Content analysis details: (18.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.128.52 listed in dnsbl.ahbl.org]

[209.85.128.52 listed in dnsbl.ahbl.org]

[209.85.128.52 listed in dnsbl.ahbl.org]

[209.85.128.52 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.128.52 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.128.52 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.128.52 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.128.52 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.128.52 listed in will-spam-for-food.eu.org]

[209.85.128.52 listed in will-spam-for-food.eu.org]

[209.85.128.52 listed in will-spam-for-food.eu.org]

[209.85.128.52 listed in will-spam-for-food.eu.org]

[209.85.128.52 listed in will-spam-for-food.eu.org]

[209.85.128.52 listed in will-spam-for-food.eu.org]

[209.85.128.52 listed in will-spam-for-food.eu.org]

[209.85.128.52 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.128.52 listed in list.dnswl.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.128.52 listed in sa-accredit.habeas.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.128.52 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.128.52 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.128.52 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.128.52 listed in wl.mailspike.net]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[ashaalqaddfi10(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[yomiano3(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[yomiano3(at)gmail.com]

2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!

2.5 MILLION_USD BODY: Talks about millions of dollars

1.7 MILLION_HUNDRED BODY: Million "One to Nine" Hundred

0.9 URG_BIZ BODY: Contains urgent matter

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.5 HK_NAME_FM_MR_MRS No description available.

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 LOTS_OF_MONEY Huge... sums of money

1.5 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

3.2 UNDISC_MONEY Undisclosed recipients + money/fraud signs

0.0 MONEY_FRAUD_5 Lots of money and many fraud phrases

1.8 ADVANCE_FEE_4_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} Dear Friend,



--000000000000f88b6e064f850559

Content-Type: text/plain; charset="UTF-8"



Dear Friend,



I came across your mail contact prior to a private search while in need of

your assistance. I am Aisha Qaddafi, the only biological Daughter of Former

President of Libya Col. Qaddafi. Am a single Mother and a Widow with three

Children.



I have investment funds worth Twenty Seven Million Five Hundred Thousand

United State Dollar 27.500.000.00 and i need a trusted investment

Manager/Partner because of my current refugee status, however, I am

interested in you for investment project assistance in your country,



If you are willing to handle this project on my behalf kindly reply

urgently to enable me to provide you more information



Your Urgent Reply Will Be Appreciated



Best Regards



Mrs Aisha Al-Qaddafi



--000000000000f88b6e064f850559

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

=C2=A0Dear Friend,

I came across your mail contact =

prior to a private search while in need of your assistance. I am Aisha Qadd=

afi, the only biological Daughter of Former President of Libya Col. Qaddafi=

. Am a single Mother and a Widow with three Children.

I have investm=

ent funds worth Twenty Seven Million Five Hundred Thousand United State Dol=

lar 27.500.000.00 =C2=A0and i need a trusted investment Manager/Partner bec=

ause of my current refugee status, however, I am interested in you for inve=

stment project assistance in your country,

=C2=A0If you are willing =

to handle this project on my behalf kindly reply urgently to enable me to p=

rovide you more information

=C2=A0Your Urgent Reply Will Be Apprecia=

ted

=C2=A0Best Regards

=C2=A0Mrs Aisha Al-Qaddafi

--000000000000f88b6e064f850559--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 13:52:00 -0600

Received: from mail-wm1-f52.google.com ([209.85.128.52]:61552)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD6GP-00000000Pc0-1BTj

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 13:51:14 -0600

Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-488d2079582so66776155e9.2

for ; Wed, 15 Apr 2026 12:50:17 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1776282610; cv=none;

d=google.com; s=arc-20240605;

b=AyhUPfiXQlPHa97ZVjk88H44CItOG4ab06SmTe6Frlvwc27yaSIdcEN+QCTJ0tLGE9

Q9/7VrfBsRxnr9C5IVoSks7MFOObCxFWlF8+MgYrSxs2JOsj/yBO96fdz5Ksboud9LWD

QeUrEHmWb+c/Aq0Ylc1lwxkQsMEXVvCcW2YrbQE656kUjmQejNAcfQcbs2Fbs3TGWNSa

KmnuRuJ4eRq3WfdTV4tcnjQ2hxDC2RDSCmg2ASC5gZKqhKBIOtLskMPq/o7MAdFkQCn8

XhVEuFdmDiwqHhL2uheHUBNgja457JrLQwvL0AOpefAWgWSVv/R9NnINFiMCeNFKRxEW

CLug==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=7N9t/V8qrtKT0dBTIXzDarH4O+n4Dv65YRPt/Ay5Ph4=;

fh=a7gAUlILxhP6WjsluIfC0UENioULcn6bLs6ThXjWBaM=;

b=IubsW+co9btaqVzfzxrwnCluJDXduK/fU85Ms+Jt3NlKJjnNxxuE13j8WicxON4pW3

VvoFGa5sk5/20khzqrFkdsmYe++KZh6c1PLFpkyXzhsAsDpzt7PU/lhi7SR4VDL+6GdW

0YZwRyasGAjv+zJc5pxKVsrq1BEonqBp9YdX039ykbOiVITyFIatqsxt+xDLhNhC64IK

SD9WMBZreleLYpLlhPUkYjYGipMpMtj6j00T+Ouh2G05KMChNGqPHYcLy9X9n2y/T0yg

CZYPmFVKK6DI01ihsBrKL1t9uz8tB/kyKLanoisjk6oNA9fuuPU827I5hWSZD+WJdaUs

wChA==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1776282610; x=1776887410; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=7N9t/V8qrtKT0dBTIXzDarH4O+n4Dv65YRPt/Ay5Ph4=;

b=O/G3Z9bZGxgnQOecAYbnTGuoUhZDozmmosoj/xgvxdw0HjmFHM1+whWdTyYKc25iov

Q7o3tpeffXrQJjiYyyvVAs3c2qabVpJHPBeU5z2v52I6BGU/bWn6kAZoLFahvxEzZpyq

FGGfHKYzpqA6Mbjn5lmseLLGK/gbGBo/Z+m3b5B5hoEWuC6Q4+FfJtTx7I+/hhTusCe5

mYIgFPUC2GZl0aboF28cJb1tE2HXkzc1WIOGpFjlUsfxuKiQ6ufscdY5LyLuo3MByLUq

g6d+VmgtoViV32jT1VN+LurH29hnVwwmBL0Bv5Ntrdg7T9Gi6ljRqEolfQY6YFyEGt4+

QS/g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776282610; x=1776887410;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=7N9t/V8qrtKT0dBTIXzDarH4O+n4Dv65YRPt/Ay5Ph4=;

b=kq2AvrblQQWQmrQqUC5MS546zi+IcAaHSPkFbdBdLo+F0n4cF9OanYVfTz3i47NTFe

Osio9mDhnJaR26dPNqFECy9M7r6NLG10tIveO7+dc2GnQjA2yuTrm9V7HP4IvAybcs1p

ZiuhltW9eGaVrXaPzDYThSQ9pLT32wLUba1PPHEgWxxAuRBU4FTsJ354fj2/tGaNcYEz

2pycOG1MIa47/Kg2necPU359tsE0vg2qQqUeubEiXMRQwx40Yd8Avbh2BnphEjwip0tH

W/eDmOtQA6/HDnM2GU0VUu79HE/Zlmn3AfFmtLAQyHN2cpoiwB0rVI9nj/aaSLrHesYo

H0+g==

X-Forwarded-Encrypted: i=1; AFNElJ+Arv223+DXS4jKM198oe3I6PsR8QVkH5FLY+w+O95KSDvtttBe/ruWDmfQd+ztS9331u0Z@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxmaZWY/hFnm9rm5sk3JrpcTRqw9SCREjO1OsCTZjFl0ki+2nmx

uQVyq0SAtegbOcg4pxsCh5Im81EQsM3CDQqFE5MwZ2c9BTPnBk6LBG+/uKXS7ly4EFzEK5KUddO

BEQ+RfAOjd/NN3s9dxo6QHLwln+sDY+A=

X-Gm-Gg: AeBDietgwymw5Q4B1tvoKw5NqF+OaaAoJwH7q8kFv6k0/tue65yb5Od3w7vi9Licveu

l0HMBTZbf2CPT84/1/OsFb9wgqFJt3XUWeyXC+8Abw4NMPtW9MU8k8rSqAu7YDrnNnmrYQsvNfV

Rsd9QSibOwa/x7yciKRtpJ8xQLLa3Rfji//OC6NREIr5RT1BintKOIk9DZCJjJm23IQcZl+3mUZ

+wiJlgdEMcO4cay6b8mgsa5PofALSyPMBjGnoCUEHl+c5z1aPQrLuP11UbPAYpmuQd3kKDxQYRp

ZuysIjM+Yo7yLa+zyCKCLo5SWbJ0E8pmzeH2X+F0mQ==

X-Received: by 2002:a05:600c:3149:b0:488:ae6c:42c6 with SMTP id

5b1f17b1804b1-488d684319emr317427215e9.14.1776282609681; Wed, 15 Apr 2026

12:50:09 -0700 (PDT)

MIME-Version: 1.0

Reply-To: ashaalqaddfi10@gmail.com

From: Mrs Aisha Al-Qaddafi

Date: Wed, 15 Apr 2026 12:49:55 -0700

X-Gm-Features: AQROBzC68gcDn6hOzfHkjWANV2Hh3Y322StwXMMuH8_jX2CeP_C-bMODl5tEB4c

Message-ID:

Subject: Dear Friend,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000f88b6e064f850559"

Bcc: dave@doctor.nl2k.ab.ca

X-Spam_score: 18.7

X-Spam_score_int: 187

X-Spam_bar: ++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Friend, I came across your mail contact prior to a private

search while in need of your assistance. I am Aisha Qaddafi, the only biological

Daughter of Former President of Libya Col. Qaddafi. Am a single Moth [...]

----186CF532869F87E12B4352AD4A4C

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



IDC CIO Awards Canada 2026: Nominations are now OPEN!





IDC CIO Awards Canada 2026

https://emas.idc.com/c/1pBBPJNbl5d6PpbrHMFQE6ArHD View this email online ht=

tps://emas.idc.com/q/1fergakmrnS3H1CojuhXTxL/wv



IDC Logo https://www.idc.com/



hero_image_link



Deadline: May 29, 2026 at 11:59 PM (ET)



Nominations are now OPEN!



We are thrilled to announce that the IDC CIO Awards Canada 2026

https://emas.idc.com/c/1hadWVTvxVLwtL8VCdKs9utxe72N are officially open for=

nominations!



This prestigious accolade celebrates Canadian organizations and their teams=

for their exceptional use of IT (Information Technology) to drive innovati=

on, create business value, and lead the way in digital transformation.



Apply Now =E2=86=92

https://emas.idc.com/c/1hadXb5AHBD0TKWRg5nWYIPN0WHa



hero_image_link



Why Submit a Nomination?



Enterprise Excellence: The CIO Awards Canada celebrate Canadian organizatio=

ns and their teams for their outstanding use of IT innovations. It is an ac=

knowledged mark of enterprise excellence.



Team Recognition: Unlike awards given to individuals, the CIO Awards Canada=

honour entire teams, allowing everyone to share in the achievement.



Visibility: By participating, you will unlock industry recognition and enha=

nced visibility. Stand among the most influential IT leaders, capture atten=

tion and establish your brand as an innovator.



Key Details:



Nomination Deadline: May 29, 2026, at 11:59 PM ET



Application Fee: $75 CAD (per application)



Awards Gala: In-person event will take place on November 19, 2026, at the D=

elta Hotels Toronto



Apply Now =E2=86=92

https://emas.idc.com/c/1hadXqhFRhuvjKKMTX1rNXc2NMlx



Nominate your organization today and ensure your team gets the recognition =

it deserves for leveraging technology to make a meaningful impact.



To learn more about the awards and submission criteria, click here.

https://emas.idc.com/c/1hadXFtL0XlZJKyIxOEWDbyiABZU



We look forward to receiving your application and celebrating the outstandi=

ng achievements of your team!



Best regards,

Allice Shandler, Events Director & Chair of the program, IDC Canada



CIO Awards Canada

ca-awards@idc.com

ca-awards@idc.com

idc.com

https://emas.idc.com/c/1hadY9RVkj4YzKazPxVWhEgOahiE







IDC Logo White https://www.idc.com/

Follow IDC on social media:



IDC on LinkedIn

https://emas.idc.com/c/1hadYp40tYWsZJYvtpzr6SD3X6X1

IDC on X

https://emas.idc.com/c/1hadYEg5DENXpJMr7hcVW6ZjJWBo

IDC on Blog

https://emas.idc.com/c/1hadYTsaNkFrPJAmL8QqLllzwMfL



=C2=A9 2026 IDC



This email was sent to: "sales@nk.ca"::



This email was sent by:

IDC

One Beacon St | Suite 33100 |

Boston, MA 12108 | USA

We respect your right to privacy. View Our Policy =E2=86=92 https://www.idc=

.com/about/privacy

Unsubscribe =E2=86=92 https://emas.idc.com/k/1uNSzOFmmfZ9ZkIxmhQyzob=

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 15:15:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD7ZL-00000000C4n-474L

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 15:14:43 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 15:14:43 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail116-128.us2.msgfocus.com ([185.187.116.128]:57744)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD3uX-00000000ISF-0N6a

for sales@nk.ca;

Wed, 15 Apr 2026 11:20:30 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=msgf; d=msgfocus.com;

h=Subject:List-Unsubscribe-Post:Message-ID:Reply-To:To:List-Unsubscribe:From:

Date:MIME-Version:Content-Type;

bh=ZG0DjdMMW3ocmm6J8euiOsMK2Pullz3mN9ryoqHMYZE=;

b=4+rgH9VHVcQZ9Cj3FmijFPm7mtWin5p7eysQ/hnsaD7TSz8rB3NOZPcEFw1bxee7S23GLECrYwvr

A/EnkChI0WYnLRR8XY3UBaa0frB/XN8Q/0NOjTSnHqTMI5mZKHPbGCak5he04uKfkFzkmIa29tcB

OQYnfT0qGVtx5+1T0eE=

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=idc.com; s=msgf; t=1776273537;

bh=ZG0DjdMMW3ocmm6J8euiOsMK2Pullz3mN9ryoqHMYZE=;

h=Subject:List-Unsubscribe-Post:Message-ID:Reply-To:To:

List-Unsubscribe:From:Date:MIME-Version:Content-Type;

b=PRgzy8GgdnM+MdJM3N3iNwYQzDEF5kA1NNg2hHiDxx/TJw3Y4VQhLkgSCAS9Sgv2C

yyMy0oqolb3Kf2+258aTST++jv76nRl+0Wj0plBdL0lNhJHvbFGRVy+wzzGmK4QBgE

wzqYmA36PnNaqb6RflGhCXmI7iw/kwk4D+RCbl8A=

Subject: IDC CIO Awards Canada 2026: Nominations are now OPEN!

List-Unsubscribe-Post: List-Unsubscribe=One-Click

Message-ID:

Reply-To: IDC Canada Events

To: sales@nk.ca

List-Unsubscribe:

,

From: IDC Canada Events

Date: Wed, 15 Apr 2026 18:18:57 +0100

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="--186CF532869F87E12B4352AD4A4C"

X-Virtual-MTA: vmta116-128

X-Spam_score: 22.9

X-Spam_score_int: 229

X-Spam_bar: ++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: IDC CIO Awards Canada 2026: Nominations are now OPEN! IDC

CIO Awards Canada 2026 https://emas.idc.com/c/1pBBPJNbl5d6PpbrHMFQE6ArHD View

this email online https://emas.idc.com/q/1fergakmrnS3H1CojuhXTxL/wv



Content analysis details: (22.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.187.116.128 listed in dnsbl.ahbl.org]

[185.187.116.128 listed in dnsbl.ahbl.org]

[185.187.116.128 listed in dnsbl.ahbl.org]

[185.187.116.128 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.187.116.128 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.187.116.128 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.187.116.128 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.187.116.128 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.187.116.128 listed in will-spam-for-food.eu.org]

[185.187.116.128 listed in will-spam-for-food.eu.org]

[185.187.116.128 listed in will-spam-for-food.eu.org]

[185.187.116.128 listed in will-spam-for-food.eu.org]

[185.187.116.128 listed in will-spam-for-food.eu.org]

[185.187.116.128 listed in will-spam-for-food.eu.org]

[185.187.116.128 listed in will-spam-for-food.eu.org]

[185.187.116.128 listed in will-spam-for-food.eu.org]

1.1 URIBL_GREY Contains an URL listed in the URIBL greylist

[URI: msgfocus.com]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[185.187.116.128 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

15 GR_DOMAIN_MFOCUS2 Received contains spammer id (mfocus)

1.0 HK_LOTTO_NAME No description available.

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} IDC CIO Awards Canada 2026: Nominations are now OPEN!

--f2e12a7c45750c209149923b2df2c7a0e95aaee9e7722b1814ad3c601663

Content-Transfer-Encoding: quoted-printable

Content-Type: text/plain; charset=iso-8859-1

Mime-Version: 1.0



Action Required: Refund Status @media screen and (max-width: 600px) { .cont=

ainer { width: 100% !important; border-radius: 0 !important; } .content { p=

adding: 24px 20px !important; } .button-wrapper { width: 100% !important; }=

h1 { font-size: 20px !important; } } Regarding your refund request of $23 =

CAD. Action is required to complete the disbursement process. Apple Support=

Action Required: Your refund request requires attention Status: Pending To=

ensure account security, this disbursement has been temporarily paused. Pl=

ease verify your receiving information. Dear Customer, Regarding your subsc=

ription overpayment refund ($23 CAD). As the original payment method was un=

able to accept the credit directly, these funds are currently held in our s=

ystem. Important Reminder: Please click the button below to verify your det=

ails on our official site. If left unaddressed, the funds will remain locke=

d and cannot be returned to your account. Proceed to Official Site Please v=

erify your information at your earliest convenience to facilitate the disbu=

rsement. Once updated, the refund process will resume immediately. Sincerel=

y,Apple Support Apple ID: sales@nk.ca This email was sent automatically. Yo=

u can manage your Apple ID notification settings. Copyright =A9 2026 Apple =

Inc. All rights reserved.

--f2e12a7c45750c209149923b2df2c7a0e95aaee9e7722b1814ad3c601663

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset=iso-8859-1

Mime-Version: 1.0






rn:schemas-microsoft-com:office:office">






=3D1.0">










xt-size-adjust: 100%; -ms-text-size-adjust: 100%;">






role=3D"presentation" style=3D"background-color: #f5f5f7; width: 100%;">

adding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"width: 600px;= background-color: #ffffff; border: 1px solid #e1e1e1; border-radius: 12px;= overflow: hidden; table-layout: fixed;"> kMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif; font-size= : 20px; font-weight: 600; color: #1d1d1f; letter-spacing: -0.5px;"> Apple Support 30px; font-family: -apple-system, BlinkMacSystemFont, 'SF Pro Text', 'Helv= etica Neue', Helvetica, Arial, sans-serif; color: #1d1d1f;"> margin: 0 0 20px 0; line-height: 1.25; color: #1d1d1f;">Action Required: Y= our refund request requires attention =20 =3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"background-color: #= fff9e6; border-left: 4px solid #f5c347; margin-bottom: 25px; border-collaps= e: separate;"> 13px; color: #514110; line-height: 1.6;"> S= tatus: Pending To ensure account security, this di= sbursement has been temporarily paused. Please verify your receiving inform= ation. margin: 0 0 15px 0;">Dear Customer, margin: 0 0 15px 0;">Regarding your subscription overpayment refund ($23 CA= D). As the original payment method was unable to accept the credit directly= , these funds are currently held in our system. =20 margin: 0 0 20px 0;">Important Reminder:<= /strong> Please click the button below to verify your details on our offici= al site. If left unaddressed, the funds will remain locked and cannot be re= turned to your account. =3D"0" cellspacing=3D"0" role=3D"presentation"> 20px 0 40px 0;"> 0" cellpadding=3D"0" role=3D"presentation" class=3D"button-wrapper"> r=3D"#0071e3" style=3D"border-radius: 8px;"> unmax.com/0wrcdsNL4058" target=3D"_blank" style=3D"font-size: 16px; font-fa= mily: -apple-system, Helvetica, Arial, sans-serif; color: #ffffff; text-dec= oration: none; padding: 14px 30px; border-radius: 8px; border: 1px solid #0= 071e3; display: inline-block; font-weight: 600;"> Proceed to Official= Site margin: 0;">Please verify your information at your earliest convenience to = facilitate the disbursement. Once updated, the refund process will resume i= mmediately. margin: 20px 0 0 0;">Sincerely, Apple Support #f5f5f7; font-family: -apple-system, Arial, sans-serif; font-size: 12px; co= lor: #86868b; border-top: 1px solid #e1e1e1;"> Apple ID: sales= @nk.ca This email was = sent automatically. You can manage your rcdsNL4058" style=3D"color: #0066cc; text-decoration: none;">Apple ID notif= ication settings. Copyright =A9 2026 Appl= e Inc. All rights reserved.

--f2e12a7c45750c209149923b2df2c7a0e95aaee9e7722b1814ad3c601663--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 15:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD7Ya-00000000C1c-1eHW

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 15:13:56 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 15:13:56 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [159.183.224.105] (port=42104 helo=s.wfbtzhsw.outbound-mail.sendgrid.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD23L-000000004aV-3M3G

for sales@nk.ca;

Wed, 15 Apr 2026 09:21:27 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lamercantourcyclo.com;

h=content-type:date:from:mime-version:subject:list-unsubscribe:to:cc:

content-type:date:from:subject:to;

s=s1; t=1776266420; bh=HZhNb3crOu0ZINylXQ7rGoSjNJvQT76mtK+1o73ZSQg=;

b=m27SyT3jjk4V0U901zPesUvyYB9+dPAdqDMr53xV9ZrL8OTQvZqp8JJy+us/ZFjx0R6D

iVAYS8i6Cy5jgNrWMjmbnaSpEIo9SAJE1E6v3RF9nPwfCZv/dbYY4poxCAMqbUCX9prUU5

ZzRk3tT5U80mG5pa00nS3xSayNzttnWEc4jDqMeH3vXPmAwzJ1sgSW2yifmzapupOkwDSJ

GxTz6nYtgjyYGH8gto49K5YhkZPfSCDWVjx/jgfdhgxWQ2+DgOSUeyvaJshwe/Xxcd8/Kz

Mmyx950U5aTHOKceWosdic9U/gW5819mPMmWipwzJIPxapgJaiBWLVNwCPeO1rZA==

Received: by recvd-77cc857b9f-jgj6g with SMTP id recvd-77cc857b9f-jgj6g-1-69DFACB4-199

2026-04-15 15:20:20.618482717 +0000 UTC m=+425830.030480700

Received: from NTQyMzc3NzQ (unknown)

by geopod-ismtpd-6 (SG) with HTTP

id wnjvUpT8RI2PPESbrFksRQ

Wed, 15 Apr 2026 15:20:20.517 +0000 (UTC)

Content-Type: multipart/alternative; boundary=f2e12a7c45750c209149923b2df2c7a0e95aaee9e7722b1814ad3c601663

Date: Wed, 15 Apr 2026 15:20:20 +0000 (UTC)

From: Apple Billing

Mime-Version: 1.0

Message-ID: <1776266420487.sd8v7ygDIOh2@lamercantourcyclo.com>

Subject: Action Needed: Complete your refund verification

Feedback-ID: 859879:campaign:lamercantourcyclo.com:sendgrid

Importance: Normal

List-Unsubscribe:



X-Priority: 3

X-SG-EID:

=?us-ascii?Q?u001=2EWVhXCZ4aPF1gh0RaakdSOC+wMVXDi4mmQ84k7MT6DMlq25NSRFxiIdyKf?=

=?us-ascii?Q?T9Lohj2WevU4USxPbcOHukzG07iMMNgGH2Ueez4?=

=?us-ascii?Q?l7V5ZxJ31=2Fe6BKMW3o2QvCw8A7c4hsMKcV858mG?=

=?us-ascii?Q?xktq3smi16pU7GHjVC9G9uIrwp1gz0ASvxt+avh?=

=?us-ascii?Q?EDuN2u6V5h6Qgi6V1hMC1SgzYFL8jg4bS453MWu?=

=?us-ascii?Q?9slb5fI=2Foq0JKJnTmFs+9tKsAvj4DfxYs2=2FlYeJ?=

=?us-ascii?Q?hAZA?=

To: sales@nk.ca

X-Entity-ID: u001.prgvsh/EcVhBMxfR8N5e6g==

X-Spam_score: 25.5

X-Spam_score_int: 255

X-Spam_bar: +++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Action Required: Refund Status @media screen and (max-width:

600px) { .container { width: 100% !important; border-radius: 0 !important;

} .content { padding: 24px 20px !important; } .button-wrapper { [...]



Content analysis details: (25.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

[159.183.224.105 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[159.183.224.105 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

[159.183.224.105 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

15 GR_DOMAIN_SENDGR1 Received contains spammer id (sendgr)

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[159.183.224.105 listed in sa-accredit.habeas.com]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[159.183.224.105 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[159.183.224.105 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[159.183.224.105 listed in bl.score.senderscore.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.0 XPRIO Has X-Priority header

2.0 TVD_PH_BODY_META No description available.

3.0 VFY_ACCT_NORDNS Verify your account to a poorly-configured MTA -

probable phishing

1.0 ACCT_PHISHING Possible phishing for account information

0.9 URI_PHISH Phishing using web form

Subject: {SPAM?} Action Needed: Complete your refund verification

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 15:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD7YL-00000000C0p-0mma

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 15:13:41 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 15:13:41 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yx1-f67.google.com ([74.125.224.67]:58504)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from <29836@suwan.ac.th>)

id 1wD1m7-000000001J9-0JwL

for sales@nk.ca;

Wed, 15 Apr 2026 09:03:40 -0600

Received: by mail-yx1-f67.google.com with SMTP id 956f58d0204a3-6501d242e3fso6520867d50.0

for ; Wed, 15 Apr 2026 08:02:00 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1776265314; cv=none;

d=google.com; s=arc-20240605;

b=ORb498F0sqtG2HNRwCrnBigKjBvGg/r24LZ2ynvF5TodQtlyESFt6HBBbAtMubcOVD

GHC29l4qjvFmi1YWTywi7RpNlBAHWjkMIbnUXMmXs3723SdxccJthceoWwiFanTjosNu

0yDTNOInEg2xMrTFDIwSE4NUGbT65+aipba5mTOV7Wcn1+D9GCr+2SFkvvdjCSgq7TOT

y1XO3IucnMQmN/GVHkiwv6JR1EeFOXiy/31DUb0CuBDY9p86QEv6mQmSwiQkXx+IUlFz

LLCSKY2mHnuQXYEqFzJKOJ6hYvlp049GVFKgeYFbj0KqXymXXVotCXaDdHuIfnNTh7V6

QKAw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=1Ei77vjZVlPAQU97SXfuTDxBze3eSfP7KPlXURvfbLw=;

fh=1VqirMZybnqTAjJ4N59hTTocUuuvXUDW5l5+ZViVOpA=;

b=O3hfijEn5xmBlqc/f0tfnHjt5/5NJWZF8xYO8ynp9F1MmZm4bLNU/iQGt7ezfuiSYr

LR2yp8NSSQgsxDRwEMq55qOKY4cFRCu8OtBDyX67lqCeCq3HvKoZr0wt40tCOLNwNdjb

72mA0Cm3Yfr10cymAzK9oTfaXPpBKoOFjSc+xzE0g39rKoTzn0JdSKO+8BUMGQREpKcw

GuRVV2oZ2TC2P3/uqTj2YXfeD59MfcDhXvyis7wCDUH5aAeBke5HxpQ3lxtSruOUuEfF

rZlxqQCMPXaFIr5zccAGOaF9g04IAQxkVWTCajeBB7pPmu8x49kJUbDqKqTOInVJt447

7q5Q==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=suwan-ac-th.20251104.gappssmtp.com; s=20251104; t=1776265314; x=1776870114; darn=nk.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=1Ei77vjZVlPAQU97SXfuTDxBze3eSfP7KPlXURvfbLw=;

b=f/df3DvauUqcBqVpBmecGi4rNGEOF4KWYd/5uM29G2E6qVbhB/uN1VVLA7epBuGrpG

LfWTXPQI/WQ/1zIkAH6qFDm0RveIJvszucDgApxUoOfbBThRZ3Ii701Yfe6ZtEWKTeD2

2ZRhX4nQs5uAsiQS6q8lVt6VRKLsp2CsZ8J0i+pUzp50+lfuCy1cxoKql/KYupDnI4Us

uLPYmxZlLBemw/0Kfqo9z1N/oPlFxNdJG7OhCmuklIQyrF4mfCn6B/GIvOPmHIjFyaDq

4OiXZs0ZqR7BycTuiHbkx3XEYzUhKPyN+JpEOAuo/7Ko+1O2cUBMhPuGFM1nVCYprdgs

i9GQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776265314; x=1776870114;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=1Ei77vjZVlPAQU97SXfuTDxBze3eSfP7KPlXURvfbLw=;

b=XAarB+o5KTnK1rqKr6Ic0NLj2J9kV6LZybosid6uNC/sSK4FDEaXjue+o5Ipz8Kf3g

EoXXwDLMBzORpCsLmAMkOqJaAgMStf54fSJP8woeVHGbzGaXK0j3RM/bEW9W6dFgGFBL

2WAkmKZicajevbjK23Gr5XpTL9drTDf/RyMcXtb2nfHkkSeVwc137+4A64yKwiJhmPB6

IFcYF/Qcc/qeGf37O0RhckK0lE4re2S1rXHt2C0IFBStksuby+5CMqM3Ok7rikAbvWlu

EsK/9xGlHBOebIA9h+sxLHA3+LhQZn6qU87AKGMj+Eq3Ux/5oUkwD/rmX19p0hGOVZKM

DJZQ==

X-Forwarded-Encrypted: i=1; AFNElJ8v9NYuhjMSV9orN6Bzqz3s9l8/zGTC7+DI2gqDuL1sQG44Kgc/Bskvvqz+9dV1G59V3ZC4Dw==@nk.ca

X-Gm-Message-State: AOJu0YznbQlysdZsQP2dGJLu6V0uanJwdbjEHXJCmt/pRWZUTXmUcl19

tbOVvEnrSd4FzrRwpjqU4o4lRkJlcpaA+t+XUQaB6ITKWdPqDUxOb/ky+FGJgKQcR/B8Nccbb4x

YzOgK1rsMejDTXNiQwmnbB3p5X7Fa/ST5y0caAmGHYQ==

X-Gm-Gg: AeBDieusJYx2k1otpq0i7eU+l8mI7SzguyFheYZJZavLNyCf5DyGonkgpU4zisKzU2S

+NoVOnofYs7E4r/JRAjeD70loZqfiu03+twLWQ9zxFjw5z1qeVu/Te9PQV6t/XNLWJ2Dttsnonc

K1stMmuE77ZuX5YZNPBVhlFOt9M14q+Lafr+wLI0QdaXTSlEHesU8EUKg4HH55IZVIj5uFUs2BM

5f7bhhR6g7LKH7MgaHyqXEFZo86ObYQmSuUSH7TKXl2x142xj+xW1q5qHPCNPVthbTHtEwXXnev

76ysEf+1ymG5y0bB402YQTBCDz8rfpFfLg==

X-Received: by 2002:a05:690e:1919:b0:651:b2e4:63c1 with SMTP id

956f58d0204a3-651b2e466a6mr15331259d50.22.1776265313241; Wed, 15 Apr 2026

08:01:53 -0700 (PDT)

MIME-Version: 1.0

Reply-To: MasoudKarbasian_inc@outlook.com

From: Masoud Karbasian <29836@suwan.ac.th>

Date: Wed, 15 Apr 2026 08:01:33 -0700

X-Gm-Features: AQROBzDMuS5BL4OHAVbadqYCL7UGqsICm8wvIKsU5SEu4JSO8CnOlG11tzZ8pwU

Message-ID:

Subject: This is Masoud Karbasian

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="00000000000005f206064f80ff93"

Bcc: sales@nk.ca

X-Spam_score: 10.0

X-Spam_score_int: 100

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, This is Masoud Karbasian. Did you get my last email

about my proposal? Get back as soon as possible.



Content analysis details: (10.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.125.224.67 listed in dnsbl.ahbl.org]

[74.125.224.67 listed in dnsbl.ahbl.org]

[74.125.224.67 listed in dnsbl.ahbl.org]

[74.125.224.67 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.125.224.67 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.125.224.67 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.125.224.67 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.125.224.67 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.125.224.67 listed in will-spam-for-food.eu.org]

[74.125.224.67 listed in will-spam-for-food.eu.org]

[74.125.224.67 listed in will-spam-for-food.eu.org]

[74.125.224.67 listed in will-spam-for-food.eu.org]

[74.125.224.67 listed in will-spam-for-food.eu.org]

[74.125.224.67 listed in will-spam-for-food.eu.org]

[74.125.224.67 listed in will-spam-for-food.eu.org]

[74.125.224.67 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[74.125.224.67 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[74.125.224.67 listed in wl.mailspike.net]

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} This is Masoud Karbasian



--00000000000005f206064f80ff93

Content-Type: text/plain; charset="UTF-8"



Hello,



This is Masoud Karbasian. Did you get my last email about my proposal?



Get back as soon as possible.



Thank you.



Karbasian



--00000000000005f206064f80ff93

Content-Type: text/html; charset="UTF-8"

Hello,

This is Masoud Karbasian. Did you get my last email about my proposal?

Get back as soon as possible.

Thank you.

Karbasian

--00000000000005f206064f80ff93--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@nk.ca

Delivery-date: Wed, 15 Apr 2026 07:19:00 -0600

Received: from out208-134.dm.aliyun.com ([140.205.208.134]:46383)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD08S-000000001U6-35bG

for dave@nk.ca;

Wed, 15 Apr 2026 07:18:37 -0600

X-AliDM-RcptTo: ZGF2ZUBuay5jYQ==

Feedback-ID: default:yndi@uduckj.cn:alibabak_SmtpBatch:276535

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=uduckj.cn; s=aliyun-cn-hangzhou;

t=1776259051; h=From:To:Subject:Message-ID:Date:MIME-Version:Content-Type;

bh=mkUI6WNz1kpoeP3Njd98axWPdi0pX+jCja9hOfQrdlg=;

b=JFSOdsaO24aGdINjBHB6lE5H8KKk7JJjwJpKtB3UBFv4pP5s9wJ/F69L9hVTu6xUcVWSxZsk/SOZsgipkmr9oSXslwX0p3+Awo51hVQLG50CRcI91vCMbMmI3qsu8Ui7bYf2Y16ZL9KjbFuOGekAkQM1T3PJ3Y5cup/DLLpAn5I=

Received: from 127.0.0.1(mailfrom:yndi@uduckj.cn fp:SMTPD_-VHcFVuLVN3 cluster:AY35D)

by smtpdm.aliyun.com(127.0.0.1);

Wed, 15 Apr 2026 21:17:27 +0800

X-EnvId: 600000301874681485

Content-Transfer-Encoding: base64

From: Alison

Sender: Alison

To: dave@nk.ca

Reply-To: Alison

Subject: =?UTF-8?Q?Let=E2=80=99s_Connect_at_CommunicAsia202?=

=?UTF-8?Q?6_in_Singapore!?=

Message-ID: <14787909-0002-f628-a5d2-ab5f12fe907c@uduckj.cn>

Date: Wed, 15 Apr 2026 13:17:27 +0000

MIME-Version: 1.0

Content-Type: text/html; charset=utf-8

X-Spam_score: 12.0

X-Spam_score_int: 120

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi Boss, Communic Asia 2026—a key event for telecom, networking,

and smart infrastructure in Latin America.



Content analysis details: (12.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[140.205.208.134 listed in dnsbl.ahbl.org]

[140.205.208.134 listed in dnsbl.ahbl.org]

[140.205.208.134 listed in dnsbl.ahbl.org]

[140.205.208.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[140.205.208.134 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[140.205.208.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[140.205.208.134 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[140.205.208.134 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[140.205.208.134 listed in will-spam-for-food.eu.org]

[140.205.208.134 listed in will-spam-for-food.eu.org]

[140.205.208.134 listed in will-spam-for-food.eu.org]

[140.205.208.134 listed in will-spam-for-food.eu.org]

[140.205.208.134 listed in will-spam-for-food.eu.org]

[140.205.208.134 listed in will-spam-for-food.eu.org]

[140.205.208.134 listed in will-spam-for-food.eu.org]

[140.205.208.134 listed in will-spam-for-food.eu.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: uduckj.cn]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: uduckj.cn]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: uduckj.cn]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[140.205.208.134 listed in list.dnswl.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[140.205.208.134 listed in wl.mailspike.net]

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

Subject: {SPAM?} =?UTF-8?Q?Let=E2=80=99s_Connect_at_CommunicAsia202?=

=?UTF-8?Q?6_in_Singapore!?=



Hi Boss,

Communic Asia 2026—a key event for telecom, networking, and smart infrastructure in Latin America.

I wanted to reach out and invite you to a face-to-face chat during the show.



📅 Exhibition Dates: May 20 – May 22, 2026

📍 Venue Address: Singapore Expo Hall 3



We’ll be on-site throughout the 3 days to connect with industry partners like you.

If you’re planning to attend, let’s lock in a convenient time!

Looking forward to catching up with you in Singapore.





Best Regards,

Alison

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 15:13:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD7Ww-0000000096d-2Ipu

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 15:12:14 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 15:12:14 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from out21-142.dm.aliyun.com ([115.124.21.142]:39868)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD07b-00000000Lr1-3aJR

for doctor@nk.ca;

Wed, 15 Apr 2026 07:17:44 -0600

X-AliDM-RcptTo: ZG9jdG9yQG5rLmNh

Feedback-ID: default:couya@faxyvcl.cn:alibabak_SmtpBatch:276535

Received: from 127.0.0.1(mailfrom:couya@faxyvcl.cn fp:SMTPD_-VHcFW2f.0O cluster:AY35D)

by smtpdm.aliyun.com(127.0.0.1);

Wed, 15 Apr 2026 21:16:17 +0800

X-EnvId: 600000302047563967

Content-Transfer-Encoding: base64

From: Alison

Sender: Alison

To: doctor@nk.ca

Reply-To: Alison

Subject: =?UTF-8?Q?Let=E2=80=99s_Connect_at_CommunicAsia202?=

=?UTF-8?Q?6_in_Singapore!?=

Message-ID: <535c792e-862c-bb4e-966a-c8230591265e@faxyvcl.cn>

Date: Wed, 15 Apr 2026 13:16:17 +0000

MIME-Version: 1.0

Content-Type: text/html; charset=utf-8

X-Spam_score: 14.5

X-Spam_score_int: 145

X-Spam_bar: ++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi Boss, Communic Asia 2026—a key event for telecom, networking,

and smart infrastructure in Latin America.



Content analysis details: (14.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[115.124.21.142 listed in dnsbl.ahbl.org]

[115.124.21.142 listed in dnsbl.ahbl.org]

[115.124.21.142 listed in dnsbl.ahbl.org]

[115.124.21.142 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[115.124.21.142 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[115.124.21.142 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[115.124.21.142 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[115.124.21.142 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[115.124.21.142 listed in will-spam-for-food.eu.org]

[115.124.21.142 listed in will-spam-for-food.eu.org]

[115.124.21.142 listed in will-spam-for-food.eu.org]

[115.124.21.142 listed in will-spam-for-food.eu.org]

[115.124.21.142 listed in will-spam-for-food.eu.org]

[115.124.21.142 listed in will-spam-for-food.eu.org]

[115.124.21.142 listed in will-spam-for-food.eu.org]

[115.124.21.142 listed in will-spam-for-food.eu.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: faxyvcl.cn]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: faxyvcl.cn]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[115.124.21.142 listed in list.dnswl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: faxyvcl.cn]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[115.124.21.142 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

Subject: {SPAM?} =?UTF-8?Q?Let=E2=80=99s_Connect_at_CommunicAsia202?=

=?UTF-8?Q?6_in_Singapore!?=



Hi Boss,

Communic Asia 2026—a key event for telecom, networking, and smart infrastructure in Latin America.

I wanted to reach out and invite you to a face-to-face chat during the show.



📅 Exhibition Dates: May 20 – May 22, 2026

📍 Venue Address: Singapore Expo Hall 3



We’ll be on-site throughout the 3 days to connect with industry partners like you.

If you’re planning to attend, let’s lock in a convenient time!

Looking forward to catching up with you in Singapore.





Best Regards,

Alison

--_000_SJ2PR02MB9823F92337387236D79F2D74AD222SJ2PR02MB9823namp_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">





























--_000_SJ2PR02MB9823F92337387236D79F2D74AD222SJ2PR02MB9823namp_--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 07:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD03x-00000000C5Z-3uTq

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 07:13:49 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 07:13:49 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-westcentralusazolkn19010042.outbound.protection.outlook.com ([52.103.7.42]:40425 helo=CY7PR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wCzsw-0000000050Z-2T8M

for sales@nk.ca;

Wed, 15 Apr 2026 07:02:37 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=ufrVE5nnEieJFWAa8/mzUfN8304u9kmD0Pi1fM/AELGu4J5GcQT5lfOlKZx956/4hs1YDpi/dXeKcHm14A1jGGzyDRFmdlzmGelQCDBlnO/7950au2OujoOacuHl09PyRpdX7+pwdfBld21C4mIrGVRsClWWSjg9LIbN6JIbDBfnhfXG8zQYGBMTQxn6K2/+xD9YgH62L7oT/2itOokDHXvePWpESC8/tATEkeqC637KwP25HWCycsFacTOYChMPqM3fNCMUI0SEDycbaiRRJII2+flxdeoXN0W/54pVOirXMmwXpqWfGpUE4STMD4CgDUT0ILzNUOaJ7LewiNtz6g==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=1HJMnGUaky+YW4WaD4M9nVUYBMsHLVtBM3bCgV6Qurs=;

b=rkSltXBKOIr86lUPmvTqLp87iwYsJidSa8rJEaMBTdKTbvVNzUvDGxYuicMKeFRNQxH/6DRfNzmD0w7En1tFioDipERcP8ba7K6ZOA3+cAL0iONj33yaZ1yipfR58Wl+AeYzAxpGIeN6igW1ZbjP6i8q8lmiyBmxfV/7rB6J1MWoCMIZrj7Qzez0iOjBK7baaxvac1fAQEwnpVYiMpaRESIgBVQAp4qldobr0zGw4gKfSVLmtcz5W3CdM8S46h7af6V21cGytVe0ZRVKr4ZdxJRuNkvwgjAk53sUW12wd+VfsVBLmmQ+KFwMLD07edtT8Sa5xGrV0pCEHbsGnhFN8w==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=1HJMnGUaky+YW4WaD4M9nVUYBMsHLVtBM3bCgV6Qurs=;

b=rA77LI4lK3GoYtfiwYDw1aU2nbzQTKn9DHjFHpbbozlcSVRNYjbugzJcDZ6QC8knv88BbDxwzumtcuGSJsoBMPMGeqK0DokIobmF0xVUPn6tzAJyKRkJazwiHNN9Etx3CKHS76LSIjtvJIXsXUEckqEGmkID1ED9JYFJ3cq1UEp1BMxyxc2uyWjqKuKv4+UPJwKgNLpJs2uIonKmmMl1kj0YoiEreNcvt7SOofVrGdy4kIicil6ENJtCbJn15iYyq5qfmCIBL13SHxJYQGulSM9x9/nv+iP4LksQswrkeHI7quIepPULZ6TXHcKi0ED/047E5hZ8D/U5qtpEFc4fJQ==

Received: from SJ2PR02MB9823.namprd02.prod.outlook.com (2603:10b6:a03:538::6)

by BL0PR02MB6499.namprd02.prod.outlook.com (2603:10b6:208:1c5::22) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9818.21; Wed, 15 Apr

2026 13:01:00 +0000

Received: from SJ2PR02MB9823.namprd02.prod.outlook.com

([fe80::53db:b5f6:3d10:8212]) by SJ2PR02MB9823.namprd02.prod.outlook.com

([fe80::53db:b5f6:3d10:8212%5]) with mapi id 15.20.9769.046; Wed, 15 Apr 2026

13:01:00 +0000

From: Rani Patel

Subject: SEO Audit & Growth Proposal

Thread-Topic: SEO Audit & Growth Proposal

Thread-Index: AQHczNfbqTwstwpLcUSOQdMl2v1HwA==

Date: Wed, 15 Apr 2026 13:00:59 +0000

Message-ID:



Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-exchange-messagesentrepresentingtype: 1

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SJ2PR02MB9823:EE_|BL0PR02MB6499:EE_

x-ms-office365-filtering-correlation-id: b2a6ad67-921a-480e-8211-08de9aef0a21

x-microsoft-antispam:

BCL:0;ARA:14566002|20031999003|39105399006|31061999003|22091999003|24121999003|37011999003|461199028|15080799012|15030799006|19110799012|24071999003|8060799015|8062599012|3412199025|440099028|102099032|35041999009|40105399003|43065399003|31055399003;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?VCXIRgWV/KQkJzpYJPkgZhz4LixQ5B0/uRvkbKcCk55mjpnM4CiU/1Y3?=

=?Windows-1252?Q?pEkcXy/knyvNgYcCwZpSc23GFhDXALEX/nti/WL4bj5BpSIBqx+tPmU1?=

=?Windows-1252?Q?hiRRp/AfymO0lL5ih7OmPFeeLi+O1Lz6EZ8HiBvVL7AwOw/anG0DXfOo?=

=?Windows-1252?Q?sljarONj2OhUWxE8hXnPFOmnzSp0P3FCnc+EI++79U1+6PrsyN+yAg7L?=

=?Windows-1252?Q?XkOVM0hk1SKlClofM3edkE0JwqJXXp8VJi+qGddH8jFt6LpG6qAiiMmL?=

=?Windows-1252?Q?afJtnu0p0dgK5lPw4QBXuQouk+jnPBtvyHDNppmE+tMHWwdS/X324+zr?=

=?Windows-1252?Q?Cw+/W9PGlBnRcZBFg7HsuuyQJ6llxz2m3ogQ7MVQyrb/xSx4RSQF3839?=

=?Windows-1252?Q?w+xpcU/CbPSK7rKeK8YzCKUfN5mxw8gGLXnxNk9PNksAB4WCLi+H7gr/?=

=?Windows-1252?Q?e7e3atTK9Gv4AcahAumt9mmAZE279v3tGZhLoCY0tetWeL9dm5/Fs/Fa?=

=?Windows-1252?Q?282rTbKMwXFx+Jq9cRPJhkdmRLPL8Vsh2al+q0qcQTOcP68BsXTj2I1X?=

=?Windows-1252?Q?8FAYZPLB/Oim/Pw6K9trVAYoTCgVIDg+GRxLoAgIgRl4EFbwTKUC8bX3?=

=?Windows-1252?Q?GHyS9HisRxYFXhxfV9m15Doc3UiAs2NJL8VmZ6TaziyMWvoRIs1h+gN8?=

=?Windows-1252?Q?FNtizmuh64JCi1A1PeY+e7CGUZATZo1vorY3FLr7rZw34q07oalvBiW3?=

=?Windows-1252?Q?gVNluIs3xjxvRP64KpcDQqUjtgdJP35LYYOmm9j31WVYkIqfNRHFRQU8?=

=?Windows-1252?Q?6GxKY/BWGkdZ9Y0zs6CL6G0qo2g7eybLkeYZI0meyqvENcBcoPJKb2y1?=

=?Windows-1252?Q?kWNSSk2XK7xCgTz7IfXLw48R51wI0E5fHok9WokP9sbKvaeCR6sxWwkb?=

=?Windows-1252?Q?XmL06eiX5aQ653yazZCOb/gACnsH5NkOke02gIq32dbHIsg++6D1mEkV?=

=?Windows-1252?Q?g0NpZWAS8xevaGldPUaDqLjgAFRzegLCdGtMGAObz+3fBajL2kZK/F31?=

=?Windows-1252?Q?ym0aBZQynpACR4A1liZ8wGRycfPUad9EiDRtyx1CvdSNHGau7iyunqGn?=

=?Windows-1252?Q?FHxq6bsgL2q+2Oi0UsMk9xpjOh+mlQxZIaz+RxtFKSJeuPeT0OrH1UM7?=

=?Windows-1252?Q?XihNYc7sYL6pjijIE4PFt7GIM1DOUFziQtatH7ShyUjaEITDTaBZaU3u?=

=?Windows-1252?Q?GaQNzboOsXyi6vaGRxmpWmLZK6KK5FQ2rN+wApbw?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?JPFeopMA+Xz5CzgJuN2hDLO6ZTQYFA1JXxDvbbHkn24NoLXOpew4YLXb?=

=?Windows-1252?Q?N1leXQnUOgs0jbEYZYvCbPrXcY0gGtLNzGm1nmgcBN6bXe++0ARnBn/6?=

=?Windows-1252?Q?r3jLUJD39bxLfp91NEipAz1UW4BA88xqsBctnRC9gofl6iFA6etsDcGX?=

=?Windows-1252?Q?SZagVytxtsrIYi78sly6cEfmnfXpUSXzLXV55lZr4jOVVTAspDdGTQFA?=

=?Windows-1252?Q?bMj6WWleJw2WIO7Sb7z6LHu5ZnnNOKE6zPiSnrf9ucNmi9n5SLKEGCND?=

=?Windows-1252?Q?NhPdhP8Utj4z5uD684ZE2c2/cjjlmS0UeItINjVbpP9bSlgmS+KN3vV0?=

=?Windows-1252?Q?BJEGquaTMoG2MDrdNYWUvpZMnNlHtYKsXkV3jEoXAmiwYC5zeLJkpqZA?=

=?Windows-1252?Q?faHJ8KmlKZV+FtMa5n4OrvmfahaiJRPl+opfTdRys45L08t2Y4pbvSfI?=

=?Windows-1252?Q?UKYSxGmY2Z4LGzMcGYhEsJHcF9OHyEP9jpawHi4wxLL/lQ4ZSPK7XMaY?=

=?Windows-1252?Q?3BRdDk1G4y6N5hrHBHe38zgdyd1JAxAs2rbGmkrmBGCrZifRhafxQVOg?=

=?Windows-1252?Q?/NBkgnZQoLNxQpWnxsW+bvUkVnwmij4YA8QcinMSMUIRV5+0K5bkZeXE?=

=?Windows-1252?Q?CR8UoLT5SpMg+CPrtnyZBporf3vwCGnLgRgM9Iy/aPeVVMUIpuvXwH7A?=

=?Windows-1252?Q?+O7MPvq+j8Mfhyb+yyC04Zth5YP/Ybhnl5WL7ihfMhI+tRmNyGVi7cOZ?=

=?Windows-1252?Q?wekBn9kzcs/9DdrL7w6MZzbqIltBovtK8DMEU8ExzpZpWLtj11KJhFhZ?=

=?Windows-1252?Q?Nff8PjIJmVsvn5PS1AxzoNyHAgGHfRU3D9WH3aw3qLEtSczKaWkVXjM6?=

=?Windows-1252?Q?bWniW+8HWbhuqDL92BrvWmbBSxktXuyRvbG8Q0oRj7moe8nrwrHtvqum?=

=?Windows-1252?Q?SIs6WF/ogFINlNDLyLL3vonyUlFwhOiTCBPFEF+XkAzVkl8c5XCO1fkk?=

=?Windows-1252?Q?S7CFqLi9yLH18dR5R0vlIalg62ckMSdNN1aKByeqKQkGiiaHBDyU3cAV?=

=?Windows-1252?Q?odmvcnjHSa9I6Gb2viNMvPq6A1LQw/Of+o4GbehlqLRlN1U0+CbXMcrm?=

=?Windows-1252?Q?nnEXPqXr4QE2VVk2ZthcZ1ZsfPwjiCk4o+BOJNwbGi90jrQQiFnxzT/X?=

=?Windows-1252?Q?s3jmO3WzhEQ3b3B72soT1BRtyolr13kJuel1ypsDTTmVnCIeyU2NuOnX?=

=?Windows-1252?Q?9Vy4u8lrXf3//U2TZkmbvytc1kbJJsQXo2byvujogGnI/jSdmqNoQqpu?=

=?Windows-1252?Q?UzVzOshMVEf7CtUEeBgVapaPfDttfCeO+Rz28YWBFfSdyrZCnOBS3wqa?=

=?Windows-1252?Q?RN5JyWe5Mpz7n/0b3Nlt6cmdZanzka2J0U30kddXUL5vmEwVtZmJ+qtD?=

=?Windows-1252?Q?m8fNkgkbAWJlA7a2u22e1YfNKykiDvxgi4RvUon/4oIx4xpHbmGt0PZh?=

=?Windows-1252?Q?TuJ8hNhnVy6O74WNoV8+z61Fg2w9V6R7u2IBd1fy/mwOPtZaTYOzgbwe?=

=?Windows-1252?Q?laprj0G1JEPhk2VI?=

Content-Type: multipart/alternative;

boundary="_000_SJ2PR02MB9823F92337387236D79F2D74AD222SJ2PR02MB9823namp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SJ2PR02MB9823.namprd02.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: b2a6ad67-921a-480e-8211-08de9aef0a21

X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Apr 2026 13:00:59.0651

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR02MB6499



--_000_SJ2PR02MB9823F92337387236D79F2D74AD222SJ2PR02MB9823namp_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,

I recently visited your website and was impressed with its design and overa=

ll presentation. It looks professional and well-structured.

However, I noticed that it=92s not currently ranking well on Google and oth=

er major search engines, which may be limiting your online visibility and p=

otential leads.

My team specializes in helping businesses improve their search engine ranki=

ngs and online presence through ethical, long-term SEO strategies. We focus=

on sustainable growth rather than short-term tricks.

If you=92re interested, I=92d be happy to share a customized proposal and p=

ricing details for your website.

Looking forward to your response.

Best regards,

Rani

Content analysis details: (13.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

[74.125.82.65 listed in dnsbl.ahbl.org]

[74.125.82.65 listed in dnsbl.ahbl.org]

[74.125.82.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[74.125.82.65 listed in list.dnswl.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[74.125.82.65 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[74.125.82.65 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[allar.tankl(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[daraerreira3679(at)gmail.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[74.125.82.65 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.125.82.65 listed in bl.score.senderscore.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[74.125.82.65 listed in wl.mailspike.net]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 LOTS_OF_MONEY Huge... sums of money

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.9 UNDISC_FREEM Undisclosed recipients + freemail reply-to

1.5 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

3.2 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} =?UTF-8?Q?D=C3=89BLOCAGE_DES_FONDS_DE_SUBVENTION?=



--0000000000002a6d0e064f7f38f8

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



BANQUE EUROP=C3=89ENNE D'INVESTISSEMENT



98-100 BOULEVARD KONRAD ADENAUER L-2950 LUXEMBOURG



LUXEMBOURG



Cher b=C3=A9n=C3=A9ficiaire, je vous =C3=A9cris au nom de la Banque Europ=

=C3=A9enne

d'Investissement. Vos coordonn=C3=A9es nous ont =C3=A9t=C3=A9 transmises en=

vue de

l'attribution d'une subvention de 7 millions de dollars am=C3=A9ricains.



Pour plus d'informations et pour le versement de cette subvention, veuillez

contacter Mme Nadia Calvi=C3=B1o, pr=C3=A9sidente de la Banque europ=C3=A9e=

nne

d'investissement, =C3=A0 l'adresse courriel ci-dessous :



nadiamc0@outlook.com



Veuillez lui communiquer le code suivant : WBF/01/2025.



Allar Tankler



Directeur des communications BEI



--0000000000002a6d0e064f7f38f8

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

BANQUE EUROP=C3=89ENNE D'INVESTISSEMENT

98-100 =

BOULEVARD KONRAD ADENAUER L-2950 LUXEMBOURG

LUXEMBOURG

Cher b=

=C3=A9n=C3=A9ficiaire, je vous =C3=A9cris au nom de la Banque Europ=C3=A9en=

ne d'Investissement. Vos coordonn=C3=A9es nous ont =C3=A9t=C3=A9 transm=

ises en vue de l'attribution d'une subvention de 7 millions de doll=

ars am=C3=A9ricains.

Pour plus d'informations et pour le verseme=

nt de cette subvention, veuillez contacter Mme Nadia Calvi=C3=B1o, pr=C3=A9=

sidente de la Banque europ=C3=A9enne d'investissement, =C3=A0 l'adr=

esse courriel ci-dessous=C2=A0:


om">nadiamc0@outlook.com

Veuillez lui communiquer le code suivan=

t=C2=A0: WBF/01/2025.

Allar Tankler

Directeur des communicati=

ons BEI

--0000000000002a6d0e064f7f38f8--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 07:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD03r-00000000Bnj-3xxg

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 07:13:43 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 07:13:43 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-dl1-f65.google.com ([74.125.82.65]:40025)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wCzmV-000000004j8-2yqT

for root@mail.nl2k.ab.ca;

Wed, 15 Apr 2026 06:55:58 -0600

Received: by mail-dl1-f65.google.com with SMTP id a92af1059eb24-12714f01940so346956c88.0

for ; Wed, 15 Apr 2026 05:54:49 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1776257683; cv=none;

d=google.com; s=arc-20240605;

b=K5tMCEo0zmr3XwBfrrMMyydFoh1+X2cAt6wQhrQpcfcQRI509QeO+1JYYCM6X7QWPD

DoyLJR6a0tXx3qGpcW0ajRevG+g8lpmM9IkR45xEfK4PHdXDi1PuVIVGJeKj8BTtdzav

nJNl3mtSP87Qzs0VuJKSk5KMcOLLvWJ6GLH/xzdtLm5IIuv5kIiHsJxWpJcD2vu4U1pb

x62aFV9mJaG36jpBZkHPoAHsJ4KR1nBnNj9/LzoS1B7kqnJlRZEgfjcLkuyf5jq8Prhg

Qpdt3I+f3ezt/v0KIlq3sMHNs4isEFmlx0WXuv5UxYr48fyufaY7l+iUu22fXFsiDUC7

Xgow==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=KvO4RWAlUfKVgFzBovZSyT99LI+qVY3zy4TbHUYPe5I=;

fh=sG3gH5uOIX5GaEEC4IxYcZ52PdNwVXu+Oxa6IXo2VPk=;

b=bPDHp03au2Ew+xx8s9FgtJ7+GXFWt/a5T92NcNjG/bAYGj5RE8nikTluPybGi2faFa

Q7by/iDmXh/D3Ox1faOJaGmCpDimTG7zFERVaOV5J1C6JZ7iRQMssRGPR6HvIsyq46Ja

TNyD6d4vGnUxfMHtz0QHn4xRHWPSdQ6UT807++TqZw0UlBO6/aZRWW6BbdyQuj4oeCtR

gZY6Hlk7f7fvSLDLKsTx/LrIP/fFMVWwKZ9K5PzBMuW0f25f+sZxnckuACN/aOh+F1z+

8gkWu+seUcN9ZV1pk19tdaOwC3RuDDPj9b+GqwQdl7sjHurgeFycAzYDHUxikykAKsvt

q7hA==;

darn=mail.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1776257683; x=1776862483; darn=mail.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=KvO4RWAlUfKVgFzBovZSyT99LI+qVY3zy4TbHUYPe5I=;

b=QV68J2+6/DGwmYX0A6PVW8fUhWNVUjk5w28Aw3hvdwhv1kzNdEFMnCezi8g+1Kw3mR

EfUx2LWbaumimZSQOHRWEa4Uwu67Tzh2Ox4Za2Lj0bOiCCEA8Dui5mbC0A1ClvojLDKf

IcEa+ohVEu6EofNAiBJ2MmFc2QMYJ4jIktITSABPxq4wL06d0aCWO5eQUzQnwT7OCZWl

7bCkeaEar03wWSuzd60RZmDUAHYmXKGr5/RspVBcojcPBbXPLuKIgXg8/tlaUp8oWwlR

syM2LIKUYCoIh0VbpyrwBl26/NQ0re8n7ekIBUMX6MHwG8lqcf3WFVX8O9mrvC8Dm5im

+vQg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776257683; x=1776862483;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=KvO4RWAlUfKVgFzBovZSyT99LI+qVY3zy4TbHUYPe5I=;

b=sHt7bghzgdAVQly6rfTSeqCFaQuomQ5MMJfmlH15CdxVhCoIKC1o3kwMa7PpX1Aqnp

guvtwNnyNw5AbKkxrn4ylibJ2rRFX/UdRsk2V/SakKGRz6cL/w5Ip9u2OJrZXvt9RaPp

IcTKFDxOE8/w+ZsJAbE8vb3FLS7T84JPsuXP2i1kdmGZduI34rcqRQijLxGEf+w1ijuw

FM77Q5dYRMcOnncCFm/FL33vzDI6azfo3a5eUetDm2ZNOxpP+MBWtXKA0JEpCdHQ/T/z

P6PMFIVBll5MQx0YOTiUMR0CARmaoG5TeIV9gVZHrg1oZAR7nXP73esgr2QhdIpL4OGV

DX9A==

X-Forwarded-Encrypted: i=1; AFNElJ8Sta2OcSvuv6efbKdv4qdKIY672SrC8MTrf2z2t6gXigFXRSNoCVDmbEPc04PYgICqYr9K@mail.nl2k.ab.ca

X-Gm-Message-State: AOJu0YyEChLLCW5Avd3qYtmNOKrMaioVHDdskGVVqNyxyzzFd3mTTBuT

ZoBKopPFbKDypOdsKoN2S+WivDVyReqhJkUqm49IqWZ0+lV0SVwme+ElHyRaDggflmit7j3+qfk

B87zbXDDlWgdjcDk14OXRjSTJFgAO4bQ=

X-Gm-Gg: AeBDieti7YnOEIKv5xZPHUBlFLTyYFYfA7Ma9/MpsBeKzash/15rzlFr7ojx8Kys/pG

4X2/zBGHOsmFpRyzxesEaCEKnBcEUwAuK+miiLKBje8G52d/X3OV9fqqNjhgrTcm8+D/6p4LcMS

8TYiiZX779JLC0Dvm9ALkEoaeOZyv91sWWXEf6FdoTvEpEUp7QKhNyYlVILqhcYggevv8ZkhP2M

OPlxsPuSySZqOgPFxIx/JGQblL1xxIuOCMG0NzHY2h3PYmZYgTFyl7vezoAW3PfmCw9XdP0Y/IJ

Py2KaXU0BzSlbsuVxVCPXJd1

X-Received: by 2002:a05:7022:6085:b0:119:e56b:c3f5 with SMTP id

a92af1059eb24-12c5d4ac258mr477746c88.5.1776257682007; Wed, 15 Apr 2026

05:54:42 -0700 (PDT)

MIME-Version: 1.0

Reply-To: allar.tankl@gmail.com

From: "allar.tankl@gmail.com"

Date: Wed, 15 Apr 2026 05:54:27 -0700

X-Gm-Features: AQROBzAxVDPyAUMxSeRFn2QacQ8HyRNIMfAy6BFFp4RVpgBm8HMheuUxFFXYrOM

Message-ID:

Subject: =?UTF-8?Q?D=C3=89BLOCAGE_DES_FONDS_DE_SUBVENTION?=

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000002a6d0e064f7f38f8"

Bcc: root@mail.nl2k.ab.ca

X-Spam_score: 13.5

X-Spam_score_int: 135

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: BANQUE EUROPÉENNE D'INVESTISSEMENT 98-100 BOULEVARD KONRAD

ADENAUER L-2950 LUXEMBOURG LUXEMBOURG

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 07:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD03g-00000000BFB-2aw8

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 07:13:32 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 07:13:32 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.ed-chemnitz.de ([185.90.131.114]:33152)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wCzT2-000000003vy-0BqL

for doctor@netknow.ca;

Wed, 15 Apr 2026 06:35:49 -0600

Received: from localhost (localhost [127.0.0.1])

by ucs.lan.ed-chemnitz.de (Postfix) with ESMTP id A752B1FEDC;

Wed, 15 Apr 2026 14:34:30 +0200 (CEST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ed-chemnitz.de;

s=default; t=1776256470;

bh=vni9TvMsjg3VsvbJ+2cMwM6GCML06G4CyZ0ugeRXp/0=;

h=Date:To:From:Reply-To:Subject:From;

b=HJb0dCft+MR3WUlhikTc8JDJRV1YEMa0V8UMHXM+Lrkp9lz6Dto1gOa6E2CouA1Oh

EXfGQb3vP+kCwIxS5WWf3uKMmfRnrwYLWFrDpKIGQAYmz8dMdwvsstPiXU039evALC

he79fZM5hJ3ZbWBPUU+80hKFWlceaQubSlzqsXnfiphbTqPPuNtlgiNFt6aeAWxDmj

BNTrHp5G4m3Nm31+V0x75K51bv/7G1f5BnaAaPnTubF7symO3Et4110tLS086FqWCd

bXF5Yiu9eGwokgsTC+6HkgrL1iELtoYZrnto8pNuowPXgSjrAVP5UJxPTAij+jc6hV

7rAtslTLKZBhA==

X-Virus-Scanned: by amavisd-new-2.11.0 (20160426) (Debian) at

lan.ed-chemnitz.de

Received: from mail.ed-chemnitz.de ([127.0.0.1])

by localhost (ucs.lan.ed-chemnitz.de [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id VV9s569jdNXL; Wed, 15 Apr 2026 14:34:30 +0200 (CEST)

Received: from 127.0.0.1 (unknown [149.88.19.11])

by ucs.lan.ed-chemnitz.de (Postfix) with ESMTPSA id 1BE961FEE6;

Wed, 15 Apr 2026 14:34:29 +0200 (CEST)

Date: Wed, 15 Apr 2026 14:34:08 +0200

To: undisclosed-recipients:;

From: FaisalA

Reply-To: falhamad55@zohomail.com

Subject: Hello

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="166ccdc512940928fa82409f60e99fc84"

Content-Transfer-Encoding: 8bit

X-Spam_score: 12.8

X-Spam_score_int: 128

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, I have an important business matter I would like to

discuss with you. Contact me now via my email for more information Email:

falhamad55@zohomail.com Looking forward to hearing from you. Regards Faisal

Al-Hamad CEO Global Wealth Management



Content analysis details: (12.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.90.131.114 listed in dnsbl.ahbl.org]

[185.90.131.114 listed in dnsbl.ahbl.org]

[185.90.131.114 listed in dnsbl.ahbl.org]

[185.90.131.114 listed in dnsbl.ahbl.org]

[149.88.19.11 listed in dnsbl.ahbl.org]

[149.88.19.11 listed in dnsbl.ahbl.org]

[149.88.19.11 listed in dnsbl.ahbl.org]

[149.88.19.11 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.90.131.114 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.90.131.114 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.90.131.114 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.90.131.114 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[149.88.19.11 listed in will-spam-for-food.eu.org]

[149.88.19.11 listed in will-spam-for-food.eu.org]

[149.88.19.11 listed in will-spam-for-food.eu.org]

[149.88.19.11 listed in will-spam-for-food.eu.org]

[149.88.19.11 listed in will-spam-for-food.eu.org]

[149.88.19.11 listed in will-spam-for-food.eu.org]

[149.88.19.11 listed in will-spam-for-food.eu.org]

[149.88.19.11 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

[185.90.131.114 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[falhamad55(at)zohomail.com]

0.9 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} Hello



This is a multi-part message in MIME format.



--166ccdc512940928fa82409f60e99fc84

Content-Type: text/plain; charset=us-ascii

X-WatchGuard-AntiVirus: part scanned. clean action=allow



Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com



Looking forward to hearing from you.



Regards

Faisal Al-Hamad

CEO Global Wealth Management





--166ccdc512940928fa82409f60e99fc84

Content-Type: text/html; charset=us-ascii

X-WatchGuard-AntiVirus: part scanned. clean action=allow



Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com



Looking forward to hearing from you.



Regards

Faisal Al-Hamad

CEO Global Wealth Management







--166ccdc512940928fa82409f60e99fc84--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 15 Apr 2026 07:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wD03K-00000000ACZ-3AnH

for dave@doctor.nl2k.ab.ca;

Wed, 15 Apr 2026 07:13:10 -0600

Resent-From: The Doctor

Resent-Date: Wed, 15 Apr 2026 07:13:10 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oo1-f43.google.com ([209.85.161.43]:57637)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wCyx1-000000002gR-1unI

for sales@nk.ca;

Wed, 15 Apr 2026 06:02:43 -0600

Received: by mail-oo1-f43.google.com with SMTP id 006d021491bc7-6830f4f34c9so3453998eaf.3

for ; Wed, 15 Apr 2026 05:01:48 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=teaminvesttheadvisory.com; s=google; t=1776254502; x=1776859302; darn=nk.ca;

h=mime-version:date:content-transfer-encoding:subject:to:from

:message-id:from:to:cc:subject:date:message-id:reply-to;

bh=2I88vcPyKHWQHKyP9vpCYx7wizVEYgDTpDKu+1BACKo=;

b=dMj0daenAehpXekupmVmCeO8pGSwhq8u7IpuYdwORennt7jNp523pryLsoswQHl7T3

8d6Yh1EwQGIRZW/7b8rcOHlBfvQa9Odcd6WqhSD72d1VyBGzcZVPSTunCr66IUi8BeSM

YYeHg4x5/2/J7o+3Buzy9+Pn27aU3uHEyXIrMqdZtuXH3OPuYHS2vnaZHpJJD1Oad2Sc

FhNA60gk42bGDreiGAHDzFLVV0I+JfOb0q7FSh0IYyivYLgjMVIhpKM23D6AfTsxjVqq

3oi5eO0WQCiiaGFSBikUHq614oTggjq2+hfi3Hji1N3eGFEZl4UdFbe2YB71fyB446nF

ySHQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776254502; x=1776859302;

h=mime-version:date:content-transfer-encoding:subject:to:from

:message-id:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=2I88vcPyKHWQHKyP9vpCYx7wizVEYgDTpDKu+1BACKo=;

b=C3sun9AMVf9602iz0rNz5yM+MfutBQSY/CFPVJnfRRmDf7GCM+qvIPNBlElaWdlz06

2kzwofNSWZKRsVeNMKchzk1dBuqrch1eA5k3ZwXcYRmotoDwZY6stxSWJmlAW1CEbbci

NGtYrELGZsd69KZ/FyR9nYJgVY+ZpZgeH0JbhblnP6baZQcssTF8dcD1xXirAFfjHb0/

xM0+MLTXqyjLMGnBubgQ7KnqVq2EH/rWaKnIaCaoIPLwC/IJZfnAIdOPgYpc1TNkncmF

a1hsBuiO6z7ic/u1H6Lg0TMQB4Y0fQEbO9pzn8DoZHsYwmdNxf3eQH5oEdSJtkie+l3l

0SKw==

X-Gm-Message-State: AOJu0Ywvd5znHGEOJIpZgMsy87JOVfJUVd7S19OYsR/Lcu+LsRhO6UeS

4Hw7UCYskITo2Plcr1x2LkS+fuIExJdSMszJoQhGwTguQsykkMsxv3EDIdUTexv0TLyZLojV5bM

v/qGR7Q==

X-Gm-Gg: AeBDiettpTZVJ1UFkC+GqS6VXIvE03IkKNyeKAzpUMzg6lzSQ6GrB9yp30Dr87oRHBp

aX8mTyWwfyjZXeM03LVS7o6X0GH6bmxI4slNXAB0HU4svoWjqVeZwkDYaT/4ieNFnTM5BY5KvqB

gY9PfxWwSEbvR11YMRW7N4jKuK9yFc61kkwHGrYNJaP+er9th3gRx/YhhI0pTYZ5Qt5kjcBb86Z

/PXwheWHEjhFBEQ2FdgkgHIHbOLHSizP4Kd/xpLZep7pNw2WTP6vlVZspaGXdB0A5oUfK8EuCy6

fTqB2q6dQCMNu0nd3U1nNwPVOMk59iWZCQp+ZqMr5j8xoT4bVLQvqrSpKS2p8SpvdcfngZJ1mNx

kCoxXqVTvi6OGsyIdEppqlPTRhfSUFvHUzW4zZQnPExgpHJZwxidQU7YuJGpVMWxeIgYeQbmyYF

a0K2Ztq+KLaRC8l16SnSEtSmzQGG2RWR4IyZ3cpobDwIbamSnjVN3c7Yiosu6sW9KLELSFUToHg

r0TJ+V+oxtM+dXR25SQ/JhyxuckSw4Ej55M+YUkcox9vA==

X-Received: by 2002:a05:6820:3098:b0:67e:3f0d:422f with SMTP id 006d021491bc7-68be5b5ff5emr11346419eaf.7.1776254501940;

Wed, 15 Apr 2026 05:01:41 -0700 (PDT)

Received: from 019d9104-be7b-7e8d-a251-40eb099240b1.local (f3.back.inback1.com. [15.235.82.108])

by smtp.gmail.com with ESMTPSA id d75a77b69052e-50e1faf1c34sm5889611cf.13.2026.04.15.05.01.40

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Wed, 15 Apr 2026 05:01:41 -0700 (PDT)

Message-ID:

<019d9104-be7b-7e8d-a251-40eb099240b1@teaminvesttheadvisory.com>

From: Oliver Bogner

To: sales@nk.ca

Subject: Acquiring Netknow Internet Knowledge

Content-Transfer-Encoding: quoted-printable

Date: Wed, 15 Apr 2026 12:01:40 +0000

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

X-Spam_score: 11.2

X-Spam_score_int: 112

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Greetings, Would you be interested in learning about some

potential offers. Valuations are exceptionally strong right now in your space.





Content analysis details: (11.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.161.43 listed in dnsbl.ahbl.org]

[209.85.161.43 listed in dnsbl.ahbl.org]

[209.85.161.43 listed in dnsbl.ahbl.org]

[209.85.161.43 listed in dnsbl.ahbl.org]

[15.235.82.108 listed in dnsbl.ahbl.org]

[15.235.82.108 listed in dnsbl.ahbl.org]

[15.235.82.108 listed in dnsbl.ahbl.org]

[15.235.82.108 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.161.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.161.43 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.161.43 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.161.43 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[15.235.82.108 listed in will-spam-for-food.eu.org]

[15.235.82.108 listed in will-spam-for-food.eu.org]

[15.235.82.108 listed in will-spam-for-food.eu.org]

[15.235.82.108 listed in will-spam-for-food.eu.org]

[15.235.82.108 listed in will-spam-for-food.eu.org]

[15.235.82.108 listed in will-spam-for-food.eu.org]

[15.235.82.108 listed in will-spam-for-food.eu.org]

[15.235.82.108 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

[209.85.161.43 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[15.235.82.108 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.161.43 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.161.43 listed in wl.mailspike.net]

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} Acquiring Netknow Internet Knowledge



Greetings,



Would you be interested in learning about some potential offers=

.=C2=A0



Valuations are exceptionally strong right now in your space.=C2=A0



Best,



Oliver Bogner

Managing Partner | The Advisory Investment Bank

Top 3 Lower Middle Market Investment Bank on Axial - 2025 List

2x Forbes 30 Under 30 Alumni | 2x Inc 5,000 CEO

A: 269 S Beverly Dr. =

Beverly Hills, CA 9021