Web/SEO/App spam from Google Gmail Part 2

Posted by Dave Yadallee on
This is a multi-part message in MIME format.



------=_NextPart_000_6474_01DC7F2E.8AECA520

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hi sales@nk.ca,







Can you give me a few minutes?







Do you need a new website or want to improve your current one? We're a team

from India, ready to provide customized solutions for your business.







We use the latest technologies, user-friendly CMS, and frameworks for

designing a professional website such as: WordPress, Magento 2.0, Core PHP,

Laravel, Node js, Vue js, React js, Angular js and Shopify.







I'd love to share our portfolio and work with you to create something that

fits your needs perfectly. Share your ideas, or let me know your WhatsApp

number for quick communication.







Looking forward to connecting with you!







Best regards,

Geetha,











P.S.: If you'd prefer not to receive further emails from me, simply reply

with "NO" in the subject line.









------=_NextPart_000_6474_01DC7F2E.8AECA520

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =

charset=3Dus-ascii">
(filtered medium)">
vlink=3Dpurple>


style=3D'font-size:12.0pt'>Hi sales@nk.ca,


class=3DMsoNoSpacing>
style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Can you give me a =

few minutes?


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Do you need a new =

website or want to improve your current one? We’re a team from =

India, ready to provide customized solutions for your =

business.


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>We use the latest =

technologies, user-friendly CMS, and frameworks for designing a =

professional website such as: WordPress, Magento 2.0, Core PHP, Laravel, =

Node js, Vue js, React js, Angular js and Shopify.


class=3DMsoNoSpacing>
style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>I’d love to =

share our portfolio and work with you to create something that fits your =

needs perfectly. Share your ideas, or let me know your WhatsApp number =

for quick communication.


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Looking forward to =

connecting with you!


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>Best =

regards,
Geetha,


style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>
style=3D'font-size:12.0pt'> 


class=3DMsoNoSpacing>P.S.: If =

you'd prefer not to receive further emails from me, simply reply with =

"NO" in the subject line.


class=3DMsoNormal> 



------=_NextPart_000_6474_01DC7F2E.8AECA520--

Web/SEO/App spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:44:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8He-000000006KY-4Axv

for dave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:43:42 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:43:42 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pf1-f196.google.com ([209.85.210.196]:56730)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd5LZ-00000000Ecq-3tjV

for sales@nk.ca;

Tue, 06 Jan 2026 04:35:44 -0700

Received: by mail-pf1-f196.google.com with SMTP id d2e1a72fcca58-7e1651ae0d5so803965b3a.1

for ; Tue, 06 Jan 2026 03:34:47 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=websiteconsultantspro-com.20230601.gappssmtp.com; s=20230601; t=1767699281; x=1768304081; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=p0g4eQQtgRqcqkrwj45oeXPrKC01cs9XgZja8MBPATE=;

b=YHJD6aCTbahwcKlVT6x6R6wUlREdrmvlN6YVaKaGzvR/Tzq7uR/NSdDlX0T7iabKLb

9X8ueP3gipghyLXkRbujfyjZlqedTKLxZ23zA4koYMSFhpHaXbPOLu+SP9TGW4EY8EVk

NgCiNfAH3PfgTI3NfUngRheyI6LVA2M7kWOyJtgCkF768uHwfrHHWuIguuyd87iVcZpN

rz4R7aON1hs21F8Nwb4AhS6JoSz4CIfT38T6q/HoWGdT6hM+Ipe5MqBW//A0S/7wRmGq

Gd+jusBPKoO34WT/j0tP/y+6auknoR910Z1SF+wTi45cc6VRo6g/JftIMdvXd+Y2hcQd

stxg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1767699281; x=1768304081;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=p0g4eQQtgRqcqkrwj45oeXPrKC01cs9XgZja8MBPATE=;

b=h6gJ3WgsUesnIaW9Mcgc0Okb3R0g2pjFvKdcmSOTLefeK89N8GIBr5gOEiwenP50d8

M0oFA2u3rQoXDlofDbeYTK0diX7kKbW65AsrMXKHcU7lOrrMva/3vCGP7CJ3sIE4RWhW

X7oTNADJjeyBJcqCR4jWM138riFDpil/nWSblthzaxqfcE38oJTvhQ99gyeR8z1MrNKk

LkyA9L5BVEOn11MkyAQ6hoQHq0PGkUkWswit4kKyZ8trpCuZUzFfj6P+o+jelSbbJyy7

QOpkv+3OFKJZG6M2HICo8fiYBEEgxsEOXRRnr2vkhRCpgHFaFAt6rRydZe7ZRlgyG6oO

0avg==

X-Gm-Message-State: AOJu0Yx1wYYZYZcSCkLYQ2l8DkZSmpJ5/7mWHHopyiQFk83FHw/As0JW

l0eFT41QG5Km2Nb1mUAHAaOZlUA+BHLi+XPbvBkbSYrD+XKQlJn8ckCpiHiBrzDS4BPrxPD23zz

Mb1MEmdI=

X-Gm-Gg: AY/fxX4pU9sWu3ONP2cH4O5byW3/DvfG5IU9+ynW+iJr49vzOoyL/prJpvqQwUyMF30

gMu39vz5uV7Ljj8icOINdZrKCyGD1LBLlAZrSsoRwb59Uq/a+0j1Skr7GqNCbYAd5QH4hREdDkq

EbfnZfCK9A8v7YDQj+euIENz4KGckBSLi/cMUcMWb0GWZAjlJXVix79eUqy0Ldd9pSq9rEkasxE

mAPQIKLxOpmmZcBJWAe4tI+RevPJqJRcUV0P8gtcQrhm20jqFmLfmXevqsF4nHs/bPTKxbeyyub

dv2ak34KAF0XQ1JWfPOaqKpt6OpJmBMz7nHVj2dYE1i6jumlyaG+p2HsssPPs7MgXfTkcOWxP+y

ufCd8Og8d6BwvxAhpKs5EasmUBOVcOiw4ygdP7fgSZoMceMuq1HdNfChRyjsbZyNEuCyh/+YFNk

1cEz1Ba/ZxIRwoeYhKCEj2c7SLxMYOGJLN2SISwE1c

X-Google-Smtp-Source: AGHT+IHo9wvB2I2+YgiesFXGE1m1elNiNGYr8+mYfEHkMH4+Lu3NWK3AbYq34xd5rndGCD8QTaJWyw==

X-Received: by 2002:a05:6a00:4781:b0:81b:13c5:b6b2 with SMTP id d2e1a72fcca58-81b13c5c88emr79414b3a.33.1767699280555;

Tue, 06 Jan 2026 03:34:40 -0800 (PST)

Received: from DESKTOPSRTB37E ([2405:201:402e:a06b:54f1:bb97:f9bc:2d47])

by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-819c5edcd90sm1939724b3a.66.2026.01.06.03.34.39

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Tue, 06 Jan 2026 03:34:40 -0800 (PST)

From: "Geetha"

To:

Subject: Website redesign inquiry ?

Date: Tue, 6 Jan 2026 16:53:26 +0530

Message-ID: <647301dc7f00$71346920$539d3b60$@com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_6474_01DC7F2E.8AECA520"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: Adx+6EYEWKAecn+AT3OmFsIQs56Vzw==

Content-Language: en-us

X-Spam_score: 9.0

X-Spam_score_int: 90

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi sales@nk.ca, Can you give me a few minutes? Do you need

a new website or want to improve your current one? We're a team from India,

ready to provide customized solutions for your business.



Content analysis details: (9.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

[209.85.210.196 listed in dnsbl.ahbl.org]

[209.85.210.196 listed in dnsbl.ahbl.org]

[209.85.210.196 listed in dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.210.196 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

[209.85.210.196 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.196 listed in list.dnswl.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[2405:201:402e:a06b:54f1:bb97:f9bc:2d47 listed in]

[sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.210.196 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} Website redesign inquiry ?

Guest post spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on


0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[faithallan4165(at)outlook.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.4 MALFORMED_FREEMAIL Bad headers on message from free email service

Subject: {SPAM?} Re: Quality Guest Post ...



--_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,



Just checking if you=92d like me to share the guest post site list and pric=

ing details.



Best,

Faith



________________________________

From: Faith Faith

Sent: 12 June 2025 13:32

Subject: Quality Guest Post ...





Hi,



We offer niche-relevant guest post placements with contextual backlinks and=

original content.



Can I share the site list and pricing with you?



Best,

Faith



--_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Just checking if you=92d like me to share the guest post site list and p=

ricing details.



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Best,



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Faith



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">









x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_d=

ivRplyFwdMsg">


12pt; color: rgb(0, 0, 0);">

From: Faith Faith <FaithAllan4165@outlook.com>


Sent: 12 June 2025 13:32


Subject: Quality Guest Post ...


 





: 1.38; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;">


Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Hi,=




d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

We offer niche-relevant guest post placements with contextual b=

acklinks and original content.



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Can I share the site list and pricing with you?



d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">







d-color: rgb(255, 255, 255); margin: 0px; font-family: Aptos, Aptos_Embedde=

dFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt=

; color: rgb(0, 0, 0);">

Best,



edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">

Faith








--_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_--

Guest post spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on


=?Windows-1252?Q?aNMwakPvVMsTDqDasWwru25WcwX9IFa+WIJxopqUcWr24R5qKqCA7do2?=

=?Windows-1252?Q?ktmCpV9Yyyc8SuthYu0JZv3xJLyhOr2KAzllDm6al3rxT/So18pEf5nV?=

=?Windows-1252?Q?Qwit+41s3J/OgmpXsNyPdrv3h8+0fjgrlWL/KG0++kNsFkemBZXTyr5N?=

=?Windows-1252?Q?hUXgmbSXCXKAjDSYROz7Fcik2B7EQPSM757g+/hfmvKF/DpkBeXSwOOK?=

=?Windows-1252?Q?wWkP3sv3VtUPHXGx04wZnM+2/OiBUTSxpI+Ar04tebHph2GpNXg/u8TL?=

=?Windows-1252?Q?bFPETfA8nzPkFXgv1d5bos4cDmQWuGt7U4nfE82+73CvH0RtIEsOttnV?=

=?Windows-1252?Q?EVCZnstgYFSGZzG7f9Ca9d1aGmDY3v7afqgFDNsECHekwQBJwNwC6anc?=

=?Windows-1252?Q?I6l3DoJI/sHdlyfd9TUyrjcofi5k57HswqfGcBflfkyUWB33bvy8NqO6?=

=?Windows-1252?Q?8pgkHXy5ueLCwlFnCsD5PAHao51snN3Z1EGzezgRKfd0w9zMyA+k6mGD?=

=?Windows-1252?Q?cr+zL1IA+V7Jn4fj1v58TymmogI2bTR7B8Ls0ox9wCwLUmPulcKHLCpW?=

=?Windows-1252?Q?pHNZG18wIS1gcvHKMfkByvm45DbGdS4T1/GVOBCDgAikGTEe4N3ReQLm?=

=?Windows-1252?Q?FEBDAj+unZVvgSc5J5jCWaV8FvFeixi8XrIjDGsliFN4E/lbR7kQoyt+?=

=?Windows-1252?Q?UX4ecT4Cf7tjvEDOeMjK5CcCzUQuJi9ZO+ynI79LNPU8bKCpuovkBiDr?=

=?Windows-1252?Q?fedM3OgzCcEj0P4WExtLPUjE3ug+Hd/wU2sFeEw5m7JVcoDTKEWLZTHa?=

=?Windows-1252?Q?7ECdlIQpimnmtycapCJyXbsh8gVLpU/V9RdSN9opeZwcRBsRj4sbhWNl?=

=?Windows-1252?Q?HVJw8rdsAtp/fnMuDS22Rj1Vuz0Tke6CFsamPwOegQr4bXMN+ukHlHX7?=

=?Windows-1252?Q?cIR/3PuHWebZGR1JckVrtswA0xhau/M9XB8VBGAMTY+4AGbpz8BPTpRk?=

=?Windows-1252?Q?aVD8bzBJF84qbSDyQa4akePN0RAf9tIWWQz2jdB2MNZcvlfzR14cek4l?=

=?Windows-1252?Q?oN5Nl5grOoOK71Sd3t14D+YAU1ZCVoW1seRHBCsLMkY=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?Ap4iPGAVB33cbUpB07rblAL7+Bo6qNolsXh2E8GqpaqeRHiZpr2uIrNa?=

=?Windows-1252?Q?0TUj+zEf0X7n/2yZwhC0IuQRBOfqTWVnYkVtNRJHs66JnTl01T+PBZPP?=

=?Windows-1252?Q?wyhNHfIRmiTKWGPsJCgVDRckZzPyAhwSbW+qAYaazkqyGV2NNK1P9GxS?=

=?Windows-1252?Q?q2gklp24J4i+p116xB5dHbjS1Ad+k1kTqmapyozYZ4P6JI7WJjL2BBzI?=

=?Windows-1252?Q?MAtX2S8So4P1VCTrxg9tTvx5ncCfwvSgzewLKV1zxMtVCu9yq8sDFyHU?=

=?Windows-1252?Q?eo56BKSzQAr8ZsTf3GBNCVbSDo7ew0ulmR4pShAEKJTHl579Ym5kX1wt?=

=?Windows-1252?Q?TKuQ/ZdJXIUOSG5v3IkrXfLrnUrqC281J6c/SoS1GetRdju3r6L8O7yq?=

=?Windows-1252?Q?4SasR6o7YSrOiLkLa/WDcLalTfsx+6MDefJ9e0BH+k+wnPY9AWYQzqt+?=

=?Windows-1252?Q?lgwZmjrPvngAAHdycbOZwPYvDVsGjZysR69oonr8PtL13jaUyp0FInew?=

=?Windows-1252?Q?1RhelTP32XGne/nbu+eyI3psJ9zuxKKBZpV3a1weg2Aa3IMBU94h6TzD?=

=?Windows-1252?Q?dCYBEeHBAiesE7lHCCkSb2IiBEf01GXNEmdZLCUwYXEUTJqUAhB5yPhy?=

=?Windows-1252?Q?xHbrwo1U7EOi5tzHOenanj/O72jar3Kxpg1KiER0g9zd4sKY+38+CCys?=

=?Windows-1252?Q?ltPvBt1Tt55c/AjYY+KbaKHnflJs6eXiBT2g5sxuaDHEot22ltgNkFcb?=

=?Windows-1252?Q?/vUZrWnlhEeRmIB5RSIxM55rVr1tSq7TGwiDpVyniE/CqU1+CMt0lljx?=

=?Windows-1252?Q?n46xjhJxJM/GUWnhQD03BfFjGFXc0/9c5Cg+U2bPGRUoHQORyePrhC3J?=

=?Windows-1252?Q?Y75t1uvcZG0es21zwNU1ty9i+lnnbOTzCYwC6FQyJt5R+7YMj+q+AnjC?=

=?Windows-1252?Q?K8mcBMjDc3Rjm8Kviy0H74h41BDU9JsBTjvD8tmWKvw/rcHoVZy4kQqs?=

=?Windows-1252?Q?eXeUwtfwlK53/dW9fvo1wrEjNhXU2AJSI5lQjRCv+5Up+AGK0BplMYFC?=

=?Windows-1252?Q?LJ70LHlJHLFBJV10paZFLc7Epinw9VqCgnZnF4pb4/Gfbn4qD0bFHZm8?=

=?Windows-1252?Q?1GdljMYLf1tMYNFYzjEDWGaKi+Dx5FMIqCRuOUFpIkhZXuMtHrswu3jK?=

=?Windows-1252?Q?jdfIHlsgK5tJT1k0g5FT9EP01HrBrbx0dR9L5kKDe9Pd3Yh7xpW0BBkN?=

=?Windows-1252?Q?mdaq89GEt2z3HHwFUDEJe5Fng5L9/IDn8VOUf7mkRBUhMWFG0mrqjywF?=

=?Windows-1252?Q?SazBcKq5YYXkrdfVkaAtEJiqaDR+riPz833k6DngFLAhiK+Bsw8a5tEj?=

=?Windows-1252?Q?/NlSDym49Rb7LD1HLBIh2yLa5quV1fwHfZkuwoB4rGV2TGoBNFfDSa3L?=

=?Windows-1252?Q?Jnx+e8ydtCA9bc9H153vLtcYrkBcWJoGyLL84GjVOkGT5rggW+hi+l5O?=

=?Windows-1252?Q?Qe2M0kCc?=

Content-Type: multipart/alternative;

boundary="_000_PSAPR04MB556213CF209D1B1170C225B4C687APSAPR04MB5562apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: PSAPR04MB5562.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 5b3b3153-1b1c-412e-7142-08de4d13f602

X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2026 11:08:45.9651

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEZPR04MB5755

X-Spam_score: 7.5

X-Spam_score_int: 75

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, Just checking if you’d like me to share the guest post

site list and pricing details. Best, Faith



Content analysis details: (7.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

[52.103.74.76 listed in dnsbl.ahbl.org]

[52.103.74.76 listed in dnsbl.ahbl.org]

[52.103.74.76 listed in dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.74.76 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:5e:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

[52.103.74.76 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.74.76 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.74.76 listed in wl.mailspike.net]

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.2 MISSING_HEADERS Missing To: header

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[faithallan4165(at)outlook.com]

Guest post spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:44:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8HW-000000005sN-2xnf

for dave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:43:34 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:43:34 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19013076.outbound.protection.outlook.com ([52.103.74.76]:50131 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd4xA-00000000DVH-1zs3

for root@nk.ca;

Tue, 06 Jan 2026 04:10:31 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=vjXHaFA8D5Kdsav+KSyimsuCP2Tpmg4H0V6WTtMkBegJ80HIsK5yp4b0hwWAYjplhvxabqNCf46+sl78sJ1aCg2hkiIsrEu14spodqKauPLnPlkK4psbS+wdu3V33OyzQAFeyfzDmEGsxEmQGXUjkNVWCcw3Y2cvxirqBDpn5PNtSMYgP3eOe/iSwNoP9ob/h1vtbM3TPjkDutUzJ3ALv7DMRsOw3Iqm0tzeRNoQs9I+4o/eV7EWkOTVr1yb5+5NkRS4eGfocpSRBn6EHg1lsSQQifZylsw7MDz6TxkXuKReleU62VSat2S6SNISTGsajELVJZq/Pi8jSIpoia0P7Q==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=zZR2430Xo7rYt/Qfe2DS+ivfgO5O9nDmjvr34Vlv/p4=;

b=KaH1IvmTsUoyXW/JEe2QD7O4dIL8EMhrynhqNh0Ow+O+eit1qSt/XeM569hLmE3OU1vlw+hk68ky4ATrbOJM66TY7XcGOuNJW3Bnw1j1FMWBIMsAijXFZwUVVfjnisf3MrFsyk5bscAsNQddQY8plv/yRDRotgWahZhHTSZECVC4A1q2SAI2OB6Tm6biRZT2owXtsJZYbnByiUFtR/dLRti+53JiPSBr9GHQzE82lvWaG+s4ECPX0eYM4il+Dl9YBgxbsn3Mcp3rJRtzaE4+hHYqDhVOy8uwpBe1xkiWihf/i7SW2mSFne2Id6xmeYQxd7iTNeMcQ7aagONfDrKqdg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=zZR2430Xo7rYt/Qfe2DS+ivfgO5O9nDmjvr34Vlv/p4=;

b=POSJW2NBj56aiN2dnJnHYOHwSoQZJm+qm0pF6wK0vo0Oz/O8GI1otJy71iBPb9Vr2tMmAkjTRBOVHC2vSjNkKqlfEja/BJ2gN+VajJoPGv+plsiDDZDDEPfdGwLoGE+gd+VrpaDUkvhvPixXKY5gHg2TinNpUgfQxfek5DIXkDf5O/Fqt1J7s8vok9dtkJmbRSWLwGGq00W/YO5cOX4O0nmDqFMmQEwRmLHVHiLd/q11yx70aGVxBr18JzhztXNVewGD7QCLzLaqFKuP2x6dYI9aa+BVnjZFWGdp7cx/nOjCDMpm7dwfo149CoVz9WoCbD82EvjlrXWVZjft9f+a5Q==

Received: from PSAPR04MB5562.apcprd04.prod.outlook.com (2603:1096:301:5e::13)

by SEZPR04MB5755.apcprd04.prod.outlook.com (2603:1096:101:76::13) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.5; Tue, 6 Jan

2026 11:08:46 +0000

Received: from PSAPR04MB5562.apcprd04.prod.outlook.com

([fe80::82d3:ef54:6a90:4393]) by PSAPR04MB5562.apcprd04.prod.outlook.com

([fe80::82d3:ef54:6a90:4393%5]) with mapi id 15.20.9478.005; Tue, 6 Jan 2026

11:08:46 +0000

From: Faith Faith

Subject: Re: Quality Guest Post ...

Thread-Topic: Quality Guest Post ...

Thread-Index: AQHcfvzTj1fnXCpMPU+kX3JL4qwjjA==

Date: Tue, 6 Jan 2026 11:08:45 +0000

Message-ID:



References:















































































































































In-Reply-To:



Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PSAPR04MB5562:EE_|SEZPR04MB5755:EE_

x-ms-office365-filtering-correlation-id: 5b3b3153-1b1c-412e-7142-08de4d13f602

x-ms-exchange-slblob-mailprops:

vQx3cGk1+xyiCoX0rGkknntYwB8EQIyP52/THZDhk/9ssjGaScNBkI/jmOdZ/PXcb7Nx6QmJ3I17TOpHpr6yL8Yoain5IHn0ed+InCv+cLZBXyKw/vt/gbrOXUmv3MutYQ3Ao/AS5j9kaWEy11TPg6UH3LD8aeJxN931e+lkROTIHftfpKzMlLkWTSNbba70bj8j+9CyAYJc70WEx+2uLCjVeXkLcTdyCbvVZmTsLK+qatozRLgX+DjZB5aWt2h0lHCsf2fwceSujS1zUgS/nJ4jV21UKp6x6ESh9xM+pIbjm5nO20zMd+iTlY1DKnQ8AI0WNX0HM6kI04Se86WWm+m20II/BzNpfz3mwBWi3PmFyoxFmyIlpNQR6iELPVKFzK3zuvt3GuWqYZZg2zwPmbY71PbNnjl3SEy8cPsKfu/uYzRmJAPgAyzswjvlMRG1K0vw0tIk6aAZ6P0ksnllNUBIWtXp5PEiwXkYkHq4rOZhzD8QvPZCcOoqXBMT4Mfkh8dm7U6cmmY8Qcl884BPcFEeHKY4spzSMF9BJuDW1ZoIjKGkZEqjriZqe+yphWezYCPvmyNUy9l3WkfTcCRb/plStNvQSDXE0dAf1XPtJqM=

x-microsoft-antispam:

BCL:0;ARA:14566002|8060799015|7071999006|8062599012|39105399006|19110799012|20031999003|31061999003|15030799006|15080799012|461199028|56899033|440099028|3412199025|39145399003|40105399003|41105399003|102099032|12091999003;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?bCtauE6eFccD611dtYWzK4T9Zts+aJvWbEVG6boGk7HLxWrvHq0abG8U?=

=?Windows-1252?Q?GutpQNkKnZj1icHQHfzxNMUxFb23rL61IhiARuElrmLkS/jOkmSz/XJi?=

=?Windows-1252?Q?hkcztjVpSanjMSso3gs+h1OSBGRc2+oull+1jltYBI5RRsn/f9e8VSqX?=

=?Windows-1252?Q?qkc1YSkJ4Y4jGtKi0aiyXAJIk8LAspQrMwpvsEoptbytdazBkNr0QvPC?=

=?Windows-1252?Q?eHFe5qtoH1DYXmgQpX5eDBOsZDx5yes5kkfGn+EvEW6Tsj508zCYvoTA?=

=?Windows-1252?Q?ln0RVb4xcj8tsO6o2aitsCurhGdu0GgsDtquuHGzGXq4VUrp8UOGvFUY?=

Ukrainian romance phish from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content preview: Start Meaningful Conversations — TrueLoveNow 💬 Start

Meaningful Conversations on TrueLoveNow Hello, At TrueLoveNow we believe in

quality over quantity. Meet members who are serious about building connections

— not just collecting matches.



Content analysis details: (8.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

[52.103.12.18 listed in dnsbl.ahbl.org]

[52.103.12.18 listed in dnsbl.ahbl.org]

[52.103.12.18 listed in dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.12.18 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:131:0:0:0:13 listed in]

[will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

[52.103.12.18 listed in will-spam-for-food.eu.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.12.18 listed in list.dnswl.org]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[lyno4com(at)hotmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.12.18 listed in wl.mailspike.net]

2.6 FSL_HAS_TINYURL URI: No description available.

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} You're invited to a watch party!



------=_NextPart_000_9070_FB412067.3342CDD4

Content-Type: text/plain;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Start Meaningful Conversations =E2=80=94 TrueLoveNow

=F0=9F=92=AC Start Meaningful Conversations on TrueLoveNow

Hello,



At TrueLoveNow we believe in quality over quantity. Meet members who are s=

erious about building connections =E2=80=94 not just collecting matches.



Detailed Profiles: See values and interests up front.



Smart Search: Filter by interests, location, and lifestyle.



Supportive Community: Moderated and respectful members.



Take the first step =E2=80=94 your next conversation could change everythi=

ng:



Welcome



All the best,

The TrueLoveNow Team



To stop receiving these emails, unsubscribe.



=



------=_NextPart_000_9070_FB412067.3342CDD4

Content-Type: text/html;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



=

=0A=


0">=0A=

=0A=<br /><br /> Start Meaningful Conversations =E2=80=94 TrueLoveNow=0A=<br /><br /> =0A=


"100%" cellspacing=3D"0" cellpadding=3D"0" border=3D"0">=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


zeroborder" width=3D"600" cellspacing=3D"0" cellpadding=3D"0" border=3D"0">=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


l;">=0A=

=F0=9F=92=AC Start Meaningful Conversations on TrueLoveNow=0A=

=0A=
=0A=


y:Arial;">=0A=

Hello,=0A=

=0A=


y:Arial;">=0A=

At TrueLoveNow we believe in quality over quantity. Meet members w=

ho are serious about building connections =E2=80=94 not just collecting mat=

ches.=0A=

=0A=


    :#666666;line-height:1.6;text-align:left;font-family:Arial;">=0A=

  • =0A=

    Detailed Profiles: See values and interests up f=

    ront.=0A=

    • =0A=


    =0A=

  • =0A=

    Smart Search: Filter by interests, location, and=

    lifestyle.=0A=

    • =0A=


    =0A=

  • =0A=

    Supportive Community: Moderated and respectful m=

    embers.=0A=

    • =0A=

=0A=


y:Arial;">=0A=

Take the first step =E2=80=94 your next conversation could change =

everything:=0A=

=0A=

=0A=


;color:#ffffff;text-decoration:none;padding:12px 24px;font-size:18px;border=

-radius:30px;font-family:Arial;">Welcome =0A=

=0A=


y:Arial;">=0A=

All the best,
=0A=

The TrueLoveNow Team=0A=

=0A=
=0A=

=0A=

To stop receiving these emails,
q9xrb" style=3D"color:#666666;text-decoration:underline;font-weight:bold;">=

unsubscribe.=0A=

=0A=
=0A=
=



------=_NextPart_000_9070_FB412067.3342CDD4--

Ukrainian romance phish from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 06 Jan 2026 07:42:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd8FY-00000000PoS-2q96

for dave@doctor.nl2k.ab.ca;

Tue, 06 Jan 2026 07:41:32 -0700

Resent-From: The Doctor

Resent-Date: Tue, 6 Jan 2026 07:41:32 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-eastus2azolkn19010018.outbound.protection.outlook.com ([52.103.12.18]:14938 helo=BN1PR04CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd1vW-000000005L3-3KSz

for doctor@nk.ca;

Tue, 06 Jan 2026 00:56:35 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=ThV3n6I61nSvIevJwXE8vgsmKc/o9976PlYRp4sRzqfkFV0bQvnEvePBJc4JrUymscXCKe2+crwc8nqiNRtR1/qPyhpZGIvBkNL0T96FlYufftCgPmI89pTEHalbu+ccdTLJOovDZVSC7hK52WzaT575VWaGx1QpaGr42CnjjKSdoqYV5qPSf8i6W3bdL92mzt6uivKoHy9KHy5In7r4yoSVmY1wTUO2tXw/SxtLHMpKxnzh51FGWbRNCyPW56qmWYkVoXcJ5huBnZzrz32Jd6yKSjpiaAOAkh3WR6tVnC/pmIp3OEtTM22TP0dykTD+U6fMZnBkBCE0RImvTu4SWw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=2be+Q2BvaGNH03gDU2ii9UNzIBbALK8d6DTupbZ/18M=;

b=BCZaozOoMPWS703QVRz6TSABxF8zXUGg9I7FRy2OOCN9th/he/x/zI43tcl9rfUvuleKvohbDoF376/k8Bh6LA0/y0AVbiisn6jL7xkTP8hdSMzfRTEBxYaAPPw8aRcwDl4I3mKui9SeMnd9zIj/I5MMUg7aKkmALBEa1X8i4PRwpS49zvdYXeDGALMkbQi9Pg/XfChUSz/9Yke3emH6udXjvXm70No2W7cGouF9UEzFb6+lEew/0hWWTPs9Dk/zqJvXmbNa8688vf/7ZpKON66B+2mEh+AuCdd/bUk2sPzi0u3qs1PnM8vU2x3i9We168U+/fBcWtszhbtaLGH/rQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=2be+Q2BvaGNH03gDU2ii9UNzIBbALK8d6DTupbZ/18M=;

b=tfQLfv9s8/qWtCSZUzkw0HoyAK1AGtD3wqBjUFbgM7Mb2so9KYN4gZXfJaUoncInohHp4K0pLZ4Q21csLnaHfAUw+QIGDn+aBY/MjEob7K5wSsGdJm4VFq6j6A/m0hDF+oX1lo//wMCRYWkhsBbyy3mEZtaB05GmITJLTC2CpSdUA/6Y3x9q9zaOuZTiQdzVLKO8CNqXUTzlrctet2o8LfcFIlhB627ADZHosJwOcsibJoieI2RyOTS1sQWaW/+1HK1LgkP5DCSZi1si8IHPr9juxoNDCKK9sXQdAqMOniyb0c2c/PIlqWMOJQp0rtT8/tSTTsC0JeXmPbDIgH7mXA==

Received: from DS0PR11MB7382.namprd11.prod.outlook.com (2603:10b6:8:131::13)

by SA0PR11MB4685.namprd11.prod.outlook.com (2603:10b6:806:9e::7) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Tue, 6 Jan

2026 07:55:24 +0000

Received: from DS0PR11MB7382.namprd11.prod.outlook.com

([fe80::80b3:e6e7:efec:dbee]) by DS0PR11MB7382.namprd11.prod.outlook.com

([fe80::80b3:e6e7:efec:dbee%5]) with mapi id 15.20.9478.004; Tue, 6 Jan 2026

07:55:24 +0000

From: "UkraineGirl"

Subject: You're invited to a watch party!

Reply-To: "lyno4com@hotmail.com"

X-Mailer: Evolution

Date: Tue, 06 Jan 2026 08:55:21 +0100

Message-ID:



Content-Type: multipart/alternative;

boundary="----=_NextPart_000_9070_FB412067.3342CDD4"

To: Undisclosed recipients:;

X-ClientProxiedBy: AS4P190CA0060.EURP190.PROD.OUTLOOK.COM

(2603:10a6:20b:656::13) To DS0PR11MB7382.namprd11.prod.outlook.com

(2603:10b6:8:131::13)

X-Microsoft-Original-Message-ID: <1.653f591b513634dd5a83@DESKTOP-N0MTKOQ>

MIME-Version: 1.0

X-MS-Exchange-MessageSentRepresentingType: 1

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: DS0PR11MB7382:EE_|SA0PR11MB4685:EE_

X-MS-Office365-Filtering-Correlation-Id: 4e92bd19-7597-44bb-ff86-08de4cf8f266

X-Microsoft-Antispam:

BCL:0;ARA:14566002|42300799018|9400799043|12121999013|39105399006|23021999003|8060799015|19110799012|20031999003|15080799012|461199028|12050799012|5072599009|6115599003|4601999015|56899033|1602099012|440099028|10035399007|41105399003|15111999010|40105399003|39145399003|3412199025|4302099013|34005399003|2006899018|2406899039|6106899015;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?WUs5Q0ZHdVNEZWZWSWV0RzV4dlRQRjRRSXJkYk5pM1lUM1dhY2ZhbzN3NHNh?=

=?utf-8?B?RVJac1poSzBTRGE2UkFsMms3YTFOamFsU2Q3RTNjU2lvWDBZd0Ztcmp2YUV6?=

=?utf-8?B?MW05bUdqSzRCKzdDK1hNM0wwYWk4NFRST0N2OFpkSVdXRnhkTUF3bUVpMzRL?=

=?utf-8?B?bUZ1c0VkNEl4SDRxNDd3SjNjQWoxOVBhWThtV2lPYk9SbDNyTmUxQlBRZGxy?=

=?utf-8?B?UmpyZVp2OEZMSyttUVVOZkNULytxQkhrMmk2aW5VWmJ0TW01UFkwZDBuL1gx?=

=?utf-8?B?bGw2WVFUSVdFMGphcGI1U2xPdjVMUVV3ZnVrdUhNUkdWRFl1emhnZGpFTFps?=

=?utf-8?B?YkxSYVhXc2lnR3o2SHMzbGNsem9lcjhiaGlJbWtYS3lGTDUveTdXWnBkY0pw?=

=?utf-8?B?bU5BYWhjTFJhMjNRY0VLSFJXenNvQzdtdkE0NkZpamV5R1p2NUI5RE5yNDFs?=

=?utf-8?B?bFVOZU0rTnoreTRiMkNnSTA4RzNDbHl5QTVvQ1dHc2dxQXJZSHpXRjBSekhj?=

=?utf-8?B?SityYWlRUDhvQ0I4dlM3QjFQYXBwMCt5Q0kydThzQmZFSVhKYWlIRytUL202?=

=?utf-8?B?VHF4bUU1aVRXSG9RTmo0LyswQ0VZZUE1aUxvRW5zMWdUUi9JM2x2WURHaWJ0?=

=?utf-8?B?WWQvS1B5TVJTY3JMcTZ1eVgwZ2F5aDJCenp1VHRqS1RoTlV5WWd6ek9TUHN6?=

=?utf-8?B?ME5vL3FiaFBvYzNsZnZRbnZYdjhud3RzVUhJZVJjMENXUm1sMnFONTJvdUdI?=

=?utf-8?B?TGhOS1k5MElzTmRjMCsxKzczUWpxOTEvWjZGMVF0WTBrdnBSVnFqeVRLa0JZ?=

=?utf-8?B?Ni9NeGtLdUM4WkZ4ZHA2eENLZGxQOHJnZWwrVksxY0dVY2RaUVA5YkZYaER5?=

=?utf-8?B?cFJhSVEvOTBXZnhJRnZPWXRxMUFlbmN6MFROdExkMzNhUUhGTE1TazI4QWQy?=

=?utf-8?B?NU1xaHFjRkpKN1dNZGdTL3d2RHFoNzFVSmNOYi9rTy8xVGtWeGtjcDZOWWVG?=

=?utf-8?B?cE14M3BPcXovQkRWd3AzQ2xnOFZqNWNIOU01VkQ4RkV3SERiUkJyTENQS21B?=

=?utf-8?B?c3JlM1lPR0tYdTZod0kwR0g2d1BYbitXeExmNWxOWlAzc0JYWkdrOXpmcGtR?=

=?utf-8?B?MEJXaG94RlNTNkJEdERWZGUvS2lqSExhOVVCdHZVTzFaaW1meVNsOVZUdmkv?=

=?utf-8?B?a0JCaWNmaC9pMVhxa1BIRjU5dGVBcjZFQWMyRGJOUzAzTkd5K3VTVklLbkRa?=

=?utf-8?B?bGIzWUpsbWJXUk9RaFhsdjkyZW1xQ3pGRGFMMUxVWVZNZGswSlFsQ25iVGM4?=

=?utf-8?B?OHpKelZCdktjQVhSSE5qc1ovYU4vK05zS3FkYy9ubll2QXp3eWQ4M3pCeXR2?=

=?utf-8?B?R0dwbWVrWTdRdDFFTEdYWnFXNnNHVXBZSll5SzJsb1MzeVdXSndsbU1Qb1U2?=

=?utf-8?B?UTZtTFpZbWtPUFovRzY4TC9MY1kzOFJQRE5PNDBjUUhSVkQ1b0dnWkRtT3VN?=

=?utf-8?B?U21TQ3Q0NG9MdmJwQjVJTVgrYjdpRU9PR3hMRjBZTTJmT1ppVzRaZjVwazFY?=

=?utf-8?B?SnQ3Vm9JeTBrYnZPaU11QklDakoxNCt5bUt3K21LNTJiN1JVZUJLY20rOEJJ?=

=?utf-8?B?aHJoRldRdTF0ckZNMkthcXJyalM3MkxGZVpDWVBnZFRxYVRmRUtZY1FxMjRv?=

=?utf-8?B?ZDhpZCtGYmQyNnpySmNwc0lNVE0vTzdldWdvNnRRbGxIVko1dkhBRFFmaEJv?=

=?utf-8?B?Y1ErWlRkVitlc1lTZXlWdm5UZ0dzOEpjL3RmcFV3Y1dsMkZIQ1F5UCtyK2l0?=

=?utf-8?B?OEl3bVliMTdUUk5rTnk1dmpTR2w3UzFQOEJyeUZXdGl6a2Y4a1lFck84U2kz?=

=?utf-8?B?YWI5WUxHenE5Mlo3ckIyWWY1dTJDM0RGUGp0NnQ0NkpYcGkxQ1BYYXl1RThi?=

=?utf-8?B?MHRRVGFjQVRDay9uam1wQnJqc0ZaMVZxNUwyMDBFRmpKWXc4Z2xiZjhuaTk5?=

=?utf-8?B?c3J5Ky9KMG1WQnAxeTcxVkNXWXk0ZXlXWHhLWFQrdWgvNjNiclozeEUzNVJh?=

=?utf-8?B?Z3kvbWxmNHFxZGFXUDgxVGFXOFA3ZlZGdWVqZE13MGZLbEo3VE1qalpEcDFO?=

=?utf-8?B?YTRUU1lVYmlrL1BIYmx4N0hWUUxCaXFHelFBcDlIMHBuQUI3NDJQVXdvT1hl?=

=?utf-8?B?TEE9PQ==?=

X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1

X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?T1BSYmZFa1c1QWcxbk5Qc0Z6S3pCaERlbzc2bHJuMjhkcGZlSVBDN3BWT0s5?=

=?utf-8?B?Y3F0ci9RbUVLZlo2QzRXbzFhcEEvUExTR2ZKaFpOWE9meU0xeEMzRjRGTUhJ?=

=?utf-8?B?TWRLS3hlK2JJMFFVOEIyR3lic3dvR1hHQi82azJ0MDhMdDBNWFUyczZ5Zngz?=

=?utf-8?B?dmc3UjFtcXNHcmZCbHJqcndDQnhVem1uaTRqdWtjQW9SVE9DM0pMYTh5d2s4?=

=?utf-8?B?NHUxbzZYM1M3N0VmSkZDcWFuNzlUeDgwSnNPSEgxZUo4cWRYZ0tuY1YxeTFs?=

=?utf-8?B?aTMrd3dMYWYrYnpSajEyeVpWRDEwR3NzQmp3eGJhZDI2MUJhdlE2ajlBU21R?=

=?utf-8?B?aENDdjRSNTZDL1FDQlh3QkoxenJMM29ESHZBZDlxdXV6c1BtV09pVWkzUW8x?=

=?utf-8?B?VmptT1ZwVE1TakNlM2JOTldoQTBFellMMlBCWkhHMCthcllJeDVHTjBBMGMz?=

=?utf-8?B?aWVkb3NrdmdjeVFIVXUvLzBTcVlsQ1hrZjZ6RDYyMlBwRkR1Q24yVGpzMEF6?=

=?utf-8?B?SHZaKzFvRXVWZzE5Z0w2Tm5PVVcvSmNSUDkydSs5R0N1R2ZWa2hGSGdJVmpr?=

=?utf-8?B?cXE1bVpXb21oeHEvOFlJQ21Pdm9MU2kydmo1VGUwaDR6eDg3WkNRdE9YT0cr?=

=?utf-8?B?ZE11VUZTQ21Ta3BvNUR6ZytwYmxyaWpHcnJlWmpWVDdGK1dJUWs2Rk5mTUFl?=

=?utf-8?B?QVBJMXJtVW9KNkFDTmpUSmhlKzlPYzZmSTRtYkd4Q3RSSW1kWGJxNGRab3Fm?=

=?utf-8?B?S3l2b0w0VjVTcHlJUkNoNFlnQmEzYStCbHQ5cGxESjVEQ1RrRUxtZU9mYnNv?=

=?utf-8?B?c1RUVlFzbVVZWnpVK2ZMd1pxclE1SzRhQXA1WWdsSlRSUWZmSDNoakxKWlgw?=

=?utf-8?B?VUxrM285eDRYaTRXbVd3QzVtL3pjc3BZdWl1MU1uUVdYWklobXA2eG1GMG5U?=

=?utf-8?B?NkZwWFA1cXVZalpWZ3Z1ZWFHTk5DUTk5ZEQ0WlRjSFpOOHc5UXRjZHMyU1RU?=

=?utf-8?B?WlBXT3dRNnh4VnpEcTlGV0J4azltVUdJV0pxdGVnVEpzUGxkUzIxdkIxaStP?=

=?utf-8?B?WkVlYXFUcXlzZ3VhV2VmTDhrVmJqcHliTGlXWWY1c0FtT3VSMWs1ZzF3cG90?=

=?utf-8?B?eS9WV3NSZVhOWEY2czhSQzIyNkRKZjVHUlcvaVo3TUJxbHZyVHcrMWw4c21S?=

=?utf-8?B?dFVTOE4vM3FSd0FqdisyS20zMHZrcmd4M3p3c0ppQ2VDbmErYWltV1UxRmR2?=

=?utf-8?B?WW1sUlk2TXpnQWc0eC9mVHVkRXRDdlJPc094VTMrL3ErSFdLbklDZDJJMjV4?=

=?utf-8?B?ZjdOdFNnSFVHeERUNkFkYVBRbkZuaC9nL2V0TWxPRTZma0syYjNRNS9XVFBy?=

=?utf-8?B?d1I0dGROYmQxdEluWWY3U2FUdHEwQ2M2cy9RNHlYU1Z4SGQzM3BBZy91emVi?=

=?utf-8?B?MEtQblJ0eVZUeVhrb0F4bWw1Q1ExYnpzQVcwMlFzV2VwN0M1RVdtUE9Tdldu?=

=?utf-8?B?WU5jY3UvY2pNem90TlZ0aC82TVltN0VXa3lodEpJUVFuNHpsY3hFZ21MRFl5?=

=?utf-8?B?b3VEUzd6aU9wZHJ5d2hVMENPWTRJZGFxdUwwc2FocGVJWkppRXIwbkRsbDNk?=

=?utf-8?B?VyttT3NqRHc3ZmkzMUphM0dacEVJVDNYRDNKM1hseXYzdUdHMmJYQ1kzd2U2?=

=?utf-8?B?L042dkM2QnVFeEN5STRBVGd4RzgwaDBORVVqM2RlVXcxSjFQZlVMNE8zOUN2?=

=?utf-8?B?bmNOZ0VHeW82U01YVGY0bEMxTEpnOCt0c3JHUHFVSmx5Y1AzVmpNRzUyMy9m?=

=?utf-8?B?Si8reWkwTE9WSE9RWmYra05DM0d6TEt5azlHYXRHUHZJdjRYOGo3UEdpVUJl?=

=?utf-8?Q?93t/8eIT5S2Fo?=

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-0943f.templateTenant

X-MS-Exchange-CrossTenant-Network-Message-Id: 4e92bd19-7597-44bb-ff86-08de4cf8f266

X-MS-Exchange-CrossTenant-AuthSource: DS0PR11MB7382.namprd11.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jan 2026 07:55:23.8577

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR11MB4685

X-Spam_score: 8.7

X-Spam_score_int: 87

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Tent supplier spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
--_000_SEYPR01MB429496B885305E7F5904F4B4F987ASEYPR01MB4294apcp_

Content-Type: text/html; charset="gb2312"

Content-Transfer-Encoding: quoted-printable
















Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hello,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Have a nice day!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

I know you are in the Tents industry. We are a professional Tents and expor=

ter specializing in a variety of Tents,The services we provide include:
v>


Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

1.Customized design to meet your specific needs.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

2.OEM service to create a personalized brand.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

3.High-quality products, reliable and timely delivery.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

If you are interested, please let us know and we will provide you with a co=

mpetitive quotation.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

We look forward to establishing a long-term business relationship with you.=

Looking forward to your reply!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Sincerely,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Andy








--_000_SEYPR01MB429496B885305E7F5904F4B4F987ASEYPR01MB4294apcp_--

Tent supplier spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 05 Jan 2026 23:08:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vd0Du-00000000PeW-2iLa

for dave@doctor.nl2k.ab.ca;

Mon, 05 Jan 2026 23:07:18 -0700

Resent-From: The Doctor

Resent-Date: Mon, 5 Jan 2026 23:07:18 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012055.outbound.protection.outlook.com ([52.103.43.55]:16599 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vcvYx-00000000M8S-2Qou

for doctor@nl2k.ab.ca;

Mon, 05 Jan 2026 18:08:54 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=JpD/Yl3wX+zGMQxIw6ony3OY9K/orl4eUv71aC2tR4AFRD+M/vv29QKzCeD2IAFdlCwh5/Ue7Y400gPQ57mZgAK4FlIu4aonv9uUXc400dseZeE9pqbhmcWfHSdT8x5UmAytnX85y/Uy+g0OiUnk6fRgLS323CuaeYDjIG6c+ihbcwrG+5ixTzGRCkVnEQQfnQQ7tFjsPXFJt8/HTAB7HfLyMpwG72cS+F9KU1CrOggKRKgjg+4iTTHEqcez19uvFEa+HP8Q+UqHJwVcnBeOnXat8u72pEUDXUfYhjnys/umeF9k80H0+53v+UGWl+blJ/LSfzPEhiQznUKy+rBFSA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=J3oi40nzm29MYYxLoP2ldA/s+6AvXiIGv8LGhK/weqM=;

b=KF/LiAkwu8T5PvQfgRJJbL9Au6cl48OqGo7wP0yOGdepIylJS/t2ON6eObF+Ro4xtpI9fH/dhQc1itI5uf8DTbeL1kn9+wh54yPpvC0oqEEyEqIaR+9LgBgINWtF3KsieSObfa4V6v3I6XiQvPu0McPs89gg78TTZPzOEMaRALZ8i6/UqlRFRRtlTqPTwabPLiCnoq9VAG7vSPbySCuRz2khK5NZSNCFmwZpmbcGQQP9LOZeg81R1qPS+s5IULzeDQr8+y6oPiq9O/GpK4W+Uh+YBHloKg67DG2fo3i7Tj+RSZ3sAcXWl9j0tqtiOJ8n/MryUDL00ehbfJUXa+tJnA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=J3oi40nzm29MYYxLoP2ldA/s+6AvXiIGv8LGhK/weqM=;

b=l3HYEAvKXZPHbb1bzRd+3pUrn8C7nD8Jtl2NEdA70HfCFjjI2L+kW6LS0ox4S/6IkepU8lRn0TqzsqpcLHSPEwXYtxVJ3lv09TTJOAFUC7cPaUC88yZ7LSWHp/3VfbydJF4crCIOoOCalBZKGP98TFLnI2YnIQsk1FAtlnAejPNhMzvC6Zl9SkmrI2cLuGtGHHpFkaRJDuSqicy54o7eog+KgxquDbJjTvP2Wb6Zh8aWfoti59UvZLgoiAGohOi60+29i5WP1kyHCL8Dh3zIfqRDI3DXJvoDpZ5ZDDSpXPKjAvvEpm9TuIfcHG2K1WiaBy224VKm5wFm6SjxWoIZ/g==

Received: from SEYPR01MB4294.apcprd01.prod.exchangelabs.com

(2603:1096:101:5a::13) by TYZPR01MB4378.apcprd01.prod.exchangelabs.com

(2603:1096:400:1d2::5) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Tue, 6 Jan

2026 01:07:22 +0000

Received: from SEYPR01MB4294.apcprd01.prod.exchangelabs.com

([fe80::5b18:d40b:3cc4:1f2a]) by SEYPR01MB4294.apcprd01.prod.exchangelabs.com

([fe80::5b18:d40b:3cc4:1f2a%4]) with mapi id 15.20.9478.005; Tue, 6 Jan 2026

01:07:22 +0000

From: G Y

Subject: Tent Supplier

Thread-Topic: Tent Supplier

Thread-Index: AQHcfqjN3Ia9c8XY6EeS48RH56bmmA==

Date: Tue, 6 Jan 2026 01:07:21 +0000

Message-ID:



Accept-Language: zh-CN, en-US

Content-Language: zh-CN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEYPR01MB4294:EE_|TYZPR01MB4378:EE_

x-ms-office365-filtering-correlation-id: 8b1806b7-2647-44e8-7046-08de4cbff1eb

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|15030799006|20031999003|39105399006|19110799012|8060799015|8062599012|41001999006|36102599003|7071999006|461199028|31061999003|39145399003|41105399003|40105399003|440099028|3412199025|102099032;

x-microsoft-antispam-message-info:

=?gb2312?B?cVlIaVloUU43S0taU1owSVBhWTRTWVhGeGJuTHdVMlplSjlIaGJOY1Q4cFlH?=

=?gb2312?B?WnZWNE9uSmd3MWdRRTBNalQ5ZDd2VmlGZGtMMlo4eEo0NzJFSi96NUYxZzhu?=

=?gb2312?B?cVhhaVFXYm9Wb2hHL0tZd2Z2NlV1Uy9vODdiZnZMRFdaZ0NKRXc0V050amh4?=

=?gb2312?B?U2xTbTlGdy83Z0gzOFVFSHF2ZHZjQVBWUkpwUDJwTmFDdDZ0NGNzUjlSRVNa?=

=?gb2312?B?TDJ6TVlWdDNyV1VZOGtORWU4TjFSS2h6Rmg5Wkg5aHVnTmVEV3pXUDVvbzhs?=

=?gb2312?B?eEtza1F5TzFyT2xqZThIRU5kVWEyY29OU2dCdnJ5c251OVluMkMrRzBCdk1K?=

=?gb2312?B?WEdkUWRySTY2WTJxRVlGUys2N3BmNXlqTTBhLzdJNnIwTDNhUCtNQ1M3SzE4?=

=?gb2312?B?bENCai8yL2t4VWFwMVhnakRTSXJJZmp1N0ZyYThrV0ZsSm1nOEJsWTc2WWtI?=

=?gb2312?B?Nzc0M0h5NTFrcTVsd0tRdThNS0RFRFFHd2tUVkJQQmxvOGdHaU0yWUNCNHNh?=

=?gb2312?B?TzBlUWZNK0dnd3ZvSFN1VzlDOHR0WVgyRnlkRDg1ak91M2tzM3hqbEZzQUsw?=

=?gb2312?B?UDEzRzduaW1LNzhWZXFITzZpYnlBNUpPS2Q4WUY4THhJUVZsSm54ZHRwenk5?=

=?gb2312?B?SlNCaFlKMjNwazUxU3JhQzNkYTREMzQzV1VEdWpuRndKc0dNS0ZwNmQ2VzFw?=

=?gb2312?B?Vk5jQlBRRmN5cml1T04rOFM4UHg5UUh4dE1UdU1NR0txOWpqS0RhcHdoRWpG?=

=?gb2312?B?SHY2RFVhZ2xSei9BbUR6UXRqd3QyS0I1YzJBMXhjVGJmdHRzVkkxNzZSYlJM?=

=?gb2312?B?YzUwbWpKWTF2ZU1aUVVacXhZUjR2dk1QRVBZVm1VR0thM0RLWGRwcjRDREI1?=

=?gb2312?B?L0FOcDVHQzRrUllJTG5JZVZxWnNSMUtHL1BXdzhLOWVIVWlMUU5HUmpmdXJJ?=

=?gb2312?B?S0t5aDRjK1pjSVFwWFFwTnFFcWxPY1l1SzlHRmlZRzEzRUdtZU8wVFg5bnMr?=

=?gb2312?B?SS9LRnE2UzBYd1BmZllJVXdPRk5Hd09KenZZcmdJTUVsdXd6ZXFPdno0Z2VT?=

=?gb2312?B?c3Qyc2crWjZxRzdjZmNRaUhHeExiSjVZVURWZEhWNVhxUWFzMWJOaFhWT2h0?=

=?gb2312?B?aTFhUVlDazI4NThZNHRrQU15VjRIcHA5bzZzYUVXS1p1Y01qRzhXdDlOQk1G?=

=?gb2312?B?QTQ3dS9DU0NYOTlrNEQxSVczWFltd0xKcXppOTlhbjRaeWpxaHFUbE92emlQ?=

=?gb2312?B?NiswWjBhYW9keHV2NHBsVHJKUkpIN2FYbk5EcTlaYU5pdGdKeml1TFFZbi9P?=

=?gb2312?B?emdUWjdCT1pBZlE2OUNRbTlKSXF0aHNZOVAraTFBZXhTLzcrYkdBOGRNOTJP?=

=?gb2312?B?TE5JR3hGbFlvaHJUWnF0b1drcjB2YldyVzdjaDhaSkJTU3JRWDBXN09SeVhL?=

=?gb2312?B?bzJoc0VBMXpVbkhlY0hQUllIUVcrNE1ZaGVqVWNBUy9BYXRwNmlZc1RILzFR?=

=?gb2312?B?MGN2UmVxTFBaZXNMRUJ6MTRUSXF0cWVPV0R3RGJiZDV4Wklmd3RGd01JSU1G?=

=?gb2312?B?Nk5ZNVIzaGxtS0EzNlVWSUZpS3FLaHU2dlNITnBPSHFSL2NEcXMzdENXbnB2?=

=?gb2312?B?QjMyRXd6eXhVSi9EUlJtTW5mcG0vTnl5TlVqVWRZZncvNkQxcTdDNm1WeHdO?=

=?gb2312?B?L0J6eXI3TzlvNnZvSU1PUWFMcHVndTRXeHBXRkpmR1I2Uk1sTUMyWXYwMTVO?=

=?gb2312?B?QzFReWpQWThyVG93Q05sWDhZdVRqRm11OHFmVXZLSmxiWTFETWVobHJFb2xn?=

=?gb2312?B?T2VROHI2a3BTWVZhaXZGdHlJOVNQWGt5ekRlODNlVzNpdUtBbUYvd2dHNVF5?=

=?gb2312?B?RzNpeDBUNlRFTjhEekR1dUkyVGFQVWFnOCtwTWRPblZ1NGc9PQ==?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?gb2312?B?dnVkL2JXVHR6eFB4NTVzVEVFelExQmYvTUZob2xaVzR3UWdPM3ROY3RabDNp?=

=?gb2312?B?M2tBa00zZUdmQXpwdUpZTEZCeVNkR3l0VEdrNVlib1ByL2tNellaOU9LMVdx?=

=?gb2312?B?NmhUUCs0V0NaWHo3MkRXdlpEUUZzcVAzdlJOL1BVb1BKR2dTWFh1eTZGa1BE?=

=?gb2312?B?VkFucEVqUjU0ZnpHWDF2aFNWaTJqM25XL0pwb3ltdExWWE52b0ZyaitqczUz?=

=?gb2312?B?WWpoZHBYaXkwR2xmalpadnJ4MlV1SC9lNjJlN1VtMTVnU2RlWmFyb1JVaWRZ?=

=?gb2312?B?dGM4cnBnczcybk5hWnUveGkrdzM3UFNUSEdRdWQ2bFFTR0VWS1NqNFJvMFha?=

=?gb2312?B?QmVrQlpWa1B3TzVkd0hFN0tGS2RuVkNXWGxyUHBKUUxsQnIrTk9wanhTSDJS?=

=?gb2312?B?K0FDOUhRM05kU1grK1h6N2dJQlkxc2RIRzBVaGtLSk9wazJSa1U0QksrR0px?=

=?gb2312?B?RndMUE5naDR2NzF1d3ZzK3ZBYjB2WEVweEx6eVdlN2M0cW5RMWxSbGlwVm1i?=

=?gb2312?B?aXR0czU0K1JkdVZpVHM2NGRJN3I0TXhQSkx0M0ZpM1ZVNzh1YWN3eVpNZHVO?=

=?gb2312?B?KzY4M1pwUXVwM1lLL0thaWxpMlZnek5aU1IyUEFaTEk0Z0lxTXJzNVV3cnlM?=

=?gb2312?B?MjNmblJkaDFLUXV6Z2RlVk9GT1J5b3dQdzlVdEttYWpGSG55UjdiaytHZTRq?=

=?gb2312?B?bWcrTWU2c0s1YWowRnhJQWZ2S1lDWXNHRFRYRzM0RGpjL2NHQUl3MEtrZlNT?=

=?gb2312?B?V1VlQllCbGw2ZmE3aTRlSHg2d3FacTAvRFpqOTVTZ0N5UDJqUVQrRUsyM0U4?=

=?gb2312?B?OXBiaG1QN0hTQjN5NzNjZmpMb0tvMDNvaWZVc2NkVTgvaWs1aktiazVoU1Vu?=

=?gb2312?B?TWUvSEhpajlzQmx4NGNsdG1BV0lJNHV3K1pZNVFENFR5R2dWNWg3dEc2dUhD?=

=?gb2312?B?S002UURMaGFqU0VCdTZwOWZGK3pnOXE1YWtEUVVnMUI3N3JBQmNHUHA1U21T?=

=?gb2312?B?TDRzOWpUSmdadEdhOEtJczVnV09sMFJUa2wyWXlhRGFzbit5ZFdZMXNOdHk5?=

=?gb2312?B?cktBZ0VtaDJ6N2kzNDlPa0pwY0NubkhtSHdVVUQ4MEs3Y1lZSkhtU25ZTVov?=

=?gb2312?B?U0FSNWk3bHZzaXpTNTRhVjgzdk82VEN4dlcxYUhETnlpRG90aE50azkwNk50?=

=?gb2312?B?TzU3cWRtdkZyOExuNzJOQ2FpMTJ1SS9TY3dDUWZnR3BjaW53L3FFK3FTUzJ4?=

=?gb2312?B?YlVqU0YycUJWamx6ZmQyM3hQd2lyNEZJdldZV2J5TnZjWWVuaUxvUnFSamd1?=

=?gb2312?B?RVkxODljVUhnVjZNMk9DcVhYbmhhdzQ0dnNtTnN1bEl0bUJPREVPTXJDMkFl?=

=?gb2312?B?ZUJHdVc5NVN3SUg1UU8rREIwV2k2ckY3N09MUDhnN1BkaGJPMWEyTHh5OHFj?=

=?gb2312?B?eTE5Nm1DWlBkTnEyYjRsM3dPNEpxUmJFZ1BpRlEyVTVQcmpMNDV4MjdqN2xr?=

=?gb2312?B?TkZWNUZhMCtPS1hHWnZ1Mk5tcERuWnBTRlRoOFFHcGVtSm9JLzZzZkJoM21Z?=

=?gb2312?B?V00zeDNianIvSmJHYXU2NTFGemlYT1BmNEMxNy9zSytXWXFOblpjTDYrcFNT?=

=?gb2312?B?bFJwUXNuVERRUmxPWFdUZzhOSjloalAzZlhPK2RBUjVvT0Nob0dOS0U1aHlG?=

=?gb2312?B?TElWWG02RTNJQXgzcjFWalp4ZzJ2K3dIbE9VbEFjS21rcmwydkxFQm9FcGdG?=

=?gb2312?B?a1dOR1BObU5aZjF4OTk4RVVtbFBZMjBnYVZKWFhPOUVDZDhZRm9MTVM3QWl3?=

=?gb2312?B?alZMWWVleGNNamdBL0xCSko1QmtRY3BRMUtWbmdsaHA0MHJvTTZmREdHaDNy?=

=?gb2312?B?aDl1TE5Kalh2UWs3eDFrR3lyQW5CSExIaStxcVYrVTJZUHluUG1GRDFIekp2?=

=?gb2312?Q?XHvoawnwCEg=3D?=

Content-Type: multipart/alternative;

boundary="_000_SEYPR01MB429496B885305E7F5904F4B4F987ASEYPR01MB4294apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEYPR01MB4294.apcprd01.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 8b1806b7-2647-44e8-7046-08de4cbff1eb

X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2026 01:07:21.3965

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR01MB4378



--_000_SEYPR01MB429496B885305E7F5904F4B4F987ASEYPR01MB4294apcp_

Content-Type: text/plain; charset="gb2312"

Content-Transfer-Encoding: base64



SGVsbG8sDQpIYXZlIGEgbmljZSBkYXkhDQpJIGtub3cgeW91IGFyZSBpbiB0aGUgVGVudHMgaW5k

dXN0cnkuIFdlIGFyZSBhIHByb2Zlc3Npb25hbCBUZW50cyBhbmQgZXhwb3J0ZXIgc3BlY2lhbGl6

aW5nIGluIGEgdmFyaWV0eSBvZiBUZW50cyxUaGUgc2VydmljZXMgd2UgcHJvdmlkZSBpbmNsdWRl

Og0KDQoxLkN1c3RvbWl6ZWQgZGVzaWduIHRvIG1lZXQgeW91ciBzcGVjaWZpYyBuZWVkcy4NCjIu

T0VNIHNlcnZpY2UgdG8gY3JlYXRlIGEgcGVyc29uYWxpemVkIGJyYW5kLg0KMy5IaWdoLXF1YWxp

dHkgcHJvZHVjdHMsIHJlbGlhYmxlIGFuZCB0aW1lbHkgZGVsaXZlcnkuDQoNCklmIHlvdSBhcmUg

aW50ZXJlc3RlZCwgcGxlYXNlIGxldCB1cyBrbm93IGFuZCB3ZSB3aWxsIHByb3ZpZGUgeW91IHdp

dGggYSBjb21wZXRpdGl2ZSBxdW90YXRpb24uDQpXZSBsb29rIGZvcndhcmQgdG8gZXN0YWJsaXNo

aW5nIGEgbG9uZy10ZXJtIGJ1c2luZXNzIHJlbGF0aW9uc2hpcCB3aXRoIHlvdS4gTG9va2luZyBm

b3J3YXJkIHRvIHlvdXIgcmVwbHkhDQpTaW5jZXJlbHksDQpBbmR5DQo=

Quickbooks phish from Amazon

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 05 Jan 2026 17:53:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vcvJi-00000000LV9-0njw

for dave@doctor.nl2k.ab.ca;

Mon, 05 Jan 2026 17:52:58 -0700

Resent-From: The Doctor

Resent-Date: Mon, 5 Jan 2026 17:52:58 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from c180-35.smtp-out.ap-south-1.amazonses.com ([76.223.180.35]:47761)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from <0109019b907c0868-da0ab65b-a87d-44b5-a9fe-d49bf77ec142-000000@ap-south-1.amazonses.com>)

id 1vctzD-00000000EjG-1nVx

for doctor@doctor.nl2k.ab.ca;

Mon, 05 Jan 2026 16:27:46 -0700

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=dvogjbaa3ou3tduyzvyu4rj5tkuzdi4h; d=amazonses.com; t=1767655606;

h=Content-Type:From:To:Subject:Message-ID:Content-Transfer-Encoding:Date:MIME-Version:Feedback-ID;

bh=GbhyhBviUb76cwkGMXMg3UyWM/XT2n8prd35uY2joRw=;

b=ifV92MKP5tDkkqmMMnoy+Thpx3q+m5dYgjCJfG8NRZ38Wb4BXUc3kagVvyIkiAha

vCIkPQiSqSt+7eHc1SXXqJqnxU0O0byTxci4/D4sEj2TauNxqw2+waby4OA5E+omhsm

UWRrOKAVEr8qyx0tlmsBHaoMWfC8UEtTc4USjjYs=

Content-Type: text/html

From: QuickBooks Support

To: doctor@doctor.nl2k.ab.ca

Subject: Money On The Way! (Case ID: #ST-9930)!!

Message-ID: <0109019b907c0868-da0ab65b-a87d-44b5-a9fe-d49bf77ec142-000000@ap-south-1.amazonses.com>

Content-Transfer-Encoding: quoted-printable

Date: Mon, 5 Jan 2026 23:26:46 +0000

MIME-Version: 1.0

Feedback-ID: ::1.ap-south-1.SYpW+mFwZ91x6MUm3/OU4W+MHss6dtGpGBf0dIVn4Rs=:AmazonSES

X-SES-Outgoing: 2026.01.05-76.223.180.35

X-Spam_score: 11.7

X-Spam_score_int: 117

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: You have been paid $5,000 Payment details



Content analysis details: (11.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[76.223.180.35 listed in dnsbl.ahbl.org]

[76.223.180.35 listed in dnsbl.ahbl.org]

[76.223.180.35 listed in dnsbl.ahbl.org]

[76.223.180.35 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[76.223.180.35 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[76.223.180.35 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[76.223.180.35 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[76.223.180.35 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[76.223.180.35 listed in will-spam-for-food.eu.org]

[76.223.180.35 listed in will-spam-for-food.eu.org]

[76.223.180.35 listed in will-spam-for-food.eu.org]

[76.223.180.35 listed in will-spam-for-food.eu.org]

[76.223.180.35 listed in will-spam-for-food.eu.org]

[76.223.180.35 listed in will-spam-for-food.eu.org]

[76.223.180.35 listed in will-spam-for-food.eu.org]

[76.223.180.35 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[76.223.180.35 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

2.0 GR_DOMAIN_AMAZON1 Received contains spam friendly host (amazon)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} Money On The Way! (Case ID: #ST-9930)!!










YSrYDzyCk0rOzSEBi6WxX0q_UNt0J8I0nQZnXjv2MetV9lqOljtXO10y7qDQMEYEBs_wNmrCsUS=

Hl8s61ZV44M4XzKrWeEImJt7BYH_Idt3-gXXU1HthszMINXA5O-Q7GbjDACVnpp5MjSrh4sARvn=

NVQ38ZTs7XBIC_5rm0MNIvJUA=3Ds0-d-e1-ft#https://digitalasset.intuit.com/rend=

er/content/dam/intuit/sbseg-email/en_us/logos/email-logo-quickbooks-50-50-s=

tandard.png" style=3D"width:150px;" />



You have been paid $5,000
h1>

Payment details



Invoice No
1805
trong>



Invoice Amount
$5,=

000



Total Amount
$5,00=

0



Payment Method
Bus=

iness checking *****1759



Authorization
awj0=

L2pX




mgroup.com%2Fqbs%2Findex.php/1/0109019b907c0868-da0ab65b-a87d-44b5-a9fe-d49=

bf77ec142-000000/TchPKI5VheStOkKWdgCwX1uadhQ=3D240" style=3D"padding:6px 15=

px; background:#2CA01C; color:#fff; text-decoration:none; border-radius:0.2=

5rem; font-size:17px;">View receipt



Please don't reply to this ema=

il. For help, please contact the business directly.



Thank you,
QuickBooks Payments
trong>





3D""
07c0868-da0ab65b-a87d-44b5-a9fe-d49bf77ec142-000000/My9eEHH-Km3d58VNWsDX9lB=

uW-E=3D240" style=3D"display: none; width: 1px; height: 1px;">

NetKnow now in NetCraft's Top 13900 Part 2

Posted by Dave Yadallee on

Tera Byte Edmonton and reviews





Next is Tera-Byte

at Netcraft Rank >2000000 with

Tera-Byte.ca

ranking >2000000 from >2000000 and their wireless arm Tera-Byte Wireless

sold to Xplornet.

One of Tera-Byte's acquisitions

Edmonton Community Networks

ranks at >2000000 from >2000000 and

Go Edmonton ranks >2000000 from >2000000.

Alberta political blogger Daveberta ranks >2000000 from >2000000; interesting!!!

Reviews of Tera-byte is available at

here

and another here

and check Google for more reviews; just search tera byte.



MCSnet





MCSNET ranks >2000000 from >2000000 and are hosted by Microsoft .



Nucleus Internet Services





After that we have

Nucleus Information Services which can be found at Netcraft Rank >2000000 from >2000000 .





4Web





4web ranks >2000000 from >2000000 .



Alentus / Wolfpaw





Alentus

rank by Netcraft >2000000 from >2000000 and I note they are hosted in the USA .

wolfpaw.net

which ranks at >2000000 from >2000000



Yellowpencil





Yellowpencil Ranks >2000000 from >2000000



WSI Corporation





Next is WSI - We Simply The Internet of Toronto

at Netcraft Position >2000000 from >2000000 and are being hosted on Amazon.



Uniserve / Interbaun





Next, Uniserve

ranks on Netcraft >2000000 from >2000000

One of their acquisitions

interbaun

ranks with Netcraft ?????? from ?????? due to merging of sites.

One customer just came over from this organization in Nov 2006.



Clearwave Broadband





Clearwave Broadband ranks

at >2000000 from >2000000



Platinum Communications





Platinum Communications Corp.

bought out by Xplornet .



Wild Rose Internet





Wild Rose Internet

ranks >2000000 from >2000000 and I wonder if this is another wireless branch of Tera-Byte and bought out by Xplornet





TIC Internet





TIC Internet

ranks >2000000 from >2000000 ( I do remember you).



Nisa Custom Internet Solutions





Nisa Custom Internet Solutions

ranks >2000000 from >2000000 by Netcraft



MediaShaker





Media Shakers of Edmonton

ranks >2000000 from >2000000





Koi Media





Koi Media

rank >2000000 from >2000000



WebFire





Webfire.ca

ranks >2000000 from >2000000 and seems to be connected with Shaw.



Core Network Solutions Inc.





Core Network Solutions Inc.

ranks at >2000000 from >2000000 .



The Network Centre





The Network Centre

ranks >2000000 from >2000000 and are linked with Telus high Speed.





Open Concept Internet, Inc.





Open Concept Internet, Inc.

rank > 2000000 from > 2000000





Techalta





Interspots of Edmonton

acquired by Techalta ;



Yegtel





Yegtel rank > 2000000 .



Internet Crossroads





Internet Crossroads Ltd of North Edmonton

rank nothing from nothing by Netcraft and seems to merged with Tera-Byte/ecn.ab.ca .



If I remember anymore, I will add to this entry, before Netcraft changes our ranking. Please watch this space and please feel free to peruse

our services.

NetKnow now in NetCraft's Top 13900 part 1

Posted by Dave Yadallee on
All data is from Netcraft Toolbar .

Looks as if there are major changes to the Netcraft algorithm after some years! Why did Avast clasify the extension as URL:Phishing?

This is not the Alexa Tool Bar!



NetKnow







Netknow now at 13866 from 14698 at Netcraft and pfs compliant



A significant increase! We must do
  1. security audits regularly
  2. check on illegitimate traffic hitting the web server
    3. and
  3. keep design current!




How do we compare with other providers in

Edmonton, Alberta, Canada?



Rogers





Rogers Business Solutions

which rank 3976 from 3945 and are hosted in Europe.



Telus and reviews



Next we have Telus.com

ranked by Netcraft at 6279 from 6342 .

Sometimes their Web Hosting is done by
title="Internet Names for Business">Internet Names for Business

is ranked by Netcraft at >2000000 from >2000000 .



Is Telus's ADSL network susceptible to Code Red Attacks and Attackers?

Reviews of Telus are available :





Netknow again





We at Netknow are at 13866 from 18857 from 6568 since late June 2025.



Government of Alberta



The Government of Alberta Website

ranks 15149 from 14637 by Netcraft and seems to hosted on Cloudfare.



City of Edmonton







The City of Edmonton ranks 30718 from 30361 by Netcraft and hosted by Google.



University of Alberta







The University of Alberta ranks 53409 from 52387 hosted by Amazon Techonologies.



Juno and NetZero





We have Juno Internet ranked on top

at 307348 from 342753 who are the owners of

US Based Netzero at Netcraft Rank 59505 from 60492 .



Grant MacEwen University





MacEwan ranks 131344 from 135810 .



NAIT / Northern Alberta Institute of Technology





NAIT ranks 132129 from 139314 hosted by Microsoft .



TekSavvy



TekSavvy ranks 183898

from 201404 and are hosted by Microsoft



Shaw Cable





Next,

members.shaw.ca

ranks >2000000 from >2000000 and retired and

Shaw Cable

is next at Netcraft rank 1199545 from 1206884 . Hosted now by Akamei .

Their Network Hosting Arm,

Big Pipe is at

Netcraft rank 287743 from 289479 and hosted by Akamai in Europe .



Reviews of Shaw are available :





Xplornet



xplornet

ranks >2000000 from >2000000 and are listed with

Cirrus9 and are joining up with Shaw.

Their new domain xplore.ca ranks 351960 from 353892 .

According to an article in the Sherwood Park Independent, they are also getting an Alberta Government subsidy.



Distributel / 3Web / CIA



Cybersurf

is ranked 676041 from 680453 and seems to be hosted in USA by DigitalOcean.



Internet Centre / CCINet



Internet Centre

rank 673184 from 726269 . Their partner Rack Nine ranks > 2000000.



Primus



Primus

ranks >2000000 from >2000000 and now points to BLACKIRON_DataCentres ranked >2000000 from >2000000.



Northern lights Fiber







Northern lights Fiber are ranked by Netcraft >2000000 and uses AWS.



OkayVPN





OkayVPN

are ranked by Netcraft >2000000 and uses Cloudfare.



Radiant Communications / goco.ca





Radiant Communications

are ranked by Netcraft >2000000 and part of goco.ca

which ranks >2000000 .

Phish from Microsoft Outlook Part 2

Posted by Dave Yadallee on


X-OriginatorOrg: doffice.org

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SG2PR02MB5380.apcprd02.prod.outlook.com

X-MS-Exchange-CrossTenant-Network-Message-Id: 621360d4-1477-49d8-1e1c-08de4c7ed7f1

X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jan 2026 17:21:20.5545

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: a46a9a09-eb17-48a1-ba0c-a3754b208b08

X-MS-Exchange-CrossTenant-mailboxtype: HOSTED

X-MS-Exchange-CrossTenant-userprincipalname: RsNoNmEVQ23V2MMrIfFZpwdvEvGj+ZK5l4E067e74AFZrGJr+oFODJD+agxXMDhX4nsY/6dTddTpDIu9sVcyOQ==

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYSPR02MB7220

X-Spam_score: 7.7

X-Spam_score_int: 77

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Payment notice – Rent pending Dear Sir or Madam, After

checking with our accounting department, we note that payment for the current

month's rent has not yet been received. We kindly ask you to sett [...]



Content analysis details: (7.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.101.127.77 listed in dnsbl.ahbl.org]

[52.101.127.77 listed in dnsbl.ahbl.org]

[52.101.127.77 listed in dnsbl.ahbl.org]

[52.101.127.77 listed in dnsbl.ahbl.org]

[2603:1096:4:178:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:1096:4:178:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:1096:4:178:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:1096:4:178:0:0:0:11 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.101.127.77 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.101.127.77 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.101.127.77 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.101.127.77 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:4:178:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

[52.101.127.77 listed in will-spam-for-food.eu.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.0 ARC_VALID Message has a valid ARC signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.101.127.77 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} Order update: Payment notice



--_000_SG2PR02MB5380D465C5C43A4FBAAC6990A586ASG2PR02MB5380apcp_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable







Payment notice =96 Rent pending

Dear Sir or Madam,

After checking with our accounting department, we note that payment for the=

current month's rent has not yet been received. We kindly ask you to settl=

e this as soon as possible.

As a reminder, rent is due at the end or beginning of each month, in accord=

ance with your lease agreement.

New payment method for 2026



Rent payments are now made exclusively by Interac e-transfer, according to =

the following terms and conditions:



[??] Email address : rentsecretariat@gmail.com
l.com>

[?] Secret question : apart

[??] Answer : 2026

If your payment has already been made or is being processed, please ignore =

this message or send us the corresponding confirmation.

For any questions or proof of payment, please write to: rentsecretariat@gma=

il.com

We thank you for your cooperation and remain at your disposal for any furth=

er information.

Sincerely,

Rental Management Service

Administrative and Accounting Department





--_000_SG2PR02MB5380D465C5C43A4FBAAC6990A586ASG2PR02MB5380apcp_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">



Phish from Microsoft Outlook Part 3

Posted by Dave Yadallee on





Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







100%; box-sizing: border-box; border-collapse: collapse; border-spacing: 0p=

x;">












=3D"center">


h: 600px; box-sizing: border-box; border-collapse: collapse; border-spacing=

: 0px;">


















0px; background-color: rgb(31, 79, 216); padding: 20px;">


0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri,=

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" class=3D"ele=

mentToProof">

Payment notice =96 Rent pending

0px; color: rgb(51, 51, 51);">


p: 1em; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_M=

SFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);" class=3D"elementToProof">

Dear Sir or Madam,



p: 1em; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_M=

SFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);" class=3D"elementToProof">

After checking with our accounting department, we note that payment for the=

current month's rent has not yet been received. We kindly ask you to settl=

e this as soon as possible.



p: 1em; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_M=

SFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);" class=3D"elementToProof">

As a reminder, rent is due at the end or beginning of each month, in accord=

ance with your lease agreement.



left: 4px solid rgb(31, 79, 216); margin: 20px 0px; width: 100%; box-sizing=

: border-box; border-collapse: collapse; border-spacing: 0px;">














ly: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, san=

s-serif; font-size: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

New payment method for 2026





Rent payments are now made exclusively by Interac e-transfer, accord=

ing to the following terms and conditions:





3D"��"
//fonts.gstatic.com/s/e/notoemoji/16.0/1f4e7/32.png"> Email address=

: 


get=3D"_blank" href=3D"mailto:rentsecretariat@gmail.com">

rentsecretariat@gmail.com


3D"❓"
com/s/e/notoemoji/16.0/2753/32.png"> Secret question :&nbs=

p;apart


3D"��"
//fonts.gstatic.com/s/e/notoemoji/16.0/1f511/32.png"> Answer :=

 2026



p: 1em; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_M=

SFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);" class=3D"elementToProof">

If your payment has already been made or is being processed, please ignore =

this message or send us the corresponding confirmation.



p: 1em; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_M=

SFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);" class=3D"elementToProof">

For any questions or proof of payment, please write to:
utoLink" id=3D"OWAc0663ef8-db12-b4d7-0db3-9b6c350ba21d" target=3D"_blank" h=

ref=3D"mailto:rentsecretariat@gmail.com">rentsecretariat@gmail.com<=

/div>


p: 1em; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_M=

SFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);" class=3D"elementToProof">

We thank you for your cooperation and remain at your disposal for any furth=

er information.



p: 30px; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_=

MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(=

0, 0, 0);" class=3D"elementToProof">

Sincerely,


Rental Management Service



p: 30px; margin-bottom: 1em; font-family: Aptos, Aptos_EmbeddedFont, Aptos_=

MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(=

0, 0, 0);" class=3D"elementToProof">

Administrative and Accounting Department





Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">












--_000_SG2PR02MB5380D465C5C43A4FBAAC6990A586ASG2PR02MB5380apcp_--

Phish from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 05 Jan 2026 15:53:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vctRI-00000000CXQ-2aDd

for dave@doctor.nl2k.ab.ca;

Mon, 05 Jan 2026 15:52:40 -0700

Resent-From: The Doctor

Resent-Date: Mon, 5 Jan 2026 15:52:40 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazon11023077.outbound.protection.outlook.com ([52.101.127.77]:55132 helo=TYDPR03CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vcoHd-00000000OdG-2kbp

for doctor@nk.ca;

Mon, 05 Jan 2026 10:22:32 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=FIF/OYAugMxtaNAbqDkuBnYcz5WS+le8/Vd3U6RulqVWfggJJLYQ5ogYc6WM19IOh3J5IZ2gODyECFwysE+5uH+ClNflI365FQqoHkKqkWlo0imyM8nfCoaRut6WqbR5o/WBmAUu+knK4L3T7CUX4oixtLPBXmPqJ+v6AgVzWzlxBH1KbESHzbT4NtYmnFO9Zy1/Q7j7iPHypHN10S/jZOJsE89BgVR1mHs7j3ZSbTxH1LvrchPtbxKuje6240mtSMKFtW5AUR+H42H6QEyBk/SbEo6KcPiGxHnVRWuQqCpiPya2XpAv4aYrgxwcrE2Dg8dlvsGlVVl5eUbjcC9Kaw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=MNwjaQn7bhrKw+hbca3pp2WnnNt71gsnvbvnnNyb0kk=;

b=nKJTONKzqO0kwpn+WObHV3+QjtOklogEuG67kLn6SMB4NkzCsllOanPKOkmuK20i6H+GYOVw7imlwzyAnASxiHcnrBngUo9Yazw9HVFqxdbfpiz/fKSvFCB36VciMomAIDv1Oz5+RLa6DVO35vL2MFgxpD2cRTMmR7ogItOwzcpVnmzkxEnhWPuSjRHekB+AHbYY6Pi893Hg/LMQ1ucq6ErSPMCEeI/uPXQwQWD8ynizwwzv/Q3wIMzUHaXC28Roq/XbcDOrIdhB2DH5smLvyp3xMCsAd0ndii30iLMOUepWsZ1z2fN35Qn/3rqlsAqh+V/Gks42Efbc+ZDRzje47w==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass

smtp.mailfrom=doffice.org; dmarc=pass action=none header.from=doffice.org;

dkim=pass header.d=doffice.org; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=newbalan.onmicrosoft.com; s=selector1-newbalan-onmicrosoft-com;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=MNwjaQn7bhrKw+hbca3pp2WnnNt71gsnvbvnnNyb0kk=;

b=GEPq3YAnLYYA+QWVsBg/DDZY980Zk0E4c64YhdlnF2E37d7U1nL/eprxrhAbv2EmSWzCmdy9jXLUgwj3DnUMgFtYbW0fCn97nYpwqhURYCQy5RF8Ew4LId3OiVxcjpBmhFTZnlL2FivSW76MTSUjkO3dcF2K+UNR9p2+1Gtbi+4=

Received: from SG2PR02MB5380.apcprd02.prod.outlook.com (2603:1096:4:178::11)

by TYSPR02MB7220.apcprd02.prod.outlook.com (2603:1096:400:46c::10) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.5; Mon, 5 Jan

2026 17:21:23 +0000

Received: from SG2PR02MB5380.apcprd02.prod.outlook.com

([fe80::155d:937b:9801:8a28]) by SG2PR02MB5380.apcprd02.prod.outlook.com

([fe80::155d:937b:9801:8a28%4]) with mapi id 15.20.9478.004; Mon, 5 Jan 2026

17:21:20 +0000

From: user01

To: "oscargoco22@hotmail.com"

Subject: Order update: Payment notice

Thread-Topic: Order update: Payment notice

Thread-Index: AQHcfmcYqXSEseL4LkWc8zpN4Hp4lg==

Date: Mon, 5 Jan 2026 17:21:20 +0000

Message-ID:



Accept-Language: es-ES, en-US

Content-Language: es-ES

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

authentication-results: dkim=none (message not signed)

header.d=none;dmarc=none action=none header.from=doffice.org;

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SG2PR02MB5380:EE_|TYSPR02MB7220:EE_

x-ms-office365-filtering-correlation-id: 621360d4-1477-49d8-1e1c-08de4c7ed7f1

x-ms-exchange-senderadcheck: 1

x-ms-exchange-antispam-relay: 0

x-microsoft-antispam:

BCL:0;ARA:13230040|41320700013|1800799024|376014|69100299015|7416014|366016|786006|38070700021|8096899003|3613699012|43062017;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?ARFi8vOPqdBtbni0+ssKdnmt8I7ThOifn106eYdDlAbcZDTO23M7apOB?=

=?Windows-1252?Q?7W0O6FnRtNeyaZcntxX1fKPp0ESYWYIKezWPfyB5mIgRy58ONrtjDNok?=

=?Windows-1252?Q?lpamw/4/bx0aT2cupWvyxNNJpY+iSs+9dEul3Eyiu9O4KPM7gkIcrQDa?=

=?Windows-1252?Q?ea7Hk7Hqz8o87oDE2AakZ2axD6SQf/ONq4S/Cj295cNkhbIKyRHvVlJ/?=

=?Windows-1252?Q?4lSnT2BHu7x2cC2e3FZqCqrW/rquHlxMtxpVfKK8zEjbFbHXfTAWNSJR?=

=?Windows-1252?Q?YRjPMlpctL/WG5bkJce0Lrhsi65WIwpZRnYkA9nzH0JzNjY76A7pTqEA?=

=?Windows-1252?Q?LniBpuuKb8klTFVCkkFZ4P2JaulWSNPvssMUzaXcOI7MhaniF9WX1GD1?=

=?Windows-1252?Q?9FxzoUKXiCe08YbN6fssBGEJOZUSD5DQeJ6JMShvcxgRMdLKsftFTrNt?=

=?Windows-1252?Q?dDxWSvWkuIUCDRsj4yF+xE3kKtQ688EEyhrvc3Ef8QDL44aBsz3/JAPG?=

=?Windows-1252?Q?koILCL6Z8w9Ff7ZyothwAYTwOIC0FJuLzaM+jy2ikNzB4lv8xIa6+Mzo?=

=?Windows-1252?Q?undpz+S1jsganv08IHnMDg7WyaEpcQGWr1GNec65QCcevJPZ7XbQbCGu?=

=?Windows-1252?Q?xWBvuY/4L5gvweXY3++q67sK1i7Ojv1fwnTU5hbjhZt2jbZBU0Einf4u?=

=?Windows-1252?Q?WmiQMJGSt1RwEIX38hLE42UOU4U/nWS32nxgEz4Z3HpW6dCeMAkmzK63?=

=?Windows-1252?Q?S1U63QJRzJnqmSG3BjCwQ7U+SXo7MZOkeJMSPk/fLoR8vnPm60ovsAFO?=

=?Windows-1252?Q?vu7togM2mWRxeVXh6kXxom7e0Z/ALTsE2JD+/6eFvqOtGEIV4RvbSb7r?=

=?Windows-1252?Q?lb2YIdPNJqpg0jZcT05+zdZ62kjVW2eOYXMkaMjhOeuhuFb4bbAJ98Ug?=

=?Windows-1252?Q?O5lN8ve9HNgTVVsgv4SkOagkcJ7LSvSXsT8YXSr0z4Rr/BK4/1C35kDb?=

=?Windows-1252?Q?xfLWO3PjRrsxOnivIp/xICkGLk2tb3nYyk0wTJfDFhaHPTFgHKX1zQ2k?=

=?Windows-1252?Q?B34gqPchgDspinqVYswL5f8chhJZZO1AJBOgfm7zG5DQaIxubCF9XtBJ?=

=?Windows-1252?Q?rQ45Xf0PgpWSUdgx2ynLWWCx0+0Uq3LT4+fuD6FZwjLqk+NhoPYAHjyY?=

=?Windows-1252?Q?aHTJ+kDkVJC9hmAjfuAJB9GFZ7hbJRqKElLfdPpbs0ePFTCGGFkRe4hm?=

=?Windows-1252?Q?3J1Kzv1yZuxiKrTyHlrp7S8A57lv5mKrChHSWmbU3G7LwjuiisXBpeZg?=

=?Windows-1252?Q?jwa4dr396ejjVkcg3dNvDWsBr5nmVw9K95s5RVGW5VamuKv6ers9VO8y?=

=?Windows-1252?Q?zzezCyutLaeisFHDkO6dNZqAyqxibFe5HYq0XKe3f8YrYybb71/WvPzM?=

=?Windows-1252?Q?LsLR3psxVFSEM+zg4oT2LbbuDpTGduSHAm32Weruag5mJbPK01wVjmzp?=

=?Windows-1252?Q?uZaocFolBbd7yWG+e06Efc8NR9QuNkrtzxwCv6WxiKGraVQfg4sq+My6?=

=?Windows-1252?Q?uO5r18kgfmA+Dsmmd6nUUnkiNCe+n8dPAgLQ2Pncy01tXR41nFin+oUE?=

=?Windows-1252?Q?OWdf2P6nXWg/UIm2D5MDeJzRH1ATMDJXiRaMzD71DF04rO2ybS8NGP5p?=

=?Windows-1252?Q?7S9vQaszBO8=3D?=

x-forefront-antispam-report:

CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SG2PR02MB5380.apcprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(41320700013)(1800799024)(376014)(69100299015)(7416014)(366016)(786006)(38070700021)(8096899003)(3613699012)(43062017);DIR:OUT;SFP:1102;

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?LN6LGwX9zi9g+QY3YwkTDM4Su2WVLO9doCTXHmoE4323xZUJb5sCB+2E?=

=?Windows-1252?Q?rkmyMqJDZM29sfH/8nlaSZTaTdhjMiUePJ7ai4HFgTo/mmv5p5PeDEIy?=

=?Windows-1252?Q?34gq9TAVUOGWIgfd7vPNPpd8E8JrpTHFXDqcfwIWQS+rsYgNBFRnyEdX?=

=?Windows-1252?Q?cK1LOE9T3N8RJVsBQ7VX0G6omLeQRmpZRDEU0EzPcchVFxmDMEdB4a5Z?=

=?Windows-1252?Q?Q33LpdwudXOMh5Rzx+ud9afMViybldNQ0n1TC4O4UrmgZ8WeAKJ7AVrj?=

=?Windows-1252?Q?46TIAJNFRJxu4RMHpHTkmgmnE+LV0DxTnISmidTBLcFEa4heiTl2RU88?=

=?Windows-1252?Q?mWIC2GTpPB8lKfD/vycOiW1ZlkHt4JbBvzkK8XfHFoLVxlTybg0ES0UA?=

=?Windows-1252?Q?4u6NiQqb4LYEiQnu21M9qcHCE32OJsGhyGZsLKB3qvAAZGSxxfJG5lPH?=

=?Windows-1252?Q?9JwTxulmZDubGlBTt71zf3kSDd7XDXG/9gE/+WHSbtHunzyfT6wG43FF?=

=?Windows-1252?Q?++PjkzkS0qzzZltimLJrjEI0vttz2dHrpz+UDjaPMfLVRHrotXYDikBK?=

=?Windows-1252?Q?hVXHT0qMw4831+Tl2mpg101n1tlbKxucWtGWk/n8ZbmdC3QoCFJ++uXz?=

=?Windows-1252?Q?cEVorcEXpCe1Wme3X05aPdPmLUnNgJkOd131gxPqt7igDfisxufACS9/?=

=?Windows-1252?Q?zsOIDZlss3dc56ONr+rmEhXmBir7EoHGOBsio65OQ8Fodus8tdVYKtFT?=

=?Windows-1252?Q?NzIBBRQd/UUkBzjyycVpo+fcRr0gFcvuHiSj9GZdUgiGhGGJXfWSyBbL?=

=?Windows-1252?Q?eczw6+lktdvZyI9b/UrA9l6rDCiEgY4i+VG9qNcIZorT8sYtFIQNeqpc?=

=?Windows-1252?Q?nADbjWy7C3SCFavyWJEFdXMIALqLaHggQO2LQSTP7+FAsOSGPTPLCQu8?=

=?Windows-1252?Q?T4Ls6PutP4QxxVs/7fljtKQAigSAc8A2DgsESf+kPFQfrF4qFVI2kPyi?=

=?Windows-1252?Q?O+q55j7PdjfM4v+4eX+IKggwQigkek5PCC28CTGaqy/TSp/EgSNBlERB?=

=?Windows-1252?Q?UilnMd4ZS1hk1z1q8BHUOTe/kiAAZTjmaoP26PZmdvK8tW5mrh7M67GY?=

=?Windows-1252?Q?mgLt16CSb6k9heFODybVSY/MA817m+8sJvciP8K7Ei95mJtnKtXV+EJA?=

=?Windows-1252?Q?sqddYcZ7UXjxW6eBdccmIfo80K/CaW8bzmA4XFJFOGVdm7NpVn3u2WkN?=

=?Windows-1252?Q?1stS2wUt0Decdo81wl/smk0igRs0rwlvjmGjWSh9/F4H/dxE5/TM8K9A?=

=?Windows-1252?Q?785joBxDJKQW6izuy+oJroc+gVPHJuzsR8v0J3/fcRqr3zXZXJ7X5U+k?=

=?Windows-1252?Q?v0NhAcKaB/vLPaYdop0iNRFK3E9stf/lRQB2i+Ds+rU9b3Qi3KrVRjEO?=

=?Windows-1252?Q?lczmtk0mTDMEestPpgNRph2KnjLa3wp594ddiDVre8atGm0GDZiqJSjN?=

=?Windows-1252?Q?sDAxRrq8Mk0AVcmG1tp7wJlicq/y9H8RWUQeNccka4UM3Eap4G20DJZt?=

=?Windows-1252?Q?Hmp07XkMp5VW9L3rGEXqMEXsEbxm5Pe/cmf9xCffk0WJaIzIAM9c8mBT?=

=?Windows-1252?Q?zJ5w+zHYXc0T+GNvR7LWjcVkM4FEyxKLaahxEKICgC3uxQ9xI0HnB5mg?=

=?Windows-1252?Q?Gq1vJAG/JhCvOEUwQsWcT6WKzbJWIvTe+afgo9LWvCLKkopStr9lJAN8?=

=?Windows-1252?Q?Iv/PbXC0MeXUlaXvEe0PsW4IXgdDMG006eLtPhlJApFhdB5nHlBwrqpr?=

=?Windows-1252?Q?2iv4k39ip/lVhNH+qCy2QympAff+A8/z/m+eI1xR5GFrD984?=

Content-Type: multipart/alternative;

boundary="_000_SG2PR02MB5380D465C5C43A4FBAAC6990A586ASG2PR02MB5380apcp_"

MIME-Version: 1.0