P302MB2243GBRP_

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable



Hi root@nk.ca,



Are you planning to build a mobile app for your business this year?



We develop AI-ready, user-friendly mobile apps that help improve engagement=

, automate processes, and drive growth.



If you're exploring this, I can share a few quick ideas and cost estimates.



Worth a quick conversation?



Thanks



Mia Alvarez



--_000_CW1P302MB2243999B135EB3798086752CD9582CW1P302MB2243GBRP_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable








>





Hi root@nk.ca,



Are you planning to build a mobile app=

for your business this year?



We develop AI-ready, us=

er-friendly mobile apps that hel=

p improve engagement, automate processes, and drive growth.



If you're exploring this, I can share =

a few quick ideas and cost estimates.



Worth a quick conversation?



Thanks



Mia Alvarez









--_000_CW1P302MB2243999B135EB3798086752CD9582CW1P302MB2243GBRP_--

Nk.ca credential phishing Part 2

Posted by Dave Yadallee on

w3.org/TR/html4/loose.dtd">














: medium; border-radius: 0px">
=3D#333333>
0efd size=3D6>Confirm Your Email Address

ONT>=





border-radius: 0px" face=3DArial>
T style=3D size=3D2>Tap the blue button below to confirm your email address=

again, If you didn't create a clone account with Nk you can safely delete =

this email.





TLINE-WIDTH: medium; border-radius: 0px">




OUTLINE-WIDTH: medium; border-radius: 0px">


der-radius: 0px">








x">


der-radius: 0px" dir=3Dltr>


; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; MARGIN: 13px 0px 0px; LINE-HEIGHT:=

1.2em; border-radius: 0px; font-stretch: normal" dir=3Dltr>=

Note: once you see this mail in your junk folder kindly move=

to inbox and verify your email account.

>




Cheers,




DIV>


der-radius: 0px" dir=3Dltr>


E-HEIGHT: normal; border-radius: 0px">
LINE-WIDTH: medium; border-radius: 0px">
m; border-radius: 0px" face=3D"arial, sans-serif">
DTH: medium" color=3D#0000ff>


99820927ydp7b86bfd5yiv6045953875ydpd918de9ayiv0177461306ydpd20ea3cyiv089884=

8693ydp6829a5a2m_1996841430946977455gmail-yiv2898864475m_-61404789728670827=

18gmail-m_-8645518671750608904m_3880449539637537630m_-3459598488485890575m_=

-8886446844680499571gmail-m_7783430649414262473gmail-yiv0926590506yui_3_16_=

0_ym19_1_1539091334466_3129 style=3D"FONT-SIZE: 13px; FONT-FAMILY: Helvetic=

aNeue,Helvetica,Arial,sans-serif; FONT-WEIGHT: 400;=20

COLOR: rgb(0,0,0); OUTLINE-WIDTH: medium">Nk Copyright © 2026

 
7yiv0299820927ydp7b86bfd5yiv6045953875ydpd918de9ayiv0177461306ydpd20ea3cyiv=

0898848693ydp6829a5a2m_1996841430946977455gmail-yiv2898864475m_-61404789728=

67082718gmail-m_-8645518671750608904m_3880449539637537630m_-345959848848589=

0575m_-8886446844680499571gmail-m_7783430649414262473gmail-yiv0926590506yui=

_3_16_0_ym19_1_1539091334466_3130 style=3D"FONT-SIZE: 13px; FONT-FAMILY: He=

lveticaNeue,Helvetica,Arial,sans-serif; FONT-WEIGHT:=20

400; COLOR: rgb(0,0,0); OUTLINE-WIDTH: medium"> <=

/B>



E-HEIGHT: normal; border-radius: 0px">
LINE-WIDTH: medium; border-radius: 0px">
m; border-radius: 0px" face=3D"arial, sans-serif">
DTH: medium" color=3D#0000ff>
elveticaNeue,Helvetica,Arial,sans-serif; FONT-WEIGHT: 400; COLOR: rgb(0,0,0=

); OUTLINE-WIDTH: medium">





E-HEIGHT: normal; border-radius: 0px">
LINE-WIDTH: medium; border-radius: 0px">
m; border-radius: 0px" face=3D"arial, sans-serif">
DTH: medium" color=3D#0000ff>


99820927ydp7b86bfd5yiv6045953875ydpd918de9ayiv0177461306ydpd20ea3cyiv089884=

8693ydp6829a5a2m_1996841430946977455gmail-yiv2898864475m_-61404789728670827=

18gmail-m_-8645518671750608904m_3880449539637537630m_-3459598488485890575m_=

-8886446844680499571gmail-m_7783430649414262473gmail-yiv0926590506yui_3_16_=

0_ym19_1_1539091334466_3132 style=3D"FONT-SIZE: 13px; FONT-FAMILY: Helvetic=

aNeue,Helvetica,Arial,sans-serif; FONT-WEIGHT: 400;=20

COLOR: rgb(0,0,0); OUTLINE-WIDTH: medium">All rights reserved=





DIV>


BODY>

Nk.ca credential phishing Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 09 Apr 2026 04:53:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAn00-00000000DkA-1gxZ

for dave@doctor.nl2k.ab.ca;

Thu, 09 Apr 2026 04:52:36 -0600

Resent-From: The Doctor

Resent-Date: Thu, 9 Apr 2026 04:52:36 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [188.127.240.137] (port=45942 helo=modernmedical.com.hk)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAk20-00000000DrC-077g

for sales@nk.ca;

Thu, 09 Apr 2026 01:42:37 -0600

Received: from hanmail.net (localhost [IPv6:::1])

by modernmedical.com.hk (Postfix) with ESMTP id 3C2986B8B80

for ; Thu, 9 Apr 2026 10:24:49 +0300 (MSK)

From: Nk

To: sales@nk.ca

Subject: Nk Confirm Your Email Account Once More!!!

Date: 09 Apr 2026 07:24:49 -0700

Message-ID: <20260409072449.D40D934AEB76392F@hanmail.net>

MIME-Version: 1.0

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 15.3

X-Spam_score_int: 153

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Confirm Your Email Address Tap the blue button below to confirm

your email address again, If you didn't create a clone account with Nk you

can safely delete this email.



Content analysis details: (15.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[188.127.240.137 listed in dnsbl.ahbl.org]

[188.127.240.137 listed in dnsbl.ahbl.org]

[188.127.240.137 listed in dnsbl.ahbl.org]

[188.127.240.137 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[188.127.240.137 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[188.127.240.137 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[188.127.240.137 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[188.127.240.137 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[188.127.240.137 listed in will-spam-for-food.eu.org]

[188.127.240.137 listed in will-spam-for-food.eu.org]

[188.127.240.137 listed in will-spam-for-food.eu.org]

[188.127.240.137 listed in will-spam-for-food.eu.org]

[188.127.240.137 listed in will-spam-for-food.eu.org]

[188.127.240.137 listed in will-spam-for-food.eu.org]

[188.127.240.137 listed in will-spam-for-food.eu.org]

[188.127.240.137 listed in will-spam-for-food.eu.org]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: justdied.com]

[URI: x24hr.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[188.127.240.137 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[188.127.240.137 listed in sa-accredit.habeas.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[188.127.240.137 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[188.127.240.137 listed in bl.score.senderscore.com]

0.9 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record (softfail)

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[tildch(at)hanmail.net]

0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.5 GOOG_REDIR_NORDNS Google redirect to obscure spamvertised website +

no rDNS

1.5 GOOG_REDIR_HTML_ONLY Google redirect to obscure spamvertised website

+ HTML only

1.5 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS

2.0 PDS_DBL_URL_TNB_RUNON Double-url and To no arrows, from runon

0.0 FROM_MISSP_FREEMAIL From misspaced + freemail provider

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

0.0 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML only

0.8 SPOOFED_FREEMAIL No description available.

Subject: {SPAM?} Nk Confirm Your Email Account Once More!!!

B2B Phsh from Sendgrid.com Part 3

Posted by Dave Yadallee on



style=3D"BOX-SIZING: border-box; FONT-SIZE: 11px; BACKGROUND: rgb(240,2=

40,240); COLOR: rgb(119,119,119); PADDING-BOTTOM: 15px; TEXT-ALIGN: center;=

PADDING-TOP: 15px; PADDING-LEFT: 15px; PADDING-RIGHT: 15px">Sent=20

to root@nk.ca
© 2026=20

SharePoint Online



" data-type=3D"unsubscribe" style=3D"color:#444444; font-size:12px; line-he=

ight:20px; padding:16px 16px 16px 16px; text-align:Center;" data-muid=3D"4e=

838cf3-9892-4a6d-94d6-170e474d21e5">




style=3D"font-size:12px;line-height:20px"

>

SharePoint Online





15600 S GEORGIA ST
span>, AMARILLO,
=3D"Unsubscribe--senderState">TX
ip">79118








62.ct.sendgrid.net/wf/unsubscribe?upn=3Du001.EtyC8XKcPmGZYDmBykh8zSgppscrG1=

a9-2FbnUZspF0av6mdLTg7APu65Yl-2FlT7gYWIWvlofAwKkY-2F2ptfbkc7w8h-2FPFa6xEfU5=

5tVw9pxqAkjKcoCM5xYrUadMDhNOM92fWIv17g9YhozDkR7CnSOMIJP9RO5yoLFpG0odCCEIUuS=

EQeWJoZmer7GKQCFvi7KWpszBjiz3wG86YQf8OJV4WGU2otqbNlTGWy08lrf2YjBtkAFjmconj0=

arhmUvGhLy9N5F9EHYsNTXlSvPlO0LgzwfkAohw6DACE2diDdQCVPYXTfL8LSqlg7rzpZuf1gID=

OTLTKs2ETE7J8Ps-2B-2B-2Bq77trjs2F1cJ4kxyACJWW3yW7T-2BadhJgQIuCS988mxr-2Bvip=

sHNvl-2F40Oa5X4yNofJPje8kUWyYTP-2FwW-2BSpyXjDAQqCK-2BE4GpdAiJ5LbnUimvgruOzD=

nzQctAEuuGsqhgt-2B1kdpqkPaLNvJ8iipSyDXSWL6DBJZabFI8ZXR-2FceUUwz-2BQ-2Fq0kwM=

YVAaLHUI9QAf5lyeoYADJk79UoH3ne9-2FINDrzWheIpZVTMi6D5sIrqXH50aNr1c9IO05FmK-2=

FvPFeRVpfqG7i4Q7h8WXssjkASp8dl5214cnKqoKTUQ6OuQdJEPIOqYEIgseqkaTwnVlag8zIzf=

E6f43T5xL-2F3uQEJCf4BFwXhH31CBI3Uj4FSaYuB6nNPqre2Tv2Vp6AQFYTDYsNvlzcF1g1HEY=

Aj-2FHz9b6vPjyX58-2FmsmbfBegtpBdVK7CaBHw5a9kKBOjs6QwstvMppEqVjv7AEZc0p-2FC4=

0sMsZnN4uwJrZfmBBuH2qe-2BVqrq3li-2BhQJ2ToR8kKOYpSQvTuu-2BYRT3xV0Hk2b5CV5S0y=

xW8-2FX4k19b0kulej7U" target=3D"_blank" style=3D"font-family:sans-serif;tex=

t-decoration:none;">

Unsubscribe



-


=3Du001.EtyC8XKcPmGZYDmBykh8zSgppscrG1a9-2FbnUZspF0av6mdLTg7APu65Yl-2FlT7gY=

WIWvlofAwKkY-2F2ptfbkc7w8h-2FPFa6xEfU55tVw9pxqAkjKcoCM5xYrUadMDhNOM92fWIv17=

g9YhozDkR7CnSOMIJP9RO5yoLFpG0odCCEIUuSEQeWJoZmer7GKQCFvi7KWpszBjiz3wG86YQf8=

OJV4WGU2otqbNlTGWy08lrf2YjBtkAFjmconj0arhmUvGhLy9N5F9EHYsNTXlSvPlO0LgzwfkAo=

hw6DACE2diDdQCVPYXTfL8LSqlg7rzpZuf1gIDOTLTKs2ETE7J8Ps-2B-2B-2Bq77trjs2F1cJ4=

kxyACJWW3yW7T-2BadhJgQIuCS988mxr-2BvipsHNvl-2F40Oa5X4yNofJPje8kUWyYTP-2FwW-=

2BSpyXjDAQqCK-2BE4GpdAiJ5LbnUimvgruOzDnzQctAEuuGsqhgt-2B1kdpqkPaLNvJ8iipSyD=

XSWL6DBJZabFI8ZXR-2FceUUwz-2BQ-2Fq0kwMYVAaLHUI9QAf5lyeoYADJk79UoH3ne9-2FIND=

rzWheIpZVTMi6D5sIrqXH50aNr1c9IO05FmK-2FvPFeRVpfqG7i4Q7h8WXssjkASp8dl5214cnK=

qoKTUQ6OuQdJEPIOqYEIgseqkaTwnVlag8zIzfE6f43T5xL-2F3uQEJCf4BFwXhH31CBI3Uj4FS=

aYuB6nNPqre2Tv2Vp6AQFYTDYsNvlzcF1g1HEYAj-2FHz9b6vPjyX58-2FmsmbfBegtpBdVK7Ca=

BHw5a9kKBOjs6QwstvMppEqVjv7AEZc0p-2FC40sMsZnN4uwJrZfmBBuH2qe-2BVqrq3li-2BhQ=

J2ToR8kKOYpSQvTuu-2BYRT3xV0Hk2b5CV5S0yxW8-2FX4k19b0kulej7U" target=3D"_blan=

k" class=3D"Unsubscribe--unsubscribePreferences" style=3D"font-family:sans-=

serif;text-decoration:none;">

Unsubscribe Preferences








KcPmGZYDmBykh8zSgppscrG1a9-2FbnUZspF0av6mdLTg7APu65Yl-2FlT7gYWIWvlofAwKkY-2=

F2ptfbkc7w8h-2FPFa6xEfU55tVw9pxqAkjKcoCM5xYrUadMDhNOM92fWIv17g9YhozDkR7CnSO=

MIJP9RO5yoLFpG0odCCEIUuSEQeWJoZmer7GKQCFvi7KWpszBjiz3wG86YQf8OJV4WGU2otqbNl=

TGWy08lrf2YjBtkAFjmconj0arhmUvGhLy9N5F9EHYsNTXlSvPlO0LgzwfkAohw6DACE2diDdQC=

VPYXTfL8LSqlg7rzpZuf1gIDOTLTKs2ETE7J8Ps-2B-2B-2Bq77trjs2F1cJ4kxyACJWW3yW7T-=

2BadhJgQIuCS988mxr-2BvipsHNvl-2F40Oa5X4yNofJPje8kUWyYTP-2FwW-2BSpyXjDAQqCK-=

2BE4GpdAiJ5LbnUimvgruOzDnzQctAEuuGsqhgt-2B1kdpqkPaLNvJ8iipSyDXSWL6DBJZabFI8=

ZXR-2FceUUwz-2BQ-2Fq0kwMYVAaLHUI9QAf5lyeoYADJk79UoH3ne9-2FINDrzWheIpZVTMi6D=

5sIrqXH50aNr1c9IO05FmK-2FvPFeRVpfqG7i4Q7h8WXssjkASp8dl5214cnKqoKTUQ6OuQdJEP=

IOqYEIgseqkaTwnVlag8zIzfE6f43T5xL-2F3uQEJCf4BFwXhH31CBI3Uj4FSaYuB6nNPqre2Tv=

2Vp6AQFYTNXKf3Nv14Mvno1Fv4UoeyLhTQzRZJdcjGPHWxsdZxVWEF-2FwxT589G4vwYbnbFb8E=

YRseoaxYY9H21Z2Qer3sDHZscbVKvp4Jk5ZR0oCIegkE4bi6gHQR9b4aHIG39PeCsp0ksw1lTf0=

ozDib9Fstze-2BGbJAFjxOX2Hm7N3zU2iw" alt=3D"" width=3D"1" height=3D"1" borde=

r=3D"0" style=3D"height:1px !important;width:1px !important;border-width:0 =

!important;margin-top:0 !important;margin-bottom:0 !important;margin-right:=

0 !important;margin-left:0 !important;padding-top:0 !important;padding-bott=

om:0 !important;padding-right:0 !important;padding-left:0 !important;"/>
ody>





--a18d471ede0c418b3f09e860a8bd0fde037b1431d9ac9a52e255e1ae537f--

B2B Phsh from Sendgrid.com Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 09 Apr 2026 04:52:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAmyg-00000000Del-2NXV

for dave@doctor.nl2k.ab.ca;

Thu, 09 Apr 2026 04:51:14 -0600

Resent-From: The Doctor

Resent-Date: Thu, 9 Apr 2026 04:51:14 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from wrqvqfdr.outbound-mail.sendgrid.net ([149.72.79.213]:35692)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAjVu-00000000Bh1-2liz

for root@nk.ca;

Thu, 09 Apr 2026 01:09:30 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=acmeglarssorlando.com;

h=content-type:date:from:mime-version:subject:reply-to:list-unsubscribe:

list-unsubscribe-post:to:cc:content-type:date:from:subject:to;

s=s1; t=1775718444; bh=81/HUfPNQrK5bGH1AFVlqmTNSJ2QBozwDbahtbYdPW8=;

b=G/Mm1eytkgoyPAkrXr9H4XawKLSOkhbmzYt0b4fifV/aQWRU9l76JUTeZn3glH2prUtb

ycOHRhsdWYfOK0YfYZqPNQKHFNMoEIMUFcw1TDTy9bcWgfZf6sDuxe7JrTNse4CTSBX3yW

25dRV1II/vb73L+7zAYiTpJDh1iy4YkQqK4GJrkVO4rZMUJUqQBWzbspElUiK2fnEE4xOd

/VxK0TKoqeZVpFaCye8yMtDVsaq79Q9ZKJBJrAO6uC2raTx6FB/87VLnimT756l37arYaT

VXgT2nrAXkHll9vOjrlr3LIHE7y3FrHgAaAX7sEq0j3Q1ZHjiHao6qZF+YaN5+lA==

Received: by recvd-59f49dd4cf-dzlw9 with SMTP id recvd-59f49dd4cf-dzlw9-1-69D75028-1B

2026-04-09 07:07:20.397621549 +0000 UTC m=+814220.721582850

Received: from NjE5NzgxNjI (unknown)

by geopod-ismtpd-98 (SG) with HTTP

id Q44hFqWzT_ukw3RSsB7w1A

Thu, 09 Apr 2026 07:07:20.343 +0000 (UTC)

Content-Type: multipart/alternative; boundary=a18d471ede0c418b3f09e860a8bd0fde037b1431d9ac9a52e255e1ae537f

Date: Thu, 09 Apr 2026 07:07:24 +0000 (UTC)

From: SharePoint Online

Mime-Version: 1.0

Message-ID:

Subject: Document Review Request - B2binvestment

Reply-To: sharepointonline@acmeglarssorlando.com

List-Unsubscribe:

=?us-ascii?Q?=3Chttps=3A=2F=2Fu61978162=2Ect=2Esendgrid=2Enet=2Flu=2Funsubscribe=3Foc=3Du001=2EqCIp?=

=?us-ascii?Q?25DZreyr52EfIIGMlgkR0Mn3RymGM1wXPWyFkjA?=

=?us-ascii?Q?=5FY4jwIBCXLkB2YwW2-Iu3fJ9vasG25kh8to7=5Fw2?=

=?us-ascii?Q?qqsDAg96kdMlwYK2SDSn7nqAdv=5FzGShkeJ4G62O?=

=?us-ascii?Q?1bP8mVnDSjzWor=5FGx8nZBeJIu8Hpfs-Wt87hmgP?=

=?us-ascii?Q?8qPzOQCqE2D-AuTlFsWK6g00NxwRQOoKdxBBKIV?=

=?us-ascii?Q?AnrNGir=5FoWw2r3y1UxT3mLO8jZ8Eq-I681g49PI?=

=?us-ascii?Q?2gNsd0jwe0-NNuMhK3xG29trsGVvqOAD-E07wB1?=

=?us-ascii?Q?NhjLycJ5ALQhkuWFI53PUo9Hgn=5FUXhHIryxMRMJ?=

=?us-ascii?Q?wkhLITwIMqg3SjEcO49ifnx189mWT7No4OrlC8v?=

=?us-ascii?Q?PspI=5FZUVvizSLqgm=5FfPYLYKPT9CM0cFZl-zP=5FjV?=

=?us-ascii?Q?Hk-YSlbAaP92ej67oX-WXM4CCAq7yrJGZL-rc9O?=

=?us-ascii?Q?eJYXoiBgYxoW4Zwy2KYhC2HdJYDq8qQ-kCtmkyS?=

=?us-ascii?Q?8N9dd3A4PCtjb1iDwM0=5FmKYnLKQZTV4dGyIV8pD?=

=?us-ascii?Q?WjaZGk6x7-zO4SpEs8SvZL5NMbyGRiIaKlK7SvQ?=

=?us-ascii?Q?w7Try2FbCywOz1ZHFhNmHPX6Z=5FFar44d=5FLxF3Zh?=

=?us-ascii?Q?9gZIjVoHQUHKRZyGq2RL0pm0tyg=5Ff8en2KQ=5FKRW?=

=?us-ascii?Q?=5FFYmTJJUas3IP1FvxX0dVAUdDLct8Rz1Mtf6Jef?=

=?us-ascii?Q?KQqNwBVYinlJpPtj-ojYkL4erOy=5Ff8VkjRxWWy1?=

=?us-ascii?Q?xRbXkcoRv6mL2u8HaNDi-0nRFl7vDwS6GdI7ZNa?=

=?us-ascii?Q?qAi8wG0ipM1aYDVQCqNTN8KuQ9AT-SVpGxicKs-?=

=?us-ascii?Q?5xeHevnATUKFTw-GZE=5F8o94g8VQawuD1wWE=5FBo4?=

=?us-ascii?Q?=5FKMeQFa6dKIMgrzha5uwprrCciLtyD-x67GYpGN?=

=?us-ascii?Q?hfqd6RknwlIr=5Fqj39NEKvqjJzB0UHgyG3=5F7ZfTs?=

=?us-ascii?Q?cpKCiOG-c0yCfxCFPgjYzDdIhKpAt0KTf1vLa12?=

=?us-ascii?Q?uB9SeoVmAB-wDpxT=5FY9k85zuCI50MDmP6RK7MlC?=

=?us-ascii?Q?tCQTzX5Zw-ezx93fwLUA7R=5F-UO0nRtJPgO98slt?=

=?us-ascii?Q?ajPvS-whCLfnWIv2T-pYFOi=5FRBtsSLwmrb9hhE=5F?=

=?us-ascii?Q?v4JbyRAv97nXuxTyrJXr4sPErvmnYmnPbvcOqdp?=

=?us-ascii?Q?n9Vvg4-GOwAoj=5FyMKS7DwhYUFQt-8ZgAtWmVYyz?=

=?us-ascii?Q?DjOLkm2e48TL6TjNwI4obNbAklefL6Xb8y1zJih?=

=?us-ascii?Q?8kbgkPUQRrC1G8R4On-W6MvdMc4Qx7ff3bQ0xLx?=

=?us-ascii?Q?QdcLxWHyEdnWMIiF5ACxswHb4gz1025aP37JjDK?=

=?us-ascii?Q?KOqOLPOAMmUQuNRaaxh8aE1yDfITxkepNYvlnuu?=

=?us-ascii?Q?d-Jqf2ADJ9=5FLrhI8gpPD0nW0FsaReUmBc7aRk15?=

=?us-ascii?Q?4Sdk2vLUfVrsvcvIU17meFqbABqXQhh=5FZjIw=3E=2C=3C?=

=?us-ascii?Q?mailto=3Aunsubscribe=40em128=2Eacmeglarssorla?=

=?us-ascii?Q?ndo=2Ecom=3Fsubject=3Dhttps=3A=2F=2Fu61978162=2Ect=2Ese?=

=?us-ascii?Q?ndgrid=2Enet=2Fmt=2Fu=2Fu001=2EW1a=5FoOi1SBn4=5FfUmm=5F?=

=?us-ascii?Q?-bn4WDYBfOlaf0c0maCsEqLVI=2F4pn=2Fu001=2EnQov?=

=?us-ascii?Q?K8qM=2Fu001=2Ep7ggpGYbNHJ4vKUM-2FW9CPnBeZzy?=

=?us-ascii?Q?xd2AM24oVDqSCQyQ7okK2WzCPTSFNqQsNV-2Bhn?=

=?us-ascii?Q?yn6RBim2FZZumwwXnXhGRPZiy4ZxRJBNggaUHCp?=

=?us-ascii?Q?rb5gjLScH6svxP0KcOqZmfx501AyXk4Bl7xXxNz?=

=?us-ascii?Q?4OA-2FQoKcFG-2Fb5Upq-2BbfrEkm5f3GfVHKzh?=

=?us-ascii?Q?lHqHve3hSHMWOvBobxDP1zTRvsycjzK4TEhOCCo?=

=?us-ascii?Q?wD1CENeEjL6pEWc1qF62i58ToSHwnpObQCYHUHy?=

=?us-ascii?Q?mcrfLk2jsX8wBDLCIXbna25yQI41rx-2FOqi-2F?=

=?us-ascii?Q?zLckfz0PN2L2rcyuvwMMGc-2B8TUMqPYS-2F45Z?=

=?us-ascii?Q?0aEzdCoUV0khFOihHE8s5AmrzLgswDX5YFaQ3bC?=

=?us-ascii?Q?vj8byqI645yprh6NQCvd99DySzts5TMR3NtL80g?=

=?us-ascii?Q?RBHrG40L7NnO1Zwu0lXHPQdXlTQoHPomQO8U7-2?=

=?us-ascii?Q?BtT0kdaBIcC5py2KrPEuPYhAVkMsIr0crSYPsTp?=

=?us-ascii?Q?4K4ItHKXqHubz1mk9Npjig501nWmoocQVnCC8sG?=

=?us-ascii?Q?ostXVmzeGNa4cIOT8ixddS6UkQtL18eIUEBYFmu?=

=?us-ascii?Q?CEefMMsEp1TWYq202u4PVV2RoD1en-2BfXJ-2Ba?=

=?us-ascii?Q?tjFFIChYCcaFHxq3rspWCzLc2Oe9OQUo9OdG-2B?=

=?us-ascii?Q?wSKUFoT6dTQoKOx3iF6e2IvqWPQgMiKJemlPJvV?=

=?us-ascii?Q?2jHg7ow-2BHaXxMcECX0ApsRNdcRmXowaQXCr0H?=

=?us-ascii?Q?TAZjuf93flLyHpgGEjurZ9xrtNrDxnFROfdvfml?=

=?us-ascii?Q?P3NS4BCzs5VJl0Ivm4QqtJVsWk-2FhjfI-2FfkJ?=

=?us-ascii?Q?bTCM-2BG72YFvPt6ssCuCu679YOVXULeOIWRW79?=

=?us-ascii?Q?FegXG2XoZWhO64O3gOTIwdMNUPTS0Jg-2FfNHy7?=

=?us-ascii?Q?EAO4j6BOjuHTdD6txVLKztORTfmyCQDhTiMqZk2?=

=?us-ascii?Q?dbQEJu=2Fu001=2EQz48KVUY=3E?=

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-SG-EID:

=?us-ascii?Q?u001=2ERslkeg+vitsRjJ37CtP+aw9+fO+7zivUbWjFj2F4Fy0vCIWYApEk7sGjg?=

=?us-ascii?Q?qtTeSVPkq6JLASJbn+qFHHv+IxdNV7xCaNsb+C7?=

=?us-ascii?Q?KX15A5a+T1ramSdhG9g+KYI+oLvkk2Y=2FpJgDbX=2F?=

=?us-ascii?Q?rl5qfoe3S60wq7agiOj5Zxsv3mMlMVANlLseYeH?=

=?us-ascii?Q?Gdf5lTPt0A03rilysaLUuS69d1tnCVSKHO2GAFv?=

=?us-ascii?Q?5K7kEntwAIkDNLOwUuv=2FswQNdONIou81yDIYPjS?=

=?us-ascii?Q?pxGlIksLzKKToCQtAuNpuQNBZA=3D=3D?=

X-SG-ID:

=?us-ascii?Q?u001=2EXwhBPNhCejkv4+fVosb2QVfR16Qxp9CrA7PjDe5zzeI=2F0IZCBsPXtgHbA?=

=?us-ascii?Q?oGIj+RskLxA4N2rJjSWrHfgX07tLOm0v5BUQcd6?=

=?us-ascii?Q?w3knjorGi7Hwu0WCOA5AFSvy0=2FwlG32=2F6JptEoA?=

=?us-ascii?Q?di8mhfU8l=2FzJayjGYDilwvAW9zM189l2c01vRZu?=

=?us-ascii?Q?HZZbO4RwpJ8ZH6t271AwX0QtUyrI6rQiyEDKUi1?=

=?us-ascii?Q?YjYsxNwmvKm3qbUajtifTBujk8aBnYIbNei7c6c?=

=?us-ascii?Q?lvNVQ0ZVMb4CoTHeesNXeYDgRdLfKumprGwwgMM?=

=?us-ascii?Q?AOm3YI0a5mL0UySwCTs8yDyB084OpPi5tevfbdV?=

=?us-ascii?Q?TD1ItmSiur71kxRwigUDrJfv9gZsJh8rL+6RlLq?=

=?us-ascii?Q?DDUkQoDddx8kdGSnT+dRJDkruHiHy8Fnl=2FOwj5H?=

=?us-ascii?Q?NrmRvvF4iOX6e=2FE+iKPt6ZWfK4DfjUSK8nNgPmk?=

=?us-ascii?Q?uZBwxdnTKJ6nov=2FT87ZyPIe8P8A2dY=2FhTdfu4MP?=

=?us-ascii?Q?h6vD+1SJvCh5juwz=2FKYTWmCeohqERh3qsMJGtKF?=

=?us-ascii?Q?8Z2rjoYrBfHr3gcJHZivQ3wDuHpSiDkZ=2Fs1uRWY?=

=?us-ascii?Q?lfqTPU+S3bi8ikIB52ytn70uwD+GiiHmTeXMLwU?=

=?us-ascii?Q?2Qx3WcVqI7p=2FzBu2+5UW1v80W1Q0ZaZLseah6br?=

=?us-ascii?Q?Jz7r4A1LElXTvjsyl5tpyLNToUZXFCvpW2lEdn9?=

=?us-ascii?Q?1HKi09Y9tNTT5W7UjNBexEf?=

To: root@nk.ca

X-Entity-ID: u001.vo95BbM1zPxHgG1NhhfEaw==

X-Spam_score: 42.5

X-Spam_score_int: 425

X-Spam_bar: ++++++++++++++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: B2binvestment - Document Review Request Hello root@nk.ca

, Please review and acknowledge:

B2B Phsh from Sendgrid.com Part 2

Posted by Dave Yadallee on
Content analysis details: (42.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[149.72.79.213 listed in dnsbl.ahbl.org]

[149.72.79.213 listed in dnsbl.ahbl.org]

[149.72.79.213 listed in dnsbl.ahbl.org]

[149.72.79.213 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[149.72.79.213 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[149.72.79.213 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[149.72.79.213 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[149.72.79.213 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[149.72.79.213 listed in will-spam-for-food.eu.org]

[149.72.79.213 listed in will-spam-for-food.eu.org]

[149.72.79.213 listed in will-spam-for-food.eu.org]

[149.72.79.213 listed in will-spam-for-food.eu.org]

[149.72.79.213 listed in will-spam-for-food.eu.org]

[149.72.79.213 listed in will-spam-for-food.eu.org]

[149.72.79.213 listed in will-spam-for-food.eu.org]

[149.72.79.213 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

15 GR_DOMAIN_SENDGR1 Received contains spammer id (sendgr)

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

0.3 LONGWORD BODY: Uses overlong words

0.6 MEGALONGWORD BODY: Uses really overlong words

1.1 URIBL_GREY Contains an URL listed in the URIBL greylist

[URI: sendgrid.net]

1.5 MR_STRANGE_QUESTION URI: No description available.

15 GR_DOMAIN_SENDGR6 URI: Body contains known spammer URI (sendgr)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.0 IMPRO_URI_3 No description available.

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 IMPRO_URI_2 No description available.

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

Subject: {SPAM?} Document Review Request - B2binvestment



--a18d471ede0c418b3f09e860a8bd0fde037b1431d9ac9a52e255e1ae537f

Content-Transfer-Encoding: quoted-printable

Content-Type: text/plain; charset=iso-8859-1

Mime-Version: 1.0



---------------------------------------

B2binvestment - Document Review Request

---------------------------------------



Hello=A0 root@nk.ca ,



Please review and acknowledge:



Contract Agreement - B2binvestment

Ref: HkSeskLU-363421



Review at your earliest convenience.



View Document ( https://bj4c8ab8nz0a82a7cyba66gs.vercel.app/?web=3Droot@nk.=

ca )



Sent to root@nk.ca

=A9 2026 SharePoint Online



SharePoint Online



15600 S GEORGIA ST , AMARILLO , TX 79118



Unsubscribe ( https://u61978162.ct.sendgrid.net/wf/unsubscribe?upn=3Du001.E=

tyC8XKcPmGZYDmBykh8zSgppscrG1a9-2FbnUZspF0av6mdLTg7APu65Yl-2FlT7gYWIWvlofAw=

KkY-2F2ptfbkc7w8h-2FPFa6xEfU55tVw9pxqAkjKcoCM5xYrUadMDhNOM92fWIv17g9YhozDkR=

7CnSOMIJP9RO5yoLFpG0odCCEIUuSEQeWJoZmer7GKQCFvi7KWpszBjiz3wG86YQf8OJV4WGU2o=

tqbNlTGWy08lrf2YjBtkAFjmconj0arhmUvGhLy9N5F9EHYsNTXlSvPlO0LgzwfkAohw6DACE2d=

iDdQCVPYXTfL8LSqlg7rzpZuf1gIDOTLTKs2ETE7J8Ps-2B-2B-2Bq77trjs2F1cJ4kxyACJWW3=

yW7T-2BadhJgQIuCS988mxr-2BvipsHNvl-2F40Oa5X4yNofJPje8kUWyYTP-2FwW-2BSpyXjDA=

QqCK-2BE4GpdAiJ5LbnUimvgruOzDnzQctAEuuGsqhgt-2B1kdpqkPaLNvJ8iipSyDXSWL6DBJZ=

abFI8ZXR-2FceUUwz-2BQ-2Fq0kwMYVAaLHUI9QAf5lyeoYADJk79UoH3ne9-2FINDrzWheIpZV=

TMi6D5sIrqXH50aNr1c9IO05FmK-2FvPFeRVpfqG7i4Q7h8WXssjkASp8dl5214cnKqoKTUQ6Ou=

QdJEPIOqYEIgseqkaTwnVlag8zIzfE6f43T5xL-2F3uQEJCf4BFwXhH31CBI3Uj4FSaYuB6nNPq=

re2Tv2Vp6AQFYTEpsFqYCVVt-2BmWbxf95sUl4Iu7NRcudB7V2PjqniY0lyzZACnIgN2HenHn37=

VhJljhlyo8yBnoiTFvrFrRJEiGLrndT8YwiHTbP-2F1TXUFF4MEMU-2FgD8KzxZBcq-2BaUzd1w=

1GLQvzEqYoEIs7uxiNuOYpeJ04ifgBsL-2BmROtu7LkRh ) - Unsubscribe Preferences (=

https://u61978162.ct.sendgrid.net/wf/unsubscribe?upn=3Du001.EtyC8XKcPmGZYD=

mBykh8zSgppscrG1a9-2FbnUZspF0av6mdLTg7APu65Yl-2FlT7gYWIWvlofAwKkY-2F2ptfbkc=

7w8h-2FPFa6xEfU55tVw9pxqAkjKcoCM5xYrUadMDhNOM92fWIv17g9YhozDkR7CnSOMIJP9RO5=

yoLFpG0odCCEIUuSEQeWJoZmer7GKQCFvi7KWpszBjiz3wG86YQf8OJV4WGU2otqbNlTGWy08lr=

f2YjBtkAFjmconj0arhmUvGhLy9N5F9EHYsNTXlSvPlO0LgzwfkAohw6DACE2diDdQCVPYXTfL8=

LSqlg7rzpZuf1gIDOTLTKs2ETE7J8Ps-2B-2B-2Bq77trjs2F1cJ4kxyACJWW3yW7T-2BadhJgQ=

IuCS988mxr-2BvipsHNvl-2F40Oa5X4yNofJPje8kUWyYTP-2FwW-2BSpyXjDAQqCK-2BE4GpdA=

iJ5LbnUimvgruOzDnzQctAEuuGsqhgt-2B1kdpqkPaLNvJ8iipSyDXSWL6DBJZabFI8ZXR-2Fce=

UUwz-2BQ-2Fq0kwMYVAaLHUI9QAf5lyeoYADJk79UoH3ne9-2FINDrzWheIpZVTMi6D5sIrqXH5=

0aNr1c9IO05FmK-2FvPFeRVpfqG7i4Q7h8WXssjkASp8dl5214cnKqoKTUQ6OuQdJEPIOqYEIgs=

eqkaTwnVlag8zIzfE6f43T5xL-2F3uQEJCf4BFwXhH31CBI3Uj4FSaYuB6nNPqre2Tv2Vp6AQFY=

TEpsFqYCVVt-2BmWbxf95sUl4Iu7NRcudB7V2PjqniY0lyzZACnIgN2HenHn37VhJljhlyo8yBn=

oiTFvrFrRJEiGLrndT8YwiHTbP-2F1TXUFF4MEMU-2FgD8KzxZBcq-2BaUzd1w1GLQvzEqYoEIs=

7uxiNuOYpeJ04ifgBsL-2BmROtu7LkRh )

--a18d471ede0c418b3f09e860a8bd0fde037b1431d9ac9a52e255e1ae537f

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset=us-ascii

Mime-Version: 1.0






=3Diso-8859-1">








style=3D"FONT-SIZE: 14px; MAX-WIDTH: 600px; BORDER-TOP: rgb(225,225,225) 1p=

x solid; FONT-FAMILY: Arial,sans-serif; BORDER-RIGHT: rgb(225,225,225) 1px =

solid; BORDER-COLLAPSE: collapse; BORDER-BOTTOM: rgb(225,225,225) 1px solid=

; COLOR: rgb(44,54,58); BORDER-LEFT: rgb(225,225,225) 1px solid; MARGIN: 20=

px auto; border-radius: 5px; background-size: initial; background-origin: i=

nitial; background-clip: initial"=20

cellSpacing=3D0 cellPadding=3D0 width=3D"100%" border=3D0>






style=3D"BOX-SIZING: border-box; BACKGROUND: rgb(27,42,78); COLOR: rgb(=

255,255,255); PADDING-BOTTOM: 15px; TEXT-ALIGN: center; PADDING-TOP: 25px; =

PADDING-LEFT: 30px; PADDING-RIGHT: 30px">

B2binvestment - Document Review Request






style=3D"BOX-SIZING: border-box; COLOR: rgb(51,51,51); PADDING-BOTTOM: =

25px; PADDING-TOP: 25px; PADDING-LEFT: 30px; LINE-HEIGHT: 1.5; PADDING-RIGH=

T: 30px">

Hello =

=20

root@nk.ca ,



Please revi=

ew and=20

acknowledge:




style=3D"BOX-SIZING: border-box; FONT-WEIGHT: bolder">Contract Agreem=

ent -=20

B2binvestment

style=3D"BOX-SIZING: border-box; FONT-WEIGHT: bolder">Ref:&nbs=

p;HkSeskLU-363421



Review at y=

our=20

earliest convenience.




0px">
style=3D"BOX-SIZING: border-box; BACKGROUND: rgb(27,42,78); COLOR: rg=

b(255,255,255); PADDING-BOTTOM: 10px; PADDING-TOP: 10px; PADDING-LEFT: 20px=

; DISPLAY: inline-block; PADDING-RIGHT: 20px; border-radius: 3px; text-deco=

ration-line: none" clicktracking=3Doff

href=3D"https://bj4c8ab8nz0a82a7cyba66gs.vercel.app/?web=3Droot@nk.ca=

" rel=3Dnoreferrer=20

target=3D_blank=20

data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps://youtub=

e.com&source=3Dgmail&ust=3D1775236498354000&usg=3DAOvVaw0Efs7oD=

Xa4URW3OFs6046M">View=20

Document

Nigerian spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 08 Apr 2026 14:51:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAZrQ-000000002za-14WA

for dave@doctor.nl2k.ab.ca;

Wed, 08 Apr 2026 14:50:52 -0600

Resent-From: The Doctor

Resent-Date: Wed, 8 Apr 2026 14:50:52 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f66.google.com ([209.85.218.66]:41730)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAXpu-00000000Iwz-1LWD

for doctor@doctor.nl2k.ab.ca;

Wed, 08 Apr 2026 12:41:20 -0600

Received: by mail-ej1-f66.google.com with SMTP id a640c23a62f3a-b9838a498f1so256066b.3

for ; Wed, 08 Apr 2026 11:40:23 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1775673616; cv=none;

d=google.com; s=arc-20240605;

b=GGRgcd9sLgsfTsQWujXPgWzL4VVWKenvXN3HP0TH02dLIzhL0zHnUNxviWkF+8XQ67

UXoq+cg4ITKMCACTn2EsDZx9VVM7onIitLSiHZwSr3lM1iq0MijbLAN83w7mGv5Zpob8

U8SiPPZZ7UnEoqWJjoYSlA+EBrIH4CcQGk9M+jUbQ/0yEAH4e7c5BofVePFyOAttqZvn

rQ0WCm/Jaf5sqUCfW7VoSdOL3hWx8CUjYf/pInbKgxEK3lZ6ELLf56lMFGFmRXdq8p/c

VeHnYvgPEOXb6VhOr2Hv7TTJ6F09NzITcGoPU9fssu7t47Lf56off+pGKCBASO/LfUdd

TFEg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=rGzCevjTcu/hlQgGbS37QxvdDbxQXL95K8g0n2pTROQ=;

fh=rW8DAc1vn4xoAQ36Azpi/evThQ72T2Lq8ChEFLJ4IS4=;

b=E/Fv/xxCS1pU/otOWnwY2BfZuOMK9DQvAe+xQjbja/UBs9FfdE8YzQToszG4aDswFM

0BpQxKFNRptHKnLlHFoLkjm2BCePHYAa1hcv51gzdH8WLm9vcMPCHOetWc2SVs6E7az2

7O/M0+E2HhW7+JpILtF33jAyNfq7QZIXOmb3ntIxbpOCbo0i5gKXjs2pYOsSyqq9p6+L

jBpZrFqrBvvAcApPdlYBzMeAUgPWkJIIZQLL1iEqUWHdba3XGSTp5xCQSqf67jD6R4Dq

UVYGPrPaOgdCWkRnSZOI0T0M904vMfcZ0TcOzNNypgUQOCIbBWz+RDWCRAIyaEgJFy6R

TzIg==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1775673616; x=1776278416; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=rGzCevjTcu/hlQgGbS37QxvdDbxQXL95K8g0n2pTROQ=;

b=F4vPIjc+RRBZS45oIviB5K244IKHBHp6vsjqwStexcXA5/FFJ+d1B5jHYgE0X5vlqo

PkKqbJS2JGJiOeNBH/jGzA/yXLalWTRDy37+H0M3OjNgU3LIytaUN3heA7+nFjtuoIrs

nqK4TVRqKyPfqjpZ8P/1ttfgk6vGFWRJrjsqp6I2ZTK9Fnt6cdHWrLM0dTSKt8HgPBb/

bsL+jpRdXyuv6tG00a7Qdvx808vAcWRN6U6B7ZXz5KzOFxs000f/rgwq22VvV1mS0r12

i6SzTcelVoMSyEOU/l6EB+VSqqUaqPJQlA5e0y9Rb332KWGw3zkfvI/CLTT2hFJE6zpp

dcGA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1775673616; x=1776278416;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=rGzCevjTcu/hlQgGbS37QxvdDbxQXL95K8g0n2pTROQ=;

b=qjxPmHAegZt42yTpCSXkIFFMaJtNGdmdq30DXlb4EyiYHDe/emrrQ+dX0rzISCcCnI

9HXyEMxD1THk2n5Iirfrd/D4FNil11TaUN1GLnc05R5TofuUNO2eX+SETUXouTcpPiFE

r15vArKw35fbBZxNmMhZZL5/W/WDEfI+KmdS1oSxalgZX+JQmciQagmZwdPygypCYb6Q

61p+weycwmJr5litYQ748CAPYYCqlCD5/THtjhyuQ9cZ7nGqttre7w+qRSFeKkWrwnIU

TeRY4ydiVClpIy/cM5tbIEbLHa6pyTlflKI1zaqWR8lP0crRp+4Ykka/sdD3UNNw3Me/

L80g==

X-Forwarded-Encrypted: i=1; AJvYcCU295MdZNkljNZkPXF1UkHKO0lySu23QPK5Sm/62XINYU2i7G7iEV3wbu1Xktp+18yiAZGKcDE=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YzneCP02mxV9Inz9FzmUDGeDwfhJ7uduXiqQHBeRAMyuAZs00Fn

joGI1fURJM4XUSoefoIigtK8BRaeXOXVYUOd7Z6tVQLsgTGRi46Y3qpTLpEGCkJLjhZOg4DPdYF

2sPE7S3Tsctly1pkZOy+XBpASv+WAYwc=

X-Gm-Gg: AeBDietwFy2dvPgRdo0k0K4cRPBEJGZiwO1pgTSNr4UTXN4Wrp0s473mJVD4zEjALtV

d6KXg8BFs5Yod41FXIkJOHbXR0tpTp6n469/BIWZabEY9oesLLOsyql0CxqmoPJ9LvBxUSoz9xO

MOppgs4gKr8lbm9ef4BqpMqL+ICf9mlJoC1SHwXIRr+VW2qr9E36rArgTs6QHUTl1vsysCdgN0G

yZsT4wqhes+PoxoNOQvaN9Ds58vklq6JNSlP1+6DllBAOa2GayI/QAA3Z/Xe94vsurhF11l+VPp

SfO8LfQ1

X-Received: by 2002:a17:906:549:b0:b9c:fc84:943 with SMTP id

a640c23a62f3a-b9cfc843516mr173402466b.8.1775673615892; Wed, 08 Apr 2026

11:40:15 -0700 (PDT)

MIME-Version: 1.0

From: "MR.NABIL."

Date: Thu, 9 Apr 2026 13:40:27 -0600

X-Gm-Features: AQROBzA0wCrBColuOf7W9vnJAfS5OiHvgAi_kQe1C1QtO5Re91wsSVSZu1A-tFM

Message-ID:

Subject: `Positive Reply

To: mr.nabilmhassan@gmail.com

Content-Type: multipart/alternative; boundary="0000000000001cc391064ef73bc7"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 7.7

X-Spam_score_int: 77

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: *My name is Engr. Nabil Hassan. A former senior worker in

the Syrian Ministry of Petroleum and Mineral Resources. I am looking at possible

cooperation about investment projects with you in your area. [...]



Content analysis details: (7.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

[209.85.218.66 listed in dnsbl.ahbl.org]

[209.85.218.66 listed in dnsbl.ahbl.org]

[209.85.218.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.218.66 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

[209.85.218.66 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.218.66 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[mr.nabilmhassan(at)gmail.com]

1.2 DATE_IN_FUTURE_24_48 Date: is 24 to 48 hours after Received: date

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.218.66 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.5 HK_NAME_FM_MR_MRS No description available.

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} `Positive Reply



--0000000000001cc391064ef73bc7

Content-Type: text/plain; charset="UTF-8"



My name is Engr. Nabil Hassan. A former senior worker in the Syrian

Ministry of Petroleum and Mineral Resources. I am looking at possible

cooperation about investment projects with you in your area. I wish to

relocate my investment capital to your country. Any viable investment idea

you suggest to me will be considered.Kindly reply to discuss this further.

RegardsMr.Nabil, 69, years



--0000000000001cc391064ef73bc7

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



My name is Engr. Nabil Hassan. A former senior worker i=

n the Syrian Ministry of Petroleum and Mineral Resources. I am looking at p=

ossible cooperation about investment projects with you in your area. I wish=

to relocate my investment capital to your country. Any viable investment i=

dea you suggest to me will be considered.

Kindly reply to discuss th=

is further. Regards
Mr.Nabil, 69, years




--0000000000001cc391064ef73bc7--

Independent representative opportunity spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 08 Apr 2026 14:51:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAZqw-000000002uw-480J

for dave@doctor.nl2k.ab.ca;

Wed, 08 Apr 2026 14:50:22 -0600

Resent-From: The Doctor

Resent-Date: Wed, 8 Apr 2026 14:50:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from relay.b92.net ([212.102.130.72]:40384)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAZdY-000000001Hf-49pO

for support@netknow.ca;

Wed, 08 Apr 2026 14:36:43 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=prva.rs;

i=@prva.rs; q=dns/txt; s=nesha; t=1775680535; h=from : subject : date

: message-id : reply-to : content-type : mime-version : from;

bh=VxUBEUmBUaHTHdgH6JFZZO6bd8SLeakBHHVPo7Bi9dU=;

b=R249JwpqD6YoCcz5f0gwSAE2LPWqfqKdWQ6gHUeuB+BDLYcNOsEFSPjwlRQ3odupmV/tR

7pvmc8AEK22CS0pycoX2E8GywJ0CXh7dSTUMT6K2aEyMmJtQJvprzsfashFtJRN/FseHNRK

DiK4C4yf1ndLfoYD2Vj+sMuYAbFzGJ+HXMWpEI43YwXyg8F0buk5AtaQcU5+dqAoq6TX2Ft

8pE2xla1TYmsFHqXh1GbGYxaaEnsgjz8QZoB6cBg8h4lt5NY7mTeNe+PkJEsk/FkD/0p8uh

6ymq1PS3RnByFKaNMmKoRLRXCYKldIaccRZC0N1keyyblw0WVxvj4+t4VqHA==

Received: (qmail 16261 invoked from network); 8 Apr 2026 19:50:52 -0000

Received: from unknown (HELO mail.prva.rs) (212.102.131.22)

by relay.b92.net with ESMTPS (ECDHE-RSA-AES256-SHA384 encrypted); 8 Apr 2026 19:50:51 -0000

Received: from MBox2.prva.rs (192.168.110.22) by MBox2.prva.rs

(192.168.110.22) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Wed, 8 Apr

2026 21:50:52 +0200

Received: from MBox2.prva.rs ([fe80::bc16:aadd:91d9:aa1b]) by MBox2.prva.rs

([fe80::bc16:aadd:91d9:aa1b%15]) with mapi id 15.00.1497.048; Wed, 8 Apr 2026

21:50:52 +0200

From: =?utf-8?B?RHJhZ2FuIFBhbmnEhw==?=

Subject: Independent Representative Opportunity

Thread-Topic: Independent Representative Opportunity

Thread-Index: AdzHjtSwy0KULVCPQH2dAnwLhw/n1AAAA3ywAAAAGwAAAAAVMAAAABswAAAAF2AAAAAagAAAABjgAAAAFkAAAAASoAAAABcwAAAAGTAAAAAa8AAAABlQAAAAGeAAAAAdsAAAABnQAAAAHHAAAAAZYAAAABfwAAAAFfAAAAAWgAAAABew

Date: Wed, 8 Apr 2026 19:50:51 +0000

Message-ID: <052c98d0d1634b66881111c56055ff8e@MBox2.prva.rs>

Reply-To: "Minato.N@tanaka-kico.co"

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-exchange-transport-fromentityheader: Hosted

x-originating-ip: [85.203.20.24]

Content-Type: multipart/alternative;

boundary="_000_052c98d0d1634b66881111c56055ff8eMBox2prvars_"

MIME-Version: 1.0







Tanaka Kiko Co., Ltd., a Japan-based manufacturer of industrial machinery equipment, is currently expanding its presence in the North American market. As part of this initiative, we are seeking a qualified Independent Representative in your region.



This opportunity offers a flexible, part-time arrangement, along with a competitive compensation structure that includes both salary and commission. We believe this role may align well with your experience and interests.



If you are interested in learning more, please feel free to reply directly to Mr. Minato Nagi at: Minato.N@tanaka-kico.co for further details.



We look forward to your response.



Kind regards,

Dragan Panic

Independent Recruiter

































































































































































































































































































www.prva.rs



Dragan Panić

Snimatelj

Prva Televizija

T: +381 (11) 2091000

M: -

E: Dragan.Panic@prva.rs

A: Ikarbus 3 Nova br. 19,

11080, Zemun, Beograd, RS

Master Chef



This message and any attachment are confidential and may be privileged or otherwise protected from disclosure. If you are not the intended recipient, please notify the sender immediately and delete it from your system; you may not copy this message or disclose its contents to anyone. No employee of any member of PRVA or its Group is authorized to conclude any binding agreement on behalf of it with any other party by email without express written confirmation signed by PRVA or its Group’s authorized legal representatives. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of PRVA or its Group.

Bell Phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 08 Apr 2026 10:45:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAW1C-000000001lH-0oU9

for dave@doctor.nl2k.ab.ca;

Wed, 08 Apr 2026 10:44:42 -0600

Resent-From: The Doctor

Resent-Date: Wed, 8 Apr 2026 10:44:42 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [196.41.122.39] (port=40584 helo=server2.imaxil.co.za)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wAVPT-00000000OTh-23Eh

for doctor@mail.nl2k.ab.ca;

Wed, 08 Apr 2026 10:05:52 -0600

Received: from ec2-3-22-75-84.us-east-2.compute.amazonaws.com ([3.22.75.84]:57862 helo=EC2AMAZ-LUEV381.us-east-2.compute.internal)

by server2.imaxil.co.za with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.1)

(envelope-from )

id 1wAVOY-0000000FsTr-2T22

for doctor@mail.nl2k.ab.ca;

Wed, 08 Apr 2026 18:04:45 +0200

Content-Type: multipart/alternative; boundary="===============7284270896084063390=="

MIME-Version: 1.0

Subject: BELL_CANADA INVOICE IS HERE 08.04.2026

From: BELL CANADA

To: doctor@mail.nl2k.ab.ca

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - server2.imaxil.co.za

X-AntiAbuse: Original Domain - mail.nl2k.ab.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - panelman.co.za

X-Get-Message-Sender-Via: server2.imaxil.co.za: authenticated_id: nancy@panelman.co.za

X-Authenticated-Sender: server2.imaxil.co.za: nancy@panelman.co.za

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 18.2

X-Spam_score_int: 182

X-Spam_bar: ++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Bell | Invoice Reminder & Customer Portal BELL



Content analysis details: (18.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.4 MISSING_DATE Missing Date: header

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[196.41.122.39 listed in dnsbl.ahbl.org]

[196.41.122.39 listed in dnsbl.ahbl.org]

[196.41.122.39 listed in dnsbl.ahbl.org]

[196.41.122.39 listed in dnsbl.ahbl.org]

[3.22.75.84 listed in dnsbl.ahbl.org]

[3.22.75.84 listed in dnsbl.ahbl.org]

[3.22.75.84 listed in dnsbl.ahbl.org]

[3.22.75.84 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[196.41.122.39 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[196.41.122.39 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[196.41.122.39 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[196.41.122.39 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[3.22.75.84 listed in will-spam-for-food.eu.org]

[3.22.75.84 listed in will-spam-for-food.eu.org]

[3.22.75.84 listed in will-spam-for-food.eu.org]

[3.22.75.84 listed in will-spam-for-food.eu.org]

[3.22.75.84 listed in will-spam-for-food.eu.org]

[3.22.75.84 listed in will-spam-for-food.eu.org]

[3.22.75.84 listed in will-spam-for-food.eu.org]

[3.22.75.84 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

[196.41.122.39 listed in will-spam-for-food.eu.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

1.6 SUBJ_ALL_CAPS Subject is all capitals

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

4.2 DOS_BODY_HIGH_NO_MID High bit body and no message ID header

0.0 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts

1.8 COMBO_IMAGEONLY1 Appears to be an image only message

Subject: {SPAM?} BELL_CANADA INVOICE IS HERE 08.04.2026





BELL



CANADA'S PREMIER CONNECTIVITY PARTNER



Dear Valued Customer,



This is a courteous reminder regarding an outstanding invoice for your Bell services. To maintain uninterrupted access, please settle the amount at your earliest convenience.

📑 INVOICE REFERENCE

Invoice number BELL‑INV‑4521‑CA

Issue date 01 April 2026

Due date 22 April 2026



ℹ️ Please always quote this invoice number when contacting support.

DOWNLOAD INVOICE (PDF)



🔒 Secure PDF | Available 24/7 in your Bell account





Bell Pure Fibre™ Advantage



Upgrade to symmetrical gigabit speeds + exclusive 24/7 priority support. Use promo code BELLFAST25 and get 3 months free on any new annual plan.



Yours sincerely,



Bell Billing & Accounts Team

📧 billing@bell.ca 📞 1-888-333-1311 (24/7) 💻 bell.ca/mybill



Bell Canada Enterprises | 1 Carrefour Alexander-Graham-Bell, Verdun, QC



Reference: BELL‑INV‑4521‑CA · This is an automated service message. Payment reminder, no action needed if already settled.



🔐 Secure customer portal | Privacy assured