Loan spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 25 Jan 2026 05:22:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjz7u-00000000CNW-1qI9

for dave@doctor.nl2k.ab.ca;

Sun, 25 Jan 2026 05:21:58 -0700

Resent-From: The Doctor

Resent-Date: Sun, 25 Jan 2026 05:21:58 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f227.google.com ([209.85.214.227]:57495)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjvjQ-000000006Zf-24mL

for root@nk.ca;

Sun, 25 Jan 2026 01:44:37 -0700

Received: by mail-pl1-f227.google.com with SMTP id d9443c01a7336-2a1022dda33so20822855ad.2

for ; Sun, 25 Jan 2026 00:43:41 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1769330615; x=1769935415;

h=thread-index:thread-topic:mime-version:subject:message-id:reply-to

:from:date:dkim-signature:dkim-filter:x-gm-gg:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=xyiAz+qFQFRgJleyuroZKT/FG0rie6dGemrPIhufYM0=;

b=j373JC4SiWs5e6C/4/5yd2xqoVcwO7Ga0rP1FalRzznX4UQ/NiLaapmmSjy7AfwLlC

b+enwFm6pSydQIEUVGrh2FeiNbMUq+VaZJ9QWaziyaG092AJ5XVVzdZ59ME8NEBuLcO0

+3iQAUKft/qjvMyuEvLBplKVQOaMM0A5TOREbvYomJGN1BuvOMjAAo8814897XBiyJAL

kYNX9/3BjsilYZwChyvWdvB4NQ3ONc4Zm/hWiwXz+z9guXMbI0n7qCWlRq9+iEtIg8OK

C3QJL/JbE7vADyEp9vI1oIsybC29PaRjX+uPFLpnCjy5imSNzEXTGB+MO2SvTEQOiOxo

+HcQ==

X-Forwarded-Encrypted: i=1; AJvYcCWli4ASqYRqpl1x29krpdn8mZkVFf+wIDMv/3t6pXnWYGpRq82ZMhsEcHGia+vaAtwW+WTp@nk.ca

X-Gm-Message-State: AOJu0YwRQtBi7BwQhgiH4kd29bEbzQGAgjhwhucqRKjtsvNgRzmN5eOL

GKd8SvdpEnHjAnzkRobTDXChSCUKeF5I6iQm8KPcrP2J8OXPZrjxKdkgSKa3mrsqfm0nV9lw9sw

BTjMGc9Qye83nKCI87EqvtzalcDGV1/bMYYLo

X-Gm-Gg: AZuq6aLDBIoylD6b4qohxcuQRzXtzcT06X3CyvKs9SwenmhXC5xtKulbg9nLoq5nQ7H

z0MuvtVuZH4kezARjTYlx8jCnut1+qP6kc+YdEIJPIp7XQI9jv/FF+nPmDHk4IUddZUnKudSX9X

tikeI5z8ujleCIGHnYFEm9M5qhiQwPlYXLTGfiMEdC56wDR5fsXPcl38KYFONr9mBghZ03zv1Jr

W0LLaxAbM/xyXKiMcszmz4p9smbZcd0CGD0Z5DXJSnK+feHT88pmJ93Tg3TgMkYd63csVOqzhUP

yUUpwytVPuCiLFdxLq5VCooL3ILCn80ZHeKpWQuQB3lytCYmLvaseEESLxYFNihww/XrFexxn26

l

X-Received: by 2002:a17:902:e892:b0:29f:2734:6ffb with SMTP id d9443c01a7336-2a84523ad24mr10420565ad.22.1769330614933;

Sun, 25 Jan 2026 00:43:34 -0800 (PST)

Received: from mail.activos.com.co ([190.216.205.98])

by smtp-relay.gmail.com with ESMTPS id d9443c01a7336-2a804bef6a3sm6685675ad.42.2026.01.25.00.43.34

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Sun, 25 Jan 2026 00:43:34 -0800 (PST)

X-Relaying-Domain: activos.com.co

Received: from mail.activos.com.co (localhost [127.0.0.1])

by mail.activos.com.co (Postfix) with ESMTPS id 06A0F1752093;

Sun, 25 Jan 2026 03:40:38 -0500 (-05)

Received: from localhost (localhost [127.0.0.1])

by mail.activos.com.co (Postfix) with ESMTP id 21953175208A;

Sun, 25 Jan 2026 03:40:37 -0500 (-05)

DKIM-Filter: OpenDKIM Filter v2.9.2 mail.activos.com.co 21953175208A

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=activos.com.co;

s=3617E2B2-E791-11E8-974D-5040C871AF00; t=1769330437;

bh=fEAiQJpJ/ZkXYaZJ5ERIvobQemAsK9z57oDRa26LTjs=;

h=Date:From:Reply-To:Message-ID:Subject:MIME-Version:Content-Type;

b=SzP/z03VE7o+Ca1ISWDkyyWiX99km9ZQilM8EElQB6cVbQE5Ji9CDxFjswmitdsbd

nUD1+SJnTuqO+qBvvI/elGkUMhGezNoMt9D2Fyhqw2tVmRu/hoDDPXilSp+2b88Fct

uEErswEYr4hf6F6lrjbxatBTSBw0q1Dfom6KE6jU=

X-Amavis-Modified: Mail body modified (using disclaimer) - mail.activos.com.co

Received: from mail.activos.com.co ([127.0.0.1])

by localhost (mail.activos.com.co [127.0.0.1]) (amavisd-new, port 10026)

with ESMTP id SgJUA-Qizg5f; Sun, 25 Jan 2026 03:40:36 -0500 (-05)

Received: from mail.activos.com.co (localhost [127.0.0.1])

by mail.activos.com.co (Postfix) with ESMTP id 9DA27175209C;

Sun, 25 Jan 2026 03:40:32 -0500 (-05)

Date: Sun, 25 Jan 2026 03:40:32 -0500 (COT)

From: QIA

Reply-To: QIA

Message-ID: <1799386315.4973921.1769330432525.JavaMail.zimbra@activos.com.co>

Subject: We provide funding for projects....

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_Part_4973920_1697717932.1769330432521"

X-Mailer: Zimbra 8.6.0_GA_1153 (zclient/8.6.0_GA_1153)

Thread-Topic: We provide funding for projects....

Thread-Index: AKBKMd5N/WghFKajlqACJx00A+lALg==

X-Spam_score: 7.4

X-Spam_score_int: 74

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, If you are currently seeking financial assistance,

our organization offers funding support to individuals and enterprises for

a wide range of projects. If you would like more information about this op

[...]



Content analysis details: (7.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.227 listed in dnsbl.ahbl.org]

[209.85.214.227 listed in dnsbl.ahbl.org]

[209.85.214.227 listed in dnsbl.ahbl.org]

[209.85.214.227 listed in dnsbl.ahbl.org]

[190.216.205.98 listed in dnsbl.ahbl.org]

[190.216.205.98 listed in dnsbl.ahbl.org]

[190.216.205.98 listed in dnsbl.ahbl.org]

[190.216.205.98 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.227 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.227 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.227 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.227 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[190.216.205.98 listed in will-spam-for-food.eu.org]

[190.216.205.98 listed in will-spam-for-food.eu.org]

[190.216.205.98 listed in will-spam-for-food.eu.org]

[190.216.205.98 listed in will-spam-for-food.eu.org]

[190.216.205.98 listed in will-spam-for-food.eu.org]

[190.216.205.98 listed in will-spam-for-food.eu.org]

[190.216.205.98 listed in will-spam-for-food.eu.org]

[190.216.205.98 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

[209.85.214.227 listed in will-spam-for-food.eu.org]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.227 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.227 listed in sa-accredit.habeas.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.214.227 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.227 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.214.227 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.227 listed in list.dnswl.org]

1.2 MISSING_HEADERS Missing To: header

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[qia7625331(at)gmail.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.9 REPLYTO_WITHOUT_TO_CC No description available.

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} We provide funding for projects....

Loan spam from Google Gmail Part 2

Posted by Dave Yadallee on
------=_Part_4973920_1697717932.1769330432521

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit









Hello,



If you are currently seeking financial assistance, our organization offers funding support to individuals and enterprises for a wide range of projects. If you would like more information about this opportunity, please reply to this message and we will be happy to assist you.



Regards,

Cali Al Thani,

Publicity Manager, QIA.

Este mensaje de correo electronico y sus adjuntos puede contener informacion confidencial, privilegiada o legalmente protegida y esta destinado unicamente para el uso del destinatario(s) previsto(s). Cualquier divulgacion, difusion, distribucion, copia o la toma de cualquier accion basada en la informacion aqui contenida esta prohibido. Los correos electronicos no son seguros y no se pueden garantizar que esten libre de errores, ya que pueden ser interceptados, modificados, o contener virus. Cualquier persona que se comunica con esta organizacion por e-mail se considera que ha aceptado estos riesgos. La organizacion no se hace responsable de los errores u omisiones de este mensaje y no sera responsable por daños derivados de la utilizacion del correo electronico situacion que conoce y acepta el destinatario. Cualquier opinion y otra declaracion contenida en este mensaje y cualquier archivo adjunto son de exclusiva responsabilidad del autor y no representan necesariamente la posicion

de la empresa. Si recibe este mensaje por error, por favor notificarlo al remitente de inmediato y desecharlo de su sistema. El destinatario autoriza a la empresa remitente el tratamiento y proteccion de los datos de contacto (direcciones de correo físico, electronico, redes sociales y telefono).

------=_Part_4973920_1697717932.1769330432521

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: 7bit






Hello,

If you are currently seeking financial assistance, our organization offers funding support to individuals and enterprises for a wide range of projects. If you would like more information about this opportunity, please reply to this message and we will be happy to assist you.

Regards,
Cali Al Thani,
Publicity Manager, QIA.





Este mensaje de correo electronico y sus adjuntos puede contener informacion confidencial, privilegiada o legalmente protegida y esta destinado unicamente para el uso del destinatario(s) previsto(s). Cualquier divulgacion, difusion, distribucion, copia o la toma de cualquier accion basada en la informacion aqui contenida esta prohibido. Los correos electronicos no son seguros y no se pueden garantizar que esten libre de errores, ya que pueden ser interceptados, modificados, o contener virus. Cualquier persona que se comunica con esta organizacion por e-mail se considera que ha aceptado estos riesgos. La organizacion no se hace responsable de los errores u omisiones de este mensaje y no sera responsable por danos derivados de la utilizacion del correo electronico situacion que conoce y acepta el destinatario. Cualquier opinion y otra declaracion contenida en este mensaje y cualquier archivo adjunto son de exclusiva responsabilidad del autor y no representan necesariamente

la posicion de la empresa. Si recibe este mensaje por error, por favor notificarlo al remitente de inmediato y desecharlo de su sistema. El destinatario autoriza a la empresa remitente el tratamiento y proteccion de los datos de contacto (direcciones de correo físico, electronico, redes sociales y telefono).






------=_Part_4973920_1697717932.1769330432521--

Web/SEO/App Spam from Google Gmail Part 3

Posted by Dave Yadallee on





class=3DWordSection1>


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'>Hi,


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'> 


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'>Just checking in=E2=80=94would you like me to share =

our seo price list?


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'> 


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'>Happy to explain the options and help you choose the =

most cost-effective plan.


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'> 


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'>Please advice.


class=3DMsoNormal style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'> 


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'> 


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'>On Fri, Jan 16, 2026 at 12:42=E2=80=AFPM <> =

wrote:


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'> 


style=3D'background:white'>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222;=

background:white'>Hi, 
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif'>root@nk.ca
pan>
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#222222'=

>


style=3D'font-family:"Calibri",sans-serif;color:black'>=


style=3D'font-family:"Calibri",sans-serif;color:black'>Are you looking =

for effective yet affordable SEO =

services?


style=3D'background:white'>
style=3D'font-family:"Calibri",sans-serif;color:black'> <=

/span>


style=3D'font-family:"Calibri",sans-serif;color:black'>I=E2=80=99m an =

SEO Expert, and I helped over 250+ businesses rank on the 1st Page on =

Google. My rates are very =

affordable.


style=3D'background:white'>
style=3D'font-family:"Calibri",sans-serif;color:black'> <=

/span>


style=3D'font-family:"Calibri",sans-serif;color:black'>Would you like me =

to share our pricing and service details?
style=3D'font-family:"Calibri",sans-serif;color:black'>=


style=3D'font-family:"Calibri",sans-serif;color:black'> <=

/span>


style=3D'font-family:"Calibri",sans-serif;color:black'>Thanks!=


style=3D'font-family:"Calibri",sans-serif;color:black'>SEO =

Team!


style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif'> 
o:p>



------=_NextPart_000_10FC_01DC8D8A.344850B0--



Web/SEO/App Spam from Google Gmail Part 2

Posted by Dave Yadallee on
This is a multipart message in MIME format.



------=_NextPart_000_10FC_01DC8D8A.344850B0

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable



Hi,



=20



Just checking in=E2=80=94would you like me to share our seo price list?



=20



Happy to explain the options and help you choose the most cost-effective =

plan.



=20



Please advice.



=20



=20



On Fri, Jan 16, 2026 at 12:42=E2=80=AFPM <> wrote:



=20



Hi, root@nk.ca







Are you looking for effective yet affordable SEO services?



=20



I=E2=80=99m an SEO Expert, and I helped over 250+ businesses rank on the =

1st Page on Google. My rates are very affordable.



=20



Would you like me to share our pricing and service details?



=20



Thanks!



SEO Team!



=20





------=_NextPart_000_10FC_01DC8D8A.344850B0

Content-Type: text/html;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable




charset=3Dutf-8">


xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
content=3D"Microsoft Word 15 (filtered medium)">

Web/SEO/App Spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 24 Jan 2026 14:05:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjkoE-00000000Gsp-419v

for dave@doctor.nl2k.ab.ca;

Sat, 24 Jan 2026 14:04:42 -0700

Resent-From: The Doctor

Resent-Date: Sat, 24 Jan 2026 14:04:42 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f172.google.com ([209.85.214.172]:45072)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vji2D-000000004av-0F7I

for root@nk.ca;

Sat, 24 Jan 2026 11:07:08 -0700

Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-2a7a23f5915so20241965ad.2

for ; Sat, 24 Jan 2026 10:06:09 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1769277964; x=1769882764; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=Cr6y4sICmsYYB6JP3u+BvEBfK620IG4HSyGGZA6vfaw=;

b=TxqIItd0FkZMUD4cGIppXTJTF0fZFd2X+9VrLZxxw3YVChmLnsJrRajnFafYVzLfTk

/tUHyshxqIqOAo8hXO/0XcfGUsBhu3moDcjfFC15dEgrIapJkznAbEn/8kDUMJahDfIk

bFdlJByogvtGLKAA4Z3Au4+870qxCTu55DF0as9iG56VGsXcwRlSGzj1Kxclf5MFeQly

DMO4xx02/boC+X5AZ2QcF65iZAkXVgCCQ06ybVNocCTwt2ofCk02/6V0fn7Vl4+JZX7J

ZzPn9hnk4veDns6aaL2wgsSA+FXOzrgjQcs+imYbJ24n2n85asnPoOhZZMQz0xgcWd4b

8mFQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1769277964; x=1769882764;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=Cr6y4sICmsYYB6JP3u+BvEBfK620IG4HSyGGZA6vfaw=;

b=Lfa99u29MPBCddgOKbISNilFCYmrb9JPHkqlHz7n6Oy7hJ56qhFmQXqypLfjYk2Sdz

fxFomkiBLcFs6ZfnZD4DAl9TqlbpCSD3giqSomqYZY6B+Y/LEMc+N047qg5ORIWj/BXQ

WGkD6VQWaDHtomN47SDSjttkFPaIqWD0efo9FJrBhWPjxedCXdCdETmDp2nCIe4cTuSL

y4RKpZhjYrxM5spB9fOs8FduUJ4//Yo60srJuJDWmAewpZkNzIsMjgysDj0aRDz9qqt7

cX6x4o9v7jCNa4w+EsNzBxbUmCm6XtdPkJ1/ho/wMpx6e8jQPK7eaavVVSDozN1a+5nw

XxGw==

X-Gm-Message-State: AOJu0YwxBl29A/tmZQtQhVjnvzfnSjb9XercK89cOXVNRoMYl6HoyQen

Xr5pS2bfLmEcPYF413FeAITmOGkea42kA0O8KDA0oAT2l5nGuxLHYgYJ5gvTsg==

X-Gm-Gg: AZuq6aLZLOZpJ8gC+X71tryUkbVViI2HyCgVCHnd74Ih77otQCR9hexcvoIN4FX1Twi

tvZTJFszxuq3z36oQINKBhysMHb+mb6g+CWts92It85wnaLSKiwaRnFxKYyt5UIvOXm16qK4CQt

3CqBK2udIK6R6sSFHm9e8HlFAulC2uslzgM6bZeJLNAAVsgw0TK5QsYgRgkKwz65PBynvB7RULR

STh0ldJYHdc17KWL24VtPOaBXW8dBQnmcDgkcg+WWw0Tx5kbEiV6ZEXZILVZOLJga10lja48uo6

2pY2NayMWE8XJ8+f81GZHAB8qNVzcCQhS64zH7nPYjYVJQJR80Zowve/fSwxYL0TVnTvyeADqag

0K8JomVx7dLG0jp7YMFYWS3SE2PP9QOmSf3iFGEXRSp2aaNI873TNOsfAfHs9IVyLEoCS2qjxf2

0tPa4e+Xk4ksES783ZMCFkYzArULjiUIA6

X-Received: by 2002:a17:902:f548:b0:2a7:77ce:d75d with SMTP id d9443c01a7336-2a80ec93218mr42936085ad.61.1769277963476;

Sat, 24 Jan 2026 10:06:03 -0800 (PST)

Received: from DESKTOPVFI8GCA ([2401:4900:a00c:f193:a0d2:cd3e:14dc:2701])

by smtp.gmail.com with ESMTPSA id d9443c01a7336-2a802dcd781sm49980705ad.24.2026.01.24.10.06.01

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Sat, 24 Jan 2026 10:06:02 -0800 (PST)

From: Wilkins

X-Google-Original-From: "Wilkins"

To:

Subject: Re: SEO packages??

Date: Sat, 24 Jan 2026 23:35:28 +0530

Message-ID: <10fb01dc8d5c$1a8e8e10$4fabaa30$@Gmail.Com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_10FC_01DC8D8A.344850B0"

X-Mailer: Microsoft Outlook 16.0

Thread-Index: AdyNW/PWquVapNX4TGyWCTdNz5EqkQ==

Content-Language: en-us

X-Spam_score: 5.4

X-Spam_score_int: 54

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, Just checking in—would you like me to share our seo

price list? Happy to explain the options and help you choose the most cost-effective

plan.



Content analysis details: (5.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.172 listed in dnsbl.ahbl.org]

[209.85.214.172 listed in dnsbl.ahbl.org]

[209.85.214.172 listed in dnsbl.ahbl.org]

[209.85.214.172 listed in dnsbl.ahbl.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in dnsbl.ahbl.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in dnsbl.ahbl.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in dnsbl.ahbl.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.172 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.172 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.172 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.172 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[2401:4900:a00c:f193:a0d2:cd3e:14dc:2701 listed]

[in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

[209.85.214.172 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.172 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[wilkinsbarterq1(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[wilkinsbarterq1(at)gmail.com]

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.214.172 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} Re: SEO packages??

Invoice Phish Part 3

Posted by Dave Yadallee on
gO9fut9uxXJftBfC/Tf2gvgt4m8F6nn7F4g06Wy83/n3Zl/dyL/tRvtYe6ivgsd4eYZ05zpz

m5u7V7b/AHH9R8PfSpzunicPhMVhqEcOnGMuWM01DRO3vtXS8j8A7LXb/wANaxZ6nps7Wep6

ZcRXlnc7P+Pe4jZZI269mWv6D/2YP2gbP9pH9n3wx45sv3MPiCyW4ki/59rhf3c0P/bOVZF/

4DX8+HiLRr3wxr+oaNqcHk6not3NZXsf/PO4hcxyfqtfoR/wQs/aa+xa14n+Fd7N+5n3a9ov

+/8ALHdw/wDomQD1aY18pwRjlh8c8LU+3p81sfs/0kuFI5xwzDPMEuaeH97TrTla9u/R+lz9

Qf7S4615X+2l8Cov2qf2YvFvgv8A5fdTs/M06T/n3vYv3kDfTzVUH/ZYjvXa/bv85pPt2K/Y

sTgYVqUqU9mrH8A5XndbL8XSxuHdp05KSfmmmj8Wv+CTYms/2+PB0N7DNZTQwalFJHL9+OVb

OZWVv9oNwfda/Y3ca+ANa/Z9/wCFFf8ABazwxqdlB5Hh/wCIMeoa1bf3PtDWky3cf/f3bL7f

afavvndXhcD4OeFw9bDT3jNr8FqfrH0is/w+eZpgM2wzvGrhoP0fNK69U7pk241534f/ANM/

a0sv+mM8H/jtud1d9uFeGaL8TL34ffE++8QTaZ++mu5/LjvY2RNjEr/Lbiv0rLsNOrCqqau3

FperP5ZzvGU8PUw86rtFTUm/JH2Bmg8CvH/BX7X2jamyrqun3Gk5H/HwhM8H/wAV+ODXrOi6

xZazYw3tlNDe2c4/dyxyb0NfGYzA4jCvlxEHH12+/Y/VsszzAY+PNg6ql+D+56k9FDHmivNP

VCtTw3/y2/4D/WsutTw3/wAtv+A/1pPYmO5l0UUdKZPOQ65rdl4Z0Sa9vZvslnZx+ZJJJ/yz

X/PQd6+S/jR+0frXxo1r+xdAhvbPTJv9XbR/669T+9K38Ke3Qd8mtH9tv40y+JfE3/CJafzY

aW6Lc+X/AMvt433Y/wDgPyj/AHm9qm+Gvw/XwJpfKodQu+by4PX/AK5L/sD9TzX3mUZXTwdC

ONxEbzesU+nn/Wx+TcR53XzXGSyvBS5aUPjkt2+3oZfgv9n6ysf32tTfbZv+faOTZax/1b9B

XoWjWVlollFZ2cMNlBB/q44vuVBUmK66+KrVnecnbt0+4jBZdhsJG1GCv36/fuXhL81TJMMV

mrJipUnxXIdpk+C/hlZ+DPid4t8Xf67VPFsdlbS/9Mre2jZY41/4HJMxP/TQeldiNR/zmshb

3JqVXzWcaEKekOrv95218fWxE1OvK7SS+UVZL5JGqNSIpRqjD1/Os8TKB2o80UHP7Rmp/abe

/wCdH9pt7/nWf5oo80Ug9qz4W/bc/wCCUHif46/tH6z408Gan4Z0yy8QRxXN7bajJMj/AG1V

8uRl2Rn5XVYyc87s+tct+z7/AMErvjJ8Cvjp4Y8aWeu+BPP8P6ilzLH9ouv9Jt2/d3Ef+p/j

iaQD3wa/RLzRR5wr5GtwRldTE/WuVqV76PS5+2YX6RHGNHJ1kcp050FD2dpU03y2ta++xpf2

oaP7Vqh5wo84V9aqWh+Kus27mH8QfhjpnxB8aeEvEE//ACE/Bd7Le2Un+xNbTW00f+6VkU/7

0aV0fme9Vs0vm+9RHDwhJyju9/yNquOrVoQp1ZXUFZeSu3p822SGXBpu+q/m/wCc0eb/AJzW

pynJeMPgtputwGTSwNFvOn7sfuZP95f6jFcT4M+IHiD4F+J/J/1P/PxZSf8AHrer/eX+jjkH

r6V7JvFc58QPBcPxB0XyZv3N5B+8spf+eb/4HoR+NephcZePscUuem+/Q+dzDJ0prF5f+7qx

1VtL/wBf8Oe0fDv4hab8TvDEGp6b/qv9XJE/37dv4lb/AGvQ9xzW5Xxx+z98WpvhL8Tv9N/c

2d7J9i1WLP8Aq/m2q31Ru/8AdzX2Vmvj88yr6lX5Y/BLVf5fI/Q+EuIP7VwnNU0qR0kvPv8A

MZWp4b/5bf8AAf61l1qeG/8Alt/wH+teLLY+qp/EZYOKpeJ9bHhjwvqepy/8w22luP8Avld1

Xa4f9qNvsf7Pvi7308/+PFVrrwcFVrwpvq0vvZx5lWdHCVa8d4xb+5HyH8GIpvF/xUm1S++9

Yo1/Kf8AptKSF/Lc1e37hXjf7MX/AB8+KP8Aetv/AECSvWlkIr9Lzl2xPKtkkj8T4Y/3JVXv

Jtv77foXg+KcJc1UWTFPD14/IfScxcWSnB6qK9PEmaOQLos1+VOi/wDByTrWtftoQ/D7/hX/

AIf/AOESm8cJ4Y/tr+1ZvO+xNe/ZFu9uzbn/AJaYzjHGe9fof+1l8Yf+FAfsxfEDxp/0LXhy

/wBSH+9FAzKv4mv529Z+BU3hj/gkN4S+Kvk+T4gvfivdW8Wox/6/yo9O2x/N/dF3bSOB13Nk

V42a16tOUY0n5s+iyXC0KsJSrK/RH9N4b3rhP2svilqnwK/Zi+IHjTRfsUuqeGfDl/q1lHex

s8PmwW7SL5iqylhuXkAg47iuT8T/ALaHhn4ffsK/8L11qb/in4fDFv4jkjttu+582BZI4Y93

G+R5FjUHA3MMkV+UHiL/AILPftHftM/AH4ra7qHwo0jU/gpeaTf+H9TutIs5kPhl7uApEz3r

OyzvF5kZkAhVSG+bytwroxGLpwjZvVo58Fl9WtNvRKLs7n3Z/wAEP/8Agov4/wD+Ci/wl8c6

z4/tPDNhd+HdXt9Psxo1pLbRSLJbLN83mzSfxN2xX3NX5K/8Gt+tWfhb9mz4zXt7PBDZad4j

t5bi4k+5Gi6dHub8K5zxV/wXO/aU/ap8W+OdX/Zz+F+k33w18ARfbby6v9Pa9vJbT5ts0i+d

FteRFaQW8QeQDrmsMNjIxoRdTdm+Ny2VXFTjQSSXnY/XzxNrU2jeGNTvYP8AXQW0sn02rX5+

f8ERP+Cq3xM/4KIeNfiDpnxAs/BllD4Y06yubL+xdOmheR5ZJlk3M88vyjy1wMDO6vSP+CZH

/BTiy/4KV/sreJtTm0yHw/4z8MRvZa9p1vIz2v7yFmhu4GbnyZQrYB+ZWjdSWADH8h/+CQn7

VPxU/Zw1L4laZ8F/hxe/EH4j+J9LtPsX7tprXRbW2lka5uZoVx5rHzIUjHmKN/8AezsMV8Wu

aE1tqVgsuk6dalUS5lbc/pI3UZNfm/8A8EYP+CyXif8Abe8f+J/hx8TtM0XTPGmjWz6jp1xp

1tJbQ3sUcnk3MMkLuxSaJ2jPB+YO3yqYznM/bD/4K+/Fzxp+2he/AX9l3wdoni3xP4f3x61q

uqjfDHLHt8+ONfMijRIWaON5ZH5lby1QkZPaswoumqvRnF/Zlb2zo9VrfpY/TMscVC0hzX59

f8ElP+Ctni39qn4z+Lfg98YfDNl4Y+KnhKOW4/0KNoYb1IZPKuY5IXLeVNE0kJ4kZZEk3LgL

z9/lsmtqNeFaHPA5sThp0J8k9yTzqPOqv5nvR5nvWhzkvn+9N3A1DuNJ5nPWgDxj9oDR4tM8

fpJgeTrFuXPHV1JDf+y19Zfs9eKP+Ey+C/h+9m/132f7PJ/vx/J/7LXyz+06D9r8N5677r/v

nale9fsRH/iwdr/2Ebr/ANGGuriFKeVUqvVO35/5HlcHVHQ4kr4aHwyjd+uj/U9dxitLw9/y

1/4D/Ws09a0vD3/LX/gP9a/O5bH7PHczTXPfFvwv/wAJp8LvEOmf8trzTpYo/wDe27l/XbXS

0hGa0oVHTmpro0zCvRValKjLaSt95+d37MetfYviTf2c3/MasBJH/wBdbctuX8pGr3YNg145

+1f8Mr74F/Gx73R/9VLcnWdGk/gl3E+bbt/s5ZlP+zIDXpHgvxpZfELwxBrWm/6m8/5Zfx20

q/6yGT/bRuCPx6Gv1bMJLEU4Y2lrGSPwTIKrwlSrlNfSdOT08m/6+VjoBJTlfFVFkyKesteO

fT3LivTvM4qosuKeJKBcx8T/APBw98W/+FYf8E1Nb0v/AJbeOtWsdBj/AN1pGuZvw8q3kB9m

x3r8uvGf7b39s/8ABJTw/wDAT/hUni2zh0W4i1WPxhL5n2K5l+3yXMk23yRxJ5zRj95j5l5I

4r9AP+Dgj9kn40ftnW3w08PfDHwlP4g0XRje6jqVx9ttoUjupFSC3/1sgPyI05OOPmWvrv47

/stweN/2A/Ffwi0aGIRzeCZvDelJxgSpaGK37nowj57bc14OKw1XEVpyjoku259VgsXSw+Gp

Rlq2777fcfmV8S/i3e/EL/g2G8KRQzef/wAI/rtn4Y1I/wDPOK0v3WJf++FtD9GFe/fsLWVn

/wAQ3niTyf8Al98J+K5L3/ppK02oK27/AMdH0WuT/wCCc3/BMr4n+JP+CcPxt+A3xh8PXHgs

eKb2LVvD91Jc292La6aON1k2xOSPKuLaMsOMq2B3ryD9mr9hT9tzQfhh4t/ZtMOmeDPhd4om

ujq+tXTxXsUELLiVbCVHDlLnaAUKgjzHbMZL1z041YTU3B6xt8zsnUoz5o86XLPm36GH/wAE

sr29sf8Agi9+2RNZf67Y0f8AwFtMjWT/AMcZq+oP+DYyys/+GHviXN/y2m8bXEcn+4um2O3/

ANmrQ/4IdfsEeOvgV+zb8ZfAvxn8GT+H7L4g3Sx/ZpL2Cb7bazWHkTr+6c/Svm/4f/sX/tr/

APBMjWfiB4E+D2jWfjTwl46/d22tR+S/8PlR3scbyKbe7EXysHDx5UMNwUGqpQqU1TqOLaSa

8x1q1GvKrRjNJtpp30a0Mr/g22M1j8c/jpZWX/IG/wCEPfzP+2d06wf+OtNXZf8ABqoc/Ef4

1zf9QzRP3n8f+tvvu/Xv/uivqH/gkP8A8EvNZ/4J9/sxeM5vEH2K8+JHxAtv9JsrKXfDp1vF

DIttZLK333DSSNI4wpaXaMrGHPxZ+xf/AME/P20P2CPBfiD4j/D/AMP2emeLb25TQb3wpey2

97/aOn+X5q3seJgjPDMzIEyG+ZzypIOVKlVoqnKUW7X2CrXo15VoqaV7JXNj9ieyhsv+DmLx

zDo3/Hl/b3ieS58v7nzW+6T/AMmG59DXjH/BNP4g/tE2X7X3xb1P4F+GPDHi3x1qcl/Lr0Wv

yRp5du2ouzMrSzxfN520EAnO0ZHANfdn/BED/gmR4+/Z9+K3jD41fGiF7fxz4rjuLW0sLi4W

a7jNzOLi8vbhk4WWV1UKB91VfP3sDzz9pX/gmf8AtE/sX/tz618cP2Y/7P1yx8SXNzdz6M8s

fn2f2mTzbq0kglKpPavN+8QxyLJGeMDyw5Hhaypqo4vdvz1B42j7WdJOL91K72uiz+wr+xF+

1EP+Ctll8dfi38PtF8M2Wpx3v9tXOnatZPDG7WH2aFVgSeV+Wjhyeeckmv1p8z3r4y/4J0fF

T9rf4n/FnXZP2gPBXhbwj4MTSM6amn+VFcvfeav3l82V9vl7uTtAKrwa+xtxr2cvpRhB8qer

vrufP5rXnOsuezsvs7DzLg0eb71BuIo3+9egeWTFuKidvmpN9YXxB+INn8MfC82s3v8Ayx/d

29v/AB3srfdhX/aPf0GT2ojTcpKMd2RVrwpQdSo7JHmP7SHib7b8SrWy/wCgNYfvP9+Yhv8A

0FV/76r6x/ZS8Mf8Ix8A/DcU3+uvEa8k/wC2rFv5V8c/AzwBefHP4sw2V5++n1S5bUdZuP8A

nnF/H+m2Nfwr9ClsvsYEMf8Aqov9XWXGGIhRo0sBB6rV/wBfeYeGuFeMxmIzma0fuxv+P3JI

bsNaWgLt838P61T2ir2ijHmfh/WvgpbH7HDcoHYP4qTzIx/FWTLrTgf6qqkuvSKf9UfwFbGX

tDN+O/wW0z46/D+bR7z9zPD+8srwffs5f73+6ejDuPfFfn54mPi39kv4m3kM1l++n/4/dNkk

/wBG1qJfuzRSfwv6SAeziv0HvfHUlj/y63n4R15z8abzw/8AFvwz/ZnibwX4g1qz/wCWf2bT

m863f+9FIpyG+nB7g19Vw7nEsGnh60eelLdaXXmr/wBeZ+dcZcLLHtY3Bz9niI7S6Pyl/nr5

qx4t8Mf2g/DPxb/c6Xe+Tqn/AC00m5+S9t/+2f8AGvuhINdgt/z/AI18h/tAfsxz6Le+d4Y8

JfFrWoYf9VHJ4TnS9tv92VDhvrgGqvgrSfj7ox/4llr8TooP+fbVdGeby/8Av8uf1r73+xsF

XiqmExEUn0k7P+vkflq4mzbASdDNcDUbX2qa54v7tF959mDUuOo/Ol/tL3H518v/ANo/tL/9

ArXP/Cbho/tD9pf/AKBWuf8AhNxVh/YH/T+l/wCB/wDAN/8AXaj/ANAuI/8ABT/zPqT+0vcf

nSpqQ/vD86+Xv7Q/aY/6BWuf+E1FSrf/ALS//QM1sfXw1FR/YH/URS/8D/4Af67Uf+gTEf8A

gl/5n1MupLj7w/Ol/tFf7618urqH7SmObDWB9fDUNL/aH7Sf/Plq/wD4TUNH9gf9RFL/AMD/

AOAL/Xej/wBAmI/8FP8AzPqX+0V/vrR/aK/31r5e/tD9pP8A58tX/wDCaho/tD9pP/ny1f8A

8JqGj/V//qIp/wDgf/AH/rvD/oExH/gp/wCZ9Q/2kv8AfX86P7RX+8K+Xv7Q/aT/AOfLV/8A

wmoaUah+0n/z46v/AOE1DR/q+v8An/T/APA/+AH+u8P+gTEf+Cn/AJn1EdTU+/5Uf2oP84r5

fGpftI/8+Wqf+EzDR/af7SP/AD5an/4TMNL/AFf/AOn9P/wP/gD/ANd4f9AmI/8ABT/zPpz+

1B/nFKupjP8A+qvl7+0/2kf+fLU//CZho/tP9pH/AJ8dU/8ACYhp/wCr/wD0/pf+B/8AAF/r

vD/oExH/AIKf+Z9SXN4sTjI+b/PamnVFm42Nn/Z//VXyzcar+0pKuF0/V/oPC0Ib/P4Vy/iv

TfjrqSY1mx+KF4v/ADx0/TDAB+EIB/Wj+wF9uvTX/b9/0RlU43/584LESfb2TX46n038Tv2g

vDHwx/cXl79t1r/llpNlte5k/wCunaJfeTH0NeOWd94m/aM8f2f+hfbdTm/d6dpNt/qdOT+L

5j/F/fmbHoMDiuO+BXwS1S9vf+J14O+Kvhiy/wCWvl+EZnubn/a3M2PxOT7V9x/Aq98PfCTR

fsfhnwX4s0zzf+Pi5vdNb7Vcf9dJG6+wGAKxx+NwuVRf1b95VfXovz/C78zsyrK824hqpZgv

q9Ba8t/efqt7+tkuzO5/Z1/Z/sfgT4SNv5qXmuaiVk1G76b3/hjjz0Re3qcsa9E3cVx1l4/m

vv8AmH30P/XSD/7Kr3/CRzH/AJYTf98f/Xr8rxM61ao61d3kz97y/DYbCUI4bCxtGKsv67vq

dD5mKv6G27zfw/rXLwas0vVGH1FdB4Un84T+23+tcc9j0KfxGH1pCoPaloJxVEDDFmjyRQZc

UecK09oAeSKQwAil84UecKDMia3DGk+yj1qXzR6UeaPSgCL7KPWj7KPWpfNHpR5o9KA9nAi2

D/Io2D/IqXaKNooD2UCLYP8AIo2D/IqXaKNorT2geygRbB/kUbB/kVLtFG0Ue1D2UCH7NR9m

qXzP84o8z/OKj2hp7OAn2aj7NUvmf5xR5n+cVftDP2UCL7NR9mqXzP8AOKPM/wA4rMPZkX2a

j7NUvmf5xR5n+cUe0NPZDfJFHkik87/OKPO/zis7gS+SK2fCKbPtH/Af61i+d/nFbXhB9/2j

/gP9adT4S6fxH//Z



------=_NextPart_000_0012_D3E3F715.6E969EA7--



Invoice Phish Part 2

Posted by Dave Yadallee on
------=_NextPart_000_0012_D3E3F715.6E969EA7

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable




w3.org/TR/html4/loose.dtd">









3D""
=3D"baseline" width=3D"222" height=3D"159">



We would like to inform you that you=

r payment document in PDF format has been made available.
Due to storage=

limitations, the document cannot be attached directly to this email.
T=

o view and download the document, please use the secure link provided below=

:



[
s-onlinecopy.appwrite.network/#sales@nk.ca">Transaction Receipt.pdf]
>

Please review the document at your e=

arliest convenience. Should you encounter any issues or require assistance,=

do not hesitate to contact our support team at
-projects-onlinecopy.appwrite.network/#sales@nk.ca">[Support Contact Inform=

ation].



Thank you for your attention to this=

matter.



Sincerely,

a-end=3D"677">Adobe Systems



------=_NextPart_000_0012_D3E3F715.6E969EA7

Content-Type: image/jpeg; name="untitled.jpg"

Content-Transfer-Encoding: base64

Content-ID:



/9j/4AAQSkZJRgABAQEAkACQAAD/2wBDAAIBAQIBAQICAgICAgICAwUDAwMDAwYEBAMFBwYH

BwcGBwcICQsJCAgKCAcHCg0KCgsMDAwMBwkODw0MDgsMDAz/2wBDAQICAgMDAwYDAwYMCAcI

DAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAz/wAAR

CACfAN4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAA

AgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkK

FhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWG

h4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl

5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA

AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYk

NOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOE

hYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk

5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD9zKKMUYroMwooxRigAooxRigy5AooxRg0

ByBRXwV/wUN/4KweOv2Pf2jbzwZonh/wxqljBp0Fx5t753nb33f3HC14SP8Ag4F+J/8A0Jng

f/ya/wDjtfO4nijA0KjpVG7p22Z+v5N4FcWZpgqeYYOlB06iTV5xTs/Ju5+tdAr8mP8AiIF+

J5/5kzwP/wCTX/x2ks/+C/HxVvryGGz8C+B7y8nkS3t4o/te+WVm2xqv73qW4Hu1Y/64Zc+r

+5noT+jxxlBc0qVOy/6eR/zP1rlkwGDhETOdvRs9RnPXHao3O5zn+Id/z+lJ4B0PVZvBGinx

I1mmutaxNqC2OVtzcbMyeWG52buntW2PDkZVv3shz1zjAPrX0XtT8WqUnCbho/Tb5GEKkq/q

XhyaOwuDaTHzhFmPzPubq/JrxL/wXZ+MPgLxJqeg6z4H8DRaxoF5Lp96n+l4jniZkkX/AFnq

rY9sGvPzHOcNgYqWJuk/K59hwd4eZvxPOpSyhRlKnZtSko6PrrufqtRX5Mf8RBPxO/6EzwL/

AOTf/wAdoP8AwcE/E3/oTPAv/k3/APHa8j/W7Lf5n9zPvv8AiXXjRb0Yf+DIf5n6z0V+d37D

P/BYbx3+1N+1T4Z8C6z4Z8I2Wma0l1JLcWZuPOi8q3eVdu5yOq4PtX6K17WX4+hjKftcO7q9

trH5txbwZmfDeMWBzWKjUcVKykpaO63XoR0U7y6PLr0j5kbRTvLo8umA6iiigArW8L/8t/8A

gP8AWsmtbwv/AMt/+A/1qZbDW5k0UUVIgooooAKKKKBXCiiigLn4vf8ABbk/8Z5ah/2CbH+b

V8iV9d/8Fu/+T8tQ/wCwRYfzavkSvxLO3/t1X/Ez/TnwwduFMB/17iFfWn/BFv8AZjb9oH9s

3StXu4PO8P8Aw7jGu3XHySXOWSzj/CQNL9bYetfJdft7/wAESf2ZB8BP2NrDW7yHydf+IrjX

7vj5o4HQC1j/AAh2tjs0jV2cM4H6zjYye0Nf8j5nxv4uWS8MVadOVqtf93H0a95/KN16tH2U

FwuKMcUJ92jNfrp/niHavxZ/4Lt/szN8JP2rrTxzZxf8SX4jWoac/wDPPUbZVR/+/kPlEepj

lr9pm6V80/8ABVj9mI/tS/sbeJdOsrbz/EHh9P7c0XA+f7VbqzeWv/XWMyxf9ta8bPsF9Zwc

oLdao/SvCbix8P8AEtDEydqc3yT7csur9HaXyPwOooJwKUda/GPI/wBK9HG6Ppf/AII+jH/B

QjwIP+mWof8ApFLX7iV+EX/BMTWpfDP7cPhG8g/1sMN+R/4ByV+03w9+NNl40/0Kf/Q9T/55

fwSf9c2/pX69wNgK1TK5V4q8VJp/cj/P36TubYahxhRwlWVpyoxavs/en1O3ooA4or6Y/CAo

oooAKKKKCOcK1vC//Lf/AID/AFrJrW8L/wDLf/gP9aT2HGV2ZNFFFMyCiiigAoooB5oLEzS1

DrOtWWi2M17eTw2UMP8ArJZPuV5b4p/a4sdJTy9FsH1AH/l5uj5Mf/AV6/niu7B5diMV/Ai2

u/T7zyczzzBZer4uoo+W7+5an5a/8Fuf+T8tQ/7BNj/Nq+Ra+lf+CsXjO8+IH7Xl1qV75Pmn

SLP/AFf/AAKvmo9a/CeI6M6GZVqVTdSZ/qX4TYuGI4Oy6tT+GVKNvuPT/wBjj9nWb9q/9qLw

d4HGPsepXqXGq5/5Z2EXz3P/AH2i+WP9qYV/RdpunxWFisMXG0V+bX/Bvd+zH/ZXgXxR8WdU

g/0rXZToWjS+lpA37+Rf+uk+VP8A16rX6XKeK+74SwPsMH7V7z1+XQ/kf6QHFqzbiN4Ki708

MuT/ALefxv77R/7dFHArNOt2n9tw2Pnwi9mie4jg8z53jVlVm2+gLKD7kVpM2xCfQZr8efi3

/wAFMP7I/wCCzNp4viuz/wAIT4Tu28BXCn7j2bvtu7j22Xe1890tBXtY7MqWDUXU+00j864Q

4Lx/EVSvTwK1o05Tel722ivOT0R+w9NkTfGV9RiiKUSxqw/iANOrvPj9mfz4f8FLf2aP+GWf

2yvFvh+GPy9B1aX/AISDRz0VLW5ZmaMe0UyyoP8AZCeteDjg1+wf/Bf39mv/AIWB+zjpnxEs

ImfU/h7d/wCl7Ry+n3BWOX/vh/Jkz2VJK/HhRk1+NcRYD6tjpJbS1XzP9I/B7iz+3uGKNapK

9Wn+7n3vHZ/NWfqfR/8AwSaOf29/B3/XDUv/AEjkr9UviD8JfsP+m6N/qf8AWSW//PP/AGo/

8Oo7V+Vv/BJr/k/fwb/1w1L/ANI5K/Zyv13wvxE6OAnKP836I/ir6YWBpYriehCotfYxs+q9

6Rk/Av4z/wDCT/8AEl1Sb/iZwx/6NL/z+L/tf7Y/Ue9elYr52+J3hj/hC9bh1nTf3MM0n/gP

cfwt/un09frXuXw+8Zj4geGLLU4f+W3+tj/55yr95f6j2r67PcDTjbF0PhluuzP5z4TzWvPm

y3GO9SGz/mj39V/Wpr0UHrRXzp9mFFFFAgrW8L/8t/8AgP8AWsmtbwv/AMt/+A/1pPYun8Rk

0UUVqQFFFFAwrJ8aeNbL4e+GJtT1P/Uw/wCrj/juHb7qr/ngc1rHivmj4z+J5/jR8Wv7Gspf

+Jbpm6OOT+CNF/103+92H4V6mUZasZXtU0hHWT8v+CfPcR51/Z2G5qavUk7RXn/wCle614g/

aC8T+dN+5soZP+3Wy/2VX+N/U9foK7fwx8K9F8M/8sXvbz/n5uFDv/wFei1oaHYw6LosNlZw

+TDD/q4//Zm9/U1dr6qvimo+xorlprZL9T4XCZbFT+s4r95Verb1+7sfk1/wWI/5PLuv+wPZ

f+zV80+D/Bup/Erxno/hrRofO1jxBexafZR/9NZW2ru/2fmyT2Ck19Lf8Fh/+TzLn/sD2X/s

1d9/wQa/Zv8A+Fh/tMan8QL2HGmeALQpZ/8ATW/uQy/+Q4d5PoZ4zX8y4/BPGZ9UoLrN/d1P

9Z+G+JaeQeGGFzWf2KEbecmrRX32P1l+APwh0v8AZ8+DHhnwZouf7O8N6fFYR56ybF2tI3uz

ZYnuSa7bfuXrWT9vqT7f2/rX6ysMoRUVsj/PrE46piKsq9V3lJtt9292eL/8FIf2nv8Ahk39

kLxP4lt2H9tXMQ0rRlP8d9P+7ib/AIBzIf8AZiav5+f+XPFfev8AwXq/aa/4WD+0Dovw6s5R

/ZvgW2+2ah/00v50+Xd/1yt9uP8Ar5NfBfavyXi/HqtjfZQ2hp8+p/oD9H7hNZTw2sdXjari

nzP/AAbQX3Xl/wBvH7sf8EhP2nz+0z+xloL3s5n8QeEv+Kf1XzPvySQKvlTN/wBdIWic+7Gv

qouPWvxK/wCCHn7TZ+C37Ww8J3k3k6L8Rrf7Ef7kd/Fuktm/4Enmp7s8Y7V+z4vCe9ffcN4r

65goylvHRn8leMfDH+r/ABLWoRVqVR+0h2tLovR3XyKfxI8D6X8T/AuteH9Yh+0abrtnLYXc

Wf8AWxyrsb9K/nF+OHwm1L4A/GbxL4H1Mf6Z4T1GXTpJD/y8RL80M3/bSJo3/wCBV/SIZ9x6

1+U//BwF+ziPD/xE8M/FKxi/ceIo/wCw9Yx/z9Qq0ltIfdo/NQn0hjFeZxlljqYVV4bw/J7n

2/0ceMVgM9llNZ+5iFp/jjt96uvN2Pnj/gkz/wAn7+Df+uGpf+kclfsuTgV+NH/BJof8Z8eD

v+uOpf8ApHJX7J7q9zw1/wCRdP8Axfoj5v6W2vFeH/68x/8ASpFLXNE/4SbRp7OX/l8j8v8A

65t/C351gfsr+JprPWdU0Wb0+0R/70beXJ/7LXWbq878Dn+xP2o1h/5/J5P/ACLFur9NjTVX

CVqL7cy+R/IlR/V8xw2Jj/Nyv0Z9Ak5NFFFfEH6oFFFFAwrW8L/8t/8AgP8AWsmtbwv/AMt/

+A/1qZbFU/iM2iiiqKCkPSlHNB5oLMD4o+J/+EL+Getan/y2s7N/L/3m+Vf/AEKvnv8AZx0b

GiXuqf8AP5cfZ4/9yP8Axfcf+A12/wC1J8afD194A1Dw/ZanDeanMYv3Vv8AOke1x96Tp+GT

XNfAk/8AFo9E/wB2T/0bJX2mV4adHLpVJxacpLftY/Ks+xlHFZ5CnTkpKnC+jvq3Z/gdor81

Mj1TVqlR6DU/KD/gsMf+Mzbn/sD2X/s1fpl/wTf/AGff+GVf2SvD3h+eHyPEN8rarrX/AF+T

jcyt/wBc02RD2iFfHnxp/Z//AOGkP+Cwui6Zexedovh/SbLWtVP/AE72zM0MLf7MlxJGCO6e

Z6V+jX24CvzbI8n5szxWMn/M0v1P6q8TeNuXg7JeHMPLalGpP1taK/N/czoRqOR0Hfof8mqf

iHxHc6N4dvr2zsptSvba2klhs0babyRRlIwegJ96ym1HA+8ML1A7jPNPTU8T/wAUxYmNULbR

IRzknsAPWvr5YXQ/nyhmHLLm38j8avGX/BOD9pX4meMtZ8Taz8PpptZ8QXsuo3v/ABNrL/Wy

tuZV/ffdHQDsqgVwHxo/YT+Lv7P3gubxN4u8GT6N4fhkitpb37dbTeW8jbY9yxSE7SzKATxl

Invoice Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 24 Jan 2026 14:04:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjknX-00000000GoO-3T6V

for dave@doctor.nl2k.ab.ca;

Sat, 24 Jan 2026 14:03:59 -0700

Resent-From: The Doctor

Resent-Date: Sat, 24 Jan 2026 14:03:59 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [217.194.215.119] (port=60167 helo=hukcentos72onyx.hostinguk.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjhEo-000000000U0-1AlB

for sales@nk.ca;

Sat, 24 Jan 2026 10:16:04 -0700

Received: from scottishpsc.org.uk (ec2-54-226-138-61.compute-1.amazonaws.com [54.226.138.61])

by hukcentos72onyx.hostinguk.net (Postfix) with ESMTPSA id 81BFA2B208C

for ; Sat, 24 Jan 2026 17:01:21 +0000 (UTC)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=scottishpsc.org.uk;

s=default; t=1769274083;

bh=ifEw2N6ravtYPdquC7gcBjgNd6WSCc82VHvLGSa01DY=; h=From:To:Subject;

b=I5qSN9OQpCUaWEDf/gtEOXconZgSUPaBbVISxf2N7zHd4QWXFeKpVFNm+BRTVe7y9

BWyebdDjkNUY5Wo4dOUL92i494ws58eqofH6ORf/eBHaIwFrYtzO3ZNKC4SwfxHpQo

WhUb1OiosZ4DQcKmLdUcfswLCeviQiB0NZ9ion6/lkJf0aLxyNGFhxv3w623exF2H3

x6kaRsq2YUZ2itO3mwRXbAQcuTyfhGLHM1mEwe4LQW1ozDibZwXdMUcXHbn2kf+gxY

AfijPhHNCnrvORY0CEZnoBYHSFlI2y0eqDy+K5LuLbmLth1Hk1gt0djPT0/YoSWhSt

f3lJGaxJQ+yMg==

From: Adobe

To: sales@nk.ca

Subject: Payment Document Now Available

Date: 24 Jan 2026 17:01:20 +0000

Message-ID: <20260124170120.01BA83C0F2066A9E@scottishpsc.org.uk>

MIME-Version: 1.0

Content-Type: multipart/related;

boundary="----=_NextPart_000_0012_D3E3F715.6E969EA7"

X-Spam_score: 12.3

X-Spam_score_int: 123

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: We would like to inform you that your payment document in

PDF format has been made available. Due to storage limitations, the document

cannot be attached directly to this email. To view and download t [...]



Content analysis details: (12.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[217.194.215.119 listed in dnsbl.ahbl.org]

[217.194.215.119 listed in dnsbl.ahbl.org]

[217.194.215.119 listed in dnsbl.ahbl.org]

[217.194.215.119 listed in dnsbl.ahbl.org]

[54.226.138.61 listed in dnsbl.ahbl.org]

[54.226.138.61 listed in dnsbl.ahbl.org]

[54.226.138.61 listed in dnsbl.ahbl.org]

[54.226.138.61 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[217.194.215.119 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[217.194.215.119 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[217.194.215.119 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[217.194.215.119 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.226.138.61 listed in will-spam-for-food.eu.org]

[54.226.138.61 listed in will-spam-for-food.eu.org]

[54.226.138.61 listed in will-spam-for-food.eu.org]

[54.226.138.61 listed in will-spam-for-food.eu.org]

[54.226.138.61 listed in will-spam-for-food.eu.org]

[54.226.138.61 listed in will-spam-for-food.eu.org]

[54.226.138.61 listed in will-spam-for-food.eu.org]

[54.226.138.61 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

[217.194.215.119 listed in will-spam-for-food.eu.org]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: appwrite.network]

2.5 URIBL_DBL_BOTNETCC Contains a botned C&C URL listed in the DBL

blocklist

[URI: appwrite.network]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[217.194.215.119 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[217.194.215.119 listed in sa-accredit.habeas.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[217.194.215.119 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[217.194.215.119 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[217.194.215.119 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.1 MXG_EMAIL_FRAG BODY: URI with email in fragment

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 HTML_IMAGE_ONLY_16 BODY: HTML: images with 1200-1600 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

2.0 MIXED_HREF_CASE Has href in mixed case

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} Payment Document Now Available

Ukraine Romance phish from Microsoft outlook Part 2

Posted by Dave Yadallee on


X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?Y2Z5bFB1ZjhhOFhIS0IxUm1hMGlCa0tWcnJZRVdNZURzRHBmWHBRcnFJRXJC?=

=?utf-8?B?M2ZJUnlGcnR5QkpCSkYyVFlsUUlOd0pDSjk2MEhpcEFJVmhFdnZUQnBNK2dV?=

=?utf-8?B?ckxlbEMxT1hpZC9CSTAyWGJrR2N4T1lCd0poN29tT0JPOGNFV3RBNXRJaWhR?=

=?utf-8?B?ZHpBb0JydlkrSElwZ1VIWXNCUU5NUW9DNXdUc3BlUmcraTZ6M095MFdvNFQz?=

=?utf-8?B?TUk2OW9FdlZCaWlHSDlOQlpGQktzZ1pxSHNHNEpCZ1hDQy9WbVlSc29QcmZu?=

=?utf-8?B?aHNlQ1g4ZUdKcy9xaFcvaWROZ2JDeXhSZWd2U1JRUEs1cFppVmZQdnBpczds?=

=?utf-8?B?TytNSklreHFkWlB6OGY3SCtYSFVVRDc4alF1T2FxVDhIRXMydTFqM1A2aE1j?=

=?utf-8?B?c2lJQm1icnhCVW1RanFvVzJpWGFNRkMwMzg2SmZUVzRiOUxkK01SdzBUaERi?=

=?utf-8?B?eHdlUGl1Z1krOHNMWm9NM1pNTXZncnR1TlpiaXVleGZTcGxzcThEY0NNcTNu?=

=?utf-8?B?SndIWC9Wd0RKQk5sMVRRb2g3OXM1RGUveXpGVTBYVHlYUm9sRmlObGRoeTlM?=

=?utf-8?B?eWR1YXQ3REJXcnMwbFhuaU5sZllob3JKYThaNEE1YUJYa0pKZlFtSzhtWTBS?=

=?utf-8?B?cXAzcEs4eXNqL2xkZTJENjhUYmE1M3hMNjFDeThMY1VLRjZoL0krcW5JdkNJ?=

=?utf-8?B?ODBLd0dzWUJ2MTlrSEVXQTBlaDhVaGZMbDQrNG96T05QRzNZT05WVDVZdk1G?=

=?utf-8?B?amxRU1RINUdKL0tQbTdlTCs5RmNEcFREa09TeDFpSHBYRlZldXFxU3hPUFkw?=

=?utf-8?B?S0dMbDFabDNCSWRuSHkrQmJyaFRpWVhMalBpRVEwNG5kVElPVzEzdEdnSkMx?=

=?utf-8?B?MGswQWxNck80SmNzbVlwbXNrek11ZnEwbzNVd3VGU1grT1Z5cWxYQy8yMzNp?=

=?utf-8?B?U081andtM2VUaU9tV253c3RZcFRoTVF5anZ4NndQNlNIamMvWnkvbDdvRGE5?=

=?utf-8?B?WmNwQlgyQUtRVTBsZXAxTWM1QzZNbCtwOHgvY2tNa3lIK1ROdE1qTkZxRkZ2?=

=?utf-8?B?SWI2aWFTcHowamlLZ1RVc3hUK2VaMzBHWHVkQkFzQTR1c0Q5aUpkM3MwT1hi?=

=?utf-8?B?ekR0b0Q3VmtWTXZzVFhUVklpejBOdlFMVHNnV0Q0SGhmWDc4dFJhRms2TWVY?=

=?utf-8?B?eUNNblBSbzY0K2hzOHN5cWlZZE56dHpRTUtKQmh1dGpFNU5xcDlnWWRIOTgv?=

=?utf-8?B?NHNrVWNVNXlONStjZjl4WCtLamZBZGdPcU1KQXcyNVdIZWRlQStodkRkQ0Yw?=

=?utf-8?B?akREWk81eUJWUDc3M0hiTGxnelBNR0Q2bU0wd0EwdnIwbDR5dURvTDdWRC9D?=

=?utf-8?B?VTR2ejFTWGFqK3hLR1NXdzR5SXJvdmxJTkk4dFhQazY5dTJSK1ZzUXdYQ2M5?=

=?utf-8?B?UGYzaXlPaVlnQWhjaFh5SWcwaE5DQnNQV0dDRWhTMXR4QkJDVzh5NW83cjJD?=

=?utf-8?B?bzQ3Z3Q4OTFGRmdselQ4Vnk3WmdRMlNSaGtnVEwwbElmcDNVb3MzM3lrNndE?=

=?utf-8?B?dGwwR0dNR3Irb2VqOTZMbCtnNWxneTB0OGFlTXRNSDE1cjBQTmU4cFpIOEI5?=

=?utf-8?B?ODhWMEdtOEtpUEFpT1VqVmZZRFI4WGk0Rm1QdTZDQ3MyZTh3ZmlwSng5Wk9H?=

=?utf-8?B?RU9kV2VPMnkxeEFIUStqcG5NRllhckI1dFB0R2lUSkZzSDRER25pOXlseWdB?=

=?utf-8?B?bnN3TGtROXRKQXVOQ3c3K3VuaWJNcnVZU2JwTmJSYVFJVUVEc0tFNHQ0Sk1U?=

=?utf-8?B?MCtVa3dEZE0vVGtnamFtN1NBbDhpZHp2UEhoZ0RBUENWci9TSWRIckI0cWRk?=

=?utf-8?B?aUVjdTg0RTVjUVZyRHBBbHhIZ29PQWZEZWRnUzVGbEZwVkE9PQ==?=

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-f2178.templateTenant

X-MS-Exchange-CrossTenant-Network-Message-Id: 4d19e7c5-82ff-4ccc-7cfd-08de5b431d69

X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB5467.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Jan 2026 12:21:35.2739

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR01MB9172



------=_NextPart_000_BEE6_1667BF4A.50B885E5

Content-Type: text/plain;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



You Might Enjoy This



A small space built for people who prefer depth over noise.

Nothing flashy. Just real exchange.



Have a look: Check It Out



If you prefer not to receive messages, unsubscribe















=



------=_NextPart_000_BEE6_1667BF4A.50B885E5

Content-Type: text/html;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




iv align=3D"center">=0A=

You Might Enjoy This
an>
=0A=

=0A=

=0A=

=0A=

A small space built for=

people who prefer depth over noise.
=0A=

Nothing flashy. Just real exchange. =0A=

=0A=

=0A=

Have a look:
href=3D"https://rb.gy/e7e9l1">
16px;">Check It Out =0A=

=0A=

=0A=

If you prefer not to re=

ceive messages,
t-family:Arial;font-size:12px;">unsubscribe =0A=

=0A=

=0A=


=0A=


=0A=


=0A=


=0A=


=0A=


=



------=_NextPart_000_BEE6_1667BF4A.50B885E5--

Ukraine Romance phish from Microsoft outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 24 Jan 2026 06:53:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vje3i-00000000Amh-2ABA

for dave@doctor.nl2k.ab.ca;

Sat, 24 Jan 2026 06:52:14 -0700

Resent-From: The Doctor

Resent-Date: Sat, 24 Jan 2026 06:52:14 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-southcentralusazolkn19012013.outbound.protection.outlook.com ([52.103.14.13]:60192 helo=SN4PR2101CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjcf1-0000000024J-1c20

for doctor@nk.ca;

Sat, 24 Jan 2026 05:22:47 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=oxaPhm4NxVtY0Nur5MQORyhAu1fPFhwq868jNRCkEY0r+W8c79dM7csGZIYypsUZbU+qkKkGQvw0zFkbAI1vfDnQPoP9dStGLedCjxt7QSE2YBFW/xH1v0FiQpr+5mUSturMZGtTfdqCOyBquk1rjyTV2vQpRQYjh/eSUvYcYlDir/Y+e2Sr+XTqX7BkTWuICDchC0YwWdWdhlJCtcnZ9pqKGp8IExyIud1ettCGjwBBM8Jhs1jhpRkQe6zIul8bv3ncCMGIDTZBnjulcNFglzXllZ5Mcy5NqXnrGj4mBj7qVezVujr9csg/EMqerVF2QqhX36bhOxCSHwfrp4aMZw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=owt29ceattqrNCEFRSZ37Nf6qvIUVmEK/BudlayNMwQ=;

b=PXsRyJhtLZnJM82U7h5fUSaGzoUlKwYkK8iM3No8NDodpvpAJSO1gQcg5VTScwAlFt5nlEf5wm78uQMg74/m8yPKzgCMVjfDjOCO47jaj8U43q9NWLfOjZJ7YcQ/2ndQlZ/H9sWYHeZTZWN6IUvifscP/53CXu8OfZkc59s2dmnCpWo87swcEyYFAybB4vGNSTvYU4xUlkp8MCHml5ZPWk/6/eUet1hgHsdO1zvpw0o3qN0Z/znYfgnLJvb/4ZQ7PgI4y8ETFHbSS6sqg0FxyOFR7sd4e/AQNV76X8aMQDR/Fp39ZwCbY/Mv6qalp9FlhkXioOHyKaYJhrVJHqnq2w==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=owt29ceattqrNCEFRSZ37Nf6qvIUVmEK/BudlayNMwQ=;

b=Qd5eedJKp5a9qxymxtJaU06RbNA38FN6XPzmAfN47A3Y4tbnpwFqH7OhHooc4gRphaz8K5eGwOF1JVPrgfSQmYq6cRvOCRni6h3TSkoGiajzq0ZZekmd/cl9PX2B9Em2cp6XRwNr71mROdN4jRg2ZgxIfoethyigMhVry68LLUdoElTmnnPqageyBhZlrgqe76ZnO3BivIgyj3dsx7YADwoUbwlxSsMR1z2NfA8FXohKqJXpNmq58SuORTPbKr+AwU3fe+jF7SqaWvULAqr6W6DHZG4jzm9laNq/ufqNa94W/QYnTDnJK7WgqqrAenFQ+Q72N96dr6dHZb/njB5KQw==

Received: from DM6PR01MB5467.prod.exchangelabs.com (2603:10b6:5:150::13) by

IA1PR01MB9172.prod.exchangelabs.com (2603:10b6:208:595::7) with Microsoft

SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id

15.20.9542.10; Sat, 24 Jan 2026 12:21:35 +0000

Received: from DM6PR01MB5467.prod.exchangelabs.com

([fe80::4c86:69c6:1646:c2e8]) by DM6PR01MB5467.prod.exchangelabs.com

([fe80::4c86:69c6:1646:c2e8%6]) with mapi id 15.20.9542.008; Sat, 24 Jan 2026

12:21:35 +0000

From: "UkraineGirl"

Subject: A subtle invitation

Reply-To: "romainediez1ku@hotmail.com"

X-Mailer: Apple Mail

Date: Sat, 24 Jan 2026 13:21:31 +0100

Message-ID:



Content-Type: multipart/alternative;

boundary="----=_NextPart_000_BEE6_1667BF4A.50B885E5"

To: Undisclosed recipients:;

X-ClientProxiedBy: MA4P292CA0010.ESPP292.PROD.OUTLOOK.COM

(2603:10a6:250:2d::13) To DM6PR01MB5467.prod.exchangelabs.com

(2603:10b6:5:150::13)

X-Microsoft-Original-Message-ID: <1.3d7d957e806b4166d598@DESKTOP-N0MTKOQ>

MIME-Version: 1.0

X-MS-Exchange-MessageSentRepresentingType: 1

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: DM6PR01MB5467:EE_|IA1PR01MB9172:EE_

X-MS-Office365-Filtering-Correlation-Id: 4d19e7c5-82ff-4ccc-7cfd-08de5b431d69

X-Microsoft-Antispam:

BCL:0;ARA:14566002|461199028|12050799012|15080799012|39105399006|8060799015|12121999013|19110799012|23021999003|20031999003|5072599009|9400799043|42300799018|4601999015|3412199025|10035399007|440099028|39145399003|34005399003|40105399003|41105399003|35041999009|19111999003|56899033|2406899039;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?cCs5Ymh1RzljRlI5N0J4UEFQdDl1dGxEY2ZpUGR5SFd4ams3Yk5IMHhRR0c5?=

=?utf-8?B?VGNuYWJvb3BTRlZwcks5dXVXRjIxcnlKYXRWbkhSSFFMY2pEYjN0VGFRaG9S?=

=?utf-8?B?am9icE1GeWdMSjcxYWpwQkJMU3Q3VGYyT28vRFRrUi9LT1JmY1N2UzFMTUpl?=

=?utf-8?B?YlB6enU0b2JwRHh6Mk50cUZ4dE5CT01xeUsrSnN4bmo3cXg4TWcyc24yTHg1?=

=?utf-8?B?ZlVhdDJ4Rm4xaEpUdGxyOXpHRVY2TEkrdFg5VVhFUG5icktTd0RhUlZsem1P?=

=?utf-8?B?MzIydlJydUphejhiWGlWZCtMK0NYUmYwVXRkVTJEQ1NYTWJXSzRacXhJKzU5?=

=?utf-8?B?dzhqdDV3ek13Qm5TU3lPOWVFWkgxRzZwZ09INHY3cnFPOTJLME1rZ3BxRHEw?=

=?utf-8?B?RmVHaEpvY1h6WmFNWlhZMmlQTklyV1F2eC9zQkVVRWZnMm1ITThSYWw3dE5L?=

=?utf-8?B?V2VxelQ5RmlLTHd6Y0hqSXFVcGVtTjI3QjZzVy9VM0xIeDIyOFRMb1diNFlq?=

=?utf-8?B?YkVBQWlyeU1DdTJoK2NBOFMvODl4U3VFTmxiQUVXM2p6K3ZiV1JhRG5yV25V?=

=?utf-8?B?WndlSnpTTTdyTVpMUWVocWtzZUprWlZLTzk1WmVoVDBjMUFNQzhsNDgyVVAz?=

=?utf-8?B?NGJOamwvSFQ1VzdYait5Y0s2TjgwRU82aXl5aUhvbElOaU9EelBQNUNrcGJX?=

=?utf-8?B?b1VDRDk3dHp4SWp0ZHgrVWtnRWJpQWxJVFRRSkdyR2YyU3RnSFpQMXg3eTBK?=

=?utf-8?B?N3lSd2RRcy9hM0l6amhEa2tBYkgyMnIxalB5d2dqTG5xY21vbTcxWkVpZkxL?=

=?utf-8?B?MkhtYjVXcGFDK3dJSjhzek5oOUF4SXl5eW1UWHhSWnhtM0JDZVpvTEl4UDhm?=

=?utf-8?B?cEI2SXFQeHFsN3h4YUFPUWFGN3BBV3pyakhCbjg5Q09xWjg1ZWQyZG1RaG1r?=

=?utf-8?B?TnBRYmdVYWFueFRod0syd3ZzVGVTMTI4ZzJRZTZnSmwzYTZhU2N1Q3MvY2FL?=

=?utf-8?B?UGNNRWVkeWVDcVJ4QzBCMmVhbzZ0Q1JZSFdLdzkvdHZuKy91MnlRWVpMS2pP?=

=?utf-8?B?aWExbUdKeDM3MEJQWDFENHdLeWpvN0dBZUp3ZS9HNzVCa3pxTEx1aVNJNGw2?=

=?utf-8?B?WlkrM0UrbkVjRTVIMzhlM0VFd1BzTkM5cnJicG5xb3pLcnU2YVIwM1NXV01Q?=

=?utf-8?B?aGNyQm9zVTZSUjdhUmxyVTlkbFNJT1ZjSCtZd29TYWV3Z01kSDB3VWh0dndF?=

=?utf-8?B?TGp5RVpZZ3NpMXRkNHJYQjFUNHIyYitLTjZhdGxDb2h2S3hzUnpFNGZ5Z291?=

=?utf-8?B?MGQ1TVhrc1JYWG4yNVdvcjUySWxwY2RFSXlXc210T2x6WmxOQzh4VW45eE1G?=

=?utf-8?B?RDQyWUR0a2dqWlJjTENZQS9lL0J4SGhUcWttb1YzZVNsWFJPd3d5ZFcrNlhI?=

=?utf-8?B?a1lZTW5tWThrbnFIaSsySGNzNHRaeWpxYVV4STh0N01aMkJzSzRSa0VNbU9H?=

=?utf-8?B?R09LNlZzOGwwWjdTOWRaZW82TXVSU2V5Z3ZlQnMvalh5bDlJcElmQlU3emV1?=

=?utf-8?B?VU1NYm1RNmNWRG9OT3piQm56Wjg1bWJxUUJCTVZlQ0NKelhTTHZQQ2lObFJ1?=

=?utf-8?B?OGhrd2FqODN6WkRkVWRMZThBRVBhdlV5dWlDRExqSzB3MDlvY3cvMzcvSXNj?=

=?utf-8?B?cXgza1hEaUxTOEtUSU10YjZLalZjRlo2VXBHTXV3Vm52RmhhbDFkQlpmNDhw?=

=?utf-8?B?U3AwUXBCeWgxd3Y3TmFVeWFrTm4xU0ZMR2s0YVlTeE0zR044V1VnODRjRmZE?=

=?utf-8?B?R1VWT3JCRlgvTUJYY293VmorbUZOZFNMNmlNQUI5eG5jeS9KcU5XOC9hOG5J?=

=?utf-8?B?Q21TTGdxcjlSTEE4cUl6anN3czA2cWFHU1F4WjRXeHMyS0J3aEN6Mjhsd3cy?=

=?utf-8?B?SjZTZjdBajV0dmRsUWRLN0pJdU9FMnNYL1dPbWd2UHFYMTM3ZDM4MlJRVHJS?=

=?utf-8?B?NjBYMG5HOU9zUUZITVkra0xvaHIxS0ovckRlWkVYQWs0RWk1ZE05RVpwRlBE?=

=?utf-8?B?VCtPajcwQzYvZFZmN0F6Wm4zNDdmUFBCREdydz09?=

X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on


x-ms-exchange-antispam-messagedata-0:

=?utf-8?B?bEdhVmczWXo2UE81dEdPWEgxNjU4NXY5RTFURzhHWlhYaTNkM0llbzVjdTRB?=

=?utf-8?B?WWdjcXBHNTdnVERmbDJqdWk1VkhuUHQ0cU4rdERjV1pjNWx5VlI5WmllTXZo?=

=?utf-8?B?T1FEL01jblRrNGFVSG9QUGdHT3Jka0h5S0EzVUxDTmUxcTRvdTRFalVaRFE0?=

=?utf-8?B?ZFlPM1NyazBxUUtmZmNVUyszMU9NUmdHZFNLTkxqV0o4MTI3YUc4cEpFNU5J?=

=?utf-8?B?ZXhva3E1WUdOMXZTWnpPallUNUVXTFRhUmx0d2JiVkY5ckNtK0d4N0NuRGJp?=

=?utf-8?B?eGh6QVltcWU3UWd6TTFacWFEOGJ2NlI1eU9nSWVEZDdESEUxd1ROOWYya21N?=

=?utf-8?B?bzFFbHJhSXRpQnhWeWZuSGJEcnI1Z0pvb2FObDAzQ1ZERVFVN1lTS3FRM2xQ?=

=?utf-8?B?bkhJcm9yQ05KMkFPUXRabFRUNEFTT2pMK3dabnpvMWFVSE5iRVFGZnN1aUh5?=

=?utf-8?B?N0pGY1M3TUkrZnZ1TFdxQmZkMXowcGRxanNEWU5sanNUT3UxVVExTXEydXJQ?=

=?utf-8?B?b0F6Yzk4M0p3d2FpUW8yZTduWXB0a2xZVnNKOGpralBTUkpoNXI1YTdmS0xk?=

=?utf-8?B?UGVrMU5ZOXhDY0kyVzllRUVYYUJKaU9yZFJzZnhRdjc2ZzRsdGVENEpNQUpk?=

=?utf-8?B?TGRKdk9DcVcyWUxJYk9KUnVpUHVXTnMzZzF6Zm13Y3MrYkJaVnIzUUUzakVX?=

=?utf-8?B?Zm4rcTl4d3ZCQ1FaUkJVQ1JtOFo5LzZ1UkJiQUdweFNQZjZSZERvNDNTSGt0?=

=?utf-8?B?Rk5UWks4eGJGd2IzWU9VVm5TSTNOS0Q2SGY3WEQybHhpQVBQd3hmNytLOVVD?=

=?utf-8?B?OEVvZ0tTajM5emttelFIdkFzbXJaelFSQUZWd0E4SmRiSEJMSlhXS3AwMUl2?=

=?utf-8?B?ZzdpY1NySWJzTGNuVFJaUzRWMXhqM05MSWY0aVNzWjdGalVnVFk3OUNpc3VQ?=

=?utf-8?B?dnVPcXF3aTAzb3pHVFJHYzZlWUlaOTJodTRsemEwMkpJWC95K1RrZFVKRVFk?=

=?utf-8?B?UlVqZTh3aTVDU1c1cEcrT25lNkxiTmhlc3Evb1ZUL3NwWk1WenpYRy8rQ01k?=

=?utf-8?B?Z1RvS2Q3VG05T1lQWFNMMHh5cVB2S3Y0UEVIOTFZVGd6dXBpWSt4YXdiOFVR?=

=?utf-8?B?VXRHYmdxd2xpVmhtbDF0dGdtYjVSTklWTjNqK004ZTZoU0ppVlRmYVI4ZHNI?=

=?utf-8?B?NWx6MEp0MW41OE5DZEpqdmJFbUo4N3JxVU5GK2hTa1R3YXNLL3duazkvZVB5?=

=?utf-8?B?dDZHMXFzZUhRcXVzMVlIRStZZ3VGZWEzSnRYY3BvWmdmZ2JTakNpZXd3OSs3?=

=?utf-8?B?cHRPK0FERmRSTzhqUEdpanhPTnJrRnAzZmlLZjBvajZlZEpDVjFxZSt3YTl3?=

=?utf-8?B?OXVybnA0cXBqTU1PY1kwM2U4NllFNEsvMU1NQXl0c1hIWk8wS1lvWWFqb1M0?=

=?utf-8?B?dXJ2VDUrVWpVYlkxWFJWT1dBQTJFVjJRVlgweEpWcE8xSWRxZXdhd2RCWFFR?=

=?utf-8?B?blBQVkpJbHZ3dHE4M1ZzMytjY21RTFRSdFdNWXBGc0xVWWlZdWVnVms1K0pZ?=

=?utf-8?B?R2dpYU45Qy9Mb2FaRldhcjVHSG5yMnFYMS9RK3NiSFVybzJ1RXNrUVROdTB6?=

=?utf-8?B?SXl6OE9HUGJ5M1E1RU04SzA5YXBuY2pyMmVPN0U4enZiVm9RbW8wUit3R1lw?=

=?utf-8?B?bUErSUJ4YjJ4N1h1dG1UMWw0V3QzeVJjS05ZaWdtRHlLTERzRnlYL1RmVG5F?=

=?utf-8?B?OUZLNFgza01YNnN3M2F5NkJBdUhmQnVTT3hPemFUbVNHeGRDV0VpUndkK2sw?=

=?utf-8?B?ZWVKQWF0UERCWWoxaHVQeDJlNGZIRUI2eExKYWtpUjVjQ1pkZnYzMUJ3VE0w?=

=?utf-8?B?SlNab2NvTEdGQ3l0Rk43blpublV5bFNaaHFSaEUxRmV1RW55M2hYaHhWZjlz?=

=?utf-8?Q?Qr4ey8XmpbxOsujF4ntH9CgnyowJzOjN?=

Content-Type: multipart/alternative;

boundary="_000_MA1PR01MB3290EA9A679D9B7DF962E4CCF095AMA1PR01MB3290INDP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: MA1PR01MB3290.INDPRD01.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: d7d97c2b-66da-4192-a3e7-08de5b261a60

X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2026 08:53:54.1514

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: MA0PR01MB7148



--_000_MA1PR01MB3290EA9A679D9B7DF962E4CCF095AMA1PR01MB3290INDP_

Content-Type: text/plain; charset="utf-8"

Content-Transfer-Encoding: base64



SGksDQoNCkkgaGVscCB3ZWJzaXRlcyBpbXByb3ZlIHRoZWlyIFNFTywgc28gdGhleSBnZXQgc2Vl

biBvbiBHb29nbGUgYW5kIEFJIHBsYXRmb3Jtcy4gVGhpcyBnZW5lcmF0ZXMgc3RlYWR5IGlucXVp

cmllcy4NCg0KSSdtIG9wZW4gdG8gc2hhcmluZyBhIHF1aWNrIHBsYW4gb24gaG93IEkgY2FuIGRv

IHRoaXMgZm9yIHlvdS4NCg0KQmVzdCwNCg0KTGlzYS4uLg0KDQo=



--_000_MA1PR01MB3290EA9A679D9B7DF962E4CCF095AMA1PR01MB3290INDP_

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: base64



PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i

dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyIgc3R5bGU9

ImRpc3BsYXk6bm9uZTsiPiBQIHttYXJnaW4tdG9wOjA7bWFyZ2luLWJvdHRvbTowO30gPC9zdHls

ZT4NCjwvaGVhZD4NCjxib2R5IGRpcj0ibHRyIj4NCjxkaXYgc3R5bGU9ImZvbnQtZmFtaWx5OiBB

cHRvcywgQXB0b3NfRW1iZWRkZWRGb250LCBBcHRvc19NU0ZvbnRTZXJ2aWNlLCBDYWxpYnJpLCBI

ZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IGZvbnQtc2l6ZTogMTJwdDsgY29sb3I6IHJnYigwLCAwLCAw

KTsiIGNsYXNzPSJlbGVtZW50VG9Qcm9vZiI+DQpIaSwmbmJzcDs8YnI+DQombmJzcDs8YnI+DQpJ

IGhlbHAgd2Vic2l0ZXMgaW1wcm92ZSB0aGVpciBTRU8sIHNvIHRoZXkgZ2V0IHNlZW4gb24gR29v

Z2xlIGFuZCBBSSBwbGF0Zm9ybXMuIFRoaXMgZ2VuZXJhdGVzIHN0ZWFkeSBpbnF1aXJpZXMuJm5i

c3A7PGJyPg0KJm5ic3A7PGJyPg0KSSdtIG9wZW4gdG8gc2hhcmluZyBhIHF1aWNrIHBsYW4gb24g

aG93IEkgY2FuIGRvIHRoaXMgZm9yIHlvdS4mbmJzcDs8YnI+DQombmJzcDs8YnI+DQpCZXN0LCZu

YnNwOzxicj4NCiZuYnNwOzxicj4NCkxpc2EuLi48L2Rpdj4NCjxkaXYgc3R5bGU9ImZvbnQtZmFt

aWx5OiBBcHRvcywgQXB0b3NfRW1iZWRkZWRGb250LCBBcHRvc19NU0ZvbnRTZXJ2aWNlLCBDYWxp

YnJpLCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWY7IGZvbnQtc2l6ZTogMTJwdDsgY29sb3I6IHJnYigw

LCAwLCAwKTsiIGNsYXNzPSJlbGVtZW50VG9Qcm9vZiI+DQo8YnI+DQo8L2Rpdj4NCjwvYm9keT4N

CjwvaHRtbD4NCg==



--_000_MA1PR01MB3290EA9A679D9B7DF962E4CCF095AMA1PR01MB3290INDP_--

Web/SEO/App Spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 24 Jan 2026 06:51:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vje2L-00000000AKP-1Taa

for dave@doctor.nl2k.ab.ca;

Sat, 24 Jan 2026 06:50:49 -0700

Resent-From: The Doctor

Resent-Date: Sat, 24 Jan 2026 06:50:49 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-centralindiaazolkn19011033.outbound.protection.outlook.com ([52.103.68.33]:16235 helo=PNZPR01CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjZQg-00000000HkA-02TS

for sales@nk.ca;

Sat, 24 Jan 2026 01:55:48 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=h1IqUqNXWOFvFB3yEvi9vhiNSBExEfkUM79zaIdIyTCzi8QzTZHLWio43w8t/jLkwhZ87SOKAGMiV2zjEnam+mQodieifnSwg5afOXio02YtYGrDPVxmTnBtZ8+2Q+7FTZszGAhl0IHLqz2NjhJ6tbO1p0yYWu5N9wuX/MDpjD9rUBU3rbLhE61GV8qlAI7PzUAMx5eh3Jagkjrt7eBKGSebJtgRRM+Xe+c5a8N9J6S2z5XxtlxUAWD3KhV1wUvcPHxBMHUzxKBA5PuUrtfn4KQPwxs7AlcqSzSAEdfgUPacbjPWFOtwIHP+NvZ7DElkOLAtfLfckIWn1ZJAHezMHQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=p/0JnOWsFvKut4YG1Iys4oAHxcPP0vZwfeXl+u6DXRM=;

b=AmafN/1icnnf80SPRVIygthV1aBN+gAzYIx43+G8MLpmMv5P+MINPTcV0ZbwRszWLp2pdRO3TBcIFKGkvHopULREFOVf26HcihwzVeS/HKqMGt/DtIzafy/vrBZ3DyAU9Bt7+E4qI6/cYxrkReFFucZe3CxkuJoSCcrr730H8OYXFo098pIiDWad622TBd/y1/ZTwVf4QXNO2lfnvQrM9yNg1q+GhzlTinRHLdbpcw68zbGbN/TyqnLfZwh7eYvMUTa7U4regYYh7mKMEjEwr+klmQdY030TIaB/tsernUG4/+mUJWxvk8dAY0c/PY6NruOLQ8oP4tGIjwyme0IlhA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=p/0JnOWsFvKut4YG1Iys4oAHxcPP0vZwfeXl+u6DXRM=;

b=FfBxGQxGOiHjNiC8bQl8F+GIitbf99oxW/4WRsPJ/7fyH/aptyvbKQyBEElxovvvQP/sRtbmhiqPmA5TL1apIzNz9MGxBAsK1hq1MriGiVV7H7cUuoHcg90hVDK7O54xir0hRc5tkuT+206iOsXiEesNal7gm48MkS/pTod+ROtJUHqBOJ69Pkx8Jv3A/4nVBbV5hgi2HHI0Ec4rNIMKq7tdt/UmAvTD1QOcB4w1WBVgGFZNWhR+DR3AdgjIbV44bgEvYphBqdKdwY9Zf1UttPEmtNSH6V833xuJ/OepppAkwb/0Kaz5L4O8wf39O6qa3V+Uzu8lpuqp0mk7nCHRGw==

Received: from MA1PR01MB3290.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a00:75::11)

by MA0PR01MB7148.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a01:34::6) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.11; Sat, 24 Jan

2026 08:53:55 +0000

Received: from MA1PR01MB3290.INDPRD01.PROD.OUTLOOK.COM

([fe80::36db:8e9c:2a4a:9411]) by MA1PR01MB3290.INDPRD01.PROD.OUTLOOK.COM

([fe80::36db:8e9c:2a4a:9411%7]) with mapi id 15.20.9542.010; Sat, 24 Jan 2026

08:53:54 +0000

From: Lisa Santana

Subject:

=?utf-8?B?8J+RiU1vbml0b3IgdGhlIHZpc2l0b3JzIGNvbWluZyBvbiB0aGUgd2Vic2l0?=

=?utf-8?Q?e.?=

Thread-Topic:

=?utf-8?B?8J+RiU1vbml0b3IgdGhlIHZpc2l0b3JzIGNvbWluZyBvbiB0aGUgd2Vic2l0?=

=?utf-8?Q?e.?=

Thread-Index: AQHcjQ7u8wsMpmbo00eXBqmf7eNygQ==

Date: Sat, 24 Jan 2026 08:53:54 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: MA1PR01MB3290:EE_|MA0PR01MB7148:EE_

x-ms-office365-filtering-correlation-id: d7d97c2b-66da-4192-a3e7-08de5b261a60

x-ms-exchange-slblob-mailprops:

hnD4Fgoc1bMtdVK8JDYACURs0WiPprZ/Q6hyRDT/eaHIFZ6Joz73qkftlL2/F2soRfkVlSto47ZkHNejhkrw35hWa4qSN4+0i8fhd2k0Uzcv/GJxP6DzpDp9SJHIadEGkHrfXVznEpzCfJoaMzGjgfCrP+nprkFMguC/AIWr1W17JVXpIe13Mq0BDRUcy0Xd+s+Eaaurt+VJX1+lLeVYe4aNQJRdJAIieyq2XpomujhR1qaE8Sqtq2BzWzKKt1EyFSHCQ8XYmy21nL7KLAc25zFqbkqlpDaHgEiOg2pqypMS8Z51y/KZbPob33tbxUU+PENfoAIGTBNkWzPpB+PyCT0Z0uUPK9fPfGDmPzBccwS/AOA39WNk0vkCqGtDoMgwjI+g7D7aAPmBAeEQiZ7YknEuP3T+scBVAosk6Zkd5rd0quvYroIslz2nn/m/BsztgAzZgEkJySnabBbgpHf1EZOSOzSc4n+1OClSda0aWngnuNWAkwIaJQ94dc20rTCaZKWw2Pl336hOm8pVusIqC0BxWBfDJmgYYFgcYHJpb/9YMGZz+jGLGiUtlXOpfOEDMZ4L6WNPVTLdzp7IhCvAg67g1MOi2zC0H/OojTBB0lNQqBCG+8ohg0N90ZVgV3nH

x-microsoft-antispam:

BCL:0;ARA:14566002|20031999003|39105399006|19110799012|8060799015|8062599012|31061999003|7071999006|15030799006|461199028|15080799012|440099028|3412199025|40105399003|41105399003|39145399003|102099032;

x-microsoft-antispam-message-info:

=?utf-8?B?azZPcjRETnlRMlZZaWVBWkpJYXMwcVJSYldvdko3ZjE1RW4vTWdsbERVUXUv?=

=?utf-8?B?ek1ST0JPbG9PUVhSbFhEV0YrWTlTRmg3a1BjYjJlRVV6RHQ4NElJT292djdx?=

=?utf-8?B?QlQzMVhERzkzZmRzK2NPWlRETWxTc1VoK1l1TEdMYTlQTVdXV293V0lXbjlZ?=

=?utf-8?B?WFYxYVhuSjExWnNYRnZjdFV0UzQwazZHVm1xMWNCRVhLMXg2Nmkzdnc1ZUNs?=

=?utf-8?B?TDFXS0ZUSy92bGRPZ3R2S0FwZXcxODNNMEEvT1hZbGZqY0x3RlRiTFdyL3R5?=

=?utf-8?B?MklOQUJUYlVMTHZVajJjSU5nNDluRFM5V2poMnlaSk5XSDNJZnFuUnF3NVRy?=

=?utf-8?B?NGgya0k3NldRQWdIM0w1cFN1aFE4WjFnVS9EbEhKNk9MZlY2U3NqbnNHYmR4?=

=?utf-8?B?MHZPSXk3a2JITUt5Q1pFWHlvKzFEVitWWFRSUzBzcUtzVXpValE5WVdOVkd1?=

=?utf-8?B?cDlyUWl4MVFnY2J2Unp4UzlpWXUxMURpbyttZnFnOGdrbU9aSE9MWTFGTG0r?=

=?utf-8?B?SjdlWnVxNEZGR2M2ODhVN3gzVjFTR0kxMDJHUjFORTNBWVd3eHB1TW0rR0tj?=

=?utf-8?B?T0J2OUR5WEMwa0swdTdEQi9pRHZTd0RSVU1QcUEzMDNTWmV5WHdDTGp1V05w?=

=?utf-8?B?Y2lBQnJ0djZ0UUh6Z09KSyszWkZRWTZ1cFZhaTF1Q3pqalVWdXQwL3piU0cw?=

=?utf-8?B?cUVmU2RLTUdkVDh5SDFiV1p6VkVCZGNJZStsUEpaSXF2K2tyNUxEcEtreTNV?=

=?utf-8?B?elJIWVZzSFY5VGlIV05HQytIMCtsUEFTeEpvdUtXam9nTmszR2djblhBS3E0?=

=?utf-8?B?NDdRN3FEcTdKT0VZSkEyVDFReHJzSFlzc1h6MEYwWFluRUFKd0x1dmhscEpW?=

=?utf-8?B?Y1NGVGhIekRUQm55TWthdmNNVzVGbnNsbzF1NmwxYm11aThKRWFsWk03ZUlQ?=

=?utf-8?B?a0JCcGNDNjJQMzN1ZmdZZ1ZCc0g5WDZYUzM1QmZZcjhsOU1iTmJHem9iZ014?=

=?utf-8?B?N0ZINW9TUHY0L3lubUVaQmFSdlBGZXlZRGp2d2hFd1hQUkZJaUJzUG5Veno1?=

=?utf-8?B?MUZPK0xkS1pOdVRsRnhnUWZoWjIxdVFjZ2xJOTkxZS8wUXErUk51ZnhNTGd2?=

=?utf-8?B?b1VVVXU2MjFjVkNtSDM4UXcxakhzTnNDdVZHajAySEc3WkFCeC9PMGcxd1JC?=

=?utf-8?B?Y01XNDluVVVpVHBvdVRjN3B3QmdlZm1FSjl3TlM1RHBobzVjczFicS9DZUZz?=

=?utf-8?B?ODdodmpmdDE3c1BGbnE3V2JCbmh1K2xIaWxtdnB3aXNMYjBIZ1YxSFphd3VR?=

=?utf-8?B?V0RyV2tkWTIvNkQwd0hXd2FKeDg5Y1d1c2txSXRVaHBzRTJmbCs0bUk4cm5V?=

=?utf-8?B?OVBva2NhM3Q1eEk2d1V3RDkrYkw5WnlCaVViekZML1JDWDBPYzZ2SElOM3Zy?=

=?utf-8?B?SkJlM1B2NitNcFEvd00rOVF6bXBQRjB6aXpLVlJsOFkvbWZBK0hOSU41bVg1?=

=?utf-8?B?Ymo3bHFPdW90TkJKamlOdzQ4UUhRTlhYVnVuNVltaTU3RGUyRHg3MmlrVTZB?=

=?utf-8?B?VVkvekRFVnE5SWs4WWg4dzd0UG9YV2dab0Y0SFRlRTV5NkVONkJPbjRpOUlV?=

=?utf-8?B?ejFZVzhORndvMVJnc0lxWWlWNC9GZEl6dVVwazZpL1pGcjlCVjZ4UnF1U2dW?=

=?utf-8?B?cGdtQ1g5Tkd4RjZsdFVuWCt5QURrR0Q3SEdTZGRHdDlpdjlweFFqZ1R6ZVZp?=

=?utf-8?Q?pX+2G2IezLC2vgFNfETsDXWfhbA2k/4Lydx68wT?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

Nexcess phish from nxcli part 2

Posted by Dave Yadallee on






--=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 7bit



Account Billing Notification





body, table, td, p, a {

background-color: #ffffff !important;

color: #000000 !important;

font-family: Arial, sans-serif !important;

}

a {

color: #1a73e8 !important;

text-decoration: underline !important;

}





















Hello,

This is a notification from Nexcess Services regarding

your account billing information.

Our system indicates that some of your billing details are incomplete

or outdated. To ensure uninterrupted service, please review and update

your information.

You can access your account using the link below:

Open Billing Panel

If you need assistance, you may contact our support team at support@Nexcess.net.

Thank you,

Nexcess Services – Billing

Department



--=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit





Account Billing Notification























Hello,



This is a notification from Nexcess Services regarding

your account billing information.



Our system indicates that some of your billing details are incomplete

or outdated. To ensure uninterrupted service, please review and update

your information.



You can access your account using the link below:



Open Billing Panel



If you need assistance, you may contact our support team at support@Nexcess.net.



Thank you,
Nexcess Services – Billing

Department





--=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411--

Nexcess phish from nxcli part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 24 Jan 2026 06:50:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vje19-00000000A8d-01JT

for dave@doctor.nl2k.ab.ca;

Sat, 24 Jan 2026 06:49:35 -0700

Resent-From: The Doctor

Resent-Date: Sat, 24 Jan 2026 06:49:34 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [207.246.254.157] (port=39434 helo=cloudhost-12287959.us-midwest-2.nxcli.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjXX5-00000000C1p-3Bmm

for sales@nk.ca;

Fri, 23 Jan 2026 23:54:16 -0700

Comment: DomainKeys? See http://domainkeys.sourceforge.net/

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;

s=default; d=98ad8bfd88.nxcli.io;

b=nfWz+kzU9f0UsjkAh/cHm4fBQimDstVMV5q5ZisIjuSx7Bga4nRWtMtlhf5idvVX5QT6NNRJavxx+qyQIsHt7jFGUWqxKPMeQ/F8ZMBIpIrIAND5ugBYrjJFO9VaDa+H22563wdr8E8yHyBhNndLhjFQqJ+bviNp0RBPuRtPuOmNj/3607CdrZ7M8ZXUBX89cqR01CI4gw5086mELLyFPzkNzoQr8piK90e8zlod9Ee1eeijvEUHLqcp2/kq4Z/PIxcVMk+IG1lgJQHMKSvrojWnZaGFO4gfqddmh9O8iJGShB+M+R/4E6/ztY0j9kVh71z5yvec9GnGW4foHb3z3w==;

h=Received:Date:To:Subject:X-PHP-Originating-Script:From:Reply-To:Message-ID:MIME-Version:Content-Type:X-Mailer:X-Priority:List-Unsubscribe:List-Unsubscribe-Post;

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=98ad8bfd88.nxcli.io; h=

date:to:subject:from:reply-to:message-id:mime-version

:content-type:list-unsubscribe; s=default; bh=e81TWzBHM+HRI2mwUz

1cPDQ/Gvhe5gyJTAKFiyQEdHg=; b=zXTNevw93qt3JdqP7S/cyN9GRYeEE2/i4K

sExvJYe5LhsC1i4lxY+W/5VqSyfmHVSwAZPJFCNmRB/i839OrItUY2pIDYcveQZQ

5mhY4RWjSg8RtVip9AlFMrP75FWl3MV45nGB51utgYcBZFM0t/umUnU943Macz3B

5kH4RfNRscfoEHuhDxWvd8cMWXqsQINw4sU631qsMJb8s/m/L1G8BEWUNvieDcVl

dbEIXAIVFh/ODtFx0YUeizZYPsIyVRiO3X7a6mlEztNBtESGdnj4puljBBFU7HAX

k605jLrN27kBp8jP3oTksdR2EuyF1MM+YsuL+ddPuxQKnwr2GBvw==

Received: (qmail 15344 invoked by uid 10074); 24 Jan 2026 06:53:13 +0000

Date: 24 Jan 2026 06:53:13 +0000

To: sales@nk.ca

Subject: Action Required

X-PHP-Originating-Script: 10074:252205928608498499.php

From: "Nexcess"

Reply-To: s5h9b4b8@vms.io

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411"

X-Mailer: PHP

X-Priority: 3

List-Unsubscribe:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-Spam_score: 7.9

X-Spam_score_int: 79

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Account Billing Notification body, table, td, p, a { background-color:

#ffffff !important; color: #000000 !important; font-family: Arial, sans-serif

!important; } a { color: #1a73e8 !important; text-decoration: underline !import

[...]



Content analysis details: (7.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

[207.246.254.157 listed in dnsbl.ahbl.org]

[207.246.254.157 listed in dnsbl.ahbl.org]

[207.246.254.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[207.246.254.157 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[207.246.254.157 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[207.246.254.157 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[207.246.254.157 listed in bl.score.senderscore.com]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_IMAGE_RATIO_06 BODY: HTML has a low ratio of text to image area

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.5 TVD_PH_BODY_ACCOUNTS_PRE The body matches phrases such as "accounts

suspended", "account credited", "account

verification"

1.0 XPRIO Has X-Priority header

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 ACCT_PHISHING Possible phishing for account information

0.0 VFY_ACCT_NORDNS Verify your account to a poorly-configured MTA -

probable phishing

0.9 URI_PHISH Phishing using web form

Subject: {SPAM?} Action Required

Computer parts phish from Google Gmail Part 4

Posted by Dave Yadallee on


height:224px" aria-controls=3D":2qe" aria-expanded=3D"false">

il-:q9" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS=

-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multilin=

e=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-con=

trols=3D":2o0" aria-expanded=3D"false">

-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-=

label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D=

"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":2lm" aria-ex=

panded=3D"false">

editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body"=

role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction=

:ltr;min-height:224px" aria-controls=3D":2iv" aria-expanded=3D"false">

id=3D"gmail-:nx" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf=

gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria=

-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px"=

aria-controls=3D":2g4" aria-expanded=3D"false">

s=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS=

-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" t=

abindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":2d=

d" aria-expanded=3D"false">

L gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Mes=

sage Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D=

"direction:ltr;min-height:224px" aria-controls=3D":2am" aria-expanded=3D"fa=

lse">

mail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"te=

xtbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-he=

ight:224px" aria-controls=3D":288" aria-expanded=3D"false">

-:tj" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-t=

W gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=

=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-cont=

rols=3D":25h" aria-expanded=3D"false">

-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-=

label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D=

"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":233" aria-ex=

panded=3D"false">

l editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body=

" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"directio=

n:ltr;min-height:224px" aria-controls=3D":20p" aria-expanded=3D"false">
id=3D"gmail-:10t" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-a=

vf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" ar=

ia-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224p=

x" aria-controls=3D":1xy" aria-expanded=3D"false">

ass=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-=

tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true"=

tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":=

1v7" aria-expanded=3D"false">

-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"=

Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=

=3D"direction:ltr;min-height:224px" aria-controls=3D":1sg" aria-expanded=3D=

"false">

e gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D=

"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min=

-height:224px" aria-controls=3D":1pp" aria-expanded=3D"false">

ail-:10r" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-=

tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multil=

ine=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-c=

ontrols=3D":1ml" aria-expanded=3D"false">

il-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" ari=

a-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=

=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":1k7" aria=

-expanded=3D"false">

l-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message B=

ody" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direc=

tion:ltr;min-height:224px" aria-controls=3D":1hg" aria-expanded=3D"false"><=

div id=3D"gmail-:112" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-L=

W-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox"=

aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:2=

24px" aria-controls=3D":1ec" aria-expanded=3D"false">

class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gma=

il-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"tr=

ue" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=

=3D":1bl" aria-expanded=3D"false">

gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-labe=

l=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" =

style=3D"direction:ltr;min-height:224px" aria-controls=3D":19n" aria-expand=

ed=3D"false">

itable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" ro=

le=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:lt=

r;min-height:224px" aria-controls=3D":188" aria-expanded=3D"false">

=3D"gmail-:114" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf =

gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-=

multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" =

aria-controls=3D":16t" aria-expanded=3D"false">

=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-=

tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" ta=

bindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":15g=

" aria-expanded=3D"false">

gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Mess=

age Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"=

direction:ltr;min-height:224px" aria-controls=3D":141" aria-expanded=3D"fal=

se">

ail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"tex=

tbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-hei=

ght:224px" aria-controls=3D":12h" aria-expanded=3D"false">=C2=A0Hi,

=

For sell

All units are clean pull tested, confirmed to be in good wo=

rking condition, and come with a 3-month warranty.


SK Hynix 128G=

B 2S4RX4 PC4-2666V=3DLB1-11
QTY: 2400
=E2=80=8EPRICE: $85 each

>
Samsung 64GB DDR4 ECC RDIMM =E2=80=93 3200MHz
P/N: M393A8G40AB2-CWE=


QTY 1760 =E2=80=8EPRICE:80 each

Samsung Enterprise-grade Solid S=

tate Drives (SSDs) Condition:
New

PM893 2.5" 3.84TB(SATA6.0G=

bps)
QTY 1.300 =E2=80=8EPRICE:300 each


PM893 2.5"7.68TB =

SSD(SATA6.0Gbps)
QTY 2000 =C2=A0=E2=80=8EPRICE 500 EACH

PM983a 2.=

5"7.68TB SSD(PCle Gen3)
QTY 945 =C2=A0PRICE 500 EACH

Conditi=

on:Used SK hynix 64 4DRX4 PC4-2933Y-LD2-12
=C2=A0HMAA8GL7CPR4N-WM TG AC =

2005
=C2=A0QTY1000 =E2=80=8EPRICE: 120

Condition:Used SK hynix 64=

GB 2RX4 PC5-4800E-RAD-09
HMCG94MEBRA109N AA
QTY2350 =E2=80=8EPRICE:12=

0 each


Condition:Used SAMSUNG
DDR5 EC8 RDIMM
32GB 2RX8 PC5=

-5600B-RE0-1010-XT
M321R4GA3PBO-CWMQH NA1TD200,
QTY.1690 =E2=80=8EPRI=

CE: 60

Regards,
Kelly Combs
COMPUTER WAREHOUSE
4698 Nichols=

on Ave, Kansas City,
MO 64120, USA.
+1 (816) 295-9202

http://www.computerwarehose.com">www.computerwarehose.com

"mailto:sales@computerwarehose.com">sales@computerwarehose.com

iv>
=


iv>=


iv>=


iv>



--000000000000315991064916a927--