Chinese Products spam

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:02:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbg9o-00000000NGB-3nGM

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:01:52 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:01:52 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mta43-63.mmglsmd.net ([103.37.43.63]:55053)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbfGe-00000000C1A-1CeX

for root@nk.ca;

Mon, 22 Jun 2026 08:05:00 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;

d=hn.threeway-pipe.com; i=@hn.threeway-pipe.com;

q=dns/txt; s=umail; t=1782137042; h=content-type :

mime-version : message-id : reply-to : subject : from :

to : date : subject : from : date;

bh=PlUEGZPBM4N1vYDzWpb65I9mLJap8TAY4nC8Q7uuXZE=;

b=cdDGWqNHOqhg2hfLvanGMHleFA6Lo5MOrsBlv90eFIvuhl63V2VXgAo8

kgQ2gDXDfxwCpi+T4I2p5QqS9Uqb6DGMj/VkHfqUoNQhw3ZGAvqdaP0RpR

p9NLTcQbq8yFF4pMxJL7cfJiCkHcptG8EQakjNJpj6vyyP7usj2t2T278=

Received: from helo (unknown [127.0.0.1])

by smtp.hn.threeway-pipe.com (Postfix) with ESMTP id qGokpPBHmexl

for ; Mon, 22 Jun 2026 22:04:02 +0800

Content-Type: multipart/mixed; boundary="===============3627567543641820540=="

MIME-Version: 1.0

Message-Id: <20260622220402.99860-{13453:20260622220231-13453-19}-0048485@hn.threeway-pipe.com>

Reply-to: sophia@threewaysteel.com

Subject: =?utf-8?q?Re=3ASpecialty_Alloy_Steel_Pipes_=E2=80=93_Alternative_Source_f?=

=?utf-8?q?or_Canadian_EPCs?=

From: Sophia-Threeway steel

To: "www.nk.ca"

Date: Mon, 22 Jun 2026 22:04:02 +0800

Mail-ID: 6a3940bee1382308adf08436

X-Spam_score: 13.3

X-Spam_score_int: 133

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Dear Purchasing Manager, Good day !

Content analysis details: (13.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

[103.37.43.63 listed in dnsbl.ahbl.org]

[103.37.43.63 listed in dnsbl.ahbl.org]

[103.37.43.63 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: shinestarsteel.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: count.shinestarsteel.com]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[103.37.43.63 listed in bb.barracudacentral.org]

0.6 URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist

[URI: ns17.xincache.com/112.80.181.45]

[URI: ns18.xincache.com/112.80.181.111]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[103.37.43.63 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

3.4 RATWARE_RCVD_PF Bulk email fingerprint (Received PF) found

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.6 J_CHICKENPOX_45 BODY: 4alpha-pock-5alpha

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} =?utf-8?q?Re=3ASpecialty_Alloy_Steel_Pipes_=E2=80=93_Alternative_Source_f?=

=?utf-8?q?or_Canadian_EPCs?=

Dear Purchasing Manager,

Good day !

This is Sophia from Threeway steel .

We understand Canadian buyers are facing steel import quota restrictions (only 20%-50% of 2024 levels).

To help you navigate this, we offer specialty steel pipes that are less commonly produced in North America:

High-strength alloy: P620 / P690 / 10CrMo9-10

Sour service: API 5L X65/X70 with NACE/HIC/SSC

Marine grade pipes (ABS/DNV/Lloyd's certified)

Our products are not subject to standard TRQ competition. We can provide EN 10204 3.2 and work with your EPC requirements.

Do you have any upcoming projects requiring non-standard grades? A brief call might be valuable.

Best regards,

If you have any inquiry, pls keep me posted. Thank you.

Wish you have a nice day.

Best regards,

Sophia Zeng

Sales Manager | Industrial Pipe Division

Threeway Steel Co.,Ltd

Tel:+86-731-88736283 Fax:+86-731-88896236

Mobile : +86-13544036536

Email: sophia@threewaysteel.com

Website: www.threewaysteel.com

Skype: zeng.sophia1 Wechat:meiping77

Hunan Steel Industrial Zone, Tianxin Special District,

Changsha City,China

MAlwarebytes premium phish from Google Gmail Part 2

Posted by Dave Yadallee on Monday, June 22. 2026

Amarpreet Wutkowski has invited you to Customer Account Update

Title: Customer Account Update

When: Monday, June 22, 2026 at 20:58

Organizer:

Amarpreet Wutkowski

Description:

Malwarebytes Premium Upgrade Confirmation

Upgrade Date: Monday, 22 June 2026 21:58:07

Upgrade ID: LUX0STIQ5LNY6

Premium Support: +1 (810) 228-1548

Congratulations!

Your account has been upgraded to Malwarebytes Premium Plus. The upgrade fee of $199.99 USD has been applied to your account.

Upgrade Summary:

Account ID: RXURBI66

New Plan: Premium Plus

Features: Real-Time Protection + VPN

Billing Cycle: Annual

Upgrade Charge: $199.99 USD

Security Token: 04e19401-667f-47fe-9658-c4b4e3ea5223

Your upgraded features are now active. No further action is required.

Questions? Call us at +1 (810) 221-9463.

Cheers,

Malwarebytes Upgrades Team

Lead: David Park

Attendees:

doctor@nl2k.ab.ca

Customer Account Update

Malwarebytes Premium Upgrade ConfirmationUpgrade Date: Monday, 22 June 2026 21:58:07Upgrade ID: LUX0STIQ5LNY6Premium Support: +1 (810) 228-1548 Congratulations! Your account has been upgraded to Malwa

Malwarebytes Premium Upgrade Confirmation

Upgrade Date: Monday, 22 June 2026 21:58:07

Upgrade ID: LUX0STIQ5LNY6

Premium Support: +1 (810) 228-1548

Congratulations!

Your account has been upgraded to Malwarebytes Premium Plus. The upgrade fee of $199.99 USD has been applied to your account.

Upgrade Summary:

Account ID: RXURBI66

New Plan: Premium Plus

Features: Real-Time Protection + VPN

Billing Cycle: Annual

Upgrade Charge: $199.99 USD

Security Token: 04e19401-667f-47fe-9658-c4b4e3ea5223

Your upgraded features are now active. No further action is required.

Questions? Call us at +1 (810) 221-9463.

Cheers,

Malwarebytes Upgrades Team

Lead: David Park

When

Monday Jun 22, 2026 ⋅ 10:58pm (Eastern Time - New York)

Organizer

Amarpreet Wutkowski

amarpreetwutkowski@bet30x.com

Guests

(Guest list has been hidden at organizer's request)

Reply for doctor@nl2k.ab.ca

Yes

No

Maybe

More options

Invitation from Google Calendar

You are receiving this email because you are an attendee on the event.

Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

MAlwarebytes premium phish from Google Gmail Part 1

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:02:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbg9b-00000000NFr-2aLY

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:01:39 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:01:39 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f200.google.com ([209.85.222.200]:47269)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbfBM-000000007In-02H3

for doctor@nl2k.ab.ca;

Mon, 22 Jun 2026 07:59:34 -0600

Received: by mail-qk1-f200.google.com with SMTP id af79cd13be357-9158e75cbc0so735669185a.2

for ; Mon, 22 Jun 2026 06:58:36 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1782136710; x=1782741510; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=g7xqisWvQ3wzonZ+Cxc16NdjFKEwDrEf8GaaJ3LjLhM=;

b=hphQMN+6Y552sS/fzzu58xYzt6pVldqA2GI3QBItdLD4RdGco/ZifXcjeygRufpEG1

JOk6C239behuldJpgi77wz1yMIDVJuG/FlbLVTf/m8yKuO4uJ5neAW+C7IC42HyVgE/0

7SIf46yiXErn6w3hwUpCMP672aGt0qlXlJSpLiXu+ySUntJtINwJKrduCq4bBrNsjnp7

FxszKyr9D9WqqsFiGU04IIwqAVg4YX0tGCGD9LXnxzCWoL8YeOvj75Hf5ypp8CnqcwHu

4EFUtaXHwdFtic0tZz0EoPEpK3+VbT3a2rE/ZA8VFWdCsOcAe+1V4FuRd7vP2V1ob+2n

rIGg==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=bet30x-com.20251104.gappssmtp.com; s=20251104; t=1782136710; x=1782741510; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=g7xqisWvQ3wzonZ+Cxc16NdjFKEwDrEf8GaaJ3LjLhM=;

b=k1QM+VcBX/ky8Ym1Qvi36gVh9LkK7huoPjt076EoyINNmX5losrK7ypQRSmkJFaR2e

BdbizY/J6wLY3onr/VgbBF7q7r9ui6Qx0GiZNgpCoFvKDlpcSB3du1NLkPKwhSYr/B/2

CKQPvxy3sj2+Kk8X3LyQ0llt2hbjCjonupyuZUqnbD0jY4iE2sU0XmpsKA4KTLkaElRV

hI0Qoi+lxKRs1Ww4Ok0v89IV/hLX096UcTRY8HYsfxJ5BmO78X5Y7EykDc3Ie5i5L+nC

xjudtSh0cXDwPi/p08/CVHTedZkptMwh0IOtqT+KEQayPVvmg3gIfGty4G/1Ae1MiVMG

IdGA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782136710; x=1782741510;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=g7xqisWvQ3wzonZ+Cxc16NdjFKEwDrEf8GaaJ3LjLhM=;

b=bGCYv5vdhwVBEIZmh/6emFXlJyjllyAHsHSY4xlNmO6yHc6YHT96zUubyyXondhnP2

q9Bjj1eaIieQMtjyVLPFySCdbvKdHz5oYEsqQLcMcg35iF1UsEVVC4DCwDL8Nic3W7am

/EDZ4J/7zSGLFERCbRZ0ZJSLQ17/43A8Jlhjx8krTGoz6KrvKtN+WDpGe2RQjwj6aE+p

PZHnCNNaUuAhqD/RLLGJYQ7knU/OpRXeZIkaoWZZjmqBsQzzVh7nOTiZQK2kEIy5kxYL

2yEdqnlXRc9vc+9DwkDNcmGgKrZLEt/Zy8gbprIoEKhLITtwQPBGkzv3r2HpPSVhyd+6

0KaA==

X-Gm-Message-State: AOJu0Ywx4k1nY338aW/FHyaY8V7lZiN7EhvC3/cq5jg9duvPgIICgl2K

aSz+MvGXthUUKOpybQv5E7f1tl6Uq6QEYIF8+66xR/cL0PW7xgEK1ssAfd0Yeb6lHtrTLwbbpcw

MPMotHEVWIZFJPDDiqS0q75mneHt93ZyrzFaS+GLGekyuflhQLUjHAT8w

MIME-Version: 1.0

X-Received: by 2002:a05:620a:17ab:b0:90f:5da3:950e with SMTP id

af79cd13be357-920d1ce4e64mr2054388485a.9.1782136710316; Mon, 22 Jun 2026

06:58:30 -0700 (PDT)

Reply-To: Amarpreet Wutkowski

Sender: Google Calendar

Message-ID:

Date: Mon, 22 Jun 2026 13:58:30 +0000

Subject: Invitation: Customer Account Update @ Mon Jun 22, 2026 10:58pm

(GMT-4) (doctor@nl2k.ab.ca)

From: Amarpreet Wutkowski

To: doctor@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="0000000000008f50540654d809ef"

X-Spam_score: 7.0

X-Spam_score_int: 70

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Customer Account Update Monday Jun 22, 2026 â‹… 10:58pm Eastern

Time - New York Malwarebytes Premium Upgrade ConfirmationUpgrade Date: Monday,

22 June 2026 21:58:07Upgrade ID: LUX0STIQ5LNY6Premium Support: +1 (810) 228-1548

Congratulations! Your account has been upgraded to Malwa [...]

Content analysis details: (7.0 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

[209.85.222.200 listed in dnsbl.ahbl.org]

[209.85.222.200 listed in dnsbl.ahbl.org]

[209.85.222.200 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.3 LONGWORD BODY: Uses overlong words

0.6 MEGALONGWORD BODY: Uses really overlong words

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.200 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.222.200 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 TVD_PH_SUBJ_META1 Email has a Phishy looking subject line

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Invitation: Customer Account Update @ Mon Jun 22, 2026 10:58pm

(GMT-4) (doctor@nl2k.ab.ca)

Dragonfly/Intecom phish

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:32:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgco-000000000GP-1bMx

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:31:50 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:31:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from srv1.whitednsservice.com ([38.46.221.25]:54976)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgYy-00000000PiP-19Z4

for sales@nk.ca;

Mon, 22 Jun 2026 09:28:01 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=tarafdarnet.com; s=default; h=Content-Transfer-Encoding:Content-Type:

MIME-Version:Message-ID:Subject:From:To:Date:Sender:Reply-To:Cc:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=5NxtC3SMJnR9/A2YVxyZ6t0ZkftUHEGWtEBfBFtlvIg=; b=cKWxVvmtQskOv5NVduTuVwWOBj

2bEfFl82C2+9QTuxL+h71ySrCYW6KJEXSV/Ljy5BcT884fZaOCmlB4i2JEsX36ERlhf3ek/nB/8Sv

SEEp93aGoXpCdlvm1C3EzLWVv8mjRtj6CFOXSHEeCAOMKDn5bLkXtxSz+C4d+cvPGZlhs9D00OwRn

l7rv70Ag3Lw9G8bKctnB9i6/qeKjNbm6CDnnmA/FIr8pKmIpXrQlUZFaqcciMT2soldNxOJE1ez6m

/kSuzgsMjLCViRz5fz9HJj55ygLvx4VzapVxxByMUNo/2pyUBsCe8idf4x7tc5Bx00YLFigVJJtIc

PqwSSl2A==;

Received: from [196.64.115.251] (port=60597 helo=127.0.0.1)

by srv1.whitednsservice.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.4)

(envelope-from )

id 1wbevp-0000000DC3F-2JAP

for sales@nk.ca;

Mon, 22 Jun 2026 09:43:21 -0400

Date: Mon, 22 Jun 2026 15:40:05 +0200

To: sales@nk.ca

From: Intelcom

Subject: Intelcom Delivery Notification

Message-ID: <1d24f63d0444772ed2aca9cc9024a309@tarafdarnet.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1e07445f4b4e9234a4a1c733b6a047385"

Content-Transfer-Encoding: 8bit

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - srv1.whitednsservice.com

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - tarafdarnet.com

X-Get-Message-Sender-Via: srv1.whitednsservice.com: authenticated_id: admin@tarafdarnet.com

X-Authenticated-Sender: srv1.whitednsservice.com: admin@tarafdarnet.com

X-Source:

X-Source-Args:

X-Source-Dir:

This is a multi-part message in MIME format.

--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

Intelcom

Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.Manage My Delivery

This is an automated message. Please do not reply.

Â© 2026 Intelcom Express

--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

Intelcom

Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.

Manage My Delivery

This is an automated message. Please do not reply.

--1e07445f4b4e9234a4a1c733b6a047385--

Dragonfly/Intelcom phish

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:32:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgco-000000000GP-1bMx

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:31:50 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:31:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from srv1.whitednsservice.com ([38.46.221.25]:54976)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgYy-00000000PiP-19Z4

for sales@nk.ca;

Mon, 22 Jun 2026 09:28:01 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=tarafdarnet.com; s=default; h=Content-Transfer-Encoding:Content-Type:

MIME-Version:Message-ID:Subject:From:To:Date:Sender:Reply-To:Cc:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=5NxtC3SMJnR9/A2YVxyZ6t0ZkftUHEGWtEBfBFtlvIg=; b=cKWxVvmtQskOv5NVduTuVwWOBj

2bEfFl82C2+9QTuxL+h71ySrCYW6KJEXSV/Ljy5BcT884fZaOCmlB4i2JEsX36ERlhf3ek/nB/8Sv

SEEp93aGoXpCdlvm1C3EzLWVv8mjRtj6CFOXSHEeCAOMKDn5bLkXtxSz+C4d+cvPGZlhs9D00OwRn

l7rv70Ag3Lw9G8bKctnB9i6/qeKjNbm6CDnnmA/FIr8pKmIpXrQlUZFaqcciMT2soldNxOJE1ez6m

/kSuzgsMjLCViRz5fz9HJj55ygLvx4VzapVxxByMUNo/2pyUBsCe8idf4x7tc5Bx00YLFigVJJtIc

PqwSSl2A==;

Received: from [196.64.115.251] (port=60597 helo=127.0.0.1)

by srv1.whitednsservice.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.4)

(envelope-from )

id 1wbevp-0000000DC3F-2JAP

for sales@nk.ca;

Mon, 22 Jun 2026 09:43:21 -0400

Date: Mon, 22 Jun 2026 15:40:05 +0200

To: sales@nk.ca

From: Intelcom

Subject: Intelcom Delivery Notification

Message-ID: <1d24f63d0444772ed2aca9cc9024a309@tarafdarnet.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1e07445f4b4e9234a4a1c733b6a047385"

Content-Transfer-Encoding: 8bit

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - srv1.whitednsservice.com

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - tarafdarnet.com

X-Get-Message-Sender-Via: srv1.whitednsservice.com: authenticated_id: admin@tarafdarnet.com

X-Authenticated-Sender: srv1.whitednsservice.com: admin@tarafdarnet.com

X-Source:

X-Source-Args:

X-Source-Dir:

This is a multi-part message in MIME format.

--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

Intelcom

Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.Manage My Delivery

This is an automated message. Please do not reply.

Â© 2026 Intelcom Express

--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

Intelcom

Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.

Manage My Delivery

This is an automated message. Please do not reply.

--1e07445f4b4e9234a4a1c733b6a047385--

leads spam from Yahoo!

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 06:43:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbdzA-00000000J3L-26v9

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 06:42:44 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 06:42:44 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic308-19.consmr.mail.sg3.yahoo.com ([106.10.241.209]:45655)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbdZu-00000000IDI-2Ioe

for sales@nk.ca;

Mon, 22 Jun 2026 06:16:48 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1782130542; bh=eGnC4RO8vEwHtgbT3OIdPRKLtiAkhz0bMU8roVStKDQ=; h=Date:From:References:Subject:From:Subject:Reply-To; b=J4sK9sFMEtGQyrk9v3nk1DU4WRy//VhyylK4DICteWrtFSQsVsIJSR7bi37LkOhYJ0DnGn2WPIIOqw1uZC0BdjqctevaqQcoV2E0MyWPNpOa07zjr8GRtMWC7DEEIFm+tbaciuupPQMbIjw37x65fdrOns4uOPPd3hldPfMq6a3bnkLfmvaI7IcM+KAS8ySiXmMDKrzHibar60L0Xo/DDb4rs8TpLPRFxhFQNBolACiSwUUvR406FSk33Le/zkXPn6UoORIIyInytB+L5btb7mV1CJn0qA8L6mq8Iqkw7wzPKstuGm6f1Ds81nxK4Og/O9nHKiSGHpsj8Hd3NUSONQ==

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1782130542; bh=586HspydFyMyZova3mIeLGiKQ98cgKLa5m2YNxJKnFO=; h=X-Sonic-MF:Date:From:Subject:From:Subject; b=eMmCml4kjPNWyHRtr7pptxm52Fp1sVBecGyO/v7kkprzALC1EghgjnLECmxam6YwFwoTiGS77DImXjjchYwc05FcDpErR3LDBbsNHn11pU6fnMpXBxNr0cWbNiKGLK0/HFuB9iALNoLxzqPsDshUb0UAA8OMEfFE+CNET+dj28AzUfmDQEeCajbSSWpuXHeavzSGXJfVEDWLhBD69jE4zfCTM0uCoFIUCZjdlCQvbJyyCgEDfkDNM+hfIbNQwblw5MHJ39rx62UltnJoYJGfLba4ClEImnEDuUe9Tgl7+J0M7Zg4a/6r1Df9xCl44onbQm6eGR9mb8lu64qCwa90HA==

X-YMail-OSG: YTZVD6kVM1kf0JBuhL9f90TMJxDxajMct_wIp8y2Xc_pjK2Y1l4.cFl4seoPnPj

fjJsSnkha_jKvUT1gSWS9VewRJPc0li1cMEu5YCL8YrbhlZaeexSc5tNYUjtlSl9jqV.dg7heLro

Ck3pMKGRx6Ru3tFdW7Rx7BR7nzb3sD2Nuwp2HdFVPehbJipdtvXZynv6cZ.ZtK9L4gznaifTJsgB

h396Cnz9S3Yq0ZQNg7kOvmWPSUThMKKQ_dMeSt7Oz7kWNbAbhD63GAoLSsBhxWOrM37PhjCCw_1d

k4mX3dZJoBPp0865SZidKHrQrKPfE.6xcOCyIo76bgtUbUGgAbwrko8Mzq_QEmEwud2zq66ejGTU

L243d0EQYKjRg2O4iC_xgOp1FcGE3f4_nAKRJa1vdy7gGB08efGTvIhj3EHZvjZ9asVu3U08kO2f

SCaeALgxkMZg1ScZww_7pfFEcp2xbUbAOf2CctePt54a.PkLPiNSMIC3ZirO0ptETtwCw2nJV7iL

kICPwods6DYmPB2eqWlBpaXKu5wcG6FOHUQJOvDWL6wRJrWHyTJzmsKSJR1aYGzglYyd6oRtdmFf

2DCY_RReLYqKISQPFG4OoOYIcZ29d2xbK8NvQx__U8NWTvAfPk2dYg.NeGV3NbOKbrnWfoHAYm.i

swPiEqEg8ahGvKxaCGx_BunynyCDyRLagJQDWRMRR4GoIYiAHnQWAhNi3PeEnUkJ2DGv.h3IYBkE

h.M4ekHkcvIxJcvMJO1kX9zwxxb2eABFPEdMl4t2e.F369MRdhUXINkTiPcSiYgdA8E4eosRgPyt

PKpdoOKRBCG6vZrqBZpg7Wuk3QNKZs6R8XqmHriIe.Sdms79roxYNtGt0N0o0lL9hnnNOS65sIzY

cD6_dk7zQqVP6CgtL6m4kBTcAogjc62XquXfqBD4o_bxnk9.HNIoUXN2jpeh1TjhlKLTvEOl6z25

XrzQjzysItbHU.I_CQhCvNBZfi2Qm6yHZQEeCcp68.h0An2gA6tU7Jx9XR3jrk0gAh0RfADUwjLr

4y3KUOliSNxv.JZKoukcC7FgawLN2aTQnRyuEciwp7Eb.ek1ewuDaSBsYUJE2oItEo9U.aN_ksFs

e3Y0R6uVobpBLgJ5lmYVgit5qJE6.UiKvGvEt2_aGc17U_HrrPh.F7ju7dW6PBMijLottFrk148n

poSBlkR74J7n.H7yyqcw5i43F3nXJ10TowcnhFx2VmOJHQ6Tjc_WkdjV8JpxoWrM0jTqhvRvDcqj

L_bhp5UPfS5xYavC68fSvSyUlkex_YYh7yVM60FQRCOknG46fJ.BLmboU7zv14mb7Hdj3l8QGLhL

RCDpv7atBRkAjCOmo9Ep8D3v.QtLP0ARqnMsGXZgEQjiCT5Cibs7qfzZwJSKwEbgpI6Y8hNpWqN1

k9NoQ5_otz87R0j.yRQL7F1zJdrWRpAab5vGKFgiKmLBuuF07Fr7QhT7p3VW32kVv1XJm_cGdSYt

nHB5XGICur1YI3dGZ7oxLfG087f1Xo6_LerulVJX0aCjfjh.tfq.b6KfUV0X2GWC1F_leRRSNil1

TtuWu1MAeBROYYNlXQg0434WZoyXdQ5.SCKqX8cVhJMgkKJ6CK83YGhYxld4.JlbSA0j_70Q.KdK

CEViC7dJe6pbPlXRBoGL6fL05e.gjms6tFBEMHZJ6XzaP.HuEgEpvfsatf_ShMs.BsHon83H36P5

kxsNbULzewT4IPRmkWdT_7ug.b6ctvEdZcECJYc0oq9utEP_OFXc8tXMoDc3jBzIx.DgIgL8bVT6

pGhm.bnmW4K8MBs2l_UQVxec6eUvuoEvhzfbDfGKNYuMDRbxgN6OSoi2A5K4SgsM8Ot.UN9vIr1C

pDfZ15B93THBIEZEqdPDJ_1qkgjEUSev2NAqK.JBQsOtoSziA_2I0y.QwKbI6Am7zWf2fO_7LWY1

ak9ZCHrrskobVP0BD7k1iIXnQvoJTc38atLJ9y9xlPc98RuWLXcixHUqCIN6x3TrzssbSnyePfv3

YootSc3KpDylZRYhO01ZmGGsbDGajQ02Vy3b.GGvQlOEZhbll9WwXUF6qlLkKFgx5_ULPOWVh84W

2KLEjQOAMF0hCnihNjlR0SAFKAkIo0vuoP5vR8icZgK.88JWBg9Bs05O4ebu.J4aG.pOAdCU5wA7

r4xoU.cfPnotJnMb6smRgQhyJNRhtKEWE3u0gTIN6LW8OZpHy2_4O5b.rwSor0JY_C1xGVm6rd4z

Q.KE-

X-Sonic-MF:

X-Sonic-ID: 27fcedac-606c-4578-99ad-07d533efaf34

Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.sg3.yahoo.com with HTTP; Mon, 22 Jun 2026 12:15:42 +0000

Date: Mon, 22 Jun 2026 12:15:39 +0000 (UTC)

From: vinod kumar

Message-ID: <138926459.539178.1782130539672@mail.yahoo.com>

References: <138926459.539178.1782130539672.ref@mail.yahoo.com>

Subject: =?UTF-8?Q?Get_8=E2=80=9310_quality_leads?=

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_Part_539177_581140564.1782130539671"

X-Mailer: WebService/1.1.26016 YMailNovation

------=_Part_539177_581140564.1782130539671

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable

Hi,

We can placeyour website on Google 1st page.

8=E2=80=9310 leads aweek (max 15=E2=80=9320 days after we start our work)

=C2=A0 1. S.E.O Rankhigher

=C2=A0 2. Get 8=E2=80=9310quality leads

=C2=A0 3. Boost onlinevisibility

=C2=A0 4. Meta ads/Google ads

If you'reinterested, I can share our package and price details.

Thanks

Vinod

------=_Part_539177_581140564.1782130539671

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: quoted-printable

ly:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;">

=3D"ltr" data-setdir=3D"false">

style=3D"font-family:"Calibri","sans-serif";mso-fareas=

t-font-family:"Times New Roman";mso-font-kerning:0pt;mso-ansi-lan=

guage:EN-US">Hi,

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">We can place

your website on Google 1st page.

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">8=E2=80=9310 leads a

week (max 15=E2=80=9320 days after we start our work)

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">
an style=3D"color:#00B0F0">1. S.E.O Rank

higher

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">
an style=3D"color:#002060">2. Get 8=E2=80=9310

quality leads

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">
an style=3D"color:#00B050">3. Boost online

visibility

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">
an style=3D"color:#E97132;mso-themecolor:accent2">4. Meta ads/Google ads
pan>

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">If you're

interested, I can share our package and price details.

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">Thanks

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">Vinod
=3D"EN-GB" style=3D"font-family:"Calibri","sans-serif""=

>

------=_Part_539177_581140564.1782130539671--

WEb/SEO/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on Monday, June 22. 2026

________________________________

From: Alok Kumar

Sent: 19 June 2026 12:09

Subject: SEO Proposal?

Hi,

I came across your website and wanted to reach out.

If you're interested, I can send information about our SEO services and pri=

cing.

If you'd prefer not to receive emails from me, simply reply with "No thanks=

" and I won't contact you again.

Kind regards,

--_000_TY0PR04MB73504AD188FB2B50CF51B52D82EF2TY0PR04MB7350apcp_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

>

>
lack;">Hi,

ite; margin: 0cm;">

ack;">

ite; margin: 0cm;">

ack;">I just wanted to check if you received my previous email.

ite; margin: 0cm;">

ack;">

ite; margin: 0cm;">

ack;">If you're interested, simply reply with "
ont-family: Calibri, sans-serif; font-size: 11pt; color: rgb(12, 136, 42);"=

>SEND
ze: 11pt; color: black;">"

or "
: 11pt; color: rgb(12, 136, 42);">P
: Calibri, sans-serif; font-size: 11pt; color: black;">roposal,"=

; and I'll share the details. If not, just reply

"
1pt; color: rgb(222, 106, 25);">REMOVE
ily: Calibri, sans-serif; font-size: 11pt; color: black;">" or "<=

/span>
or: rgb(222, 106, 25);">NO
, sans-serif; font-size: 11pt; color: black;">."

ite; margin: 0cm;">

ack;">I'm waiting for your response!

ite; margin: 0cm;">

ack;">

ite; margin: 0cm;">

ack;">Thanks!

yle=3D"font-size:11pt" color=3D"#000000">From: Alok Kumar

Sent: 19 June 2026 12:09

Subject: SEO Proposal?

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">Hi,

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">I came across your website and wanted to reach out.<=

/span>

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">If you're interested, I can send information about o=

ur SEO services and pricing.

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">If you'd prefer not to receive emails from me, simpl=

y reply with "No thanks" and I won't contact you again.
>

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">

ckground-color:rgb(255,255,255); margin:0cm 0cm 0.0001pt">

color:rgb(112,48,160)">Kind regards,

--_000_TY0PR04MB73504AD188FB2B50CF51B52D82EF2TY0PR04MB7350apcp_--

WEb/SEO/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 05:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbcvC-00000000GXJ-42p1

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 05:34:34 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 05:34:34 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19013078.outbound.protection.outlook.com ([52.103.43.78]:32149 helo=TYDPR03CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbbev-00000000NmW-3mbD

for root@nk.ca;

Mon, 22 Jun 2026 04:13:52 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=fxiEwh3QcXtvgB07CeHkgSCEJQ11fC7YqNdGitPscOx/1fkht0NoR6PenhDsjDA3XLt5ZHAbhfnDEyF9z0MioPjLJm3RRan6l2lzxCs/jB1zPS9MmczNY7a84u4Q1IqoLKSL45zRUbPBJXPIb7hJN6bYsYtMSorEIG4GB3R0dqAifVKsPn47wKVsaiFlQVFXoBCTtfTDV0aV+qfqe5NbRPgWtdklpKpXG2/CzEJqxvX4xkcDD6byHhnk/r3aZVhmRcoIlJabDghwptBuwGxhkdqU7SmWQlozBMDzp+JiXaiDPuRhaOJvB1mb5VgB4vJT3DW29Y8q/+EDfsBcuxgpwg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=oYJhIEJ6YwKW2BN3Q+UySXRcijJ6TDEz9nGXn5MzK7w=;

b=qtqdWcPUbDM0MzEo0WORSXxkTlm3GibWr8qlLyb/2LjGjjwKFaOeaTU1VszjMGeqGFDi10EiDdZnH/bKkWM0iwAKX/JuQoSr/yJbY0dI/EeWqGPaMITZG4vW7igme7HGj448J1LeWu2IaxxnS627p/nnCBAiK4FcZVCjFLgk/fKF7URTxX7iUvgzbEOCN+bqKC+8F4FcphkLEVw/YGkk5DEIZUvNo71HtW5/C4MXmDYlb1RbPNPrfpsB0B7ZX8+EKo4TEIArWrpnAfqCcX02k+ZWj6ijxtkhiczR/6C2/XEGl/l451MPC70FILegGu8SrLMD+GKz/KU9YmIu0FKqqQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=oYJhIEJ6YwKW2BN3Q+UySXRcijJ6TDEz9nGXn5MzK7w=;

b=fd385fNQGTOardcx1FHGOCL1QcOdNwTDX9QQv36hkm0qtZJXn2NJQj7yJg+EwGlTbaweZ2MjVGi+/cslne3nHfOLAcCxZXPNBCjHPsrh18lDNOsfM67ui7uayuRufh0CgcNUGj+xiucBt9sP6YXY2AMnBBvmultQQprAVJnNR6IoipM5h+Pyjuw6LxnxSgr4qh77ElXDjiNe3X43LZ3gqH1fqvh3x74v4+8NBKliKLs3Hy8qxY3/bA3maTN+wuobiZcgxFTxaW42IgkfQnuu7GGpYLSbj4rSio+muUvJfwDBhfY+83oh0LjHgmkDgU/pY6kC3r7aUynxnTf9g74iIQ==

Received: from TY0PR04MB7350.apcprd04.prod.outlook.com (2603:1096:405:16::13)

by TYZPR04MB6787.apcprd04.prod.outlook.com (2603:1096:400:340::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.139.19; Mon, 22 Jun

2026 10:12:10 +0000

Received: from TY0PR04MB7350.apcprd04.prod.outlook.com

([fe80::7b6:9784:4d31:586f]) by TY0PR04MB7350.apcprd04.prod.outlook.com

([fe80::7b6:9784:4d31:586f%6]) with mapi id 15.21.0139.018; Mon, 22 Jun 2026

10:12:09 +0000

From: Alok Kumar

Subject: Re: SEO Proposal?

Thread-Topic: SEO Proposal?

Thread-Index: AQHc/7ZT/8MWc9Tu7ku57JsQJwBnMLZKXXxW

Date: Mon, 22 Jun 2026 10:12:08 +0000

Message-ID:

References:

In-Reply-To:

Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: TY0PR04MB7350:EE_|TYZPR04MB6787:EE_

x-ms-office365-filtering-correlation-id: fbfa3ba6-8d28-4328-6592-08ded046b801

x-microsoft-antispam:

BCL:0;ARA:14566002|51005399006|31061999003|19110799012|8060799015|8062599012|25010399006|55001999006|24021099003|24121999003|12121999013|22091999003|15080799012|15030799006|102099032|3412199025|440099028|40105399003|26121999007;

x-microsoft-antispam-message-info:

=?us-ascii?Q?IcEDK3gAk52bjixBJOb0doYwPLOjJ24Bi631cCDQT1z2CsjOszrfUPuofjOr?=

=?us-ascii?Q?X8FX0DKTzwtXk0J8AGQ2lxjDbrZqsSmoCQGiymn4x5V2xZJhBV0Q3tYMMU9s?=

=?us-ascii?Q?/gxsimDNSo2qzOYKwZfucvC5TFrT6h6AkcOjqUJE38Bay8+q7i55oGvOoFP5?=

=?us-ascii?Q?W/lwJdlkixDtugAC3XLAXilMKPpyoY3aiVbxIhDxq79tddosuWs34IoQfNsX?=

=?us-ascii?Q?2Apji7aaYX4bcQTkM+pzOEiu2Qgx40dTeL8oAsiynKaWig3ZDmNexQJon1LV?=

=?us-ascii?Q?0X5O7VvVbB0X57dajjg0XzuBd1k3i96/RzJpXE+MjyCRkazEx0O1CrEUMjm8?=

=?us-ascii?Q?Ey+k7oXHhCqKSALXjwOj3Nx/fQcfzqHs6j4mxMyWFznG6VmrZa+V52vBh61r?=

=?us-ascii?Q?J2yHoKld5f5lRYUi3XPhZQ+jWPH4zoSx7N3CTd/HWAKsPJWpaG+oJdZVVfhU?=

=?us-ascii?Q?55gre6Lv4/ZhGRBif0BoKPt6tqTj59UVaSYOABp7pAekYik4oSzJsS47NRAB?=

=?us-ascii?Q?H6g69dxX/lBOKmjakGchg8MiBW5/2bowQKOg6jnGWQCs0L1l68jL6K36q/Gp?=

=?us-ascii?Q?RX1BaWYQZouG+4ytKQLOVhuWa7haGeGIVPXf7O2ewh4rPnHoPRL7CQ077VA3?=

=?us-ascii?Q?FOuRJ4r0y0CKL0VEcDQSUaOgNYQTCOgQBbcIhcep0aISFUb4OdgaHRVjWcqQ?=

=?us-ascii?Q?VimXqdA6XsNJjov4cWwL4XXtCl+WF/inVTiVFt+QCM3ZDNIShNyeGwpuub3z?=

=?us-ascii?Q?RhFWPsw9Z4iSF2poa/+ry+4G/FvIu+XE4slnSsLFPI9TipHyT9WPDKUJaBIY?=

=?us-ascii?Q?iY3Da4dSMa6wHxc2ss2qNqdEi6E+kG1E2NS7SXhNrzsZbjKEGMqVj9Cv6UoQ?=

=?us-ascii?Q?fLoDm5UpO24UwuHgXweo1K1CxYHAuD82QeMW6pRL1t7eGtJuUXyNYbKo7Kh5?=

=?us-ascii?Q?FKMxIlUI3MkJxgOsw7EGkUokGI3SThDB4KzdX0NpVRP/SjgPYxcww3qIu937?=

=?us-ascii?Q?7A+eHHcJ5oswJSOO4ZfjtQ/QH/WYlMKjCzagmHbMLe3gw/zrb0YQ7KSV4VYo?=

=?us-ascii?Q?otkSK4VthfZaoGQ8wOrLsbdgiuUmujc9Mfd/zkESvQqgZc2bsiaH3Uj2oYBJ?=

=?us-ascii?Q?cgnPn/2JCWOY?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?us-ascii?Q?CExs97+055ZdwftY8omQRU9Fsiig6VpYceYWfwHra9HbgXwdWPbB0l86CIyA?=

=?us-ascii?Q?OXPH3cBSioNO6feat8kvyhVUurVs1QJ+aYszO9CzDMat+h/8fRuxR2fz2oYs?=

=?us-ascii?Q?POnNS0dzMk/XnLYu3xA7ajvJ75bR9B4GquEHFc0Eo5U6/5KRqlN/OHw4AxHp?=

=?us-ascii?Q?zuDE/b4qQRgrxr6tWOSN/OP/nLQwd3UagtSvB8AB81KALsSdnpRJEbZDeHM/?=

=?us-ascii?Q?6nDXUI72JqGAqvfDBT2YLhF1trUI3nRGy1ImkimIymOphs3Q5kLaaRhmIQwM?=

=?us-ascii?Q?7RHriD4JYQR00FLK/+/gkN/HVLZFGxxbtVObZS0QJjxtgH+tvSLAF4rZq/No?=

=?us-ascii?Q?IK4N+vJex0+CkzzMN1Kr58YqTikYM/vLTmJnBiOYmxj1rj7I/jrZY5Ths0o9?=

=?us-ascii?Q?MHPoJmuBe37DplMrtmHnSMd/TWYE3q71AJoBMqvhPvEFfUYVDsJ1EDh10jbR?=

=?us-ascii?Q?EKHNJswS82KdrAIcsHxSVzOrFGZmJPbo2FHsUDCz9Jg0VpB9BW1GOGFC/xDR?=

=?us-ascii?Q?HMde4B9Lcsd8+28+DcZc1if8VOi99mtPXPa/fJOrprHaF6dl9snZHZ0PIbWo?=

=?us-ascii?Q?/uyDI3CBRex25wcgcRtXTThRawPq8BbAkBnmofR5Yr5sN6+MwbCuW4HQIpYw?=

=?us-ascii?Q?B9FCigKqOQMyDIeOsDZqslFwTkk7bbcTYNwZnz5h10yq/gUEjYolGm3ZMiNX?=

=?us-ascii?Q?pxqlKP8Aqp6ZetoEy9Z0Z3EskOCzLBXTgvF63v/NSDPeimenj4f5UUOxNe1b?=

=?us-ascii?Q?q3wCgQzRpTkkf0RwaugW6+ebE7Sl25fxyypiTRSNuXSAwHUE9et+UitOdaRS?=

=?us-ascii?Q?U992fK3ECm5ZxB4HHdoxbnbdjZNrCd7qdWddZLVqpqgytBIk6wQphbIEClwn?=

=?us-ascii?Q?84pJu8Me1BwR6tF3FThcJ+edyTEseHp/4CAw95UCIaF/U73sTQVIAeqbZA3z?=

=?us-ascii?Q?+TaRc/uxKmdRwcmWmQuUd1b0KbwF0dRoLdOgKNJLhxHjgKH2DUgETUjGpeCE?=

=?us-ascii?Q?cL+poSnn5tB05hJ39Kr9jnzTZx22ITETPAJWi13xoDNcumQCATzMu1b0/f6m?=

=?us-ascii?Q?efSaNKduuBioqIzvv3YyXZBjyw8F851+nx/8vxm1709v81iaGDlC5guTlNae?=

=?us-ascii?Q?KoplgsZY87LlhaiG4zjv4WSS0IJszXBl0ymohjvNVpMKdJxplQIH/ajweZXZ?=

=?us-ascii?Q?+YZwqxeXhi5BKz0/h2EWrGmkVYNrTTjy/qHOmHU4nXADge+rsMN3v1oqGQ0u?=

=?us-ascii?Q?36Qa6F56S8gksWHxh/Jgd9IhxOHasoDk6AX3iWUTMJX0ZJZUJh9Trmrm2Hcq?=

=?us-ascii?Q?6vT2U4CriMEKnvHa+G500o5Ey84614LuZebRp8wrIf2CJxGtaTneItWrs9Tp?=

=?us-ascii?Q?cq8fyFmBuN5iEWc2CivpjPr7K5WxDiYvR3TX/hctuVgxf3dRVAyiRsxzKCjS?=

=?us-ascii?Q?v4BUGZT695sA40HxlWtpPRaABKzpG/CI?=

Content-Type: multipart/alternative;

boundary="_000_TY0PR04MB73504AD188FB2B50CF51B52D82EF2TY0PR04MB7350apcp_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-c3e7a.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TY0PR04MB7350.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: fbfa3ba6-8d28-4328-6592-08ded046b801

X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2026 10:12:08.6445

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR04MB6787

--_000_TY0PR04MB73504AD188FB2B50CF51B52D82EF2TY0PR04MB7350apcp_

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

Hi,

I just wanted to check if you received my previous email.

If you're interested, simply reply with "SEND" or "Proposal," and I'll shar=

e the details. If not, just reply "REMOVE" or "NO."

I'm waiting for your response!

Thanks!

Web/SEo/App spam from Google Gmail

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 05:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbcuy-00000000GWx-0y0M

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 05:34:20 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 05:34:20 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vs1-f71.google.com ([209.85.217.71]:47109)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbZNA-000000006Ne-43Eq

for root@nk.ca;

Mon, 22 Jun 2026 01:47:22 -0600

Received: by mail-vs1-f71.google.com with SMTP id ada2fe7eead31-71f4e6ff16eso5402502137.2

for ; Mon, 22 Jun 2026 00:46:24 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1782114378; x=1782719178; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=MkVm3oBXmPpWontr+vki8bR1eTBijQaBlcjJF7RymwQ=;

b=QnpqlwzgYl0/g5YEA1ZZ8Ak4lvUKS9P0MeOrI/FZmlO4eb6ndyup1KX0ZrtbPn11vi

2TIyuGcbYUlVHqjoekDUZvTa/OcSuFMKU+T3ZNqBEQjFjUFDTZeppLxkGC6Mw9mKQrUd

xJAcB53RcYhSQG/F2xTGgPvZQWSe5JXgfUztNbDmfFGicTNQVq9RMPE6dscidPQKgkSq

CFpxDeJ04M9b/n/twY/Bm/ipt0XrQzqP1U0R1NpWrxwNu5vsdU56zj16dC1DRtqYGJ2K

bLhF0bFIexkKzvW2NJ2N5CiVD5DoCHmlj+AwxecaqB8ccK2gKFy9JkWW7i23QVOpzVUp

AipQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782114378; x=1782719178;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=MkVm3oBXmPpWontr+vki8bR1eTBijQaBlcjJF7RymwQ=;

b=nB/wzlQT2mfJ3o9Bv5ceRwv8B+enPEvU+2MvaTDnk1j9bZGwSGg/0mr9n9UkIMm+Dj

ssK1CoGT6441RChxmHllprWlPQqwg3v9MptlEYVfkCIeyqIJINQPE+pcyVm07rOqZHOH

Vsaox3kl0cJXV/FIef6yUBWfJDN6bBi1BvJO4AS656WdqTgbLFw/dGZwjLe1PORQ6hAK

I5UOtb0PVEhYlgJKAJBfxD2CVVVgZw7ip2RB/HCXeFWRSGk/L0+RPCR0msKbmKw2wISj

HhpuwgGADUJXLWV+bju/oSG3IoIBUSj5kHsC8Ug6QrU7YiYedcRD31+FoOhFDZf2rzZw

qGBQ==

X-Gm-Message-State: AOJu0YygvOHyA74XknewEnrLjs8vbGQrZR13gfz93ECrFpChGWZO+Zv5

TUh50vFIr9pdo54Y5Yb2JQSKnY88CCWiMvqmHRfOGcR7b8hib/Wr7jzNUopI6UIeIzjcPEIGgC7

gA3PRBg==

MIME-Version: 1.0

X-Received: by 2002:a05:6102:160e:b0:631:3bbb:f23f with SMTP id

ada2fe7eead31-72a795e1c40mr6424207137.26.1782114378056; Mon, 22 Jun 2026

00:46:18 -0700 (PDT)

Message-ID:

Date: Mon, 22 Jun 2026 07:46:18 +0000

Subject: Re: Quick Service ! root@nk.ca ! My Name is Puja

From: pujar2476@gmail.com

To: root@nk.ca

Content-Type: multipart/alternative; boundary="000000000000740e690654d2d66e"

--000000000000740e690654d2d66e

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Hi,

Check on my last message.

Please share your project requirements or a reference app so we can provide

an estimate for timeline and cost.

Thanks,

Puja

On Tue, Jun 9, 2026 at 11:10 PM < root@nk.ca > wrote:

Hello, root@nk.ca

We can develop your mobile app for iOS & Android using Flutter with a

single code base for fast, smooth, and cost-effective performance.

Scope:-

User-friendly UI/UX

Login / Signup

API & backend integration

Push notifications (if needed)

Tech:-

Flutter / Custom Backend

Timeline & cost will be shared after reviewing full requirements.

Please share your details or reference app so we can proceed.

Best regards,

Puja

--000000000000740e690654d2d66e

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hi,

Check on my last message.

Please share your project requi=

rements or a reference app so we can provide an estimate for timeline and c=

ost.

Thanks,
Puja

On Tue, Jun 9, 2026 at 11:10=E2=80=AFPM =

< root@nk.ca > wrote:

Hello, root@nk.ca

We can develop your m=

obile app for iOS & Android using Flutter with a single code base for fast,=

smooth, and cost-effective performance.

Scope:-

User-friendl=

y UI/UX
Login / Signup
API & backend integration
Push notification=

s (if needed)

Tech:-

Flutter / Custom Backend

Timeline=

& cost will be shared after reviewing full requirements.

Please sha=

re your details or reference app so we can proceed.

Best regards,
>
Puja

--000000000000740e690654d2d66e--

Chinese products spam part 2

Posted by Dave Yadallee on Monday, June 22. 2026

在2026-06-19，Julin 写道:

-----原始邮件-----

发件人： Julin

发件时间: 2026年06月19日周五

收件人： [sales ]

主题：中国发加拿大整柜价格 5.15-5.31

Hi 家人们

我是深圳市云松跨境物流有限公司的Julin，

我们专注于美加欧澳墨西哥国际物流13年，能做CIF,FOB ,DDU,DDP,LDP等条款.

请问本周有整柜发加拿大吗？

我们有很好的整柜价格，可以为您节省成本，

目前我们帮单一客户节省了30万美元的成本。

我们擅长DDU,DDP,LDP等贸易条款，可以合理的帮您优化物流成本，减少支出。

欢迎扫码加微信，随时详聊!

祝您万事如意，生意兴隆，货如轮转，财源滚滚。

整柜价格

起运港目的港价格（40HQ）备注

深圳/广州/宁波/上海/义乌/青岛/天津/长沙/郑州/佛山/中山/泉州温哥华 2830 这个是海运价格

埃德蒙顿 4000

卡尔加里 4000

多伦多 5015

蒙特利尔 5015

温尼泊 5500

Obtain the latest product info by choosing . Keep My News Flow

Need to pause messages? Go to Opt Out Settings.

Miss Julin

深耕美加专线13年

DDU/DDP双清专线,让您省心省力省钱

Shenzhen Yunsong Cross-border Logistics Co.,Ltd

Room 2806, 28th Floor, Building 1, Evergrande Metropolis Plaza, Bantian Street, Longgang District,

Shenzhen City, Guangdong, China

深圳市龙岗区坂田街道马安堂社区环城南路15号

恒大都会广场1栋2806

Phone : 13798412845

Email: julin@yunsongfreight.com

在2026-06-13，Julin 写道:

-----原始邮件-----

发件人： Julin

发件时间: 2026年06月13日周六

收件人： [sales ]

主题：加拿大FOB/DDP/LDP ，一箱也能发

Hi 亲们

我是深圳市云松跨境物流有限公司的Julin，

我们专注于美加欧澳墨西哥国际物流13年，能做CIF,FOB ,DDU,DDP,LDP等条款.

下面是不同的重量发加拿大的价格，一箱也能发，几百元就到加拿大，双清包税到门。

欢迎扫码加微信，随时详聊!DDU/DDP双清专线让您省心省力省钱。

祝您万事如意，生意兴隆，货如轮转，财源滚滚。

散货价格

起运港目的港价格（40HQ）备注

深圳/广州/宁波/上海/义乌/青岛/天津/长沙/郑州/佛山/中山/泉州温哥华 8.3 散货包含海运费，清关，关税，派送

埃德蒙顿 7.5

卡尔加里 7.5

多伦多 8.1

蒙特利尔 8.1

温尼泊 8.2

Maintain your product-savvy edge with . Stay Updated on News

If you prefer to exit, choose Review Communication Options.

Miss Julin

深耕美加专线13年

DDU/DDP双清专线,让您省心省力省钱

Shenzhen Yunsong Cross-border Logistics Co.,Ltd

Room 2806, 28th Floor, Building 1, Evergrande Metropolis Plaza, Bantian Street, Longgang District,

Shenzhen City, Guangdong, China

深圳市龙岗区坂田街道马安堂社区环城南路15号

恒大都会广场1栋2806

Phone : 13798412845

Email: julin@yunsongfreight.com

Chinese products spam part 1

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 05:34:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbcue-00000000Fo5-1lP5

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 05:34:00 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 05:34:00 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [210.79.60.58] (port=57558 helo=mail-m6058.netease.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbZEK-0000000062y-1nOo

for sales@nk.ca;

Mon, 22 Jun 2026 01:38:23 -0600

Content-Type: multipart/alternative; BOUNDARY="=_Part_1519968_391243307.1782113820732"

To: sales

Subject: =?UTF-8?B?UmU65Lit5Zu95Y+R5Yqg5ou/5aSn5pW05p+c5Lu35qC8wqA1LjE1LTUuMzE=?=

X-Priority: 3

MIME-Version: 1.0

Received: from julin@yunsongtrans.com( [10.139.1.59] ) by ajax-webmail ( [127.0.0.1] ) ; Mon, 22 Jun 2026 15:37:00 +0800 (GMT+08:00)

From: Julin

Date: Mon, 22 Jun 2026 15:37:00 +0800 (GMT+08:00)

X-WM-Tid: 0a9eee42dfa800f5kunm075a0cc51e7cc6

DKIM-Signature: a=rsa-sha256;

b=asezRNYEJYWChLe/c8MKhCFg8Nm+6NkMV+xq+u4I9n517u2GK6cC/SJcFLQQrlDSdw8amcSnRMNrS05n/N0k3FzVz5yNvzpSFOrznEBjG5GbkUvZdR0uJVHURcn8wakKeC+lnCw6VJ38FV8+moKZY+2zeXMeLIm3elxQ3fimTAnhhC+2Cv1ixMq8H4yQoJaII7XX+cJMws8Uo9ubBus3ugKzRV3Ht5Y6SE7lrj4tW238mbQM08IcmoO1YxZruRIzomgrRsbcVcVw40ehE2LFzcwxQy/mnApfDAbVclSITMQE0ga+3MDv+B94bHL82eS0SSgU43JB/5bblac01NqSOQ==; c=relaxed/relaxed; s=default; d=yunsongtrans.com; v=1;

bh=D9O4+3Fuf8oZkx9Z8Eq1iHpXhHKH4I1XzWG41NnHxr0=;

h=date:mime-version:subject:message-id:from;

Message-ID:

X-Spam_score: 15.3

X-Spam_score_int: 153

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi sales, I hope this email finds you well. Thank you for

reading our introductory email. We're here to assist if you have any further

questions or need more information. I am excited to inform you that we are

currently offering a special promotion on our products.If you have any needs,

please let me know as soon as possible so I can secure a discounted spot

for you. T [...]

Content analysis details: (15.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[210.79.60.58 listed in will-spam-for-food.eu.org]

[210.79.60.58 listed in will-spam-for-food.eu.org]

[210.79.60.58 listed in will-spam-for-food.eu.org]

[210.79.60.58 listed in will-spam-for-food.eu.org]

[210.79.60.58 listed in will-spam-for-food.eu.org]

[210.79.60.58 listed in will-spam-for-food.eu.org]

[210.79.60.58 listed in will-spam-for-food.eu.org]

[210.79.60.58 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[210.79.60.58 listed in dnsbl.ahbl.org]

[210.79.60.58 listed in dnsbl.ahbl.org]

[210.79.60.58 listed in dnsbl.ahbl.org]

[210.79.60.58 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[210.79.60.58 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[210.79.60.58 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[210.79.60.58 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[210.79.60.58 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: yunsongtrans.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[210.79.60.58 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

0.6 J_CHICKENPOX_52 BODY: 5alpha-pock-2alpha

1.0 OPT_OUT BODY: No description available.

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.6 HTML_TEXT_INVISIBLE_STYLE HTML hidden text + other spam signs

2.0 MIXED_HREF_CASE Has href in mixed case

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} =?UTF-8?B?UmU65Lit5Zu95Y+R5Yqg5ou/5aSn5pW05p+c5Lu35qC8wqA1LjE1LTUuMzE=?=

Hi sales,

I hope this email finds you well.

Thank you for reading our introductory email. We're here to assist if you have any further questions or need more information.

I am excited to inform you that we are currently offering a special promotion on our products.If you have any needs, please let me know as soon as possible so I can secure a discounted spot for you.

Thank you for your attention, and I look forward to hearing from you soon.

Best regards,

Enable premium notifications for product growth via . Keep My Alerts Active

To override these emails, visit Tweak Email Delivery.

Miss Julin

With 13 years of dedicated focus on US-Canada dedicated shipping lines,we save your time, effort and money with DDP PRICE.

Shenzhen Ethan Freight Forwarding Co., Ltd.

Room 2806, 28th Floor, Building 1, Evergrande Metropolis Plaza, Bantian Street, Longgang District, Shenzhen City, Guangdong, China

T.0755-84826401/ M.13798412845/E.julin@ethanfreight.com

www.ethantrans.com

Nigerian spam

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 21 Jun 2026 20:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbUHC-0000000013Z-2WTW

for dave@doctor.nl2k.ab.ca;

Sun, 21 Jun 2026 20:20:42 -0600

Resent-From: The Doctor

Resent-Date: Sun, 21 Jun 2026 20:20:42 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from smtp1.hukvm.de ([193.201.183.163]:9127)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbSwk-00000000DIS-04QD

for root@doctor.nl2k.ab.ca;

Sun, 21 Jun 2026 18:55:38 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;

d=hukvm.de; i=@hukvm.de; q=dns/txt; s=mail2;

t=1782089730; x=1813625730;

h=from:to:subject:date:message-id:mime-version;

bh=ouWN5M9Ewbinr3DwVfFv0e4qikVrKtwEOsY20ywIb2I=;

b=CAJOOg80PlKMPWE/5Wr06v/mm8uQ37pomjsHeQoQfP/tA90yNPLtKEOF

9bX7U05baFg+Tv7A7vKWQ8/I1ooHWlHhLTgOb/igB5x4TrbtnWpV8yRGw

AvcOIJLmwV6GEyL93gPDezzxRCsGtovYQiqaRk+iQi7+Ky60IflP+tXgk

o=;

X-CSE-ConnectionGUID: bjnAT2BuSXWmGw8uYLWlRw==

X-CSE-MsgGUID: +wO+zXS6Q+a1XHYaPkUOoQ==

From: "HUK Vertrauensmann Stecker, Michael"

To: "lpjobswelll@gmail.com"

Subject: Congratulations!!!

Thread-Topic: Congratulations!!!

Thread-Index: Ad0B4aovvTDlMAqKQk+1sQ1o67xE0w==

Date: Mon, 22 Jun 2026 00:54:32 +0000

Message-ID:

Accept-Language: de-DE, en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-originating-ip: [10.148.148.66]

Content-Type: multipart/alternative;

boundary="_000_da0c97fd456040dcaa41b2c70ae0f345hukvmde_"

MIME-Version: 1.0

--_000_da0c97fd456040dcaa41b2c70ae0f345hukvmde_

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

You have been selected to receive a Grant Donation; please contact lpjobswe=

lll@gmail.com for further details and claim i=

nformation.

Please Note: We have been trying to contact you several times.

Best regards

--_000_da0c97fd456040dcaa41b2c70ae0f345hukvmde_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

>

>

Congratulations!!!

You have been selected to receive a Grant Donatio=

n; please contact

lpjo=

bswelll@gmail.com for further details and=

claim information.

Please Note: We have been trying to contact you s=

everal times.

Best regards

--_000_da0c97fd456040dcaa41b2c70ae0f345hukvmde_--

Amazon Prime phish from OVH Part 2

Posted by Dave Yadallee on Monday, June 22. 2026

Prime - Membership Update

Your membership has been paused

Hello,

We were unable to charge your payment method. We've paused your Prime membership and your benefits are currently on hold.

To resume your membership, update your payment method and plan settings.

Thank you,

Customer Service

Update payment method

You expected your Prime membership to continue?

We can help you re-activate your Prime membership. Reach out to Customer Service for help.

Contact Customer Service

Amazon Prime phish from OVH Part 1

Posted by Dave Yadallee on Monday, June 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 21 Jun 2026 17:24:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbRVU-000000005Yf-3D9A

for dave@doctor.nl2k.ab.ca;

Sun, 21 Jun 2026 17:23:16 -0600

Resent-From: The Doctor

Resent-Date: Sun, 21 Jun 2026 17:23:16 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from server.chroniclesnews.live ([66.116.206.87]:57488)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbNQn-0000000017l-0DH8

for www@nl2k.ab.ca;

Sun, 21 Jun 2026 13:02:19 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=chroniclesnews.live; s=default; h=Content-Transfer-Encoding:Content-Type:

MIME-Version:List-Unsubscribe:From:To:Reply-To:Message-Id:Subject:Date:Sender

:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:

Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:

List-Help:List-Subscribe:List-Post:List-Owner:List-Archive;

bh=gVnCm19bSIvDIeo/dz6BzYKtFfjqJAd38lB80TgpQfA=; b=ZbCmG0Qo6rWaxPrHR9pON/U6XJ

Jx5N4nuKGr9krxkrbVU+HALedCZhcoqmBCs25DNDlDrT0aSPUm5l/8bFaL4ixPE0bT/9AsInvQoKX

MQnfBMKHzbSMmXztJSwaIgXFLzw4QSyDp8PuFVJQLTLa2grcw31G2+wofuHEP+mjRtL0cyu7ufGJR

dtKsZ9Z9viJajO6Zlg+nXGlIEJ3E4HD120+HrxsFOpTIIXWcc1mWRXNvHDuNFn/tnfceyN/G+5iGq

27hLinvz+9IEwYE2dmf/PJMtDz9vVlm5FYrLd3JTDheGhg8CFekUhFlFjuPrvlxNM1NgAFlVsdUc4

DYzobnqw==;

Received: from ip18.ip-192-99-159.net ([192.99.159.18]:60924 helo=vps12783)

by server.chroniclesnews.live with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.2)

(envelope-from )

id 1wbNPp-0000000AnmK-3cqa

for www@nl2k.ab.ca;

Sun, 21 Jun 2026 13:01:10 -0600

Date: Sun, 21 Jun 2026 12:01:06 -0700

Subject: Your Prime membership has been paused [Ref: 3976C]

Message-Id: <13CCQKO7LTU4.7KN23T2LL4RW@vps12783>

Reply-To: Prime <>

To: www@nl2k.ab.ca

From: Prime

X-Mailer: Thunderbird 78.11.0

List-Unsubscribe:

MIME-Version: 1.0

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: 8bit

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - server.chroniclesnews.live

X-AntiAbuse: Original Domain - nl2k.ab.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - chroniclesnews.live

X-Get-Message-Sender-Via: server.chroniclesnews.live: authenticated_id: client@chroniclesnews.live

X-Authenticated-Sender: server.chroniclesnews.live: client@chroniclesnews.live

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 5.4

X-Spam_score_int: 54

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Prime - Membership Update prime

Content analysis details: (5.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[192.99.159.18 listed in will-spam-for-food.eu.org]

[192.99.159.18 listed in will-spam-for-food.eu.org]

[192.99.159.18 listed in will-spam-for-food.eu.org]

[192.99.159.18 listed in will-spam-for-food.eu.org]

[192.99.159.18 listed in will-spam-for-food.eu.org]

[192.99.159.18 listed in will-spam-for-food.eu.org]

[192.99.159.18 listed in will-spam-for-food.eu.org]

[192.99.159.18 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

[66.116.206.87 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[192.99.159.18 listed in dnsbl.ahbl.org]

[192.99.159.18 listed in dnsbl.ahbl.org]

[192.99.159.18 listed in dnsbl.ahbl.org]

[192.99.159.18 listed in dnsbl.ahbl.org]

[66.116.206.87 listed in dnsbl.ahbl.org]

[66.116.206.87 listed in dnsbl.ahbl.org]

[66.116.206.87 listed in dnsbl.ahbl.org]

[66.116.206.87 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[192.99.159.18 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[192.99.159.18 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[192.99.159.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[192.99.159.18 listed in dnsbl.ahbl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[66.116.206.87 listed in bb.barracudacentral.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[66.116.206.87 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.3 URI_HEX URI: URI hostname has long hexadecimal sequence

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Your Prime membership has been paused [Ref: 3976C]

Chinese products spam

Posted by Dave Yadallee on Sunday, June 21. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 21 Jun 2026 12:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbMm9-00000000LUt-18mS

for dave@doctor.nl2k.ab.ca;

Sun, 21 Jun 2026 12:20:09 -0600

Resent-From: The Doctor

Resent-Date: Sun, 21 Jun 2026 12:20:09 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-m81214.netease.com ([47.88.81.214]:46800)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbKuy-000000009bQ-0Av3

for sales@nk.ca;

Sun, 21 Jun 2026 10:21:20 -0600

Content-Type: multipart/alternative; BOUNDARY="=_Part_1438358_1062877719.1782058805223"

To: sales

Reply-To: serenatam@lebaijk.com

Subject: =?UTF-8?B?Q3VzdG9tIFNob2UgU29sZSBTb2x1dGlvbnMgZm9yIEZvb3R3ZWFyIEJyYW5kcw==?=

X-Priority: 3

MIME-Version: 1.0

Received: from daisy@vexacentertrade.com( [10.139.4.149] ) by ajax-webmail ( [127.0.0.1] ) ; Mon, 22 Jun 2026 00:20:05 +0800 (GMT+08:00)

From: SerenaTam

Date: Mon, 22 Jun 2026 00:20:05 +0800 (GMT+08:00)

X-WM-Tid: 0a9eeafb67d9d0bdkusy9ad71f541ce192

DKIM-Signature: a=rsa-sha256;

b=kV8GSlJnhAlshxH4drkiBSlPKqSbSHP+nQ7LH7lqTNAcdfE1AYBfNSoEW7mN02l/exIQK+0dJWs6KWY0hH03fCbd0sIiDbls9wW3JfyDV0/B2lrgrWngobxOjWBrKEF2j4GpQ2SX086iE62wxKGnO8lMKZOCRzbda1ezLMV59EI=; c=relaxed/relaxed; s=default; d=vexacentertrade.com; v=1;

bh=lWRG7NRaDgjQiH8ebQekJZ7olMsdhmkkRW0lJnKgBZE=;

h=date:mime-version:subject:message-id:from;

Message-ID:

Hi Sales，

We specialize in custom shoe soles, including natural rubber and bio-based sole solutions for footwear brands and manufacturers.

Would you be interested in seeing some of our latest sole designs?

Reply interested if you do.

Best regards,

Maintain your product-savvy edge with . Stay Updated on News

If you prefer to exit, choose Review Communication Options.

SerenaTam

serenatam@lebaijk.com

Mon	Tue	Wed	Thu	Fri	Sat	Sun
← Back	June '26					Forward →
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30