Netknow now in NetCraft's top 12650 Part 2

Posted by Dave Yadallee on

MCSnet





MCSNET ranks >2000000 from >2000000 and are hosted by Microsoft .



Nucleus Internet Services





After that we have

Nucleus Information Services which can be found at Netcraft Rank >2000000 from >2000000 .





4Web





4web ranks >2000000 from >2000000 .



Alentus / Wolfpaw





Alentus

rank by Netcraft >2000000 from >2000000 and I note they are hosted in the USA .

wolfpaw.net

which ranks at >2000000 from >2000000



Yellowpencil





Yellowpencil Ranks >2000000 from >2000000



WSI Corporation





Next is WSI - We Simply The Internet of Toronto

at Netcraft Position >2000000 from >2000000 and are being hosted on Amazon.



Uniserve / Interbaun





Next, Uniserve

ranks on Netcraft >2000000 from >2000000

One of their acquisitions

interbaun

ranks with Netcraft ?????? from ?????? due to merging of sites.

One customer just came over from this organization in Nov 2006.



Clearwave Broadband





Clearwave Broadband ranks

at >2000000 from >2000000



Platinum Communications





Platinum Communications Corp.

bought out by Xplornet .



Wild Rose Internet





Wild Rose Internet

ranks >2000000 from >2000000 and I wonder if this is another wireless branch of Tera-Byte and bought out by Xplornet





TIC Internet





TIC Internet

ranks >2000000 from >2000000 ( I do remember you).



Nisa Custom Internet Solutions





Nisa Custom Internet Solutions

ranks >2000000 from >2000000 by Netcraft



MediaShaker





Media Shakers of Edmonton

ranks >2000000 from >2000000





Koi Media





Koi Media

rank >2000000 from >2000000



WebFire





Webfire.ca

ranks >2000000 from >2000000 and seems to be connected with Shaw.



Core Network Solutions Inc.





Core Network Solutions Inc.

ranks at >2000000 from >2000000 .



The Network Centre





The Network Centre

ranks >2000000 from >2000000 and are linked with Telus high Speed.





Open Concept Internet, Inc.





Open Concept Internet, Inc.

rank > 2000000 from > 2000000





Techalta





Interspots of Edmonton

acquired by Techalta ;



Yegtel





Yegtel rank > 2000000 .



Internet Crossroads





Internet Crossroads Ltd of North Edmonton

rank nothing from nothing by Netcraft and seems to merged with Tera-Byte/ecn.ab.ca .



If I remember anymore, I will add to this entry, before Netcraft changes our ranking. Please watch this space and please feel free to peruse

our services.

Netkonw now in NateCraft's top 12650 Part 1

Posted by Dave Yadallee on
All data is from Netcraft Toolbar .

Looks as if there are major changes to the Netcraft algorithm after some years! Why did Avast clasify the extension as URL:Phishing?

This is not the Alexa Tool Bar!



NetKnow







Netknow now at 12648 from 12241 at Netcraft and pfs compliant



A significant decrease! We must do
  1. security audits regularly
  2. check on illegitimate traffic hitting the web server


    3. and
  3. keep design current!




How do we compare with other providers in

Edmonton, Alberta, Canada?



Telus and reviews



Next we have Telus.com

ranked by Netcraft at 3238 from 3210 .

Sometimes their Web Hosting is done by
title="Internet Names for Business">Internet Names for Business

is ranked by Netcraft at >2000000 from >2000000 .



Is Telus's ADSL network susceptible to Code Red Attacks and Attackers?

Reviews of Telus are available :





Rogers





Rogers Business Solutions

which rank 5281 from 5268 and are hosted in Europe.



Netknow again





We at Netknow are at 12241 from 18857 since the start of 2026.



Government of Alberta



The Government of Alberta Website

ranks 15205 from 14807 by Netcraft and seems to hosted on Cloudfare.



City of Edmonton







The City of Edmonton ranks 32390 from 32021 by Netcraft and hosted by Google.



University of Alberta







The University of Alberta ranks 50204 from 47819 hosted by Amazon Techonologies.



Juno and NetZero





We have Juno Internet ranked on top

at 354442 from 345273 who are the owners of

US Based Netzero at Netcraft Rank 75419 from 82310 .



Grant MacEwen University





MacEwan ranks 119456 from 117685 .





NAIT / Northern Alberta Institute of Technology





NAIT ranks 123187 from 114695 hosted by Microsoft .



TekSavvy



TekSavvy ranks 236595 from 294238 and are hosted by Microsoft



Shaw Cable





Next,

members.shaw.ca

ranks >2000000 from >2000000 and retired and

Shaw Cable

is next at Netcraft rank >20000000 from >20000000 . Hosted now by Akamei .

Their Network Hosting Arm,

Big Pipe is at

Netcraft rank 336946 from 328908 and hosted by Akamai in Europe .



Reviews of Shaw are available :





Internet Centre / CCINet



Internet Centre

rank 414549 from 415652 . Their partner Rack Nine ranks > 2000000.



Xplornet



xplornet

ranks >2000000 from >2000000 and are listed with

Cirrus9 and are joining up with Shaw.

Their new domain xplore.ca ranks 434238 from 492620 .

According to an article in the Sherwood Park Independent, they are also getting an Alberta Government subsidy.



Distributel / 3Web / CIA



Cybersurf

is ranked 804402 from 806436 and seems to be hosted in USA by DigitalOcean.



Primus



Primus

ranks >2000000 from >2000000 and now points to BLACKIRON_DataCentres ranked >2000000 from >2000000.



Northern lights Fiber







Northern lights Fiber are ranked by Netcraft >2000000 and uses AWS.



OkayVPN





OkayVPN

are ranked by Netcraft >2000000 and uses Cloudfare.



Radiant Communications / goco.ca





Radiant Communications

are ranked by Netcraft >2000000 and part of goco.ca

which ranks >2000000 .



Tera Byte Edmonton and reviews





Next is Tera-Byte

at Netcraft Rank >2000000 with

Tera-Byte.ca

ranking >2000000 from >2000000 and their wireless arm Tera-Byte Wireless

sold to Xplornet.

One of Tera-Byte's acquisitions

Edmonton Community Networks

ranks at >2000000 from >2000000 and

Go Edmonton ranks >2000000 from >2000000.

Alberta political blogger Daveberta ranks >2000000 from >2000000; interesting!!!

Reviews of Tera-byte is available at

here

and another here

and check Google for more reviews; just search tera byte.

Netknow now in NetCraft's top 12650 Part 1

Posted by Dave Yadallee on
All data is from Netcraft Toolbar .

Looks as if there are major changes to the Netcraft algorithm after some years! Why did Avast clasify the extension as URL:Phishing?

This is not the Alexa Tool Bar!



NetKnow







Netknow now at 12648 from 12241 at Netcraft and pfs compliant



A significant decrease! We must do
  1. security audits regularly
  2. check on illegitimate traffic hitting the web server


    3. and
  3. keep design current!




How do we compare with other providers in

Edmonton, Alberta, Canada?



Telus and reviews



Next we have Telus.com

ranked by Netcraft at 3238 from 3210 .

Sometimes their Web Hosting is done by
title="Internet Names for Business">Internet Names for Business

is ranked by Netcraft at >2000000 from >2000000 .



Is Telus's ADSL network susceptible to Code Red Attacks and Attackers?

Reviews of Telus are available :





Rogers





Rogers Business Solutions

which rank 5281 from 5268 and are hosted in Europe.



Netknow again





We at Netknow are at 12241 from 18857 since the start of 2026.



Government of Alberta



The Government of Alberta Website

ranks 15205 from 14807 by Netcraft and seems to hosted on Cloudfare.



City of Edmonton







The City of Edmonton ranks 32390 from 32021 by Netcraft and hosted by Google.



University of Alberta







The University of Alberta ranks 50204 from 47819 hosted by Amazon Techonologies.



Juno and NetZero





We have Juno Internet ranked on top

at 354442 from 345273 who are the owners of

US Based Netzero at Netcraft Rank 75419 from 82310 .



Grant MacEwen University





MacEwan ranks 119456 from 117685 .





NAIT / Northern Alberta Institute of Technology





NAIT ranks 123187 from 114695 hosted by Microsoft .



TekSavvy



TekSavvy ranks 236595 from 294238 and are hosted by Microsoft



Shaw Cable





Next,

members.shaw.ca

ranks >2000000 from >2000000 and retired and

Shaw Cable

is next at Netcraft rank >20000000 from >20000000 . Hosted now by Akamei .

Their Network Hosting Arm,

Big Pipe is at

Netcraft rank 336946 from 328908 and hosted by Akamai in Europe .



Reviews of Shaw are available :





Internet Centre / CCINet



Internet Centre

rank 414549 from 415652 . Their partner Rack Nine ranks > 2000000.



Xplornet



xplornet

ranks >2000000 from >2000000 and are listed with

Cirrus9 and are joining up with Shaw.

Their new domain xplore.ca ranks 434238 from 492620 .

According to an article in the Sherwood Park Independent, they are also getting an Alberta Government subsidy.



Distributel / 3Web / CIA



Cybersurf

is ranked 804402 from 806436 and seems to be hosted in USA by DigitalOcean.



Primus



Primus

ranks >2000000 from >2000000 and now points to BLACKIRON_DataCentres ranked >2000000 from >2000000.



Northern lights Fiber







Northern lights Fiber are ranked by Netcraft >2000000 and uses AWS.



OkayVPN





OkayVPN

are ranked by Netcraft >2000000 and uses Cloudfare.



Radiant Communications / goco.ca





Radiant Communications

are ranked by Netcraft >2000000 and part of goco.ca

which ranks >2000000 .



Tera Byte Edmonton and reviews





Next is Tera-Byte

at Netcraft Rank >2000000 with

Tera-Byte.ca

ranking >2000000 from >2000000 and their wireless arm Tera-Byte Wireless

sold to Xplornet.

One of Tera-Byte's acquisitions

Edmonton Community Networks

ranks at >2000000 from >2000000 and

Go Edmonton ranks >2000000 from >2000000.

Alberta political blogger Daveberta ranks >2000000 from >2000000; interesting!!!

Reviews of Tera-byte is available at

here

and another here

and check Google for more reviews; just search tera byte.

McAfee Phish from Google Gmail Part 3

Posted by Dave Yadallee on


=20



=20



=20



=20

















McAfee Phish from Google Gmail Part 4

Posted by Dave Yadallee on

/InformAction">
emtype=3D"http://schema.org/EmailMessage">
ntent=3D"Lauren Byrd: Dear, This is a notification that your current subscr=

iption with McAfee will automatically renew on . A total amount of $426.66 =

will be debited from your saved payment method. Invoice Brief View **Subscr=

iption Details:** Product: All in One Membership Devices Covered: x5 =

Warranty Period: 5-Years Payment Mode: Auto Debit Total Amount: USD484.=

99 Client Reference: 675e40dfa2 Activation Code: To avoid renewal or to mod=

ify your plan, please contact us at least 48 hours before the renewal date.=

For support, reach us at (864)-201-1506. Best regards, Warm regards,, McAf=

ee Personal Home Membership Management Team: Adrienne White Customer Helpde=

sk: (843) 303-6665 Corporate Mailing Address,: 79 North Oxford Walk Apt9A S=

teamboat Springs Co 98541 US Office Timing: 6 AM =E2=80=93 6 PM"/>
pan itemprop=3D"object" itemscope itemtype=3D"http://schema.org/Event">
a itemprop=3D"eventStatus" content=3D"http://schema.org/EventScheduled"/>
pan itemprop=3D"publisher" itemscope itemtype=3D"http://schema.org/Organiza=

tion">
mprop=3D"eventId/googleCalendar" content=3D"589eok3sgvv1gisthd7l4aj08k"/>
pan style=3D"display: none; font-size: 1px; color: #fff; line-height: 1px; =

height: 0; max-height: 0; width: 0; max-width: 0; opacity: 0; overflow: hid=

den;" itemprop=3D"name">Payment Confirmation =E2=80=93 Invoice Included
an>
le=3D"presentation" align=3D"center" style=3D"width:100%;" class=3D"body-co=

ntainer">

=3D"height:16px;" aria-hidden=3D"true">  

=3D"0" role=3D"presentation" align=3D"center" style=3D"width:100%;" class=

=3D"">

temtype=3D"http://schema.org/EmailMessage">

Dear=

,

This is a notification that your current subscription with McAfee will =

automatically renew on . A total amount of $426.66 will be debited from you=

r saved payment method.

Invoice Brief View

**Subscription Details:**

=

Product: All in One Membership
Devices Covered: x5
 Warranty Per=

iod: 5-Years
Payment Mode: Auto Debit
 Total Amount: USD484.99

C=

lient Reference: 675e40dfa2
Activation Code:

To avoid renewal or to =

modify your plan, please contact us at least 48 hours before the renewal da=

te.

For support, reach us at (864)-201-1506.

Best regards,
Warm rega=

rds,,
McAfee Personal Home Membership
Management Team: Adrienne White=


Customer Helpdesk: (843) 303-6665
Corporate Mailing Address,: 79 No=

rth Oxford Walk Apt9A Steamboat Springs Co 98541 US
Office Timing: 6 AM=

=E2=80=93 6 PM


lpadding=3D"0" cellspacing=3D"0" role=3D"presentation" align=3D"center" sty=

le=3D"width:100%;" class=3D"">

dce0; border-radius: 8px; direction: rtl; font-size: 0; padding: 24px 32px;=

text-align: left; vertical-align: top;" class=3D"main-container-inner">
-[if mso | IE]>
=3D"presentation">

text-align: left; direction: ltr; display: inline-block; vertical-align: t=

op; width: 100%;overflow: hidden; word-wrap: break-word;">

0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" width=3D"100%"=

class=3D"main-column-table-ltr" style=3D"padding-right: 32px; padding-left=

: 0;;table-layout: fixed;">

"padding:0; vertical-align:top;">
spacing=3D"0" role=3D"presentation" width=3D"100%" style=3D"table-layout: f=

ixed;">=


r>

eak: break-word;;padding-bottom:2px;">

e Sans', Roboto, sans-serif;font-weight: 400; font-size: 22px; line-hei=

ght: 28px;color: #3c4043; text-decoration: none;" class=3D"primary-text" ro=

le=3D"presentation">Payment Confirmation =E2=80=93 =

Invoice Included

ng: 0; text-align: left; word-break: break-word;;padding-bottom:24px;">
style=3D"font-family: Roboto, sans-serif;font-style: normal; font-weight: =

400; font-size: 14px; line-height: 20px; letter-spacing: 0.2px;color: #3c40=

43; text-decoration: none;" class=3D"primary-text" role=3D"presentation">
pan aria-hidden=3D"true">

eak-word;;padding-bottom:24px;">

if;font-style: normal; font-weight: 400; font-size: 14px; line-height: 20px=

; letter-spacing: 0.2px;color: #3c4043; text-decoration: none;" class=3D"pr=

imary-text" role=3D"presentation">
lspacing=3D"0" role=3D"presentation" style=3D"padding-bottom: 4px;">
>


ecoration: none;font-weight: 700;-webkit-font-smoothing: antialiased;margin=

: 0; padding: 0;">Organizer


042;">
er" style=3D"display: inline-block;;color: #3c4043; text-decoration: none;"=

href=3D"mailto:lauren.byrd2pot@ecitravel.org">Lauren Byrd
itemprop=3D"organizer" itemscope itemtype=3D"http://schema.org/Person">
a itemprop=3D"name" content=3D"Lauren Byrd"/>
nt=3D"lauren.byrd2pot@ecitravel.org"/>

break-word;;padding-bottom:24px;">

erif;font-style: normal; font-weight: 400; font-size: 14px; line-height: 20=

px; letter-spacing: 0.2px;color: #3c4043; text-decoration: none;" class=3D"=

primary-text" role=3D"presentation">
ellspacing=3D"0" role=3D"presentation" style=3D"padding-bottom: 4px;"><=

td>


-decoration: none;font-weight: 700;-webkit-font-smoothing: antialiased;marg=

in: 0; padding: 0;">Guests

(Guest list has been hidde=

n at organizer's request)
=

=



--000000000000a98285064fe63bb2--

McAfee Phish from Google Gmail Part 2

Posted by Dave Yadallee on




--000000000000a98285064fe63bb2

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



RGVhciwgVGhpcyBpcyBhIG5vdGlmaWNhdGlvbiB0aGF0IHlvdXIgY3VycmVudCBzdWJzY3JpcHRp

b24gd2l0aCBNY0FmZWUgIA0Kd2lsbCBhdXRvbWF0aWNhbGx5IHJlbmV3IG9uIC4gQSB0b3RhbCBh

bW91bnQgb2YgJDQyNi42NiB3aWxsIGJlIGRlYml0ZWQgIA0KZnJvbSB5b3VyIHNhdmVkIHBheW1l

bnQgbWV0aG9kLiBJbnZvaWNlIEJyaWVmIFZpZXcgKipTdWJzY3JpcHRpb24gIA0KRGV0YWlsczoq

KiAqIFByb2R1Y3Q6IEFsbCBpbiBPbmUgTWVtYmVyc2hpcCAqIERldmljZXMgQ292ZXJlZDogeDUg

KiAgDQpXYXJyYW50eSBQZXJpb2Q6IDUtWWVhcnMgKiBQYXltZW50IE1vZGU6IEF1dG8gRGViaXQg

KiBUb3RhbCBBbW91bnQ6ICANClVTRDQ4NC45OSBDbGllbnQgUmVmZXJlbmNlOiA2NzVlNDBkZmEy

IEFjdGl2YXRpb24gQ29kZTogVG8gYXZvaWQgcmVuZXdhbCBvciAgDQp0byBtb2RpZnkgeW91ciBw

bGFuLCBwbGVhc2UgY29udGFjdCB1cyBhdCBsZWFzdCA0OCBob3VycyBiZWZvcmUgdGhlIHJlbmV3

YWwgIA0KZGF0ZS4gRm9yIHN1cHBvcnQsIHJlYWNoIHVzIGF0ICg4NjQpLTIwMS0xNTA2LiBCZXN0

IHJlZ2FyZHMsIFdhcm0gcmVnYXJkcywsICANCk1jQWZlZSBQZXJzb25hbCBIb21lIE1lbWJlcnNo

aXAgTWFuYWdlbWVudCBUZWFtOiBBZHJpZW5uZSBXaGl0ZSBDdXN0b21lciAgDQpIZWxwZGVzazog

KDg0MykgMzAzLTY2NjUgQ29ycG9yYXRlIE1haWxpbmcgQWRkcmVzcyw6IDc5IE5vcnRoIE94Zm9y

ZCBXYWxrICANCkFwdDlBIFN0ZWFtYm9hdCBTcHJpbmdzIENvIDk4NTQxIFVTIE9mZmljZSBUaW1p

bmc6IDYgQU0g4oCTIDYgUE0NCg0KUGF5bWVudCBDb25maXJtYXRpb24g4oCTIEludm9pY2UgSW5j

bHVkZWQNClN1bmRheSBBcHIgMTkg4ouFIDlwbSDigJMgTW9uZGF5IEFwciAyMCwgMjAyNiDii4Ug

ODozMHBtDQpNb3VudGFpbiBTdGFuZGFyZCBUaW1lIC0gUGhvZW5peA0KDQoNCg0KT3JnYW5pemVy

DQpMYXVyZW4gQnlyZA0KbGF1cmVuLmJ5cmQycG90QGVjaXRyYXZlbC5vcmcNCg0K

--000000000000a98285064fe63bb2

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:offi=

ce">
t=3D"text/html; charset=3DUTF-8">
=3Ddevice-width,initial-scale=3D1">
ight dark">

















McAfee Phish from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 20 Apr 2026 11:48:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEsiI-000000008ck-2w7A

for dave@doctor.nl2k.ab.ca;

Mon, 20 Apr 2026 11:47:14 -0600

Resent-From: The Doctor

Resent-Date: Mon, 20 Apr 2026 11:47:14 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f201.google.com ([209.85.221.201]:47557)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEqsR-000000002ic-3VKs

for root@nk.ca;

Mon, 20 Apr 2026 09:49:45 -0600

Received: by mail-vk1-f201.google.com with SMTP id 71dfb90a1353d-56f55a94174so6807393e0c.3

for ; Mon, 20 Apr 2026 08:48:48 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1776700122; x=1777304922; darn=nk.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=BzDfD7PZErUZyTF5XoeNwFmghJKdFVVUZpingYAO+8k=;

b=dmQww/f8jP0w5bJkE/Hcpg7csWD7m1CWKhxUyiHNOSNtfJErrxq3/3gyD8EtUooSCF

Laste6DDNBhY8DyjNKFw1TbMLxfvWb61ycs2x5jON9FUJSP68B0C+b6B3xtqxw0KrxtV

Esad0LE4rq6E1spNR2amdJgL8kKJzZyqfO3hy3QkffjFTD+3Jb+rCMtyJAyKD6Zw1TJM

jTH3ryMq/Pv58FHc5fzP5xwJUl3aQleuDvl901FkMFWfqSzXI8/qkZf7PSb1p9x32oku

jzMNdXpH+uxJuQyihfZrxshm5mlTAUnI1QrpUwDms2MJ0JqxYrnFoR3ifuL0aJ428lb4

n6DA==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=ecitravel-org.20251104.gappssmtp.com; s=20251104; t=1776700122; x=1777304922; darn=nk.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=BzDfD7PZErUZyTF5XoeNwFmghJKdFVVUZpingYAO+8k=;

b=FcPXSemmgHbSos8RTWqC1kJR3/oAJ2W5UA8vKibo6GrGIu/jVNNXTSxFAnyZJ7F6fV

tXW7N/ZImu8zB+JACQ3KTfn/G3+3MH7imtBQs+V3Pg+FPu+aUBI5c0xLkpPLdvYuntrm

baouX9eOrdZfUxoh9hlQVqSVxbbvoy8Qt/5pfyLpgXDJqJrinYWuljAZn/J3CqHfx6oA

sqbW+jjta7xaq6dHN6TWTx3gIszHRH+f0nB+rURl50iPfxcYoGdF2K/G3PkxeRNSkrdb

iphB042BFio9Alu3sgUg2MDyMmsWPUX2ZYFQKdE3iJg+rKQAYMwpSlcHPmwnxXvGHDft

iiGA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776700122; x=1777304922;

h=from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=BzDfD7PZErUZyTF5XoeNwFmghJKdFVVUZpingYAO+8k=;

b=l69Lw4OSYVUvFk/tgy3lmlmzFBq/JXnvn3yWMW/HP/2ZG/L7QY7GTYVYen/7bDE5La

S42pwpPosrC8oznDdksfVE1LjvYxAok7whBRHEq2Lwx8tvGlB806O+b1BpKCEkn9V/aC

oMa16D23VH/9bTB5WhiPS8oZfWeG4lO3Dc5iTuLlwzOnRRD6BIJ7kyRemBD2oA2L0jt0

lVA+Cl0y9nQQhn44bvQtToKyCMlhVe1E/6jG+DsHo+bL9InLnf+114t1qbaLZQXy0u9k

FAuhTVNGoJeLWVaS9Xj73WUcHx78vld1JFrGf8izsFJJfN7hxnpsjhRBqPQmsxifizlH

DABg==

X-Forwarded-Encrypted: i=1; AFNElJ/R9r5QkH9cEsjk0LyA2mf3T3s0bA55aPGvncEuR36PXzMVpwYicFbT5w6CviME6ShxJi50@nk.ca

X-Gm-Message-State: AOJu0YwRD8jb66rSHPLSsDRNPhLC5HEKi+8N7FquKzxrCYTRtIv15hYQ

56+efc3A2tp/rTcgkZ+BQ7wCUTU/0oNwWx/Ii7MouYzawzbOf4ABx6MTnh6Az73+riVI8onv04Q

qqhYsQFSDBNA+M0Rg6ZcLBpWzR+lDpUvAA/RtGfCLIHIv

MIME-Version: 1.0

X-Received: by 2002:a05:6122:3a12:b0:56d:9def:20c8 with SMTP id

71dfb90a1353d-56fa5899767mt12487707e0c.6.1776700121622; Mon, 20 Apr 2026

08:48:41 -0700 (PDT)

Reply-To: Lauren Byrd

Sender: Google Calendar

Message-ID:

Date: Mon, 20 Apr 2026 15:48:42 +0000

Subject: Payment Confirmation - Invoice Included

From: Lauren Byrd

Content-Type: multipart/alternative; boundary="000000000000a98285064fe63bb2"

X-Spam_score: 6.9

X-Spam_score_int: 69

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear, This is a notification that your current subscription

with McAfee will automatically renew on . A total amount of $426.66 will

be debited from your saved payment method. Invoice Brief View **Sub [...]



Content analysis details: (6.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.201 listed in dnsbl.ahbl.org]

[209.85.221.201 listed in dnsbl.ahbl.org]

[209.85.221.201 listed in dnsbl.ahbl.org]

[209.85.221.201 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.201 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.201 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.201 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.201 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.201 listed in will-spam-for-food.eu.org]

[209.85.221.201 listed in will-spam-for-food.eu.org]

[209.85.221.201 listed in will-spam-for-food.eu.org]

[209.85.221.201 listed in will-spam-for-food.eu.org]

[209.85.221.201 listed in will-spam-for-food.eu.org]

[209.85.221.201 listed in will-spam-for-food.eu.org]

[209.85.221.201 listed in will-spam-for-food.eu.org]

[209.85.221.201 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.201 listed in list.dnswl.org]

1.2 MISSING_HEADERS Missing To: header

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.221.201 listed in sa-accredit.habeas.com]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.221.201 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.201 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.221.201 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.221.201 listed in bl.score.senderscore.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.9 REPLYTO_WITHOUT_TO_CC No description available.

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Payment Confirmation - Invoice Included

Web/SEO/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
--_000_PNXP287MB4264D5266240BEF9D6DC29D8BA2F2PNXP287MB4264INDP_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,

I had a look at your website and noticed great potential to boost its visib=

ility through SEO, GEO, and AEO=97helping you rank higher on Google and get=

discovered in AI-powered search results.

If you're aiming to strengthen your online presence and drive more traffic,=

we=92d be happy to assist.

Let=92s connect and get started right away.

WhatsApp: +91 9211383434







________________________________

From: Neetu Mishra

Sent: Tuesday, April 7, 2026 4:05 AM

Subject: Fw: SEO Boost with AI (ChatGPT & Gemini)







Hi,

I came across your website and wanted to reach out briefly.

Your site looks well-designed, but I noticed it=92s not currently ranking o=

n the first pages of Google for several important keywords. This means pote=

ntial customers may be missing your business when searching online.

We help businesses improve search rankings using AI-powered SEO strategies =

(ChatGPT & Google Gemini) along with proven optimization techniques. Our pr=

ocess boosts visibility on Google, Bing, and Yahoo, driving more organic tr=

affic and qualified leads.

We offer reliable SEO services at competitive pricing and can start as soon=

as you=92re ready.

Would you be open to a quick discussion?

WhatsApp: +91 9211383434

Best regards,





--_000_PNXP287MB4264D5266240BEF9D6DC29D8BA2F2PNXP287MB4264INDP_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








0pt; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, =

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hi,



0pt; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, =

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I had a look at your website and noticed great potential to boost its visib=

ility through SEO, GEO, and AEO=97helping you rank higher on Google and get=

discovered in AI-powered search results.



0pt; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, =

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

If you're aiming to strengthen your online presence and drive more traffic,=

we=92d be happy to assist.



0pt; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, =

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Let=92s connect and get started right away.



0pt; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, =

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

WhatsApp:
WAcc1cfc34-3c8d-2957-3392-c69a23968784" class=3D"OWAAutoLink" title=3D"http=

s://wa.me/+919211383434" style=3D"color: blue;">

+91 9211383434



0pt; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, =

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

 



0pt; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, =

Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

 



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">











yle=3D"font-size:11pt" color=3D"#000000">From: Neetu Mishra <neet=

umishra2016@outlook.com>


Sent: Tuesday, April 7, 2026 4:05 AM


Subject: Fw: SEO Boost with AI (ChatGPT & Gemini)

 









ontService,Calibri,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">

 



ontService,Calibri,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">

 



ontService,Calibri,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">

Hi,



edFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif; font-size:12pt; co=

lor:rgb(0,0,0)">

I came across your website and wanted to reach out briefly.



edFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif; font-size:12pt; co=

lor:rgb(0,0,0)">

Your site looks well-designed, but I noticed it=92s not currently ranking o=

n the first pages of Google for several important keywords. This means pote=

ntial customers may be missing your business when searching online.



edFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif; font-size:12pt; co=

lor:rgb(0,0,0)">

We help businesses improve search rankings using AI-powered SEO strategi=

es (ChatGPT & Google Gemini) along with proven optimization te=

chniques. Our process boosts visibility on Google, Bing, and Yahoo, driving=

more organic traffic and qualified leads.



edFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif; font-size:12pt; co=

lor:rgb(0,0,0)">

We offer reliable SEO services at competitive pricing and can start as soon=

as you=92re ready.



edFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif; font-size:12pt; co=

lor:rgb(0,0,0)">

Would you be open to a quick discussion?





edFont,Aptos_MSFontService,Calibri,Helvetica,sans-serif; font-size:12pt; co=

lor:rgb(0,0,0)">

Best regards,



ontService,Calibri,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">














--_000_PNXP287MB4264D5266240BEF9D6DC29D8BA2F2PNXP287MB4264INDP_--

Web/SEO/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 20 Apr 2026 06:23:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEnda-000000004ZA-0Pux

for dave@doctor.nl2k.ab.ca;

Mon, 20 Apr 2026 06:22:02 -0600

Resent-From: The Doctor

Resent-Date: Mon, 20 Apr 2026 06:22:01 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-southindiaazolkn19011030.outbound.protection.outlook.com ([52.103.67.30]:56874 helo=MA0PR01CU012.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wElQC-00000000B6f-2FVN

for doctor@netknow.ca;

Mon, 20 Apr 2026 04:00:14 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=rIDJ1KANWt3Z6Wb46Qpd8LGI6IudTnji4UKp+MYcGHJ8wc7nmdkfHUrBcX2csuUQ2dg4Xe/5HvLy+R+UoB/7WISqtsmVg77ofKx41zbs1npCMdcEdZQUCdi8akDGgilxk1WCwDQUrWuBs/Ej4ncCe98X3nWeUPzsQwvD4Gf8u7Cq52O6eQKoEnL7Q0uWXH/8a+2TgaK5WXV9XU+DmSPkyj5KSpSezFSQ0qCSP6NvPn5pF0iUFbEXe5kuKaVaWD4F8EKXZKl35T+gPfdOyQ+pYVDoFfIYGR+7TSupVBcP9L8kmIO8e8TeS9rynfzMjTuryWPA02ASlJ0mAJx3h1e+HA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=ABKPmIUZgDHA5dqhy/22syrMHdqPT0lntUqwIT7T3g0=;

b=zA0cka6wwYVB8rRUMnPOdpzSC5nF27PgBmc5S+So3MfbMtdp049nQ9YulE8v3f9X9KluHYhunOqJSrE7L8iXati403GbA1y0RaHa0TnYy21Gseu+KqbfBraxl8d9nCNqvNddd1E/QLYE6pewBQoz+9y4dsxr1h8s+e5wHYzLvdZ3ysrC/GBCsnOg3zaIPxOFZLoiYUHjbQB6w8VhGjpfVzBc+E9EzomqtK79DQjqTZTR2QyI6ENxKkL+gVcZQ/d8fwqMDjErMoUYCWkyo7xk+LCxQB3zgcc3SnlclvJnWd+lOVB78v3nR/+HGSU7hZAYyJLUDUxmQ36y0SUiUWLrgg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=ABKPmIUZgDHA5dqhy/22syrMHdqPT0lntUqwIT7T3g0=;

b=bUltH1Gr3jVKmtaDU4mK6R0cBUbZPugeFeNHNhVy4gjS75aRC2ciOEj3GYTVVYfDVPl//4mFHeLMBe77oOYkBs65CeZ71fypKKZm0xS0G3pFF5NIt76kIHiZDTcCKpyxWV+ry5nXEx3MTarGwvirmGb+wUjTvM3SkNAUnYeYHnFMA3U5wZfSvhmawqFyzRdaaLRHNZ6U01oVUNMQC0pMmkwYmivUvgoLwXFUEs2TDezuwadfnLfa4PJ5bI2RvD68hbzu56ILUgacHpoTTd93da6ECvvk1xLAFHueAasYmloF2/v6HnwdVNqKTbmNWOovIYeoltuai7YaJudpjrOALg==

Received: from PNXP287MB4264.INDP287.PROD.OUTLOOK.COM (2603:1096:c01:2c1::11)

by PNXP287MB4198.INDP287.PROD.OUTLOOK.COM (2603:1096:c01:2c3::5) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9818.32; Mon, 20 Apr

2026 09:57:43 +0000

Received: from PNXP287MB4264.INDP287.PROD.OUTLOOK.COM

([fe80::d0e7:6680:ea13:5404]) by PNXP287MB4264.INDP287.PROD.OUTLOOK.COM

([fe80::d0e7:6680:ea13:5404%6]) with mapi id 15.20.9818.032; Mon, 20 Apr 2026

09:57:43 +0000

From: Neetu Mishra

To: Neetu Mishra

Subject: Re: SEO Boost with AI (ChatGPT & Gemini)

Thread-Topic: SEO Boost with AI (ChatGPT & Gemini)

Thread-Index:

AQHcg4mezVKFD/3ZxEKP2DHwwvO+obVP3ZL+gAQdMXOAGqJXeYAypq/FgB5DYLaAFEz4N4AAADPXgBR8fFE=

Date: Mon, 20 Apr 2026 09:57:42 +0000

Message-ID:



References:

















In-Reply-To:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PNXP287MB4264:EE_|PNXP287MB4198:EE_

x-ms-office365-filtering-correlation-id: 4ed70823-5e18-4116-2117-08de9ec34406

x-microsoft-antispam:

BCL:0;ARA:14566002|37011999003|39105399006|9400799043|704163111799003|2604032031799003|24121999003|22091999003|19110799012|8060799015|8062599012|12050799012|31061999003|15080799012|15030799006|461199028|56899033|31055399003|40105399003|43065399003|440099028|3412199025|34005399003|26121999007|10035399007|102099032|12091999003|1710799026;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?0C3rpAF+xHzYSi+fJovimWETbJhe9uQH2IeE0wmVAk1w8idQTPrbI28L?=

=?Windows-1252?Q?kHMkmYA20h5P5KQI+98YXj9Jir1G2o1ZErYngWOm5CFO4WdstlXcjxUQ?=

=?Windows-1252?Q?xdxRZx5O+4UoGeQohy5tI8T+NzPO2apfGQNtUHrDIikxWfiJiENa3Y+w?=

=?Windows-1252?Q?Bf2aSuQomx1WDAnOpHod90EjQoWfP7hbyS82sCf0MlyuOyC4w+RjraJo?=

=?Windows-1252?Q?RaS/gphU7l8e/55pAS2fQorQ3BR+O4p9ywm5psCHtoUjGInd10rUmrWE?=

=?Windows-1252?Q?Ee+HCGUr5kVbJ9Ew1odGMLZSWaWaq2+QLmLZ0TORPMX2k9nOBM7p/7+W?=

=?Windows-1252?Q?wYI8J/VBaumSaheA+pKDzxXDsAf1i83KWkp4jRrp8frsaAUmMOP6ERV0?=

=?Windows-1252?Q?APr6OF6eMWlOmVE9uvf9bE0/OGH+e1yDYOE4nQcntmpyqZCd2LnOQ3QV?=

=?Windows-1252?Q?XSG0Nzl0E0YuULJ3jIYVgpsXQu1IJJfjdYi5rVubztwyaaMv+DQ8ZTPs?=

=?Windows-1252?Q?iA1DmA+zWEV6vVI3jhh12bSEqjJ7m5KQ6Z27REaXkJsw7f4k1L6ZnSeJ?=

=?Windows-1252?Q?JihZbzCDw1sar0Y8SYbXMGamYomibNdecRRy+Q/rmuGg8kOdaE+L30q8?=

=?Windows-1252?Q?s9SErkCDiAydzG8HAXuQhLvSLQTZOIm8WXZdQKsCIOheX7l8skViTTSR?=

=?Windows-1252?Q?o+6MJa7nMURojvvjHeZFwurCJcnYDwBDnXQgr4l0Ii4suCKrG5ZKes8t?=

=?Windows-1252?Q?DaByKGnAmZV2PRDIeA7/n3cscZxqaWIuNK1amLdSpbExg5nUgG2UHlxX?=

=?Windows-1252?Q?WsP1CK5sqxe4lph/6xArOIhyLXrcvHdMRix9mK4oDkKb1xt6a38hz58r?=

=?Windows-1252?Q?1V+YZaZygj6mDZbXYF07/ljYo0AoUE6FZWsyMwGH9hIz05+IaYYYzpE4?=

=?Windows-1252?Q?6kRwfgqPzDcXP19jn9c14yNLKoUfXYtuMeXQwAADzXMt1hhPIDb/WlRe?=

=?Windows-1252?Q?GuIndbc3dsQ9IJivqynLiQgUM1//R/2pbT0X1H7P1v4zC6ix1eNW2a35?=

=?Windows-1252?Q?ibs8Vcs4ux0Rd2bDiFa6VTj2+OgfyJuE7RdM1sCipJs+ig+5FD+/p9B6?=

=?Windows-1252?Q?wOs8gG0Egt7/5tyBCPkJxqUnA7HsM+bP1xKWzn0wqTzKPcSDZud4s2v2?=

=?Windows-1252?Q?S33bCnOtHFIJw9JWmhlVogSgQ6NxTeMWap2FOuSV1acYemKi/AEpItXm?=

=?Windows-1252?Q?y198mp8C/of1uDDuUDN//r9ttnsje52ZNUO1i34MRHN1bz7tFNoRMbaa?=

=?Windows-1252?Q?t9L8f7POT+hqUCFsdHdrxjj40XVVjYkjjtH0aYyk/Dm34zqDxuJa3CVo?=

=?Windows-1252?Q?s9TInpyYjaqZPJH6Q944mzU3OCSdnM04pzHGDeJSjNcF21T04HaaLRBA?=

=?Windows-1252?Q?/kTKcshtAYp6V0F+2nKf1g=3D=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?2YQ6p8KFQ6l2N+b5IRjEOkLUGedmf3BaeGJt1ARcRZztRR60+FrZIKEY?=

=?Windows-1252?Q?s7/SgdfTW96cxjtnGnRszwX2c6/FsXaKNvekQfotGMqLfhXPVBo4Y6l/?=

=?Windows-1252?Q?RM8as1b5lsW7nrxXvaWmqzkmmKYb2i1SJ/4UW5GYTiYOswI93AuGlcsU?=

=?Windows-1252?Q?3UPPNOVKiuS0EsaxXuB9hH84VEEUpyEHCsSJOCWW6PzfnQG8Vt46rVsD?=

=?Windows-1252?Q?9CS0FPYE7jPiHmXz9VHkunPTllJ9wjMhvPBooDOUT11Chg4isFIWg/KK?=

=?Windows-1252?Q?tZ62jsTKydT5LyWatzDxxiO2Zb1w49SMOTxeSGQBDbjcLIur5f3t0WT1?=

=?Windows-1252?Q?yo8f0YvZdOhc9w+FQC3smQj05GdWVCjhDZxjxzXAnYgmhluz9rFQoxNA?=

=?Windows-1252?Q?c5Ue5C2tuT8GLqICejn89wPUvwaquMLTqVs3WBcFbrCMfMIedImUDVne?=

=?Windows-1252?Q?8WjQl90eLC7S910lhRoTmxc30SSNBzkeqzLRS+AxAdssVbqzNf2PqZy6?=

=?Windows-1252?Q?5OS0ntXC2A+xXAUOZPghLN8irOLWorRDngAW84IWSLkhRsKmeDBv6e5A?=

=?Windows-1252?Q?ePe3ZkQQZKTIyAifVc3Qt8ALXDP1RQP6ExsQd/25fzSOks7REIL1q8Ss?=

=?Windows-1252?Q?yvjoxGcn0CLHIe/b6+NCuc98RwCOFLOxKUA4K7b0499o8Nb87bq06BB5?=

=?Windows-1252?Q?RYcZTQFZuso4ZI9xxTMj3pvBuA5Oc0N6Ey1vIcyvvpJBQ3Xo576hzmu+?=

=?Windows-1252?Q?VNQZDFEp4xyiesSWopOqPOisftNgZ6K1fPLIoRH3at2eY2EkudAseRSH?=

=?Windows-1252?Q?8z35KdfZQRN7m4ujFjLP9URotXj8NqaleI8xgiY9iafdM0xgkk1XaE4M?=

=?Windows-1252?Q?qrDB5nSlS1yVxKt8/dGNGf13oNceFcmSG2pIHr+A+9hOM6PCm0iG6JhW?=

=?Windows-1252?Q?Kk+KzSHwlscQOmZ9ybjmyDeN5VVDCLQk2uzaMu8mBO5nxmLLUQpsZW5Z?=

=?Windows-1252?Q?HXcoP2nKtgrcIfUZzqL8rEds0YNaCUiwK5E8+mLMDGmJj72nJvCF+bhf?=

=?Windows-1252?Q?CRZ+W7kJs5qvQdsq7nGdElsWLkRMtYOT8Hnhx2Jo1cnLS8DG0gGfdouC?=

=?Windows-1252?Q?yqLRERBxlXZJElQUvlK56zXDJL5YPmJsMtECHucJGlVh1IckzJ0+kdpR?=

=?Windows-1252?Q?rF8i0/jvtCAOKAhwqp5ykdPM7ymfBo1/ggx7Nghx+sZxd6H1QhgvzPBI?=

=?Windows-1252?Q?kP10uEa5jUn4UKCxaU6/rtT4Mvu6zEDLsiI1ScNISZ9mhzM8ryNP2PCT?=

=?Windows-1252?Q?43XM08Zcf7PL7R5kpVRJBWofL/L9pk9n0frX5jlkJ04qm3SUqFBnDL6O?=

=?Windows-1252?Q?n1hkoLSSwACJ7t0QQtsenpDZpTBFXoKGphGOFbxxwXzh1b+V9CnUtc2i?=

=?Windows-1252?Q?9opQEUKYIysk3xfhRxiwBudGLY4QTmmUFnvadOXeQhlBiZubX7Fhgy2O?=

=?Windows-1252?Q?JqYmtrr7?=

Content-Type: multipart/alternative;

boundary="_000_PNXP287MB4264D5266240BEF9D6DC29D8BA2F2PNXP287MB4264INDP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: PNXP287MB4264.INDP287.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 4ed70823-5e18-4116-2117-08de9ec34406

X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Apr 2026 09:57:42.9827

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PNXP287MB4198

Nigerian spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content analysis details: (11.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.102.167.20 listed in dnsbl.ahbl.org]

[52.102.167.20 listed in dnsbl.ahbl.org]

[52.102.167.20 listed in dnsbl.ahbl.org]

[52.102.167.20 listed in dnsbl.ahbl.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.102.167.20 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.102.167.20 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.102.167.20 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.102.167.20 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:150:b0:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

[52.102.167.20 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.102.167.20 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.102.167.20 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

2.5 MILLION_USD BODY: Talks about millions of dollars

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 LOTS_OF_MONEY Huge... sums of money

3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} Re: Please, I Hope You Ok, Are You Available Now ?



GOLD AND DIAMONDS WORTH $185 MILLION USD



Hello And Good Morning.



My Name Is Ms Amal, Please I will like you to help me claim And Invest 30 kg of diamonds and 600 kg and cash money which runs into hundreds of millions of U.S.D that is in your country. Please It will not cost you any money or your time and it is 100% legal, I am just looking for someone I can trust and can represent me in your country because of my inability to travel now. Please write me back directly at my private email at ( ev2jfo@inf.elte.hu )for more details. Thank you



Ms Amal S.N

ev2jfo@inf.elte.hu



NOTE : Please Write Me Back Directly At at my private email ( ev2jfo@inf.elte.hu ) so that I can give your more information

Nigerian spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 20 Apr 2026 06:22:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEndN-000000004Xo-1w5J

for dave@doctor.nl2k.ab.ca;

Mon, 20 Apr 2026 06:21:49 -0600

Resent-From: The Doctor

Resent-Date: Mon, 20 Apr 2026 06:21:49 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-francesouthazhn15011020.outbound.protection.outlook.com ([52.102.167.20]:15212 helo=MRWPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from <2752501@student.edu.az>)

id 1wEkrc-0000000097S-1oR3

for doctor@nl2k.ab.ca;

Mon, 20 Apr 2026 03:24:31 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=Rx7pY0WrHQLrG+DIbLytfIHVZJe2QDWPob7Mlmr6Dr6IQZRqR+gEA04zMIzU/PIKMZtUS1u+r9LlbEj3jmEuwrsbPLpOc+fi9XRl2Cy6L8/g7jbNcCq+Z5vzJzx9IORCk1U256yCHrY8aOd6tgYh7B+ER2jUdiTbmc6iLXIsHr3qTFnDJEeDhX85+x5y8LzlPLfI+/GgAIinn2QAmI+wKAjoYeobmDWicj1eIoixxKrViqbcsUhKUOD+kDbkUOkecaxDItgxmZ17JzLzanvaUPZUD5WFfz/VXjlNJxVZddQTG5s6hFapueE/LnKsN2xbmCvv+Eb1UR3U0Y6KmUOZiA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=OqZezfNNAzsIynT8Pb8HSaxo7zEFLTUZjbjKFFGx658=;

b=thVhSUd1KBk/Hfkmd4nteoV0MIoOZ1H1THc1em+bY1tH1o/51oMjeCwy6ZEPzn2jsjmii2GKQnDIfFik+DsvnslJ03wHdFPtAEgwiGXKL467JoYlmQFjx58iNLql2E3C8duL+ANbQh1o70T+0lQ74qEcMvWXTWERyJq2Sms13d6Nvn8JvnjzbsBZ/xDXwGoaWizPChXGi539uaPwtzEaPq05v8Yj4yjmm06dboZ0JVmHXybNEmUndMwp/hyD6wz/i3Ph5CXNZl6zTbxtRko53Tnqn+fD4YpHAXqQE5940FcIz1acy043J5TzHRMCIDOljmpAFhQIV+2ZDvMUpltFdQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass

smtp.mailfrom=student.edu.az; dmarc=pass action=none

header.from=student.edu.az; dkim=pass header.d=student.edu.az; arc=none

Received: from GV2PR08MB10383.eurprd08.prod.outlook.com (2603:10a6:150:b0::11)

by AS8PR08MB9411.eurprd08.prod.outlook.com (2603:10a6:20b:5aa::16) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9818.31; Mon, 20 Apr

2026 09:23:18 +0000

Received: from GV2PR08MB10383.eurprd08.prod.outlook.com

([fe80::b6b3:4a29:5917:2a20]) by GV2PR08MB10383.eurprd08.prod.outlook.com

([fe80::b6b3:4a29:5917:2a20%3]) with mapi id 15.20.9818.032; Mon, 20 Apr 2026

09:23:18 +0000

From: =?utf-8?B?S8mZbmFuIEJhYmF5ZXY=?= <2752501@student.edu.az>

To: "aamalsydunazir@finmail.com"

Subject: Re: Please, I Hope You Ok, Are You Available Now ?

Thread-Topic: Please, I Hope You Ok, Are You Available Now ?

Thread-Index: AQHc0KdSESH4H7TZnESl53obUw3UQw==

Date: Mon, 20 Apr 2026 09:23:17 +0000

Message-ID:



Accept-Language: zh-CN, en-US

Content-Language: zh-CN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

authentication-results: dkim=none (message not signed)

header.d=none;dmarc=none action=none header.from=student.edu.az;

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: GV2PR08MB10383:EE_|AS8PR08MB9411:EE_

x-ms-office365-filtering-correlation-id: bf9d89db-2978-42f3-7604-08de9ebe7517

x-ms-exchange-senderadcheck: 1

x-ms-exchange-antispam-relay: 0

x-microsoft-antispam:

BCL:0;ARA:13230040|5970700213|7416014|376014|1800799024|41320700013|366016|786006|38070700021|56012099003|18002099003|8096899003|17680700008|482034009;

x-microsoft-antispam-message-info:

gcyGJp/GIf6yWfgzuwVJtejhYcr/bfI6OjJeGN0cPUx0mJtw33M2hb9tQ6CBVMNr3kcVm4oQIPfs0ezgzwV8VWajBcxiZoFlcGzutWcIyHV0cEOaIxP2iYQjWvMtRMmWEcnBoKLw3B+0R7leZzN5YHXmtnK1Tw4XbQLFRJ0urj6hSlx+FrXHI1cZ6qNL+znsiMLBz59OG8woyffli7IRgGZ1RZney0/k1Q582wnT3wymfpQk+ce6vw4DaKOWtshg/7GbBP53Y55n3vDQD9ZKZ+GSqy0/IQsSDGle/Mo/sYX/KXTnLvVpuDf40/sMY2iJ5NXkJ3nznyrx6/zJvFHekToE0pNPvIwlClS//mrbOqhjP7IRfpsaJ+doclbNrTBbSRgvUoOuCWX7hAKyVto67tj0O49Yf/JDE/TDIz3mH/qjLt/6M7ypwBXOo2xgLcx14izE3qIYwUBzAxRlxUtVHh+DB7W9Km+2gcx7Lt2xOyZe6wYT8aqP3cVSNUZpqwLMiOkcNuKsHXw8PcsKewhh8peRXYqiu+w4CnXgjkdhNiz80+MlLdytj3a9zS/hbKJtOakloc1TQDB1K3g7kljgSe5sv7g0bee3aTdkXx29xHUgPDdL0u6OdRdEnvWh5jSO5pqpHRUh/M4f3js1RAc9fqUGNrFTCOVXT0GD5eHQztGRggBaI2nBZIvIvwtDI5V32JUCUs1MezKI5FdRZoqYG9eDAwv6U8+QSDyUjV5VmsOgILnkwFlXtVLGKnEPYxOgfyfhyquxihSF1PiakUC59JWEtbZLsjaKCPD1WP72XXDAWifabT7iw0J4cWPAW0f4

x-forefront-antispam-report:

CIP:255.255.255.255;CTRY:;LANG:zh-cn;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GV2PR08MB10383.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(5970700213)(7416014)(376014)(1800799024)(41320700013)(366016)(786006)(38070700021)(56012099003)(18002099003)(8096899003)(17680700008)(482034009);DIR:OUT;SFP:1501;

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?utf-8?B?dElMU20xYWUrMGJLWnpTTlk1Vk0rVFN3ZmRidWhoNWhqU1JOR0FyUHpUb2Jp?=

=?utf-8?B?VDR5STJQd05oc1Z3d0piSFdkN21ZdGF2QXFpbXdsa1AxSFphZ25oZzhMRndx?=

=?utf-8?B?OTc3UXlaS0VKUGt1NDVZOEZSK0lHbHdxUDJUSkcrMS9FYlZ4NEx4UC9KUU12?=

=?utf-8?B?dEJnVi9UTnBhUStoeW1YS2wzcW1rcjNmODBieWswRWV5WmVHS3o1T2xTeSs4?=

=?utf-8?B?Z09GOGN1blk5WGc3Vlpvd2I3Sm9Qc3ZDWFdydkhzSzlHOFB2ZDFCUCtDZElW?=

=?utf-8?B?VjhUUW50R0l1T2g5aFBpeDRTYjZVMTRJbWVmRTJkbW1rdmJvY1pXVDBCa09Y?=

=?utf-8?B?cGtvWkV0MFRPZ0p2U05OM2d3SUxqd2hrUTgwZFV2MFVyY29COXR1K01JUWNs?=

=?utf-8?B?NlVrdHNDOXRRb0VtQnJ6eUJFdjdqVzZQTWR4cHJudmprd04rejV3bE0veXVB?=

=?utf-8?B?U0dlVTl1WGRBOVM4Z0RQSnZSYVJzUjVvN21BOVN4dHJvMUFtNVR5R1l3dGRk?=

=?utf-8?B?eUNFZ3lyTWZlYkx6OEppZVd1L1lUWFhqbWZwUTloamowcmxxZDJ5OEtCYzhL?=

=?utf-8?B?cTZERlltVm1NdjdrUytZckwxU1NQd2x2M1dqVWJnejJqclB3aWY0eFBvaHFY?=

=?utf-8?B?VkFPYUNzaHhFSHZha0c4UWMrUEJrMStTWUpVL2E0T2hoUE82RDNGSC9BQmdI?=

=?utf-8?B?Tmpod05nV2pFQVJFdWh6REMwbGNjL2FpTE0vNDNyMU1aay81V3ZSMnRHZGk5?=

=?utf-8?B?SmF3UU9wOUFGMmFtekg0QXZJeGw4QnFVY0NGVWJ3dlFUWS8xRW9WRmFnNk1S?=

=?utf-8?B?eUorekE2SEM2S0Y1QWpkWVJiQ2lkVHRrZ3NNblpIU0g1MStSY29uWkZja1cw?=

=?utf-8?B?TmZHa1lCVlh0MEJua2hrR2hwNy9KOTZRdEl0OEthK2UvOTZvcTBrb0huWm5x?=

=?utf-8?B?ek42bm01bTAyaUN4QjZsdmVlY3hwcEQzTmFxaWR2RDVVTFFzNkU0YnpKNzlZ?=

=?utf-8?B?Wi9HUU5mRHd2cnJwZ1lGWkt0U1YwWmJETzczakZpYjF3MlNPcW03YmdvcUNY?=

=?utf-8?B?UnFQYktjWWZSNVhKckcxSnFwbkNMRTM4bHhCT3JGeDFybFJhakpCblVoMGUz?=

=?utf-8?B?ZHp2TjZTOXZaWU1KMkg2Rk5uUzUvQ05CYTE3aVAxcGY4bnNvWFFzdlp4RE9u?=

=?utf-8?B?YmdqUEhMOWRlRDMyWTN0V0E0cUFick5LMm80V3dMTWpFbEJVM0E1SDBOZHBJ?=

=?utf-8?B?SnVlNkxFYk0wdzFRbWptMzZ3aGN2WUpoMDl2NTdkTCtNaUw2U0xaSFFiSlAr?=

=?utf-8?B?R0ZlenZRRUpYbU1ZUVhZeGNHNmpKckE2NzMxTkJuT3RpT2xhZnUwSlZNWDE3?=

=?utf-8?B?THNWU1lHelo4RnVWd3BNNHNjV1ZWMDhNVlRXSjY4QnFzaG1FZ3lTMUF4R2ZW?=

=?utf-8?B?WXZQdkxJQXlLZldET2VGcGxscW5GQlpubTlvcmpnbDN4dHZGeW0zMXNKMlhX?=

=?utf-8?B?dzRCWWpRWXdGZzcvRnFoTkpJTVJJSVRNcWZOVGJnN3loZEg1elRQSExjUURU?=

=?utf-8?B?ZzBLa0xSRHFwdGJlNWtRdm5aQXlDclczTnpaZWVrWXdkM3ZGazB4SDA3enoz?=

=?utf-8?B?dzhwUG03QkxWSXlvbDkwOVd5alNvZzB6czlRRW1QUjJJeGl2L2NicEd4blk2?=

=?utf-8?B?K0tIYmlZRmtCYXBVVTIwcDRHZDNBQnJwdzNyTUVWeFNJNUZmY08xZDZzRFRB?=

=?utf-8?B?SHBJbUZOSEFzRkFPSU91dTJ2VjdxWENZcERURlRwelVVMkNvd0Q5NVhRcmJp?=

=?utf-8?B?aUFVVnRDTHhna01JNUJPaWVNRnpjWWdVcm5BTTF0eThUQWlJdGlKWU5lNXdp?=

=?utf-8?B?UGFOd3hqeXhDbG1YTE9Pc0FYVkZSeUlTODRGaUlwTU1CQWZ2ZkdYL1h3RUNV?=

=?utf-8?B?cjRacTQ2M3h2L3MvSE5WU3UrdEUvMTZ1ejlTOHYxeldaQjg4Z3hpUmdTZXB2?=

=?utf-8?B?WWVTOXR0SGhFREprcVFwdU44My9mQTRrdGkvRFZxTVFWQmhiWksxL0lMaG1Y?=

=?utf-8?B?SGZUS0tkcFJSNzk2MStMWlcybXZrb0g2Uk5mdGZqYXBadnA2amhFVG5LZjRi?=

=?utf-8?B?Ui8ySUJrQUdqQ3ZTUnB3WnZUU1hCbWE0SkxCbHhubUwxVkhoUy8zcTVPbVpT?=

=?utf-8?B?QXc3TlJ4ZFk0Z0RSME9kZ0J6R1duSi9sd2Z4Sk5ISkRhc2tZSnc1OFNNRTdj?=

=?utf-8?B?QjV4UDdFVFJmaVVJaWVMQSt5MFY1TGYwcnNzVFFuazhoTms1UDhIU0F4UW96?=

=?utf-8?Q?xiBIje3msmy+tzQVHB?=

Content-Type: multipart/alternative;

boundary="_000_GV2PR08MB103834B9F0B05015B696216AACA2F2GV2PR08MB10383eu_"

MIME-Version: 1.0

X-OriginatorOrg: student.edu.az

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: GV2PR08MB10383.eurprd08.prod.outlook.com

X-MS-Exchange-CrossTenant-Network-Message-Id: bf9d89db-2978-42f3-7604-08de9ebe7517

X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Apr 2026 09:23:17.8547

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 14fc0a60-1070-4142-9f31-1b94187a961f

X-MS-Exchange-CrossTenant-mailboxtype: HOSTED

X-MS-Exchange-CrossTenant-userprincipalname: 9gWEljTUg3FrBb/mxnQM6gHsSixoRMvD2Rq+lVz/NyMGZvJpXBCgaZZO6aJPJrRjFRun4ttqE08SSQXiciZfZQ==

X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR08MB9411

X-Spam_score: 11.1

X-Spam_score_int: 111

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: GOLD AND DIAMONDS WORTH $185 MILLION USD Hello And Good Morning.

My Name Is Ms Amal, Please I will like you to help me claim And Invest 30

kg of diamonds and 600 kg and cash money which runs into hundreds of millions

of U.S.D that is in your country. Please It will [...]

Grant phishing from Google Gmail Part 3

Posted by Dave Yadallee on
--===============2076648452362824176==

Content-Type: text/html; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable



Hi Gurkirat, 

W=

e noticed your Cash Advance application is still incomplete.
=


You=E2=80=99re just a few steps away from secur=

ing up to $800,000 in funding within 48 hours.


>
To move forward, please complete your application here:

strong>

and upload your last =

3 months of bank statements. This will allow us to finalize your review and=

match you with the best available funding options.

=

If you have any questions or would prefer to speak direc=

tly, feel free to call me at +1-866-216-5475 or 715-641-4654
=


Best regards,
Stephanie Cabiao
Kesef Marketing
ng>


=3D"font-size: 11px; color: gray">To stop receiving these emails, click
href=3D"https://app.close.com/go/unsubscribe/orga_WJQdcK5MUUa02rLIty6GVDnil=

9kHSKU8WElV6ueTPiF/sales%40nk.ca/GK6U1JDQJSfaf6--tg9gajA9HdvShNSyH_DgbhmTyc=

8=3D/" target=3D"_blank" rel=3D"noopener noreferrer nofollow">here
>



On Apr 17, =

2026, at 11:03 AM, Stephanie Kesef Marketing <stephanie@kesefmarketing.c=

om> wrote:
Hi Gurkirat,
g>

This is Stephanie Cabiao from Kesef Mar=

keting.

Welcome,I wanted to perso=

nally reach out and thank you for your interest in business funding. We wor=

k with lenders across Canada to provide reliable funding solutions that sup=

port growth, manage cash flow, and cover upcoming expenses=E2=80=94while he=

lping you access competitive interest rates.

<=

div>If you=E2=80=99re open to exploring your options, you can get s=

tarted here:

2?lead_id=3Dlead_bqyNtSfmgPr9HEY1bFvoKaWRLZZxf887Qp2LC28qfuP&legalBusin=

ess=3DN K MAINTENANCE&fullName[first]=3DGurkirat&fullName[last]=3DW=

irring" rel=3D"noopener noreferrer nofollow">Click here to start yo=

ur application

Once submitted=

, our team will review your information and present the best available fund=

ing options tailored to your needs.


ng>If you have any questions or would prefer to speak directly, feel free t=

o call me at +1-866-216-5475 or 715-641-4654

<=

div>Looking forward to connecting.


v>Best regards,
Stephanie Cabiao
Kesef Mark=

eting

<=

div style=3D"font-size: 11px; color: gray">To stop receiving these emails, =

click
ty6GVDnil9kHSKU8WElV6ueTPiF/sales%40nk.ca/GK6U1JDQJSfaf6--tg9gajA9HdvShNSyH=

_DgbhmTyc8=3D/" target=3D"_blank" rel=3D"noopener noreferrer nofollow">here=


/t/IdgvuY1D0r27T7jUj4usBjtRsMuAYbAna9WUKMagNlu/YVFsbTnwSw.png" alt=3D"" wid=

th=3D"1" height=3D"1" />

--===============2076648452362824176==--



--===============8714162643405574583==--

Grant phishing from Google Gmail Part 2

Posted by Dave Yadallee on
--===============8714162643405574583==

Content-Type: multipart/alternative; boundary="===============2076648452362824176=="

MIME-Version: 1.0



--===============2076648452362824176==

Content-Type: text/plain; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable



**Hi Gurkirat, **



=20



**We noticed your Cash Advance application is still incomplete.**



=20



**You=E2=80=99re just a few steps away from securing up to $800,000 in fund=

ing within

48 hours.**



=20



**To move forward, please complete your application here: =20

**



[**Click to Start your Application

here**](https://form.jotform.com/260672364104452?lead_id=3Dlead_bqyNtSfmgPr=

9HEY1bFvoKaWRLZZxf887Qp2LC28qfuP&legalBusiness=3DN

K MAINTENANCE&fullName\[first\]=3DGurkirat&fullName\[last\]=3DWirring)



=20



**and upload your last 3 months of bank statements. This will allow us to

finalize your review and match you with the best available funding options.=

**



=20



**If you have any questions or would prefer to speak directly, feel free to

call me at +1-866-216-5475 or 715-641-4654**



=20

**Best regards, =20

Stephanie Cabiao =20

Kesef Marketing**



To stop receiving these emails, click

[here](https://app.close.com/go/unsubscribe/orga_WJQdcK5MUUa02rLIty6GVDnil9=

kHSKU8WElV6ueTPiF/sales%40nk.ca/GK6U1JDQJSfaf6

--tg9gajA9HdvShNSyH_DgbhmTyc8=3D/)



=20

=20

On Apr 17, 2026, at 11:03 AM, Stephanie Kesef Marketing

wrote: =20



> **Hi Gurkirat,**

>

> =20

>

>

> **This is Stephanie Cabiao from Kesef Marketing.**

>

> =20

>

>

> **Welcome,I wanted to personally reach out and thank you for your interest

> in business funding. We work with lenders across Canada to provide reliab=

le

> funding solutions that support growth, manage cash flow, and cover upcomi=

ng

> expenses=E2=80=94while helping you access competitive interest rates.**

>

> =20

>

>

> **If you=E2=80=99re open to exploring your options, you can get started h=

ere: =20

> **[**Click here to start your

> application**](https://form.jotform.com/260672364104452?lead_id=3Dlead_bq=

yNtSfmgPr9HEY1bFvoKaWRLZZxf887Qp2LC28qfuP&legalBusiness=3DN

> K MAINTENANCE&fullName\[first\]=3DGurkirat&fullName\[last\]=3DWirring)

>

> =20

>

>

> **Once submitted, our team will review your information and present the b=

est

> available funding options tailored to your needs.**

>

> =20

>

>

> **If you have any questions or would prefer to speak directly, feel free =

to

> call me at +1-866-216-5475 or 715-641-4654**

>

> =20

>

>

> **Looking forward to connecting.**

>

> =20

>

>

> **Best regards, =20

> Stephanie Cabiao ** =20

> **Kesef Marketing**

>

> To stop receiving these emails, click

> [here](https://app.close.com/go/unsubscribe/orga_WJQdcK5MUUa02rLIty6GVDni=

l9kHSKU8WElV6ueTPiF/sales%40nk.ca/GK6U1JDQJSfaf6

> --tg9gajA9HdvShNSyH_DgbhmTyc8=3D/)

Grant phishing from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 19 Apr 2026 22:57:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEggQ-00000000MI5-0Odi

for dave@doctor.nl2k.ab.ca;

Sun, 19 Apr 2026 22:56:30 -0600

Resent-From: The Doctor

Resent-Date: Sun, 19 Apr 2026 22:56:29 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pj1-f46.google.com ([209.85.216.46]:49487)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEgK7-00000000LNJ-0Il3

for sales@nk.ca;

Sun, 19 Apr 2026 22:33:35 -0600

Received: by mail-pj1-f46.google.com with SMTP id 98e67ed59e1d1-35d99bae2ebso2447203a91.3

for ; Sun, 19 Apr 2026 21:32:07 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=kesefmarketing.com; s=google; t=1776659521; x=1777264321; darn=nk.ca;

h=list-unsubscribe-post:list-unsubscribe:in-reply-to:references

:message-id:date:to:from:subject:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=TW1HG1xpmSsmoZNR0DepWraspuLQK8GThvWc7DzGZKw=;

b=T/ZhtOKT8oMuOZgKFYe4bPFJeH3TPbQKUFe6fIl1OKXxl3PKe68QHJ6lxbCx8nOV2y

K5n+XwuVJL1xq6LfNuxis0NoTHEB/VNVIVEcjf/wSaEPwCx3UupzwDd/Raig7Etmgl7R

CKmvmufCHT5JjC3m99H5cIZ49iFn9f3EdSzkGFE7+fyKyXukcDHC0CiyzxUxX6Bt7OLL

T8BhCFJu4WsbsJOUZtvviLntc7Cp0KSQsSZCqhiAdt5Yw4ntlhGkUnuwhc6gJWxozxlp

NC+z1a+Ir8OUPlioKJ6ohk2Tv7p9Ta2M+drbQJ1fYn7CgizWZOUiSmJVGL/uW/G+i6Qw

nLFg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776659521; x=1777264321;

h=list-unsubscribe-post:list-unsubscribe:in-reply-to:references

:message-id:date:to:from:subject:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=TW1HG1xpmSsmoZNR0DepWraspuLQK8GThvWc7DzGZKw=;

b=RKUhrJb34Vg771+qNaVBFRx08r7aooH+LlnNVYbrf/OcmQubCURhoT2B629ydgY9rN

dLUNTP/l7RuWUGiktdMZN1DKdxyloqfVcEdoZVPP/UGbpWemWYRs9ZLso5eluVKGJdDu

SWo2A7hJdVeM94fIymB+1jCvk4hIGTNfR45MQox2Im+hFogJNHmVxGdx7HrZ0e3hi5IP

v1BswWdjEB5qSLHBy+4qZ1gaYALj5WS3OQDLh0uKzf9jqDV8QgQoJXKRYR8Hj/hZwmuq

aHrFsyeTgYN5rKvQuRChS5BEEjpxG8qPzUqXmDLDU0YeOuI4taTqdQAvloaGEB+XIURu

Xehw==

X-Gm-Message-State: AOJu0YxXelkf7DsY58xvCwmz4fk/WQ7B5DPUqJarnK9yV6vlhkjk70Lp

btar/4NnyRGpNNGh9zDkRA9YeTOFbh+qZpKH/GnkmqyMmbLzXJPluhUd2tTuVTnlmm8IcAwrYMC

mbDnF

X-Gm-Gg: AeBDietZXOXuelKGN9JRSOOceNjSQD9OpycIa6KYnfECjGKU9q5vPEZyuqpP0s8CQyz

/woX8ju6tuEo+8eNJGY+dJBhMpl8D6SleJzdNjExmk4omdDjIXq9ozOmvrumpnUiVat1Ge5WVZ8

XqUtlmLgOyLICijqm6QIeGC7n8H/37uurzglazBZCBJkf9V6Maglvl0F0WJvqz061brWepegEFl

lcmn/ks7apzjAHw9sN1dk9S3D/o+SWOqsOH8altHfsoNxcveERNZm4Q2ORHxOXnPAofNkscr1ej

P6O6NpAhISthpvXB2XQDYzvYQsxjuWcnrn+TYAYtxbW4Fw9rTIJJhFh/iA+QdOzRHe3XVZteXnC

pqLK3yxzD8WKcy/VQzEZYJzusBdEnGnaFUmVEYX+XmIjuO0GSofy/Xb4g+v2tMGUbIgceq1ukcf

sfgCwafCOCkDo5T56S9/gfj+I34r5njb/W0RST2dAofTlbjToOkD5FNEV8f5DmLh0kevNq6rLEk

IEYEdwvSw==

X-Received: by 2002:a17:90b:390d:b0:35c:30a8:319 with SMTP id 98e67ed59e1d1-36140222bbbmr12818301a91.0.1776659521045;

Sun, 19 Apr 2026 21:32:01 -0700 (PDT)

Received: from smtpgw.close.com (am11-natgw-c0.close.com. [54.200.191.154])

by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-3613fa91d31sm4629385a91.2.2026.04.19.21.32.00

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Sun, 19 Apr 2026 21:32:00 -0700 (PDT)

Content-Type: multipart/mixed; boundary="===============8714162643405574583=="

MIME-Version: 1.0

Subject: Re: Kesef Marketing | Smarter Access to Business Loans

From: =?utf-8?q?Stephanie_Kesef_Marketing?=

To: =?utf-8?q?Gurkirat_Wirring?=

Date: Mon, 20 Apr 2026 04:32:00 +0000

Message-ID: <177665952029.7.4037035181715252544@smtpgw.close.com>

X-CLOSEIO-EMAIL-ID: acti_IdgvuY1D0r27T7jUj4usBjtRsMuAYbAna9WUKMagNlu

References: <177644538269.7.3986001924003818893@smtpgw.close.com> <177644538269.7.7253266245741056513@smtpgw.close.com>

In-Reply-To: <177644538269.7.3986001924003818893@smtpgw.close.com>

List-Unsubscribe:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-Spam_score: 6.3

X-Spam_score_int: 63

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: **Hi Gurkirat, ** **We noticed your Cash Advance application

is still incomplete.** **You’re just a few steps away from securing up

to $800,000 in funding within 48 hours.**



Content analysis details: (6.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.216.46 listed in dnsbl.ahbl.org]

[209.85.216.46 listed in dnsbl.ahbl.org]

[209.85.216.46 listed in dnsbl.ahbl.org]

[209.85.216.46 listed in dnsbl.ahbl.org]

[54.200.191.154 listed in dnsbl.ahbl.org]

[54.200.191.154 listed in dnsbl.ahbl.org]

[54.200.191.154 listed in dnsbl.ahbl.org]

[54.200.191.154 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.216.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.216.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.216.46 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.216.46 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.200.191.154 listed in will-spam-for-food.eu.org]

[54.200.191.154 listed in will-spam-for-food.eu.org]

[54.200.191.154 listed in will-spam-for-food.eu.org]

[54.200.191.154 listed in will-spam-for-food.eu.org]

[54.200.191.154 listed in will-spam-for-food.eu.org]

[54.200.191.154 listed in will-spam-for-food.eu.org]

[54.200.191.154 listed in will-spam-for-food.eu.org]

[54.200.191.154 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

[209.85.216.46 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.216.46 listed in list.dnswl.org]

0.3 LONGWORD BODY: Uses overlong words

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.216.46 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 LOTS_OF_MONEY Huge... sums of money

1.0 MR_DIFF_MID No description available.

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} Re: Kesef Marketing | Smarter Access to Business Loans

nigerian spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 18 Apr 2026 19:30:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEGya-000000007oa-3rBX

for dave@doctor.nl2k.ab.ca;

Sat, 18 Apr 2026 19:29:32 -0600

Resent-From: The Doctor

Resent-Date: Sat, 18 Apr 2026 19:29:32 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.fweforum.org ([45.33.11.75]:39802)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wEFcD-000000002as-1iaC

for root@nk.ca;

Sat, 18 Apr 2026 18:02:30 -0600

Received: by mail.fweforum.org (Postfix, from userid 568)

id 7085CA48C2; Sat, 18 Apr 2026 23:49:50 +0000 (UTC)

DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dev.reptiletrends.com;

s=my-selector-name; t=1776556196;

bh=gR9KaG6VR3v07cSNG0WDPiyFOj/g2aQfGYJXG3Hs5+0=;

h=To:Subject:Date:From:Reply-To:Message-ID:MIME-Version:

Content-Type;

b=W9gg0dulE6aTCDlMTxyekYNQLu51HyxZki3bZAlAsIvwS1BAw86WFWn6Ekvvu8aVE

zpNr4eG45vv3A4X1gK42UEgkUvkWUEhD0NpxxYLo9uVLbdwu3HBXg9/dCdeR4JPsvE

BgqhdOeen3VuRd6dUj6RW0Vlhfkxjb+sSSIyqMw5087mfO8FSjJcU5ghYy5HpXAUcy

qB6n5hvaDAbIDcnya37VyzBRunDNU+JlCN+Dmx/27voKYC76YzYkhMZCUsRZW81kAH

c6FnyLl5xqp2wk3pC30Cegmimb8NQOVkcxhwApLNmBzz5aaEawLwOHFvz0dvrGEyx7

NBXBrEMUEkfBQ==

To: root@nk.ca

Subject: From Du Preez

X-PHP-Originating-Script: 568:libc.so.6

Date: Sat, 18 Apr 2026 23:49:50 +0000

From: Yuri Du Preez

Reply-To: yuridupreez75@gmail.com

Message-ID:

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

X-Spam_score: 7.5

X-Spam_score_int: 75

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: URGENT CHANGE OF ACCOUNT I am Yuri Du Preez, the newly appointed

Director, IMF Legal Affairs, Security and Investigation, NY USA. The United

States president and US Foreign Secretary, has directed me to investigate

Funds and [...]



Content analysis details: (7.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.33.11.75 listed in dnsbl.ahbl.org]

[45.33.11.75 listed in dnsbl.ahbl.org]

[45.33.11.75 listed in dnsbl.ahbl.org]

[45.33.11.75 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.33.11.75 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.33.11.75 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.33.11.75 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.33.11.75 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.33.11.75 listed in will-spam-for-food.eu.org]

[45.33.11.75 listed in will-spam-for-food.eu.org]

[45.33.11.75 listed in will-spam-for-food.eu.org]

[45.33.11.75 listed in will-spam-for-food.eu.org]

[45.33.11.75 listed in will-spam-for-food.eu.org]

[45.33.11.75 listed in will-spam-for-food.eu.org]

[45.33.11.75 listed in will-spam-for-food.eu.org]

[45.33.11.75 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.33.11.75 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.33.11.75 listed in sa-accredit.habeas.com]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[yuridupreez75(at)gmail.com]

0.9 URG_BIZ BODY: Contains urgent matter

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.33.11.75 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[45.33.11.75 listed in bl.score.senderscore.com]

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

2.5 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419)

Subject: {SPAM?} From Du Preez



URGENT CHANGE OF ACCOUNT



I am Yuri Du Preez, the newly appointed Director, IMF Legal Affairs, Security and Investigation, NY USA. The United States president and US Foreign Secretary, has directed me to investigate Funds and payment outstanding owed to US citizens /foreign beneficiaries and victims of scam/s around the world.



This initiative was taken based on abnormalities and inability of BANKS around the world to transfer/ release funds into their accurate beneficiary bank accounts. It has been uncovered that some Directors in different organizations are diverting pending beneficiary payments to other accounts of their choice. During our investigation I found out that an account was submitted to divert your funds to a bank account in CYPRUS. Below is the account submitted and I want you to confirm if you are aware of this new development because we are about to wire payment to the account stated below.



NAME OF BENEFICIARY: GEORGE NIKOLAOU

BANK NAME: NATIONAL BANK OF GREECE (CYPRUS)

ADDRESS: 86 MAKARIOS AVENUE BRANCH 541. 3506 LIMASSOL, CYPRUS

SWIFT CODE: ETHNCY2N541

IBAN NUMBER: CY81006005410000005413367487



A payment instruction has been issued by the Department of Treasury for an immediate release of your payment to the bank account above without further prejudice. We cannot approve or schedule payment to the given bank account without your confirmation. May we proceed with the transfer to the Beneficiary: GEORGE NIKOLAOU BANK ACCOUNT IN CYPRUS??





I await your urgent response



Yuri Du Preez

Consultant, Legal Affairs Security and Investigation.

IMF