NetKnow Corporate Blog

Corporate representative spam

Corporate representative spam

Corporate representative spam

Health products phish from Google Gmail

Health products phish from Google Gmail

Health products phish from Google Gmail

Amazon deals phish

Health products phish from Google Gmail

Surebond Capital phish from sendgrid.net

Community spam from Microsoft Outlook

Nigerian style phish

Nigerian styled phish

Nigerian styled phish

Shipping phish

Stanley Phish

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path: <>

Envelope-to: dave@nk.ca

Delivery-date: Wed, 22 Oct 2025 06:33:00 -0600

Received: from mail.correodelasalud.com ([200.29.238.238]:36106)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

id 1vBY0Z-00000000Ftk-3Idx

for dave@nk.ca;

Wed, 22 Oct 2025 06:32:04 -0600

Received: from localhost (localhost [127.0.0.1])

by mail.correodelasalud.com (Postfix) with ESMTP id 6B8C56A731E4;

Wed, 22 Oct 2025 06:41:44 -0500 (-05)

Received: from mail.correodelasalud.com ([127.0.0.1])

by localhost (mail.correodelasalud.com [127.0.0.1]) (amavisd-new, port 10032)

with ESMTP id weymz3j9iVg0; Wed, 22 Oct 2025 06:41:44 -0500 (-05)

Received: from localhost (localhost [127.0.0.1])

by mail.correodelasalud.com (Postfix) with ESMTP id 21F816A731E1;

Wed, 22 Oct 2025 06:41:44 -0500 (-05)

X-Virus-Scanned: amavisd-new at correodelasalud.com

Received: from mail.correodelasalud.com ([127.0.0.1])

by localhost (mail.correodelasalud.com [127.0.0.1]) (amavisd-new, port 10026)

with ESMTP id OxlYji9CzGDJ; Wed, 22 Oct 2025 06:41:44 -0500 (-05)

Received: from [10.5.0.2] (unknown [10.0.99.2])

by mail.correodelasalud.com (Postfix) with ESMTPSA id 8332866ECC3C;

Wed, 22 Oct 2025 06:41:37 -0500 (-05)

Content-Type: multipart/alternative; boundary="===============1028635562=="

MIME-Version: 1.0

Subject: Representative

To: Recipients <>

From: "Marcin .M" <>

Date: Wed, 22 Oct 2025 04:41:28 -0700

Reply-To: info@boivico.com

Message-Id: <20251022114137.8332866ECC3C@mail.correodelasalud.com>

X-Spam_score: 9.4

X-Spam_score_int: 94

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, We are reaching out to know if you 19re currently open

to working with us as an Executive Company Representative on a contractual,

remote basis. This position will not interfere with your curre [...]

Content analysis details: (9.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

2.6 FROM_NO_USER From: has no local-part before @ sign

1.2 TO_MALFORMED To: has a malformed address

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 NO_RDNS2 Sending MTA has no reverse DNS

Subject: {SPAM?} Representative

You will not see this in a MIME-aware mail reader.

--===============1028635562==

Content-Type: text/plain; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Hello,

We are reaching out to know if you=2019re currently open to working with u=

s as an Executive Company Representative on a contractual, remote basis. Th=

is position will not interfere with your current job, as the work is done r=

emotely and only occasionally.

If you=2019re interested, we would be glad to share more details about the=

role.

We look forward to your response.

Sincerely,

Marcin .M

--===============1028635562==

Content-Type: text/html; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

=3Dutf-8"/>

", "Segoe UI Web (West European)", -apple-system, BlinkMacSystemFont, Robot=

o, "Helvetica Neue", sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TE=

XT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: nor=

mal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(2=

55,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant=

-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: i=

nitial; text-decoration-style: initial; text-decoration-color: initial'>
NT size=3D2 face=3DArial data-olk-copy-source=3D"MessageBody">Hello,=

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>We are reaching out to know if you=E2=80=99re currently open to working wi=

th us as an Executive Company Representative on a contractual, remote basis=

. This position will not interfere with your current job, as the work is do=

ne remotely and only occasionally.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>If you=E2=80=99re interested, we would be glad to share more details about=

the role.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>We look forward to your response.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>Sincerely,
Marcin .M

--===============1028635562==--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Oct 2025 07:52:01 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBZEz-00000000Nsi-1tIz

for dave@doctor.nl2k.ab.ca;

Wed, 22 Oct 2025 07:51:01 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Oct 2025 07:51:01 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.correodelasalud.com ([200.29.238.238]:26826)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

id 1vBZBj-000000006C2-01T9

for doctor@edmontonab.ca;

Wed, 22 Oct 2025 07:47:51 -0600

Received: from localhost (localhost [127.0.0.1])

by mail.correodelasalud.com (Postfix) with ESMTP id 30ED46A80E25;

Wed, 22 Oct 2025 07:51:37 -0500 (-05)

Received: from mail.correodelasalud.com ([127.0.0.1])

by localhost (mail.correodelasalud.com [127.0.0.1]) (amavisd-new, port 10032)

with ESMTP id 8HCIGmE2Z1Vj; Wed, 22 Oct 2025 07:51:37 -0500 (-05)

Received: from localhost (localhost [127.0.0.1])

by mail.correodelasalud.com (Postfix) with ESMTP id CB40F6A80E43;

Wed, 22 Oct 2025 07:51:36 -0500 (-05)

X-Virus-Scanned: amavisd-new at correodelasalud.com

Received: from mail.correodelasalud.com ([127.0.0.1])

by localhost (mail.correodelasalud.com [127.0.0.1]) (amavisd-new, port 10026)

with ESMTP id VmJiPwpmUTAP; Wed, 22 Oct 2025 07:51:36 -0500 (-05)

Received: from [10.5.0.2] (unknown [10.0.99.2])

by mail.correodelasalud.com (Postfix) with ESMTPSA id ECF9F6A80E25;

Wed, 22 Oct 2025 07:51:29 -0500 (-05)

Content-Type: multipart/alternative; boundary="===============1151808451=="

MIME-Version: 1.0

Subject: Representative

To: Recipients <>

From: "Marcin .M" <>

Date: Wed, 22 Oct 2025 05:51:10 -0700

Reply-To: info@boivico.com

Message-Id: <20251022125129.ECF9F6A80E25@mail.correodelasalud.com>

X-Spam_score: 9.4

X-Spam_score_int: 94

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, We are reaching out to know if you 19re currently open

to working with us as an Executive Company Representative on a contractual,

remote basis. This position will not interfere with your curre [...]

Content analysis details: (9.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

2.6 FROM_NO_USER From: has no local-part before @ sign

1.2 TO_MALFORMED To: has a malformed address

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 NO_RDNS2 Sending MTA has no reverse DNS

Subject: {SPAM?} Representative

You will not see this in a MIME-aware mail reader.

--===============1151808451==

Content-Type: text/plain; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Hello,

We are reaching out to know if you=2019re currently open to working with u=

s as an Executive Company Representative on a contractual, remote basis. Th=

is position will not interfere with your current job, as the work is done r=

emotely and only occasionally.

If you=2019re interested, we would be glad to share more details about the=

role.

We look forward to your response.

Sincerely,

Marcin .M

--===============1151808451==

Content-Type: text/html; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

=3Dutf-8"/>

", "Segoe UI Web (West European)", -apple-system, BlinkMacSystemFont, Robot=

o, "Helvetica Neue", sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TE=

XT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: nor=

mal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(2=

55,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant=

-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: i=

nitial; text-decoration-style: initial; text-decoration-color: initial'>
NT size=3D2 face=3DArial data-olk-copy-source=3D"MessageBody">Hello,=

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>We are reaching out to know if you=E2=80=99re currently open to working wi=

th us as an Executive Company Representative on a contractual, remote basis=

. This position will not interfere with your current job, as the work is do=

ne remotely and only occasionally.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>If you=E2=80=99re interested, we would be glad to share more details about=

the role.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>We look forward to your response.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>Sincerely,
Marcin .M

--===============1151808451==--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path: <>

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Oct 2025 06:32:00 -0600

Received: from mail.correodelasalud.com ([200.29.238.238]:14604)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

id 1vBY0M-00000000FrG-28dB

for dave@doctor.nl2k.ab.ca;

Wed, 22 Oct 2025 06:31:59 -0600

Received: from localhost (localhost [127.0.0.1])

by mail.correodelasalud.com (Postfix) with ESMTP id 4BF946A606EA;

Wed, 22 Oct 2025 06:41:24 -0500 (-05)

Received: from mail.correodelasalud.com ([127.0.0.1])

by localhost (mail.correodelasalud.com [127.0.0.1]) (amavisd-new, port 10032)

with ESMTP id Aazvs0HqzfTN; Wed, 22 Oct 2025 06:41:24 -0500 (-05)

Received: from localhost (localhost [127.0.0.1])

by mail.correodelasalud.com (Postfix) with ESMTP id 072F46A606F2;

Wed, 22 Oct 2025 06:41:24 -0500 (-05)

X-Virus-Scanned: amavisd-new at correodelasalud.com

Received: from mail.correodelasalud.com ([127.0.0.1])

by localhost (mail.correodelasalud.com [127.0.0.1]) (amavisd-new, port 10026)

with ESMTP id E7mz3Xo1_nIR; Wed, 22 Oct 2025 06:41:23 -0500 (-05)

Received: from [10.5.0.2] (unknown [10.0.99.2])

by mail.correodelasalud.com (Postfix) with ESMTPSA id 7DC0766ECC3C;

Wed, 22 Oct 2025 06:41:17 -0500 (-05)

Content-Type: multipart/alternative; boundary="===============1572330189=="

MIME-Version: 1.0

Subject: Representative

To: Recipients <>

From: "Marcin .M" <>

Date: Wed, 22 Oct 2025 04:41:08 -0700

Reply-To: info@boivico.com

Message-Id: <20251022114117.7DC0766ECC3C@mail.correodelasalud.com>

X-Spam_score: 5.7

X-Spam_score_int: 57

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, We are reaching out to know if you 19re currently open

to working with us as an Executive Company Representative on a contractual,

remote basis. This position will not interfere with your curre [...]

Content analysis details: (5.7 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

[200.29.238.238 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

[200.29.238.238 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[200.29.238.238 listed in dnsbl.ahbl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

2.6 FROM_NO_USER From: has no local-part before @ sign

1.2 TO_MALFORMED To: has a malformed address

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[200.29.238.238 listed in sa-accredit.habeas.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[200.29.238.238 listed in sa-trusted.bondedsender.org]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[200.29.238.238 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[200.29.238.238 listed in bl.score.senderscore.com]

Subject: {SPAM?} Representative

You will not see this in a MIME-aware mail reader.

--===============1572330189==

Content-Type: text/plain; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Hello,

We are reaching out to know if you=2019re currently open to working with u=

s as an Executive Company Representative on a contractual, remote basis. Th=

is position will not interfere with your current job, as the work is done r=

emotely and only occasionally.

If you=2019re interested, we would be glad to share more details about the=

role.

We look forward to your response.

Sincerely,

Marcin .M

--===============1572330189==

Content-Type: text/html; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

=3Dutf-8"/>

", "Segoe UI Web (West European)", -apple-system, BlinkMacSystemFont, Robot=

o, "Helvetica Neue", sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TE=

XT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: nor=

mal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(2=

55,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant=

-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: i=

nitial; text-decoration-style: initial; text-decoration-color: initial'>
NT size=3D2 face=3DArial data-olk-copy-source=3D"MessageBody">Hello,=

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>We are reaching out to know if you=E2=80=99re currently open to working wi=

th us as an Executive Company Representative on a contractual, remote basis=

. This position will not interfere with your current job, as the work is do=

ne remotely and only occasionally.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>If you=E2=80=99re interested, we would be glad to share more details about=

the role.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>We look forward to your response.

uropean)", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", san=

s-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT=

-WEIGHT: 400; COLOR: rgb(36,36,36); FONT-STYLE: normal; ORPHANS: 2; WIDOWS:=

2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT=

: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-t=

ext-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-=

style: initial; text-decoration-color: initial'>
>Sincerely,
Marcin .M

--===============1572330189==--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 21:24:57 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBPSm-00000000JQx-14ad

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 21:24:36 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 21:24:36 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f197.google.com ([209.85.221.197]:56540)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBOzA-00000000GVj-1tLY

for doctor@nl2k.ab.ca;

Tue, 21 Oct 2025 20:54:07 -0600

Received: by mail-vk1-f197.google.com with SMTP id 71dfb90a1353d-54a8ab48935so11826081e0c.0

for ; Tue, 21 Oct 2025 19:52:32 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761101546; x=1761706346; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=I89CwIs8NPTaPP9ui+uTNGjQW+1/OAYcdv3No108X1E=;

b=af3U2ULPztZt1+zE/LjdWYLPyF2quVZcY4Tcm5KN8Xa5Gpys2JQLpWLhEaZ/5m7mgs

53py9MFm7Ax7024eFCfTe+I6sViJGDnkhjqyvHtWp4fWXRdFsE1y29jxEANEpBn2D8LB

d8F222vK7wKAwuok/d7eD/9xRB+Q9bkImHrXMHaqmJsb7gPcwq4QGwsZ31TYNrf76qtA

3AcRJMVDpTtiaktc/8cpzAm+tJa3DiynOtlsQu4OZuwxxH4mOAkuVaDGGZBUukhxQnMv

9r7uR2qDuvRF/9R+ztt0wOhNu1j6tTe6M6dMDa/whmR2iJdvE9B6lURK3b1KDFnP7h6T

jrKQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761101546; x=1761706346;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=I89CwIs8NPTaPP9ui+uTNGjQW+1/OAYcdv3No108X1E=;

b=LNG6mlEYgKHeYpXMypOSZSrJ5gQ0K8fndGeAb7L9sKXbHxjuYWQc/y/N2f8kRmkmEb

Fio0U7TiUWVN3iDert3GUUpWKvoyiU9VOYjjlle1bjuRSPFpwwW4QAHoj5rG1JKRmCk3

7tXB4NIIxb7b5azjPTCh90DcX6D/WxJMNlpDqz8MBIwW8mSnaqI6PGAWhUojpOqc5zSq

AW23aJULe+Y8B9I0dpUO/vjQL/koCaLYOrQk8Ag6HN88jp1K5J7YgME9b8ZyyIaB3nuD

4jsjiJjIHHldeNocM2tFXYn9TXkun32qxt6UegOS8STFWjybA7DvzE2DidlhSgWzZYja

6tvg==

X-Gm-Message-State: AOJu0YyQwz7QxHlu+urhjQI3kXTqGzwkFQ1mcvuIweeRRt8ShK3hbahp

lIcwjeyvrgbye9kvYBF1c03OzNd+uOkua3/NOA2XCvGI8NSY179iQRvWiycCkaerJPDsAeOKlU8

1I+89RFLuCw==

X-Google-Smtp-Source: AGHT+IF463GLRtEyUQeFKuWxsNVCfCGArRVm+gsRcVlyvm5CAbHjZVHVJ3BEKsDeYUqu5xcuzjnJbgmt54PPlQM=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:7ca:b0:54a:9fe8:171e with SMTP id

71dfb90a1353d-5564ee8c476mr5905767e0c.7.1761101545853; Tue, 21 Oct 2025

19:52:25 -0700 (PDT)

Message-ID: <0000000000000dd22d0641b6684b@google.com>

Date: Wed, 22 Oct 2025 02:52:25 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=99_Do_This_Every_Night_=26_Fungus_Could_Be_Gone_=28Sim?=

=?UTF-8?Q?ple=21=29?=

From: =?UTF-8?Q?Dr=2E_James_Parker_=F0=9F=A9=BA_=2D_Wellness_Center?=

To: doctor@nl2k.ab.ca

Content-Type: multipart/alternative; boundary="0000000000000dd2210641b66848"

X-Spam_score: 12.1

X-Spam_score_int: 121

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Cloud laatste waarschuwing Cloud laatste waarschuwing Unsubscribe

Device Width Images

Content analysis details: (12.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.197 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist

[URI: click.convertkit-mail2.com/3.141.222.179]

[URI: click.convertkit-mail2.com/3.18.56.123]

[URI: click.convertkit-mail2.com/18.220.225.51]

2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL

[209.85.221.197 listed in psbl.surriel.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: healthyorivellenailcare.s3.amazonaws.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.197 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.3 HTML_SHORT_LINK_IMG_3 HTML is very short with a linked image

0.0 T_HK_NAME_DR No description available.

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8C=99_Do_This_Every_Night_=26_Fungus_Could_Be_Gone_=28Sim?=

=?UTF-8?Q?ple=21=29?=

--0000000000000dd2210641b66848

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Cloud laatste waarschuwing Cloud laatste waarschuwing Unsubscribe

--0000000000000dd2210641b66848

Content-Type: text/html; charset="UTF-8"

Device Width Images

--0000000000000dd2210641b66848--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 21:24:57 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBPSp-00000000JR9-2bXk

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 21:24:39 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 21:24:39 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vs1-f70.google.com ([209.85.217.70]:38837)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBP2p-00000000GrH-0iBF

for doctor@nk.ca;

Tue, 21 Oct 2025 20:57:54 -0600

Received: by mail-vs1-f70.google.com with SMTP id ada2fe7eead31-5d08f3bf4f9so508375137.3

for ; Tue, 21 Oct 2025 19:56:20 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761101774; x=1761706574; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=u6jNSWaBeJ70Cyy10QaYpzq2AUksc/oza4WCen1P2x8=;

b=KiARKyAWZ0vbhv7DTEKKjBV43bEhvsSE70rTzou0116oEtoCpJuhkmNuFIJY9nTtbV

Hegb1Pb4qcANrwcinYEfnc9xmHKvzIJtP04wh2h7iVG8FU2RuOxWZKd76l+sWYxA6cT7

w0gt3uRmIC6KqgFRbukMZLLh7YNTXmLSXJdxgqXy98BnmwRmjQDYOyNWLMq59JvpE3iS

EPXpwffUe4Z0xX6xBwOHHBWm6BvvB3q2L/7ingegRh51NRWxdHN1yAEYZkTMPa/5Guiw

ONzfD4BzyxGtFScn+zuH1RkN0WBM5ZVyr7q+05JQ+GC2vnPcNGF7cdHFjEkZIahyPmXD

zTuA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761101774; x=1761706574;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=u6jNSWaBeJ70Cyy10QaYpzq2AUksc/oza4WCen1P2x8=;

b=lHrHkILxbBuiyd+XWmY+OZI7o/Zyv/lp+U25tXD0tYmgIgEQMFfCW9QeuQ6mCZNPms

eCik+Sx/c/+T8qlUSdE9Tq3KMBejq8Djidr4HMsPbU7efzjxLMs4eZxqxT+f4AcaEA0l

TWc04gHW4SWpia8nsk54rPpTfoICj7ZiRTxuQdhB+QnlmXEy1W36g6XmmALlBFPCdXJ0

f3gvHz+FWxzaRvb8oEyMGlESQAiovUgMx4jJwo3hG1WW7qya7CcUSbGhgl/8/wsvo5LS

bifG04n6Gy9sBwS66c8i5jEKKMliovQ4h/2RftnLb3ULvUMbsrWALl2neF6FU4N+7aou

Id/A==

X-Gm-Message-State: AOJu0Yzxy8rBwSXm7VPqP3FXprOE0XOgTUGoZ5yzyC9BASY5FaBHmCDJ

qWqUjh2sL8I4hi/Mb9Vs+aMgrgxEw/pJsHdh7CuHM5ZcoHZO5hOJeA0Y8r0/q88jZkLd+x18lWx

Qr5kHpGBFwg==

X-Google-Smtp-Source: AGHT+IGi0fFFSTUPe7ZD3QTxLKVSnKRv23e5C4mVP18FCVIKHeqQC+c85wgFKkaxaMnTGZj/JzOGcC1YtSvjmdg=

MIME-Version: 1.0

X-Received: by 2002:a05:6102:e10:b0:5d6:1ae:1a1d with SMTP id

ada2fe7eead31-5d7dd6fd48bmr2906487137.8.1761101774000; Tue, 21 Oct 2025

19:56:14 -0700 (PDT)

Message-ID: <000000000000a713610641b6758f@google.com>

Date: Wed, 22 Oct 2025 02:56:14 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=99_Do_This_Every_Night_=26_Fungus_Could_Be_Gone_=28Sim?=

=?UTF-8?Q?ple=21=29?=

From: =?UTF-8?Q?Dr=2E_James_Parker_=F0=9F=A9=BA_=2D_Wellness_Center?=

To: doctor@nk.ca

Content-Type: multipart/alternative; boundary="000000000000a713530641b6758c"

X-Spam_score: 9.4

X-Spam_score_int: 94

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Cloud laatste waarschuwing Cloud laatste waarschuwing Unsubscribe

Device Width Images

Content analysis details: (9.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.217.70 listed in will-spam-for-food.eu.org]

[209.85.217.70 listed in will-spam-for-food.eu.org]

[209.85.217.70 listed in will-spam-for-food.eu.org]

[209.85.217.70 listed in will-spam-for-food.eu.org]

[209.85.217.70 listed in will-spam-for-food.eu.org]

[209.85.217.70 listed in will-spam-for-food.eu.org]

[209.85.217.70 listed in will-spam-for-food.eu.org]

[209.85.217.70 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.217.70 listed in dnsbl.ahbl.org]

[209.85.217.70 listed in dnsbl.ahbl.org]

[209.85.217.70 listed in dnsbl.ahbl.org]

[209.85.217.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.217.70 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.217.70 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.217.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.217.70 listed in dnsbl.ahbl.org]

0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist

[URI: click.convertkit-mail2.com/3.141.222.179]

[URI: click.convertkit-mail2.com/3.18.56.123]

[URI: click.convertkit-mail2.com/18.220.225.51]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: healthyorivellenailcare.s3.amazonaws.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.217.70 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_HK_NAME_DR No description available.

0.3 HTML_SHORT_LINK_IMG_3 HTML is very short with a linked image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8C=99_Do_This_Every_Night_=26_Fungus_Could_Be_Gone_=28Sim?=

=?UTF-8?Q?ple=21=29?=

--000000000000a713530641b6758c

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Cloud laatste waarschuwing Cloud laatste waarschuwing Unsubscribe

--000000000000a713530641b6758c

Content-Type: text/html; charset="UTF-8"

Device Width Images

--000000000000a713530641b6758c--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 20:45:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBOpv-00000000FHf-3eKr

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 20:44:27 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 20:44:27 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f198.google.com ([209.85.221.198]:49552)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBNow-00000000KlR-1M58

for support@nk.ca;

Tue, 21 Oct 2025 19:39:29 -0600

Received: by mail-vk1-f198.google.com with SMTP id 71dfb90a1353d-554e68b14cbso3029158e0c.3

for ; Tue, 21 Oct 2025 18:38:34 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761097108; x=1761701908; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=sq5PRy5OLJZmWwOitqL9xxIPx1w3Uu6pSgT1O1Rgyi4=;

b=m1NUvNIzROrZpQsaKLQa54C4nN8lNm21Xfgkc75fBmwjjFdLMYHBp78TS36zqK/21R

XJC7VlgSgvDC/cBHfohe28D/X1IEjYngOeuov+VCcS3flgb7vrHHxLpB0k0OBJTneQ7Z

EcocWS6wKSMvfNgmiCh4vdCgwIWjO/u27NraoBpCY+lCsR4ZeOsj1rV7X4LMuQv6aMIL

JO+aFZvTpxpSKr0gg1npQywkIf+X6htmTHfyIIJMsa2XkqAlN0OFyXtnORxGvQtojz3F

DBb9cpz3lsYSgx4w2KvIuqVvrqdg6AkO5TL3QpcVqy3neI2IhI2wttGfSY40fTF/BRvL

z1vw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761097108; x=1761701908;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=sq5PRy5OLJZmWwOitqL9xxIPx1w3Uu6pSgT1O1Rgyi4=;

b=OeZ03XUF4MpSXXmenzk15vpL5uEawZUpcHWoptVMhbmFZhlzGsDLzgh63bi520n1TT

uVJX9riBpORRqQXa5lGJsceYTuVvdzsTejwp/WXi6d/Xbj0W3DjoP54q6jh2qvMl437f

BBnjujb34WiUQrX9EYNSMBQxhXA2AZgnfIFlGgBEPVS4Foj32uq1KZ2XK+F0PfNbao7F

9xzwJWAENA2Poi2pJ+058aFJa2bZCLMWpj+a/uZmmOT2/hI+ADgg3SLFeMJb64MDsdHn

xrAxD8wKjOZ13Tm6Ng/8L5VUWvlssfj7mgC7yRFJmE+RQefNzHGFNYMM9t2qzabMqrJ0

0bjw==

X-Gm-Message-State: AOJu0YwqnEZ7tMzwooZ3Wei8aplMYr6U6m88SbAcAI8LrKcGiF7MA0OJ

6OmWs/sz4ryZUeCARtLOwvxyMJVYVTKP6gBMc8FY2zLiPD7mpKH5RhKIt+EC2GBV3cPfxYXIN8O

zZkZVJc3I3g==

X-Google-Smtp-Source: AGHT+IFAKgiTQ2pVoHGf0yhbPfOnDqpJe519SiIk/udaDEsASXIWQu/ZgBhQXB2z4r5D95x7FqntKmsME9kCCX8=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:3183:b0:54a:87d3:2f09 with SMTP id

71dfb90a1353d-5564ed88757mr5957463e0c.2.1761097108662; Tue, 21 Oct 2025

18:38:28 -0700 (PDT)

Message-ID: <00000000000093a9970641b55fb1@google.com>

Date: Wed, 22 Oct 2025 01:38:28 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=99_Do_This_Every_Night_=26_Fungus_Could_Be_Gone_=28Sim?=

=?UTF-8?Q?ple=21=29?=

From: =?UTF-8?Q?Dr=2E_James_Parker_=F0=9F=A9=BA_=2D_Wellness_Center?=

To: support@nk.ca

Content-Type: multipart/alternative; boundary="00000000000093a98a0641b55fae"

X-Spam_score: 10.1

X-Spam_score_int: 101

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Cloud laatste waarschuwing Cloud laatste waarschuwing Unsubscribe

Device Width Images

Content analysis details: (10.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

[209.85.221.198 listed in dnsbl.ahbl.org]

[209.85.221.198 listed in dnsbl.ahbl.org]

[209.85.221.198 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL

[209.85.221.198 listed in psbl.surriel.com]

0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist

[URI: click.convertkit-mail2.com/18.220.225.51]

[URI: click.convertkit-mail2.com/3.18.56.123]

[URI: click.convertkit-mail2.com/3.141.222.179]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.198 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.198 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.3 HTML_SHORT_LINK_IMG_3 HTML is very short with a linked image

0.0 T_HK_NAME_DR No description available.

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8C=99_Do_This_Every_Night_=26_Fungus_Could_Be_Gone_=28Sim?=

=?UTF-8?Q?ple=21=29?=

--00000000000093a98a0641b55fae

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Cloud laatste waarschuwing Cloud laatste waarschuwing Unsubscribe

--00000000000093a98a0641b55fae

Content-Type: text/html; charset="UTF-8"

Device Width Images

--00000000000093a98a0641b55fae--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 20:45:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBOpp-00000000FGM-0dId

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 20:44:21 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 20:44:21 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from static.119.208.62.46.clients.your-server.de ([46.62.208.119]:35389 helo=acasa.us)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBNrX-00000000L1j-3aX6

for doctor@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 19:42:11 -0600

From: =?UTF-8?Q?=44=65=61=6C=20=57=61=74=63=68=64=6F=67=73?=#Lxe<>

To: "doctor@doctor.nl2k.ab.ca"

Subject: =?UTF-8?Q?=4F=75=72=20=31=30=20=46=61=76=6F=72=69=74=65=20=47=69=66=74=73=20=6F=6E=20=41=6D=61=7A=6F=6E=20=54=68=61=74=20=57=65=6E=74=20=6F=6E=20=53=61=6C=65=20=54=6F=64=61=79?=_uPIO

Date: Wed, 22 Oct 2025 01:36:18 +0000

Content-Type: multipart/alternative; boundary="_592_PH0PR10MB575626DDFECFD9938984F69EF0F5APH0PR10MB5756namp_"

MIME-Version: 1.0

X-Spam_score: 20.3

X-Spam_score_int: 203

X-Spam_bar: ++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: This is one of the best of all time! View online: http://noukatroumzeor.uksouth.cloudapp.azure.com/SEErRlV0RW4zbm5VVE5QZERUeVAwTVVxVi9CNVkzSkk5UGp6ZEJKSnRibklkZDNJNGZHZUVHdSs5Wm5NWFdkc3A0bmQ4ZVVCOGRKb28veHd1RngvVWRBR3V4Y1pybzZROVYrTUtnTj

[...]

Content analysis details: (20.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[46.62.208.119 listed in will-spam-for-food.eu.org]

[46.62.208.119 listed in will-spam-for-food.eu.org]

[46.62.208.119 listed in will-spam-for-food.eu.org]

[46.62.208.119 listed in will-spam-for-food.eu.org]

[46.62.208.119 listed in will-spam-for-food.eu.org]

[46.62.208.119 listed in will-spam-for-food.eu.org]

[46.62.208.119 listed in will-spam-for-food.eu.org]

[46.62.208.119 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[46.62.208.119 listed in dnsbl.ahbl.org]

[46.62.208.119 listed in dnsbl.ahbl.org]

[46.62.208.119 listed in dnsbl.ahbl.org]

[46.62.208.119 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[46.62.208.119 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[46.62.208.119 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[46.62.208.119 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[46.62.208.119 listed in dnsbl.ahbl.org]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[46.62.208.119 listed in bb.barracudacentral.org]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: noukatroumzeor.uksouth.cloudapp.azure.com]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

2.6 FROM_NO_USER From: has no local-part before @ sign

4.0 GR_DOMAIN_YOUSER1 Received contains spam friendly ISP (youser)

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS

0.3 HTML_SHORT_LINK_IMG_3 HTML is very short with a linked image

Subject: {SPAM?} =?UTF-8?Q?=4F=75=72=20=31=30=20=46=61=76=6F=72=69=74=65=20=47=69=66=74=73=20=6F=6E=20=41=6D=61=7A=6F=6E=20=54=68=61=74=20=57=65=6E=74=20=6F=6E=20=53=61=6C=65=20=54=6F=64=61=79?=_uPIO

--_592_PH0PR10MB575626DDFECFD9938984F69EF0F5APH0PR10MB5756namp_

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: 7bit

This is one of the best of all time!

View online: http://noukatroumzeor.uksouth.cloudapp.azure.com/SEErRlV0RW4zbm5VVE5QZERUeVAwTVVxVi9CNVkzSkk5UGp6ZEJKSnRibklkZDNJNGZHZUVHdSs5Wm5NWFdkc3A0bmQ4ZVVCOGRKb28veHd1RngvVWRBR3V4Y1pybzZROVYrTUtnTjN6RTQ9

Unsubscribe: http://noukatroumzeor.uksouth.cloudapp.azure.com/dWVML1BzaHVkckZJaUNzcWhMM2hDOGZnNW94emNTZGkzQW85RDEycTBidEx5bVB2ZnRYVlpGbXJNdHFnOExxdnBhV3BSNkNWMGpxVlIvVlJPdDZTa1orbUMxRnlsRHFRSW5DMndISTU5TzA9

--_592_PH0PR10MB575626DDFECFD9938984F69EF0F5APH0PR10MB5756namp_

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: 7bit

class="cta-button"

style="font-size:24px;

font-weight:bold;

color:#fff;

background:linear-gradient(135deg,#ff5a5f,#ff2d55);

padding:15px 30px;

border-radius:50px;

text-decoration:none;

display:inline-block;

box-shadow:0 4px 12px rgba(0,0,0,0.2);

transition:all 0.3s ease;

max-width:90%;

line-height:1.3;">

NOW LIVE: Amazon's Best Deals on Gift Gadgets Under 60% ...

Special Gadget Deals for Just Gismos Readers_ET0uF

--_592_PH0PR10MB575626DDFECFD9938984F69EF0F5APH0PR10MB5756namp_--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 20:45:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBOpz-00000000FIG-324w

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 20:44:31 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 20:44:31 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f200.google.com ([209.85.221.200]:42412)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBNtz-00000000LEx-2NeW

for doctor@netknow.ca;

Tue, 21 Oct 2025 19:44:42 -0600

Received: by mail-vk1-f200.google.com with SMTP id 71dfb90a1353d-555a199e5dbso1117535e0c.1

for ; Tue, 21 Oct 2025 18:43:49 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761097423; x=1761702223; darn=netknow.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=zWrAkVDh8IzKeN6YHz/+oB2444I29YqgSJeEPqIjzDw=;

b=NtIcOyqGmTWpRwVodbfMKI9Ce2+qQM85V/ConfqAKdySUt/P/l8LdqEgfLK4rj1G+G

+mW98WzE7WLhblA3zoHdr3iZVDlRSydxyOzDPC2Xqte11UkyRBVZuJR/5HLNUIamdUV2

rBtjAhj1zLWlaahjmHRgKFLGbx12e/c26tQZe8fXF+6zHMI097KTY4VbilljbgIUGTZY

LTU5BDPeB6JvKFUhlYNv0DpvXdVjuzjluvjufz1ozjZK7p1erp9PCkxX5RouUCHAeJRO

ytFlA8fqRt9JziUetsdix+cRM60FvxTEAIIp8zt/iIeeBnK7DXywpqRG6p37FHwLI0E2

3RYw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761097423; x=1761702223;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=zWrAkVDh8IzKeN6YHz/+oB2444I29YqgSJeEPqIjzDw=;

b=wOWFxuSUwLFLn8cvAFebh2kh6d57ABxSpKRij9VX1pj+Otrfo6OlKO9QyU+fyvJYGu

FnSfgzzw7mTp7u0wZ33A0+O5hF8mJbfuHWATZpZL+upjs00c/eKQBUIA71FbJqAYMdSs

z5l5EX8p+a1Bm97/L0uLii1rc6UjV5LBop9Ou2jdmsY89JZjemhJ5/meZBS3FET+2kGT

7m6AEzY8Daq1qnFbiOZpSXXCHRjkrvVGaXPbuyuGZV+wVrpe/0k0gxk4NUioyqvp9uCz

2xYpcSF2/UmJYNJsMZqsseeNWfFVdjfuxMzNhBYmkDpXkrQUpj+nKWOvQ3Upe2ltSqJA

G4pg==

X-Gm-Message-State: AOJu0YzdKjJdRhOKjls3nS9qCeJfsqSvsYvoFzVIfwpR/P4LqCm6zNEh

K7cZzzIkuKiUZXCHh+0//dqH8KlLp011L4BHPlqaZhSMt8OTMWaGjq8HPSDzchBGkZX7ioMB4Xq

V4lXdWjaPhA==

X-Google-Smtp-Source: AGHT+IEAPblTAYh8e3RWiI3tsQkKR7DiH+6tZ4nM1O/BlaPyStDP3bzpDr8LueatIUwNNUhPuWuWpzTH3/bO5Os=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:2ac6:b0:554:e726:7818 with SMTP id

71dfb90a1353d-556960f07a5mr530573e0c.2.1761097422925; Tue, 21 Oct 2025

18:43:42 -0700 (PDT)

Message-ID: <0000000000004eef080641b5725c@google.com>

Date: Wed, 22 Oct 2025 01:43:42 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=99_Do_This_Every_Night_=26_Fungus_Could_Be_Gone_=28Sim?=

=?UTF-8?Q?ple=21=29?=

From: =?UTF-8?Q?Dr=2E_James_Parker_=F0=9F=A9=BA_=2D_Wellness_Center?=

To: doctor@netknow.ca

Content-Type: multipart/alternative; boundary="0000000000004eeef60641b57259"

--0000000000004eeef60641b57259

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Cloud laatste waarschuwing Cloud laatste waarschuwing Unsubscribe

--0000000000004eeef60641b57259

Content-Type: text/html; charset="UTF-8"

Device Width Images

--0000000000004eeef60641b57259--

Posted by Dave Yadallee on Wednesday, October 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 17:37:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBLta-00000000LzG-32KL

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 17:36:02 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 17:36:02 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from vsvhtbkn.outbound-mail.sendgrid.net ([134.128.123.18]:55234)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBKRk-00000000LJN-1Ble

for sales@nk.ca;

Tue, 21 Oct 2025 16:03:20 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=surebondgrowth.com;

h=content-type:date:from:mime-version:subject:reply-to:list-unsubscribe:

list-unsubscribe-post:to:cc:content-type:date:from:subject:to;

s=s1; bh=oyTIJspxtFHOp4igvK9p2Bf1PJjFT+PtC3D704gacMI=;

b=NWP19GzhzWUqQwskLfoeH1enyABTRyJ70kbDMu0465Vu/SB/czWVUzY+ZPbeDEeaerWC

fEjFqRGzJY8AaOO7XSdxfbdYLfY/PddFVqdHzRfkOnSXUtykVcrbGPvzeQMRLPPWVcMkCE

a34ZR/fs6qlYgw9iSKVtK7/5aAZSZIAp87jxkC9VIUGffTHZL5h0imgOUvb48xfY/dd9CP

+jq+4YatpJ9SdolZ3Rh1kCY8g9GNMVRIn445PgwNWVHeNgKl3vnC6mauoap1G7BIqgLJme

XT37J0Ixm99Miht/lf0WZ4nSIfDZLdI+YroeBT+43qSZbvHAEBd0DTKtnBEVgEwg==

Received: by recvd-7df794f748-hsftm with SMTP id recvd-7df794f748-hsftm-1-68F8028F-D4

2025-10-21 22:00:47.440682898 +0000 UTC m=+12029233.991461176

Received: from NTYxNTgyNDU (unknown)

by geopod-ismtpd-28 (SG) with HTTP

id y2od2CeuRmqmN4ncG9aUug

Tue, 21 Oct 2025 22:00:47.416 +0000 (UTC)

Content-Type: multipart/alternative; boundary=c3ea6b09b16fcbc3ef94a9ab510a87ccb274c0a04389a20046a561faa9ea

Date: Tue, 21 Oct 2025 22:00:50 +0000 (UTC)

From: Kebbi Taminin

Mime-Version: 1.0

Message-ID:

Subject: Funding Opportunities & Broker Collaboration

Reply-To: nui231101@gmail.com

List-Unsubscribe:

=?us-ascii?Q?=3Chttps=3A=2F=2Fu56158245=2Ect=2Esendgrid=2Enet=2Flu=2Funsubscribe=3Foc=3Du001=2E2wR5?=

=?us-ascii?Q?i9AiM13d4aXJePpgYpmbK0rkyZBqLtxKlbaxsCd?=

=?us-ascii?Q?nRCQL57UIXglDexZvImbxCFQlKw5Hz=5FgcW5DYT0?=

=?us-ascii?Q?7H77dkj7v-yd=5F3L97npu5488mU-RvRO0tzpQpqJ?=

=?us-ascii?Q?EDJC6o2bT9fWWEjZ-Qw-1AJZ64JmvGWxWutIZ0X?=

=?us-ascii?Q?EJ-2m6ojUjqvWl1JGV2unC8JXacBUaIwyySABzw?=

=?us-ascii?Q?B65PfSOC5AD3rwzimR2RJSWElLO4xJ7bDVvDKl8?=

=?us-ascii?Q?aqlqJ07J0SEbQ5hcjEtSzD66Y20V86Js5aojNZA?=

=?us-ascii?Q?3IYLuBm27OOkCqvYdKYfnRp6IhkCfXpQz2XBGh6?=

=?us-ascii?Q?nSssbfkH5hfMB--OT7OAsoGU2vacqjoPUicrxZO?=

=?us-ascii?Q?x6np52856rVpSyj60V1wE7AANaWqcphaXhUhBGZ?=

=?us-ascii?Q?5ZHfibh51Vq3Ub1SIVYfq7PL5zkQ5JQTHD9jy5g?=

=?us-ascii?Q?9RKS3u6G-=5Fi1kwvINqrqtwE=5FWWSDuE2=5F7UskNeF?=

=?us-ascii?Q?6zePno1eWIrf=5FpA6A42-v36ZDa0rZzb-CJpDW4K?=

=?us-ascii?Q?D=5FBH0t12OL67NmOm3bFDLWOM4gINbzu5yBFZvFx?=

=?us-ascii?Q?KuEEjbnU7De0U2jbKALFCk-YG5qeR5HapkfGVyD?=

=?us-ascii?Q?66HaA6DoJQGZmVRrhgiq0lu=5FM9A-Z8hgMo=5FvMhb?=

=?us-ascii?Q?tNUyyu95UlNbN-jTEOiRoBpuPpQ9j7X-71Y5rdG?=

=?us-ascii?Q?EVa83w92qqoKq8vHZL-nZXLVlA5TU1iEvwsS9VA?=

=?us-ascii?Q?nRCfbzS8kLyqo4CgFfbx=5FLbmcMwASt8ujFphjaT?=

=?us-ascii?Q?UfhFvQMKUZK2kTfjwDgEFZnN7V-mIqBau36PxRC?=

=?us-ascii?Q?5UWiM47=5FWJD-qTjv7nNJW8QygIyOCjos=5FzCVvl3?=

=?us-ascii?Q?kM5DbidgHw3nwRvnNyToK654PHpsA3AsNMpdyhF?=

=?us-ascii?Q?90GkeZ8q=5FVUa7P=5FPcnZmKTbyeDOINjhTxTQsSJi?=

=?us-ascii?Q?eG14QXIkL4F1QNWAjPC5B4rK9mMnR3gPZnq1pVU?=

=?us-ascii?Q?X-9pt0dl9P=5Ft6kUNWIP3eEVMYbP3U33OALZTImn?=

=?us-ascii?Q?OWWuksc0DDN09enVqOUHSC=5FdH=5FGdmoozUNTl4io?=

=?us-ascii?Q?NpzGAgulKmKoPeI5RTCRvesPokM4R=5FqfbtBZDHD?=

=?us-ascii?Q?SHjRk0fu=5Fzu9lC=5Ftf8RBT0aqSaU-FFDFzkJ3QDi?=

=?us-ascii?Q?Lo7lco962Fv0hrYC1YW0T1feYvxvs88Jiq74nED?=

=?us-ascii?Q?j1FaCFIXgBgMbQYx8idttlAF3Zma2hJVJ32l0O5?=

=?us-ascii?Q?Hga5b=5F9X=5F2ZGdDPnaZyeLMHxJXqhG0kuUcgo=5FSU?=

=?us-ascii?Q?3k-HO6bDM5oiK6AcJLfq9D7rjNrm8LTGowb2jqa?=

=?us-ascii?Q?QVQ5s2ozQq0z8W5kntB-fFGcLQqp6H0xeWsn720?=

=?us-ascii?Q?OKe162wrS2tAqLZ-mlAqSmAXsc1lzClbUzh6T-g?=

=?us-ascii?Q?BqjnG3b2pDJrQu=3E=2C=3Cmailto=3Aunsubscribe=40em3?=

=?us-ascii?Q?167=2Esurebondgrowth=2Ecom=3Fsubject=3Dhttps=3A=2F=2F?=

=?us-ascii?Q?u56158245=2Ect=2Esendgrid=2Enet=2Fmt=2Fu=2Fu001=2EUvL?=

=?us-ascii?Q?Ee6wd=5FcS-KxeltceZMzexEmJ5-vyFLrjVFgNubU?=

=?us-ascii?Q?I=2F4kx=2Fu001=2ERjzO14ms=2Fu001=2EKLTPcRvOAUOhMz?=

=?us-ascii?Q?0pM-2FGc2UX5SJxn9dwOpWWWFdzqjopmcEtyY-2?=

=?us-ascii?Q?Blp7FQdGf4Kw4UdJIoEn1eAprivEymowIC6SOSZ?=

=?us-ascii?Q?LVHLyTGhgDmT5AYtEgKBu7JXFpFvycasStO05F0?=

=?us-ascii?Q?guf2ylb5-2BXembfrSplvWZQxw31PUzHiqtpzbL?=

=?us-ascii?Q?RB6xgNO8dB7QtAWf7Ua1VINxBI41OEED1Mz-2F1?=

=?us-ascii?Q?WECrrbk67EVA5d4IOTtFDGH0L-2FBOraZJSGPZ8?=

=?us-ascii?Q?F6sYF-2BUBK7RTDX37hvZYKyXkgjEo4pnsKE2EC?=

=?us-ascii?Q?Ve9juA0TY7yRo2TpJ6GCey6rMprWVzz5KiAowc-?=

=?us-ascii?Q?2FkWVycPzJ5FNywNYGBBX-2BeOsR8hc6AKkpRFm?=

=?us-ascii?Q?W0ON1zjQ1W3-2FZfNJ86z5bT4liBJQM59d8ZUAn?=

=?us-ascii?Q?mpmI3xUPAU-2F-2FCi9tD7pddzWvDZxlZnOm67u?=

=?us-ascii?Q?AJpnUNkPjhmkI-2Bpt9TtQ1R-2Fy-2FXngAmU8T?=

=?us-ascii?Q?kfNJcN7LoDQDxqMjGVFgUBqTtMlkgjl4vZfhn3A?=

=?us-ascii?Q?v4Sqw79FM36MOvpQvVFkJbKv5JteM4SVrxlFaDk?=

=?us-ascii?Q?XJDQ1l-2BwLJP2okkR6cU4mzuZWBIl7PDBBfJDU?=

=?us-ascii?Q?lzQ-2FZnGPSlJ-2BqGQ6YqJ0GrebbVchX5JxSxN?=

=?us-ascii?Q?YWynbAiZT-2FMW4d7VYx-2BFIsLBNwlKZ7-2FGB?=

=?us-ascii?Q?Kf3-2BMbMVBIKmET2flzZYReDV9cJQF-2Br4VGw?=

=?us-ascii?Q?-2FNLtjYlY3RZvMwu9M-2BXC1uuYgpIFjBjVAGp?=

=?us-ascii?Q?E-2BWeE07H0PU6HkMoO4-2BOMWl-2BOtKUBzflG?=

=?us-ascii?Q?4EiwXDgG7Fo7UNp0Fs-2BWfqFYhTpgUaOaOkKS3?=

=?us-ascii?Q?tRSolio9Sucle-2BaLOlqPP7uzzzLYky3rHOM-2?=

=?us-ascii?Q?FUrz8QthJRd7WvJbXDRoOrOXYLALowUMwV87Qco?=

=?us-ascii?Q?oRcW184RTnoOwYQYO-2F6e9GtYaurnKg7jSiv3r?=

=?us-ascii?Q?6aNn9Dzm=2Fu001=2EgJlJUiHP=3E?=

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-SG-EID:

=?us-ascii?Q?u001=2EIgaRwJiOuBT85UhZyyhPiRZtnId2beDid68DqOIZR62htoyLgLzM8ydl5?=

=?us-ascii?Q?uK7dWc3vnTXVkHJpyVlgT5dAbItRQqMoYYTCzIX?=

=?us-ascii?Q?1jc71yP5WKxqvZtwlVN9fkKWJzcKMi2SgVd5FKW?=

=?us-ascii?Q?0wy=2FQI3n9GAhZtAy+NByYq82gzm2oQ0i1L4mXI7?=

=?us-ascii?Q?HSnGGR9RQVlztJuBqnI6P5ILc=2Fa7U6wjyUyE6Ba?=

=?us-ascii?Q?47peOVxty5rKggwWQG8goumTSMPf3cMLirehu7b?= =?us-ascii?Q?f2=2Fq?=

X-SG-ID:

=?us-ascii?Q?u001=2EXwhBPNhCejkv4+fVosb2QVfR16Qxp9CrA7PjDe5zzeI=2F0IZCBsPXtgHbA?=

=?us-ascii?Q?oGIj+RskLxA4N2rJjSWrHfgX07tLOm0v5BUQcd6?=

=?us-ascii?Q?w3knjorGi7Hwu0WCOA5AFSvy0=2FwlG32=2FtNcA2A8?=

=?us-ascii?Q?Z9gbxGufVvGf12kwvgj+it2fP9Dv5Wp7MIoFRJN?=

=?us-ascii?Q?f5eijuUouflI+LDvwePbi8VF4s8InP=2FFjBlGqU6?=

=?us-ascii?Q?aiCR3jRI=2FN5H7xLZ9dnnU1W+KmCcUM8KGjnB7VD?=

=?us-ascii?Q?l67bVsoczk4OvgStMmYBqjSOeQSGUexVNHEjckD?=

=?us-ascii?Q?lnkFY7d6FjKooYfhl6niF+PKYi+CBqd5D7MfPyS?=

=?us-ascii?Q?VZeBiCYSWjQjv9mkOkWbrTleQ4kEQil0FQqkJnK?=

=?us-ascii?Q?5cqZvidzTAEIlQy6z4MNJZ+oYPC4X5+aIboHnGP?=

=?us-ascii?Q?1BI0IN8nAfElvprX7Ti6H0h5oPmRs7yoXRe+gJi?=

=?us-ascii?Q?r0lUjGLJy5=2FeHU70RX17WU6tiktNWbgKoDcHeIm?=

=?us-ascii?Q?8TBIjacCOPpwhQ3Et7h5LFGNRwf1BlGxCUySNBt?=

=?us-ascii?Q?oIHUt0vlJQhv47J6ALMaT3OajhQ9IfmL4qq5CX4?=

=?us-ascii?Q?hA0oeSW6NrDHm9awjMyht7ebrq+9hi3UH25sLCw?=

=?us-ascii?Q?6o2pAYie72pNxdk3ytR1gh8XeeMjIYfw9wa+RWA?=

=?us-ascii?Q?LBc86=2FK6qNzLv=2F4g5Mcf7iLOnBaL4=2FHh5iJumai?=

=?us-ascii?Q?zlsK6evIQtq3Gw=2FCNRfSlPQ?=

To: sales@nk.ca

X-Entity-ID: u001.3XqEyecb1r5rRw6OWIFNnw==

X-Spam_score: 48.3

X-Spam_score_int: 483

X-Spam_bar: ++++++++++++++++++++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I hope this message finds you well. I am reaching out on behalf

of Surebond Capital, a prominent finance and lending firm based in Oman.

We specialize in providing substantial funding for projects with the following

terms:

Content analysis details: (48.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[134.128.123.18 listed in will-spam-for-food.eu.org]

[134.128.123.18 listed in will-spam-for-food.eu.org]

[134.128.123.18 listed in will-spam-for-food.eu.org]

[134.128.123.18 listed in will-spam-for-food.eu.org]

[134.128.123.18 listed in will-spam-for-food.eu.org]

[134.128.123.18 listed in will-spam-for-food.eu.org]

[134.128.123.18 listed in will-spam-for-food.eu.org]

[134.128.123.18 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[134.128.123.18 listed in dnsbl.ahbl.org]

[134.128.123.18 listed in dnsbl.ahbl.org]

[134.128.123.18 listed in dnsbl.ahbl.org]

[134.128.123.18 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[134.128.123.18 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[134.128.123.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[134.128.123.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[134.128.123.18 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: surebondgrowth.com]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: surebondgrowth.com]

1.1 URIBL_GREY Contains an URL listed in the URIBL greylist

[URI: sendgrid.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

15 GR_DOMAIN_SENDGR1 Received contains spammer id (sendgr)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[nui231101(at)gmail.com]

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

2.5 MILLION_USD BODY: Talks about millions of dollars

15 GR_DOMAIN_SENDGR6 URI: Body contains known spammer URI (sendgr)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.5 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

Subject: {SPAM?} Funding Opportunities & Broker Collaboration

--c3ea6b09b16fcbc3ef94a9ab510a87ccb274c0a04389a20046a561faa9ea

Content-Transfer-Encoding: quoted-printable

Content-Type: text/plain; charset=us-ascii

Mime-Version: 1.0

I hope this message finds you well.

I am reaching out on behalf of Surebond Capital, a prominent finance and le=

nding firm based in Oman. We specialize in providing substantial funding fo=

r projects with the following terms:

=20

Repayment period of up to 10 years

=20

Flexible grace period of up to 24 months

=20

3% annual interest rate

=20

Project funding starting at 2 million USD or equivalent

Additionally, we are currently seeking brokers or representatives to connec=

t us with potential projects, offering commissions for successful referrals=

.

Should you be interested or require further details, please don't hesitate =

to contact me.

Best regards,

Kebbi Taminin

Managing Director

Surebond Capital

Muscat, Oman

Tel/WhatsApp: +96878941146

Kebbi Taminin

Al Adab St, , Muscat , 00000

Unsubscribe ( https://u56158245.ct.sendgrid.net/wf/unsubscribe?upn=3Du001.4=

7O2DjJnszqz5BkLM6ntPQmMF7Tj9J6PL8wER4PMnFFRbVrNKyhEhoQIOqyn7weZk96xZ8UZX1Ke=

AiNG4Sbty6wBmYKCXOOC8FE97gvEB9xgl1WiSYGe1uqqTr4igR9qd80ejiVoNHs2gdZq87ne6SQ=

wi0ww1j7ZIAq2H8n-2Ftyv82iTgUYrYJ79PwgTkBjKlnkjOciVYdg-2BdpE-2FtWq2hy9M30fuV=

-2BiS69satP8kb02nP2KIWpZBXgbKM-2Bdtx2q22JixB2n6xe9jucKQh3Shmdfush-2F9GWPWTt=

6U3j-2FfY4j5uWika256xFk3Ct23PKoIX9TyLEPOr2Pwfdun3wQxtbsAumY8-2Bk86pkG-2F5pX=

jXVA7GZEBE8G7BAzKZyLujLgj37AH-2BPK4bMH1VzMQpLJpKH71fO9LSlll8yErq34hwB7J67Ha=

ARkFMm14LA1-2BvfumStoFNMFJGNOmB11sigDdaNsSu0hO9d-2FkO7VaSPfGRZwluFhJoZbudgJ=

n9dGQ8A3DDBsMMa8WGa-2Fzq4w1eXRNDnO3yutbrPckPIeirZJaOSadJKM7bzFRL-2FFzpJhDvV=

5lJ2AdwidrYAneNlfXKkB30P4FgTVucq5PdGJoDx7HfR1fGSvTDbYAWKwrlb4-2FrBvISTU2FmL=

EWKgiAYdGXUyt7931CLW6V-2ByyCXxmocnOyJwcNPijLKdd4uRDBjXXdDU-2BQ4lrSjtOBftbf-=

2FBcyoUFZ4yj4dr36aZVSKcEYa6k-2BfAs-2BnVu24YZ6TgUowO7WR9RWekG4VInn2SPg2S0QOm=

NxaxCPbq59kfh0i8PX-2FOhR11fIhg6ZdTYMTsK4QlEtGsrvOTZUF4IMfvTP1gL4xxuS1wBhgz1=

tExxZcB32LNsOuhReM9fNw4cL4hT1Frkr9JXq ) - Unsubscribe Preferences ( https:/=

/u56158245.ct.sendgrid.net/wf/unsubscribe?upn=3Du001.47O2DjJnszqz5BkLM6ntPQ=

mMF7Tj9J6PL8wER4PMnFFRbVrNKyhEhoQIOqyn7weZk96xZ8UZX1KeAiNG4Sbty6wBmYKCXOOC8=

FE97gvEB9xgl1WiSYGe1uqqTr4igR9qd80ejiVoNHs2gdZq87ne6SQwi0ww1j7ZIAq2H8n-2Fty=

v82iTgUYrYJ79PwgTkBjKlnkjOciVYdg-2BdpE-2FtWq2hy9M30fuV-2BiS69satP8kb02nP2KI=

WpZBXgbKM-2Bdtx2q22JixB2n6xe9jucKQh3Shmdfush-2F9GWPWTt6U3j-2FfY4j5uWika256x=

Fk3Ct23PKoIX9TyLEPOr2Pwfdun3wQxtbsAumY8-2Bk86pkG-2F5pXjXVA7GZEBE8G7BAzKZyLu=

jLgj37AH-2BPK4bMH1VzMQpLJpKH71fO9LSlll8yErq34hwB7J67HaARkFMm14LA1-2BvfumSto=

FNMFJGNOmB11sigDdaNsSu0hO9d-2FkO7VaSPfGRZwluFhJoZbudgJn9dGQ8A3DDBsMMa8WGa-2=

Fzq4w1eXRNDnO3yutbrPckPIeirZJaOSadJKM7bzFRL-2FFzpJhDvV5lJ2AdwidrYAneNlfXKkB=

30P4FgTVucq5PdGJoDx7HfR1fGSvTDbYAWKwrlb4-2FrBvISTU2FmLEWKgiAYdGXUyt7931CLW6=

V-2ByyCXxmocnOyJwcNPijLKdd4uRDBjXXdDU-2BQ4lrSjtOBftbf-2FBcyoUFZ4yj4dr36aZVS=

KcEYa6k-2BfAs-2BnVu24YZ6TgUowO7WR9RWekG4VInn2SPg2S0QOmNxaxCPbq59kfh0i8PX-2F=

OhR11fIhg6ZdTYMTsK4QlEtGsrvOTZUF4IMfvTP1gL4xxuS1wBhgz1tExxZcB32LNsOuhReM9fN=

w4cL4hT1Frkr9JXq )

--c3ea6b09b16fcbc3ef94a9ab510a87ccb274c0a04389a20046a561faa9ea

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset=us-ascii

Mime-Version: 1.0

=3Diso-8859-1">

>

<=

/HEAD>

I hope this message finds you well.

I am reaching out on behalf of Sureb=

ond=20

Capital, a prominent finance and lending firm based in Oman. We specialize =

in=20

providing substantial funding for projects with the following terms:

Repayment period of up to 10 years=

Flexible grace period of up to 24=20

months

3% annual interest rate

Project funding starting at 2 mill=

ion USD=20

or equivalent

Additionally, we are currently seeki=

ng=20

brokers or representatives to connect us with potential projects, offering=20

commissions for successful referrals.

Should you be interested or require =

further=20

details, please don't hesitate to contact me.

data-is-last-node=3D"">Best regards,

>Kebbi=20

Taminin
Managing Director

d=3D"800"=20

data-start=3D"797">Surebond Capital
=

Muscat,=20

Oman
Tel/WhatsApp:=20

+96878941146

" data-type=3D"unsubscribe" style=3D"color:#444444; font-size:12px; line-he=

ight:20px; padding:16px 16px 16px 16px; text-align:Center;" data-muid=3D"4e=

838cf3-9892-4a6d-94d6-170e474d21e5">

style=3D"font-size:12px;line-height:20px"

>

Kebbi Taminin

Al Adab St,, =

Muscat,
scribe--senderState"> 00000
span>

45.ct.sendgrid.net/wf/unsubscribe?upn=3Du001.47O2DjJnszqz5BkLM6ntPQmMF7Tj9J=

6PL8wER4PMnFFRbVrNKyhEhoQIOqyn7weZk96xZ8UZX1KeAiNG4Sbty6wBmYKCXOOC8FE97gvEB=

9xgl1WiSYGe1uqqTr4igR9qd80ejiVoNHs2gdZq87ne6SQwi0ww1j7ZIAq2H8n-2Ftyv82iTgUY=

rYJ79PwgTkBjKlnkjOciVYdg-2BdpE-2FtWq2hy9M30fuV-2BiS69satP8kb02nP2KIWpZBXgbK=

M-2Bdtx2q22JixB2n6xe9jucKQh3Shmdfush-2F9GWPWTt6U3j-2FfY4j5uWika256xFk3Ct23P=

KoIX9TyLEPOr2Pwfdun3wQxtbsAumY8-2Bk86pkG-2F5pXjXVA7GZEBE8G7BAzKZyLujLgj37AH=

-2BPK4bMH1VzMQpLJpKH71fO9LSlll8yErq34hwB7J67HaARkFMm14LA1-2BvfumStoFNMFJGNO=

mB11sigDdaNsSu0hO9d-2FkO7VaSPfGRZwluFhJoZbudgJn9dGQ8A3DDBsMMa8WGa-2Fzq4w1eX=

RNDnO3yutbrPckPIeirZJaOSadJKM7bzFRL-2FFzpJhDvV5lJ2AdwidrYAneNlfXKkB30P4FgTV=

ucq5PdGJoDx7HfR1fGSvTDbYAWKwrlb4-2FrBvISTU2FmLEWKgiAYdGXUyt7931CLW6V-2ByyCX=

xmocnOyJwcNPijLKdd4uRDBjXXdDU-2BQ4lrSjtOBftbf-2FBcyoUFZ47XWvyA-2Fem-2Bcpb2G=

LFXbawfd-2BbwpwfqY7yNwJ3pisg8fWulyKFvWJ3274ZHSmwX9i0-2FOGwdwzfxrrSjYgyfIThr=

Ey-2FCLA9zFm5vkmPXgrDBEef4Z-2B7RV12xfL-2F8hZlZWydEP4MeV9wLMqdrvJSSICPTH6txP=

M31rznEpZ9IUKLMl" target=3D"_blank" style=3D"font-family:sans-serif;text-de=

coration:none;">

Unsubscribe

-

=3Du001.47O2DjJnszqz5BkLM6ntPQmMF7Tj9J6PL8wER4PMnFFRbVrNKyhEhoQIOqyn7weZk96=

xZ8UZX1KeAiNG4Sbty6wBmYKCXOOC8FE97gvEB9xgl1WiSYGe1uqqTr4igR9qd80ejiVoNHs2gd=

Zq87ne6SQwi0ww1j7ZIAq2H8n-2Ftyv82iTgUYrYJ79PwgTkBjKlnkjOciVYdg-2BdpE-2FtWq2=

hy9M30fuV-2BiS69satP8kb02nP2KIWpZBXgbKM-2Bdtx2q22JixB2n6xe9jucKQh3Shmdfush-=

2F9GWPWTt6U3j-2FfY4j5uWika256xFk3Ct23PKoIX9TyLEPOr2Pwfdun3wQxtbsAumY8-2Bk86=

pkG-2F5pXjXVA7GZEBE8G7BAzKZyLujLgj37AH-2BPK4bMH1VzMQpLJpKH71fO9LSlll8yErq34=

hwB7J67HaARkFMm14LA1-2BvfumStoFNMFJGNOmB11sigDdaNsSu0hO9d-2FkO7VaSPfGRZwluF=

hJoZbudgJn9dGQ8A3DDBsMMa8WGa-2Fzq4w1eXRNDnO3yutbrPckPIeirZJaOSadJKM7bzFRL-2=

FFzpJhDvV5lJ2AdwidrYAneNlfXKkB30P4FgTVucq5PdGJoDx7HfR1fGSvTDbYAWKwrlb4-2FrB=

vISTU2FmLEWKgiAYdGXUyt7931CLW6V-2ByyCXxmocnOyJwcNPijLKdd4uRDBjXXdDU-2BQ4lrS=

jtOBftbf-2FBcyoUFZ47XWvyA-2Fem-2Bcpb2GLFXbawfd-2BbwpwfqY7yNwJ3pisg8fWulyKFv=

WJ3274ZHSmwX9i0-2FOGwdwzfxrrSjYgyfIThrEy-2FCLA9zFm5vkmPXgrDBEef4Z-2B7RV12xf=

L-2F8hZlZWydEP4MeV9wLMqdrvJSSICPTH6txPM31rznEpZ9IUKLMl" target=3D"_blank" c=

lass=3D"Unsubscribe--unsubscribePreferences" style=3D"font-family:sans-seri=

f;text-decoration:none;">

Unsubscribe Preferences

Jnszqz5BkLM6ntPQmMF7Tj9J6PL8wER4PMnFFRbVrNKyhEhoQIOqyn7weZk96xZ8UZX1KeAiNG4=

Sbty6wBmYKCXOOC8FE97gvEB9xgl1WiSYGe1uqqTr4igR9qd80ejiVoNHs2gdZq87ne6SQwi0ww=

1j7ZIAq2H8n-2Ftyv82iTgUYrYJ79PwgTkBjKlnkjOciVYdg-2BdpE-2FtWq2hy9M30fuV-2BiS=

69satP8kb02nP2KIWpZBXgbKM-2Bdtx2q22JixB2n6xe9jucKQh3Shmdfush-2F9GWPWTt6U3j-=

2FfY4j5uWika256xFk3Ct23PKoIX9TyLEPOr2Pwfdun3wQxtbsAumY8-2Bk86pkG-2F5pXjXVA7=

GZEBE8G7BAzKZyLujLgj37AH-2BPK4bMH1VzMQpLJpKH71fO9LSlll8yErq34hwB7J67HaARkFM=

m14LA1-2BvfumStoFNMFJGNOmB11sigDdaNsSu0hO9d-2FkO7VaSPfGRZwluFhJoZbudgJn9dGQ=

8A3DDBsMMa8WGa-2Fzq4w1eXRNDnO3yutbrPckPIeirZJaOSadJKM7bzFRL-2FFzpJhDvV5lJ2A=

dwidrYAneNlfXKkB30P4FgTVucq5PdGJoDx7HfR1fGSvTDbYAWKwrlb4-2FrBvISTU2FmLEWKgi=

AYdGXUyt7931CLW6V-2ByyCXxmocnOyJwcNPijLKdd4uRDBjXXdDU-2BQ4lrSjtOBftbf-2FBcy=

oUFZ46DHONccJD9DDFm9kSKan6R8-2FnznDrxUmOpXM7YreZNUFSDEGYzrargRn2pWbMDX5Kwq6=

pnLDnXRKkEbtxOIbvJuWHwaIfm-2FOqGFBTrqH0YA0-2Fu0i-2FipbNawLncx5LpWxrt8on1Ztb=

klFqgAMItu-2B1ubzkKSdeRkrQuXEMoDSmX0" alt=3D"" width=3D"1" height=3D"1" bor=

der=3D"0" style=3D"height:1px !important;width:1px !important;border-width:=

0 !important;margin-top:0 !important;margin-bottom:0 !important;margin-righ=

t:0 !important;margin-left:0 !important;padding-top:0 !important;padding-bo=

ttom:0 !important;padding-right:0 !important;padding-left:0 !important;"/><=

/body>

--c3ea6b09b16fcbc3ef94a9ab510a87ccb274c0a04389a20046a561faa9ea--

Posted by Dave Yadallee on Tuesday, October 21. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 14:24:57 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBIuB-00000000Bbo-3P0Y

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 14:24:27 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 14:24:27 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012056.outbound.protection.outlook.com ([52.103.43.56]:17773 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBHoM-000000004kQ-45DL

for doctor@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 13:14:31 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=PLoul6Dj89vmC6VryvFZAPSU8t+IP6yEY71kiBcRcsgsyTea/nOw/qAYkTrLTT77q9yDeCNRBm0KW3FEDTWC5MKuuu7qKLQ/KHbKNWZlwatRyNzthT5BRFr7yCUoGJRjRsH7be1v8F4H0c6kxvRLKopHSaxsO6aMonlH1ZlhnFisP0KBv2697hZpOkNTHbzCwXk5o1bSJutGeqtDORfIxbrZYk5FhTvjvDr5NiV7Pb02a1TFJaZYx9fZHFZTUUPW4+0g21pBw/oHtTw11OYZZuFTlUE3MEuRxgoww5Z/j1dc1JPcl13TTqi41ihIXJmP2JHTF4UF3sGPNrLyVbEScA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=FjHnGzGuMRpJhGWMyJp0RQY2/ChLpzHqGNpEc9tOCAs=;

b=hFTsgSTYS5egXs6v7e7HdwQ/Hoo/UYPUF0IiKtIAOVqXRzF8/F8+NstLpXaNebAgeFBK4RH7ZyCMPd7DsJ17jmqbfFG0f1ecvD9QtaGE67KyCVWXYfCJ+oIYDQ2ju0zfgFTuFVn4DUMwkgN1zyaw+ntRB3SP72pP/LCBv+l3PlYNYpSDbwImSWU4J8/jDPh/tppBdb03wEFfCDoT081jHxqBGvBh5Wec/xQbd2wz5jmRGiTFqNfKU+juc9UUptXYdTBlWIgoFqVV7ku80qFmW1pKiuOywuOVwf9BoClYe7VuUcCvup6UgOdobRb9UOHCqltvmvKy7K/tcqVjAduj3Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=FjHnGzGuMRpJhGWMyJp0RQY2/ChLpzHqGNpEc9tOCAs=;

b=FSWuv2OpujIqdhA0mzEKpXLwtKaQE1Fy3hP6315+fb0hoOSQ0aIV4/RilB8BHDcp2aOrZilPLb2SLcvLxLfsgFNHZcF/z2K5FFHNI1VhukA2T0JFB8I/stmhJ4uQ45sLWyp9ayNacrJBifk0i2P4qeHcMAX5JTiNRRV2Hyz1B2CL+0K1+epnetLD18lJjQ2PQjIwk1FFaFWvflPwjBJ1PzVWElTQDK9UOCVklAO8+kWI5A4IbFFIw7C+4vRDIt0F8Ls29AH0MPQgZdBCchMMCER1EAUcK7+p+YRjB7J0r19cQtdR3LFxhDLuUpNgSHM7QUa7JeXqDbdsS72ViQ9NMA==

Received: from TY0PR04MB6494.apcprd04.prod.outlook.com (2603:1096:400:273::10)

by JH0PR04MB7943.apcprd04.prod.outlook.com (2603:1096:990:99::14) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9228.17; Tue, 21 Oct

2025 19:12:36 +0000

Received: from TY0PR04MB6494.apcprd04.prod.outlook.com

([fe80::d48b:f5ed:c775:4cf9]) by TY0PR04MB6494.apcprd04.prod.outlook.com

([fe80::d48b:f5ed:c775:4cf9%6]) with mapi id 15.20.9228.015; Tue, 21 Oct 2025

19:12:35 +0000

To: kimberlysanchez6850@zokota.com

From: "Anna from GirlsInU."

Subject: =?UTF-8?Q?A_new_beginning_ca?=

=?UTF-8?Q?n_start_today=F0=9F=92=96?=

Reply-To: "rennaeknth@hotmail.com"

X-Mailer: Lotus Notes

Date: Tue, 21 Oct 2025 22:12:30 +0300

Message-ID:

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_F4AA_9BD79DF6.997814B8"

X-ClientProxiedBy: HE1PR05CA0162.eurprd05.prod.outlook.com

(2603:10a6:7:28::49) To TY0PR04MB6494.apcprd04.prod.outlook.com

(2603:1096:400:273::10)

X-Microsoft-Original-Message-ID: <1.9044a75fcf1fc5be2039@DESKTOP-IVI1O0L>

MIME-Version: 1.0

X-MS-Exchange-MessageSentRepresentingType: 1

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: TY0PR04MB6494:EE_|JH0PR04MB7943:EE_

X-MS-Office365-Filtering-Correlation-Id: 7c413c27-b6db-47bf-a079-08de10d5ca89

X-MS-Exchange-SLBlob-MailProps:

a+H6FLLcF3qR2HGZMjL0lriKLF3k1Y96aPBE6Llri1bYAS4OGgyR//zbySk9Wd9QWTkxZwoegS2fljiNfWDMk/AKk0VwaMo6JqfGADgDiAeQfIxJtinTCIM+R7NimmWFa/bl2nYR3bW2pqigbpJ9PPMKAUVgmzXxOlhPwHGPrj4UWQ/LKgPDhkciFeEb8sGVsQq4Om1fPbniGQYpy+NFAscZ0KvmNV2VDdlo0q4ssru2g62Vrd585UPrNnrOaDP1/56O19GeyBZyrhMRNzxSXJ4oB4/y18o3/i0QVCA72lv6VPkSXd/FOeEmRU9im2AIvfbmu+vH/LyOKfJ4V5MTiX6tClFV5Jfe7wpY+O819oKAhG0vBZCHJ45CX6fAgBshVzFA7ZAIP9Bj4sRMJynd+OLgE6uxNptmzQWMsZbgGlYWXxWukFjvkPBdWWubGmeCR2VFGQhrL5HiVh4ai4TqgPnyTDCwURBxVhm1EQX2+6IIOgnjxd1Dgq4A9QHaR3efujJdrUxic3G/7jiaGP4u+/UBUJFPxEGFONfdag3RkzwO7N6QR/zem6SBl1Rz++OVRstVFwGLWJJJXhCOm5JkAbh0+Nqp9ttL/yqEhygk0tGg6HOZL5bMFmlvT4W1xthlRQ56utr9TQye4vNsqoy+jwjeePm5Xo1DxWKXlZP4/BaxONqeqTqIbhYYBnVqfmBDCtpB4aZK/cNtd8G019zXGfARhLcMr4/I0ODEa3oSZqUesH0XRfjxGcxBPug0xzpzIjTC8cJeZ0EqPjprvM3Pn4kjQOCccT3iZ8lc8FJybYS6HiwsnN31xNXuoBk46zRj

X-Microsoft-Antispam:

BCL:0;ARA:14566002|461199028|23021999003|5072599009|15080799012|12050799012|12121999013|19110799012|9400799040|8060799015|56899033|40105399003|41105399003|39105399003|440099028|3412199025|39145399003|10035399007;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?Mmc0djhRdjFUbnFlaGFKRXNiOTdETllaejZXWERnTm1zNFFBV2ZRQVFPNGNI?=

=?utf-8?B?ZC9EQjA2SER2U3VabWhUMlpBYndUYWZaWEpqRkxEeUJlR3hwV0R4QkkycVZk?=

=?utf-8?B?KzNnZmI4WHR3RXpNZE5LQjhCeEZ4eGVZTXNXTHVSRXlEZDRJWEZzNTFkUHEz?=

=?utf-8?B?NkNkQjZQOXVubVRINEh1bG1GTlRTaDFZQXBIcXNBOU4zQVhyVEp1SVZQd1Mv?=

=?utf-8?B?ZDAwWDhmSEVWZXFmanVMTlZpZ2ZKOW81UUhUWUJoWFQ4OGhqSVk2R1hLUEpD?=

=?utf-8?B?b2xqcGV4d0orajRBY1FTdTA1QjRHbVFyV0VSaHZLZi80TG9ldjBSOXBpNHFK?=

=?utf-8?B?b1VIQVdHemptK3pVQ0ZnNnp3bE5tNjBEaXV3SmkrQk5jSjVjbVBoSjNQdVpI?=

=?utf-8?B?cjZOamc0MzhYanlaejJ4TUpLSm5OV2ZidGo5SFFVa3VJV2djVHhDdW5HWGlh?=

=?utf-8?B?ZERyRzFEN3cybnROR1UraG1TU2RzbEtobCs0VGJuQlY4N1p6NXBLVXNlREJM?=

=?utf-8?B?NGZmOXZuK1ZnRXpIUU5UZnZuMTl6eXkvWXE1SXlVLzIvN1FZL0MrMk45emtY?=

=?utf-8?B?RU5UZzN1VFlTVlJkclI4T1VmK3ZKZG5GUWovblFkVHE5S0w5MloyTjdaTGpn?=

=?utf-8?B?ZGdSQXU5UXJrcy9oRUIxcGlxR0cwaEo4cE9RcHlYa0F1UXhsYTlrTlZSK2sv?=

=?utf-8?B?ZVhPUnJhSGx4ZVd6eTlNWUJQSTkwa3hnOFV6eUgybGhSYlhid2Q0VGVzN3Q1?=

=?utf-8?B?WGl6Uy9FMzNJK0lsaytuUjZkRjQ1bkQ5MHRrVlNwSHBwNVVNTnM4UXBxNlFh?=

=?utf-8?B?ZDhhSTcvSDFyaHpvdXl3bXBGeXFoYVJsVEluY21pcG0zWlQ5VC9haEZVMW96?=

=?utf-8?B?a1RPaDZOVWFIQk9qSk9lSmhpdEE3SjBRb2NnS3Y2WVVxRmwyT0hDbG1WWGZM?=

=?utf-8?B?bDBXblFmMElHZTJldTd0d0lKQUkybVUxV3g0R3YxK0NjWnBlQUhXY1dxSVpP?=

=?utf-8?B?ZUwzYWVUYVJPZFRrRDdUUm5ya3RMaVRnSUxpZENYRXFiamdTUUZFc2YzZ2py?=

=?utf-8?B?WXhPblZXQTBZcEtDaWxmNE56bG5TSDlSL0VnSTR6dkl6WE1HRVZtM3NNdlEv?=

=?utf-8?B?WUh3aklNeDhCYldiUGtIUUxZYVRlMVRxTTdPcklUMVh0clNERHR5RlhObGNl?=

=?utf-8?B?NWMrNTBJUmU3cVgzQmVVM0Vwb21hK0FWaFlGdGtGQVJ6d3lsOU1YN1RuOVFE?=

=?utf-8?B?QmFVVmRXdkMxdTF3cnZtWUtEQzFmeE5zUFdodFBwMVB0a2hMU1I1WUlwN1N1?=

=?utf-8?B?Mnl4SzczbkVNbDIvaVd0azhrV1NTZ2VkVGNBZS9Qa3ZHOEo1MG5PY0ZTRUxY?=

=?utf-8?B?M3l4Z3Rkd3pvUXBjUmJUT0ZVMEhUcGwvWkFEcHYxTWZmRDVXYUlTM1F6cmNT?=

=?utf-8?B?VmVRYWV6U1VjME5wc3NIV2hHbERRSWRPeWpvcTI0ekx5SDgyOEFibUIrZjVQ?=

=?utf-8?B?Z1RkaERGcGFIc2NuTEptVWFmemo0THJDUnZ5VTdaaVJuZ0VlQm02Yzk0RUh3?=

=?utf-8?B?NFFXL0xRVVdDT3JxZG5WY2VsNUg1UHdtSndnS3UyWkh6Y2RsZ0UxSmF0RTF5?=

=?utf-8?B?SHphT3pPNTFrSXBhTENzS3haVzEvbmszOSsydG5mUHZXK2hpUjFZQzFuMjZ4?=

=?utf-8?B?ZExlNER6OW1qQmdlZkRxcGlkd0VtMjRQc2NZVlN0bE5nS1NYREZZTDFSaWVq?=

=?utf-8?B?bWZudG0xS3h6QXRuNHU1VlQ4SUtjaVB4TkhZUTJzZ1Yxbzd3N2xqZWZ1dzVX?=

=?utf-8?B?c0xDS3FBRVJBRjh6NTIyUT09?=

X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1

X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?ZzNHNEJJNzdlbHllV0hKa3hLbklIbSszYWFtRGJGQnhMZzNXbUdvYXFlQ1M5?=

=?utf-8?B?Uk1qb2E3eU11QlRycTJUMUl5cFJoRi9HTk1BTng3SjFlS1lFa1VMYmthUEM5?=

=?utf-8?B?OG9uY2lrTFkwN3dZL1F2RFUrMGNKQ3FSbHdocVZQUGlyai9IQXZmSVJLaU84?=

=?utf-8?B?a09zMEZuREdvTEFuczJXNjdLYzI3T3A4V2JJam5mNDdnQlQzY0RVZ3REaHd0?=

=?utf-8?B?b2N0S0x4UmhmZjJlaHN0Um5iSWNuWHBCYUMvOGN4dk1iTGwydEU0Wm1NYTBu?=

=?utf-8?B?WU1pSUpQTlR5OGc3L0psSktOUG0xMjROWXl0N1kzQUxtMGNyQUlaYTlYY2hO?=

=?utf-8?B?OHNZTUQ4MWZicXZUMitOV1VVTWtJMWpkaEZqNEp0Z0xmT1RJRXNVUFlMMU1Z?=

=?utf-8?B?Qm5Cb3JsY3ZEckNWc0ZLOWk1WDJsNC9uUFZQTXJUbUdVOEUzUnR2TGxRTXBh?=

=?utf-8?B?TDNtUTJDek1XOEJTWVh2S0dzMFFXbEFycXErZmFpUStIa0JCUXlyWm14bkFw?=

=?utf-8?B?UEladXhwVjZxYmtTZTg1Qmo3YlNERmtXTlBaN2tGU1pwUEhZMmVJVW11T3Uv?=

=?utf-8?B?MFkzRnlGQ1ErQUFNWWxvM3RHYUJKY0FaVG5HWk50UWh2Q295SWZtTkt1eGNU?=

=?utf-8?B?QjUza2JqMGlHQUxxVlptUWFuakJXcDNEeHIzaUpxdy9yYSs1SC9JdjFZUGZO?=

=?utf-8?B?eTRuRzJoT0hzSllUWndGOUNNVDYwcEM2RkRIY0FkMjZoZUMrSFFLVjZWTGhx?=

=?utf-8?B?cGMyZGU2NlpQTGVXak90aEE4ZnVPM3pzUGQralZGUW5uU0t5WTBlQnkzNDVk?=

=?utf-8?B?UEdpMUYyd1psbzh2ckVwUUZrTGxESnM3dVV6WTNGYXcyUURBUmhxeWZ3OGpL?=

=?utf-8?B?NkpOQXhpQnNUWXBTZXRTZjFCUTdlVHV3MTFVN2lzWXd0K2V3N25qL3NtVHVV?=

=?utf-8?B?dWN1SStkOHZCekxZMnl1Nkw3dEpIbWR1YUtsQWxGaWhSWTJKME9oekg0bWpj?=

=?utf-8?B?cEg5VFBwQk5lMm4zYytuTU5aaTFqQUxDVHZ4cnhJSDhFVUJ0dFpEK3NiZ00v?=

=?utf-8?B?RnY1Uy9STGFnQWFncWp4aUZyR0d0bVZ5TjFJZmFxV1ZjcFg5YU5qNEFMOTRN?=

=?utf-8?B?V1M5OUl2WUJIdmhVdGE4cFJucjFDTldBSjgrWlRLK3gwSFpjSmdvTU5peG9m?=

=?utf-8?B?NVREMnpSYkUzbXNWd21WMzBicDlWTWJ3ZDFjdzBHWXJYa1drbWJjTkVUcDhz?=

=?utf-8?B?LzUycnhhcVA2akp1VDluZDd4NXR4Y1pFNnhObnh3WTF2WTVKMnZINWZ5QVFV?=

=?utf-8?B?MkdjSG82Y3dldG9maG5vQ1dqY0pLbFd5elQ1eDhndjRxQjhzNEdQS2RRU1d4?=

=?utf-8?B?MVBlaTNLa0s2NUkwV3NOSlJSb05LdjY1ZmJ3T2lYNHE0V2R1aHEwZTQ2ZGdT?=

=?utf-8?B?STBNMkdjSW9CRmVVVGFDT28yWFlsWlFLOTltUGVDRU5rMjFFMU1pUEhjTTRT?=

=?utf-8?B?WC9HMkdiWi9qYloxQWMvR0k1OFRkakszYlRIT3pNWHJoNTBsSGpNOE9CQXB3?=

=?utf-8?B?SWJEclBTaGFuQ0ZhZ0J4Mnc4K0R6NEZ6b0hEOXR3dXVsRitVVGtwY0hjd01W?=

=?utf-8?B?cWdZYUlyTklTOTc0OFp4UmJHMUV0S05NTTF1T1lGeTgrZHRXcXlDSG04NUhy?=

=?utf-8?Q?TZSOmmEU4YpkVtlSSn6u?=

X-OriginatorOrg: sct-15-20-9052-0-msonline-outlook-38779.templateTenant

X-MS-Exchange-CrossTenant-Network-Message-Id: 7c413c27-b6db-47bf-a079-08de10d5ca89

X-MS-Exchange-CrossTenant-AuthSource: TY0PR04MB6494.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Oct 2025 19:12:35.3766

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: JH0PR04MB7943

X-Spam_score: 5.3

X-Spam_score_int: 53

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Tired of noise and meaningless chatter? Try something different.

A community built for real moments: thoughtful messages, genuine replies,

and connections that develop naturally. Start small â€” a quick â€œhiâ€

â€” and see how it grows.

Content analysis details: (5.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:400:273:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

[52.103.43.56 listed in dnsbl.ahbl.org]

[52.103.43.56 listed in dnsbl.ahbl.org]

[52.103.43.56 listed in dnsbl.ahbl.org]

[2603:1096:400:273:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:400:273:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:400:273:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:400:273:0:0:0:10 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: loopuns.info]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.103.43.56 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.103.43.56 listed in sa-accredit.habeas.com]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: loopuns.info]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.43.56 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.103.43.56 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[52.103.43.56 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.0 ARC_SIGNED Message has a ARC signature

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[rennaeknth(at)hotmail.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

Subject: {SPAM?} =?UTF-8?Q?A_new_beginning_ca?=

=?UTF-8?Q?n_start_today=F0=9F=92=96?=

------=_NextPart_000_F4AA_9BD79DF6.997814B8

Content-Type: text/plain;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Tired of noise and meaningless chatter? Try something different.

A community built for real moments: thoughtful messages, genuine replies, a=

nd connections that develop naturally.

Start small =E2=80=94 a quick =E2=80=9Chi=E2=80=9D =E2=80=94 and see how i=

t grows.

=F0=9F=91=89 GetStarted

Inside you=E2=80=99ll find:

=E2=80=A2 Authentic people, verified for trust

=E2=80=A2 Easy, secure chats that flow naturally

=E2=80=A2 Video & audio options for real interaction

=E2=80=A2 Features designed to enhance conversation

=E2=80=A2 Reliable privacy and respectful moderation

=

------=_NextPart_000_F4AA_9BD79DF6.997814B8

Content-Type: text/html;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

data-start=3D"1418" data-end=3D"1600" align=3D"center">=0A=

Tired of noise and meaningless chatter? Try something different.

tart=3D"1482" data-end=3D"1485">=0A=

A community built for real moments: thoughtful messages, genuine replies, a=

nd connections that develop naturally.=0A=

=0A=

=0A=

Start small =E2=80=94 a quick =E2=80=9Chi=E2=80=9D =E2=80=94 and see how i=

t grows.=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=F0=9F=91=89
data-start=3D"1659" data-end=3D"1674">GetS=

tarted =0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

Inside you=E2=80=99ll find:
=0A=

=E2=80=A2 Authentic people, verified for trust

end=3D"1741">=0A=

=E2=80=A2 Easy, secure chats that flow naturally

a-end=3D"1784">=0A=

=E2=80=A2 Video & audio options for real interaction

828" data-end=3D"1831">=0A=

=E2=80=A2 Features designed to enhance conversation

data-end=3D"1877">=0A=

=E2=80=A2 Reliable privacy and respectful moderation=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=

------=_NextPart_000_F4AA_9BD79DF6.997814B8--

Posted by Dave Yadallee on Tuesday, October 21. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 11:18:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBFz1-00000000IDy-1kTA

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 11:17:15 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 11:17:15 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from region.emg.fm ([109.235.208.74]:53906)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBFpK-00000000HCK-0cTz

for webmaster@nk.ca;

Tue, 21 Oct 2025 11:07:22 -0600

Received: from region.emg.fm (region.emg.fm [127.0.0.1])

by region.emg.fm (Postfix) with ESMTP id 4crdvj33fCz7kvvs

for ; Tue, 21 Oct 2025 20:05:05 +0300 (MSK)

Authentication-Results: region.emg.fm (amavis); dkim=pass

reason="pass (just generated, assumed good)" header.d=region.emg.fm

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=region.emg.fm; h=

content-transfer-encoding:content-type:message-id:user-agent

:subject:to:from:date:mime-version; s=dkim; t=1761066305; x=

1763658306; bh=BQNHZLrArQLSux4eF7/Fnk4tAp8gRlc8fC1Xlb/TdYk=; b=B

vN4NsplA/j14aETiTgW0vUht9aLCeUFGEYGTMZZEo1EzCcbPEbxdGGsY9BRNDGH3

cpskQ8sXLasXLESHWB+seuysycw7NHlPEVydrMm3BRB8O0Mrn9w8kuvcZ2wP2ZYk

R/z0D9J8u5/ZB4wOEp6sY+g5Em40Gm+lSBfJK3m9TjenLCLwhUur1Rmkq2ZZWhRL

VXJUs2kim3DeN8l7LzWBrpoQsyd5IwUhoftSl1hm7EhcsPZxEla3TENtQCL2DtwO

w5N1Ra8Av7T6HukpTcOBzLoNd4emTNa4li78QgpMVtDEtWLfd2ej7Vu0H2ntJQJj

aCGsExfOPwPsCL1VQD1Ow==

X-Virus-Scanned: amavis at region.emg.fm

X-Spam-Flag: NO

X-Spam-Score: 3.317

X-Spam-Level: **

X-Spam-Status: No, score=3.317 tagged_above=2 required=6.2

tests=[ALL_TRUSTED=-1, LOTS_OF_MONEY=0.001, MILLION_HUNDRED=0.001,

MONEY_FORM_SHORT=0.001, MONEY_NOHTML=2.499, T_FILL_THIS_FORM_SHORT=0.01,

UNDISC_MONEY=1.805] autolearn=no autolearn_force=no

Received: from region.emg.fm ([127.0.0.1])

by region.emg.fm (region.emg.fm [127.0.0.1]) (amavis, port 10026) with ESMTP

id JRX0KwndQ0fO for ; Tue, 21 Oct 2025 20:05:05 +0300 (MSK)

Received: from localhost (region.emg.fm [127.0.0.1])

by region.emg.fm (Postfix) with ESMTPSA id 4crdvZ0bqFz7ksQw;

Tue, 21 Oct 2025 20:04:58 +0300 (MSK)

MIME-Version: 1.0

Date: Tue, 21 Oct 2025 10:04:58 -0700

From: Andrea Gacki

To: undisclosed-recipients:;

Subject: FinCEN.

User-Agent: Roundcube Webmail

Message-ID:

X-Sender: info@ust-fincen.us

Content-Type: text/plain; charset=US-ASCII;

format=flowed

Content-Transfer-Encoding: 7bit

X-Spam_score: 16.2

X-Spam_score_int: 162

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Financial Crimes Enforcement Network (FinCEN) P.O. Box 39

Vienna, Virginia, 22183 Email: info@ust-fincen.us Date:21/10/2025 Greetings,

Content analysis details: (16.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[109.235.208.74 listed in wl.mailspike.net]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

2.4 MILLION_HUNDRED BODY: Million "One to Nine" Hundred

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.0 LOTS_OF_MONEY Huge... sums of money

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

1.3 MONEY_NOHTML Lots of money in plain text

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form

3.0 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} FinCEN.

Financial Crimes Enforcement Network (FinCEN)

P.O. Box 39

Vienna, Virginia, 22183

Email: info@ust-fincen.us

Date:21/10/2025

Greetings,

We hope this finds you well. Your pending transaction, intercepted by

FinCEN, has been fully reviewed and approved for release.

The sum of Ten Million Five Hundred Thousand Dollars has been confirmed

legitimate and will be paid via Online Banking Payment, accessible from

your location.

To issue your Payment Release Certificate and complete the transfer,

please provide:

Full Name

Address

Contact Number

* Government-issued ID (scan copy)

Send the above to (info@ust-fincen.us). After verification, we will

issue your certificate and provide instructions to access your funds.

Please note that due to impostors, we are issuing a code of conduct,

which is (6065). You must indicate this code when contacting us by using

it as your subject, good luck.

Thank you for your cooperation.

Sincerely,

Andrea Gacki

Director Financial Crimes Enforcement Network (FinCEN)

Posted by Dave Yadallee on Tuesday, October 21. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 11:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBFxw-00000000I7B-1TKX

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 11:16:08 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 11:16:08 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from region.emg.fm ([109.235.208.74]:53324)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBDXd-000000001lC-0Nbs

for root@nk.ca;

Tue, 21 Oct 2025 08:40:57 -0600

Received: from region.emg.fm (region.emg.fm [127.0.0.1])

by region.emg.fm (Postfix) with ESMTP id 4crZhG4xFtz7hp0g

for ; Tue, 21 Oct 2025 17:39:58 +0300 (MSK)

Authentication-Results: region.emg.fm (amavis); dkim=pass

reason="pass (just generated, assumed good)" header.d=region.emg.fm

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=region.emg.fm; h=

content-transfer-encoding:content-type:message-id:user-agent

:subject:to:from:date:mime-version; s=dkim; t=1761057598; x=

1763649599; bh=BQNHZLrArQLSux4eF7/Fnk4tAp8gRlc8fC1Xlb/TdYk=; b=T

JY4z+DFJ2sZpowe7y/3kl2ZHXiUQkzkOEROg/jzAup2E60SJugyv3NSQonoo5s1x

fw/ptczd/pXqvaK0kELyETFS7+gx1F9cMWYSmER0Hd/O6pSd//ZBFHsPZoSHb0zQ

FCxLjrY7JTOiirPk9/X6GjdxCM8LT1lWpe8pwBsaui8jC1c/Z3kKPoPfD+pKoMrq

9RWZU1XI2HlmZ6H3nygNmjvKC45bQmoMaSV7ec8/qUUiAJXU23vxTiUFzLV0EeSN

Ow78LuG2xTjoyEmTSFyCUSV83ozzCzrP9Sz5N22rejt22KZVv7PFY5heywpgXV7m

7tTYrqnTvk+qP1kewAv6g==

X-Virus-Scanned: amavis at region.emg.fm

X-Spam-Flag: NO

X-Spam-Score: 3.317

X-Spam-Level: **

X-Spam-Status: No, score=3.317 tagged_above=2 required=6.2

tests=[ALL_TRUSTED=-1, LOTS_OF_MONEY=0.001, MILLION_HUNDRED=0.001,

MONEY_FORM_SHORT=0.001, MONEY_NOHTML=2.499, T_FILL_THIS_FORM_SHORT=0.01,

UNDISC_MONEY=1.805] autolearn=no autolearn_force=no

Received: from region.emg.fm ([127.0.0.1])

by region.emg.fm (region.emg.fm [127.0.0.1]) (amavis, port 10026) with ESMTP

id MlWUfPaQeRgr for ; Tue, 21 Oct 2025 17:39:58 +0300 (MSK)

Received: from localhost (region.emg.fm [127.0.0.1])

by region.emg.fm (Postfix) with ESMTPSA id 4crZh15kxvz7bpVW;

Tue, 21 Oct 2025 17:39:45 +0300 (MSK)

MIME-Version: 1.0

Date: Tue, 21 Oct 2025 07:39:45 -0700

From: Andrea Gacki

To: undisclosed-recipients:;

Subject: FinCEN.

User-Agent: Roundcube Webmail

Message-ID: <3bc8b7e791e3524c25adeed044dec44b@ust-fincen.us>

X-Sender: info@ust-fincen.us

Content-Type: text/plain; charset=US-ASCII;

format=flowed

Content-Transfer-Encoding: 7bit

X-Spam_score: 16.2

X-Spam_score_int: 162

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Financial Crimes Enforcement Network (FinCEN) P.O. Box 39

Vienna, Virginia, 22183 Email: info@ust-fincen.us Date:21/10/2025 Greetings,

Content analysis details: (16.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[109.235.208.74 listed in wl.mailspike.net]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

2.4 MILLION_HUNDRED BODY: Million "One to Nine" Hundred

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

1.3 MONEY_NOHTML Lots of money in plain text

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form

3.0 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} FinCEN.

Financial Crimes Enforcement Network (FinCEN)

P.O. Box 39

Vienna, Virginia, 22183

Email: info@ust-fincen.us

Date:21/10/2025

Greetings,

We hope this finds you well. Your pending transaction, intercepted by

FinCEN, has been fully reviewed and approved for release.

The sum of Ten Million Five Hundred Thousand Dollars has been confirmed

legitimate and will be paid via Online Banking Payment, accessible from

your location.

To issue your Payment Release Certificate and complete the transfer,

please provide:

Full Name

Address

Contact Number

* Government-issued ID (scan copy)

Send the above to (info@ust-fincen.us). After verification, we will

issue your certificate and provide instructions to access your funds.

Please note that due to impostors, we are issuing a code of conduct,

which is (6065). You must indicate this code when contacting us by using

it as your subject, good luck.

Thank you for your cooperation.

Sincerely,

Andrea Gacki

Director Financial Crimes Enforcement Network (FinCEN)

Posted by Dave Yadallee on Tuesday, October 21. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 11:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBFy1-00000000I7c-3WDa

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 11:16:13 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 11:16:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from region.emg.fm ([109.235.208.74]:45570)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBDlb-000000003Es-0YFI

for sales@nk.ca;

Tue, 21 Oct 2025 08:55:22 -0600

Received: from region.emg.fm (region.emg.fm [127.0.0.1])

by region.emg.fm (Postfix) with ESMTP id 4crZzK1tYCz7bs2f

for ; Tue, 21 Oct 2025 17:53:01 +0300 (MSK)

Authentication-Results: region.emg.fm (amavis); dkim=pass

reason="pass (just generated, assumed good)" header.d=region.emg.fm

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=region.emg.fm; h=

content-transfer-encoding:content-type:message-id:user-agent

:subject:to:from:date:mime-version; s=dkim; t=1761058380; x=

1763650381; bh=BQNHZLrArQLSux4eF7/Fnk4tAp8gRlc8fC1Xlb/TdYk=; b=f

badR/QnFEOVtwmesSLsW8yztldQvIo6A3b5cabhvFpQI9azlJmt0h5LlFAlMQEgV

DfKmc+89VdjiPEw086hsKRjSonYB+JiIseaptwhSx8/ySfTpUIoAGLyON+EJZjf2

QGRROHbyUyigBObJA18ho/nX7oEMuUc/eiyd59LIjPxmibGuTkzOURPQgFr4ZeE2

oI03MWCvLok+383Ck++fapvhPm3qrq+s49CZtnU+z7Bm5v6nXASF3yKDdRC7fN2r

NpsP0WEi7MZcpqqYsdmEllY2+hXpDdmjRrjMxKfJdyLWjz1Cwtgk9lh5/7m37Biu

j5mUw55G2S01l+s0W93mw==

X-Virus-Scanned: amavis at region.emg.fm

X-Spam-Flag: NO

X-Spam-Score: 3.317

X-Spam-Level: **

X-Spam-Status: No, score=3.317 tagged_above=2 required=6.2

tests=[ALL_TRUSTED=-1, LOTS_OF_MONEY=0.001, MILLION_HUNDRED=0.001,

MONEY_FORM_SHORT=0.001, MONEY_NOHTML=2.499, T_FILL_THIS_FORM_SHORT=0.01,

UNDISC_MONEY=1.805] autolearn=no autolearn_force=no

Received: from region.emg.fm ([127.0.0.1])

by region.emg.fm (region.emg.fm [127.0.0.1]) (amavis, port 10026) with ESMTP

id trNviANQxSn2 for ; Tue, 21 Oct 2025 17:53:00 +0300 (MSK)

Received: from localhost (region.emg.fm [127.0.0.1])

by region.emg.fm (Postfix) with ESMTPSA id 4crZzF0bdzz7Z8GB;

Tue, 21 Oct 2025 17:52:57 +0300 (MSK)

MIME-Version: 1.0

Date: Tue, 21 Oct 2025 07:52:57 -0700

From: Andrea Gacki

To: undisclosed-recipients:;

Subject: FinCEN.

User-Agent: Roundcube Webmail

Message-ID: <31f4a4155a74edee49d2f71bf375ca88@ust-fincen.us>

X-Sender: info@ust-fincen.us

Content-Type: text/plain; charset=US-ASCII;

format=flowed

Content-Transfer-Encoding: 7bit

X-Spam_score: 16.2

X-Spam_score_int: 162

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Financial Crimes Enforcement Network (FinCEN) P.O. Box 39

Vienna, Virginia, 22183 Email: info@ust-fincen.us Date:21/10/2025 Greetings,

Content analysis details: (16.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

[109.235.208.74 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

[109.235.208.74 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.235.208.74 listed in dnsbl.ahbl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

2.4 MILLION_HUNDRED BODY: Million "One to Nine" Hundred

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[109.235.208.74 listed in wl.mailspike.net]

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

1.3 MONEY_NOHTML Lots of money in plain text

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form

3.0 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} FinCEN.

Financial Crimes Enforcement Network (FinCEN)

P.O. Box 39

Vienna, Virginia, 22183

Email: info@ust-fincen.us

Date:21/10/2025

Greetings,

We hope this finds you well. Your pending transaction, intercepted by

FinCEN, has been fully reviewed and approved for release.

The sum of Ten Million Five Hundred Thousand Dollars has been confirmed

legitimate and will be paid via Online Banking Payment, accessible from

your location.

To issue your Payment Release Certificate and complete the transfer,

please provide:

Full Name

Address

Contact Number

* Government-issued ID (scan copy)

Send the above to (info@ust-fincen.us). After verification, we will

issue your certificate and provide instructions to access your funds.

Please note that due to impostors, we are issuing a code of conduct,

which is (6065). You must indicate this code when contacting us by using

it as your subject, good luck.

Thank you for your cooperation.

Sincerely,

Andrea Gacki

Director Financial Crimes Enforcement Network (FinCEN)

Posted by Dave Yadallee on Tuesday, October 21. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 11:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBFyB-00000000I8H-2GTT

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 11:16:23 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 11:16:23 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [145.249.109.143] (port=34743 helo=fluxparlor.page)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vBDxQ-000000004y7-35d3

for root@nk.ca;

Tue, 21 Oct 2025 09:07:36 -0600

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nk.ca;

h=Date:To:From:Subject:Content-Type:Content-Transfer-Encoding:Mime-Version; i=root@nk.ca;

bh=6Nol4uyuhWfTRItbaFwtBu8wdIE=;

b=XGcCQdJGZWvJW02RE2M3IXwFeEweYovpqG5kOJs6OCTTvuuY8XJDFtxpE7vRd9Pk/Zd8rmCcVLdM

NqD9nFl1I+K4zuWUlsabJd48PVLgpTYD3Iuygz83KoEAkLlbn1lCszChOymQtAcEXsrJBmaOMUQG

jZFDmsz/QT8vGuNFBgg=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nk.ca;

b=aZxu9BrclCDsN9TspUZyJ65AVkMBs1upa4hzFrTX/KszTodv7joD6eCDwVkXRItbgNMyb2HpBe+l

1tslf0Bq/3i+bEL0Bg9Ef6pl+KFv3IV/t5K9ENtbEH66arIGZ0/TYKLNDxJtnU4tFG4KP6f0KdSf

NdtMTIfEzH8ccuooljk=;

Date: Tue, 21 Oct 2025 15:04:20 +0000

To: root@nk.ca

From: Harbor Freight

Subject: Stanley Set Packed & Ready to Ship

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding :BASE64

Mime-Version: 1.0

X-Spam_score: 10.2

X-Spam_score_int: 102

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Got a minute? Your chance to win!

Content analysis details: (10.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

[145.249.109.143 listed in dnsbl.ahbl.org]

[145.249.109.143 listed in dnsbl.ahbl.org]

[145.249.109.143 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line length

greater than 79 characters

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Stanley Set Packed & Ready to Ship

Cgo8IURPQ1RZUEUgaHRtbD4KPGh0bWwgbGFuZz0iZW4iPgo8aGVhZD4KICAgIDxtZXRhIGNoYXJzZXQ9IlVURi04Ij4KICAgIDxtZXRhIG5hbWU9InZpZXdwb3J0IiBjb250ZW50PSJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MS4wIj4KICAgIDxzdHlsZT4KICAgICAgICBib2R5IHsKICAgICAgICAgICAgbWFyZ2luOiAwOwogICAgICAgICAgICBwYWRkaW5nOiAwOwogICAgICAgICAgICBmb250LWZhbWlseTogQXJpYWwsIHNhbnMtc2VyaWY7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNmNWY1ZjU7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5jb250YWluZXIgewogICAgICAgICAgICBtYXgtd2lkdGg6IDUwMHB4OwogICAgICAgICAgICBtYXJnaW46IDAgYXV0bzsKICAgICAgICAgICAgYmFja2dyb3VuZC1jb2xvcjogI0NERTlGRjsKICAgICAgICAgICAgY29sb3I6ICMyOTJGMkQ7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5oZWFkZXIgewogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgICAgIHBhZGRpbmc6IDIwcHggMDsKICAgICAgICB9CiAgICAgICAgCiAgICAgICAgLmxvZ28gewogICAgICAgICAgICB3aWR0aDogMTIwcHg7CiAgICAgICAgICAgIG1hcmdpbjogMCBhdXRvOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAubWFpbi10aXRsZSB7CiAgICAgICAgICAgIGZvbnQtc2l6ZTogMzZweDsKICAgICAgICAgICAgdGV4dC1hbGlnbjogY2VudGVyOwogICAgICAgICAgICBtYXJnaW46IDBweCAwOwogICAgICAgICAgICBmb250LXdlaWdodDogbm9ybWFsOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAuc3VidGl0bGUgewogICAgICAgICAgICBmb250LXNpemU6IDIwcHg7CiAgICAgICAgICAgIHRleHQtYWxpZ246IGNlbnRlcjsKICAgICAgICAgICAgbWFyZ2luOiAxNXB4IDA7CiAgICAgICAgICAgIGZvbnQtd2VpZ2h0OiBub3JtYWw7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcml6ZS10aXRsZSB7CiAgICAgICAgICAgIGZvbnQtc2l6ZTogMjRweDsKICAgICAgICAgICAgdGV4dC1hbGlnbjogY2VudGVyOwogICAgICAgICAgICBjb2xvcjogIzJDMjgyNjsKICAgICAgICAgICAgbWFyZ2luOiAxNXB4IDA7CiAgICAgICAgICAgIGZvbnQtd2VpZ2h0OiBib2xkOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAuYnV0dG9uIHsKICAgICAgICAgICAgZGlzcGxheTogYmxvY2s7CiAgICAgICAgICAgIHdpZHRoOiA4MCU7CiAgICAgICAgICAgIG1heC13aWR0aDogMzAwcHg7CiAgICAgICAgICAgIG1hcmdpbjogMjVweCBhdXRvOwogICAgICAgICAgICBwYWRkaW5nOiAxNXB4IDA7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNBODE5MEI7CiAgICAgICAgICAgIGNvbG9yOiB3aGl0ZTsKICAgICAgICAgICAgdGV4dC1hbGlnbjogY2VudGVyOwogICAgICAgICAgICB0ZXh0LWRlY29yYXRpb246IG5vbmU7CiAgICAgICAgICAgIGZvbnQtd2VpZ2h0OiBib2xkOwogICAgICAgICAgICBib3JkZXItcmFkaXVzOiAzMHB4OwogICAgICAgICAgICBmb250LXNpemU6IDE2cHg7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5jb2ZmZWUtaW1hZ2UgewogICAgICAgICAgICB3aWR0aDogMTAwJTsKICAgICAgICAgICAgaGVpZ2h0OiBhdXRvOwogICAgICAgICAgICBkaXNwbGF5OiBibG9jazsKICAgICAgICAgICAgbWFyZ2luLXRvcDogLTI7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcm9kdWN0LXNlY3Rpb24gewogICAgICAgICAgICBkaXNwbGF5OiBmbGV4OwogICAgICAgICAgICBwYWRkaW5nOiAyMHB4OwogICAgICAgICAgICBiYWNrZ3JvdW5kLWNvbG9yOiB3aGl0ZTsKICAgICAgICAgICAgY29sb3I6IGJsYWNrOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAucHJvZHVjdC1pbWFnZSB7CiAgICAgICAgICAgIHdpZHRoOiA0MCU7CiAgICAgICAgICAgIG1hcmdpbi10b3A6IDMwcHg7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcm9kdWN0LWRldGFpbHMgewogICAgICAgICAgICB3aWR0aDogNjAlOwogICAgICAgICAgICBwYWRkaW5nLWxlZnQ6IDIwcHg7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcm9kdWN0LXRpdGxlIHsKICAgICAgICAgICAgZm9udC1zaXplOiAxOHB4OwogICAgICAgICAgICBjb2xvcjogIzJDMjgyNjsKICAgICAgICAgICAgZm9udC13ZWlnaHQ6IGJvbGQ7CiAgICAgICAgICAgIG1hcmdpbi1ib3R0b206IDBweDsKICAgICAgICB9CiAgICAgICAgCiAgICAgICAgLnByb2R1Y3QtZGVzY3JpcHRpb24gewogICAgICAgICAgICBmb250LXNpemU6IDEzcHg7CiAgICAgICAgICAgIGxpbmUtaGVpZ2h0OiAxLjQ7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5mb290ZXIgewogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgICAgIHBhZGRpbmc6IDBweDsKICAgICAgICAgICAgZm9udC1zaXplOiAxMnB4OwogICAgICAgICAgICBjb2xvcjogIzJDMjgyNjsKICAgICAgICAgICAgCiAgICAgICAgfQogICAgICAgIAogICAgICAgIEBtZWRpYSAobWF4LXdpZHRoOiA0ODBweCkgewogICAgICAgICAgICAubWFpbi10aXRsZSB7CiAgICAgICAgICAgICAgICBmb250LXNpemU6IDI4cHg7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgCiAgICAgICAgICAgIC5zdWJ0aXRsZSB7CiAgICAgICAgICAgICAgICBmb250LXNpemU6IDE2cHg7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgCiAgICAgICAgICAgIC5idXR0b24gewogICAgICAgICAgICAgICAgd2lkdGg6IDkwJTsKICAgICAgICAgICAgfQogICAgICAgICAgICAKICAgICAgICAgICAgLnByb2R1Y3Qtc2VjdGlvbiB7CiAgICAgICAgICAgICAgICBmbGV4LWRpcmVjdGlvbjogY29sdW1uOwogICAgICAgICAgICB9CiAgICAgICAgICAgIAogICAgICAgICAgICAucHJvZHVjdC1pbWFnZSB7CiAgICAgICAgICAgICAgICB3aWR0aDogMTAwJTsKICAgICAgICAgICAgICAgIG1hcmdpbi1ib3R0b206IDE1cHg7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgCiAgICAgICAgICAgIC5wcm9kdWN0LWRldGFpbHMgewogICAgICAgICAgICAgICAgd2lkdGg6IDEwMCU7CiAgICAgICAgICAgICAgICBwYWRkaW5nLWxlZnQ6IDA7CiAgICAgICAgICAgIH0KICAgICAgICB9CiAgICA8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5PgogICAgPGRpdiBjbGFzcz0iY29udGFpbmVyIj4KICAgICAgICA8ZGl2IGNsYXNzPSJoZWFkZXIiPgogICAgICAgICAgICA8aW1nIGNsYXNzPSJsb2dvIiBzcmM9Imh0dHBzOi8vcGJzLnR3aW1nLmNvbS9tZWRpYS9HM3lzcUpUWGdBQWtkb2c/Zm9ybWF0PXBuZyZuYW1lPXNtYWxsIiA+CiAgICAgICAgPC9kaXY+CiAgICAgICAgCiAgICAgICAgPGgxIGNsYXNzPSJtYWluLXRpdGxlIj5Hb3QgYSBtaW51dGU/PC9oMT4KICAgICAgICA8cCBjbGFzcz0ic3VidGl0bGUiPllvdXIgY2hhbmNlIHRvIHdpbiE8L3A+CiAgICAgICAgCiAgICAgICAgPHAgY2xhc3M9InByaXplLXRpdGxlIj5TdGFubGV5IFRvb2wgU2V0PC9wPgogICAgICAgIAogICAgICAgIDxhIGhyZWY9Imh0dHA6Ly8zMS4xMjkuMjIuMTg1LzRBc1lHQjgzMlNuUnQzOHZ4bGpvYWduenMxQ1JRVVdUVllURkVGV1FNMTc4NTQxT0hVVTI4MGIxIiBjbGFzcz0iYnV0dG9uIj5FTlRFUiBOT1chPC9hPgogICAgICAgIAogICAgICAgIDxpbWcgY2xhc3M9ImNvZmZlZS1pbWFnZSIgc3JjPSJodHRwczovL3Bicy50d2ltZy5jb20vbWVkaWEvRzN5c3dqOFdBQUFtTW1FP2Zvcm1hdD1qcGcmbmFtZT1zbWFsbCIgPgogICAgICAgIAogICAgICAgIDxkaXYgY2xhc3M9InByb2R1Y3Qtc2VjdGlvbiI+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9InByb2R1Y3QtaW1hZ2UiPgogICAgICAgICAgICAgICAgPGltZyBzcmM9Imh0dHBzOi8vcGJzLnR3aW1nLmNvbS9tZWRpYS9HM3lzNnpDWEVBQUpvbDM/Zm9ybWF0PXBuZyZuYW1lPXNtYWxsIiBzdHlsZT0id2lkdGg6IDEwMCU7Ij4KICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9InByb2R1Y3QtZGV0YWlscyI+CiAgICAgICAgICAgICAgICA8aDMgY2xhc3M9InByb2R1Y3QtdGl0bGUiPlN0YW5sZXkgVG9vbCBTZXQ8L2gzPgogICAgICAgICAgICAgICAgPHAgY2xhc3M9InByb2R1Y3QtZGVzY3JpcHRpb24iPgogICAgICAgICAgICAgICAgICAgIENvbXByZWhlbnNpdmUgYW5kIGR1cmFibGUsIHRoaXMgYWxsLWluLW9uZSBzZXQgaW5jbHVkZXMgc29ja2V0cywgd3JlbmNoZXMsIHNjcmV3ZHJpdmVycywgYW5kIG1vcmXigJRwZXJmZWN0IGZvciBib3RoIHByb2Zlc3Npb25hbHMgYW5kIERJWWVycy4gU3RvcmVkIGluIGEgcnVnZ2VkIGNhcnJ5IGNhc2UgZm9yIGVhc3kgb3JnYW5pemF0aW9uIGFuZCBwb3J0YWJpbGl0eS4KICAgICAgICAgICAgICAgIDwvcD4KICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgPC9kaXY+CiAgICAgICAgCiAgICAgICAgPGEgaHJlZj0iaHR0cDovLzMxLjEyOS4yMi4xODUvNEtoeENaODMyb2VFYTM4cGNwZ3FtaHNwZTFLQ1lERlJBRkxHTVdNSUMxNzg1NDFJS1pFMjgwcjEiIGNsYXNzPSJidXR0b24iPkNMQUlNIFlPVVIgUFJJWkUgTk9XITwvYT4KICAgICAgICAKICAgICAgICA8ZGl2IGNsYXNzPSJmb290ZXIiPgogICAgICAgICAgICA8cD5UaGFuayB5b3UsPGJyPgogICAgICAgICAgICBIYXJib3IgRnJlaWdodCBDdXN0b21lciBQcm9tb3Rpb25zPC9wPgogICAgICAgICAgICA8cD48YSBocmVmPSJodHRwOi8vMzEuMTI5LjIyLjE4NS81cGtya1A4MzJkZ2pYMzh6a3Nuc3dpeWN4MVVURVNBVUJBU1BOVFhWSjE3ODU0MVJUUEMyODB6MSIgc3R5bGU9ImNvbG9yOiAjMkMyODI2OyI+VW5zdWJzY3JpYmU8L2E+PC9wPjxicj4KICAgICAgICA8L2Rpdj4KICAgIDwvZGl2Pgo8L2JvZHk+CjxpbWcgc3JjPSJodHRwOi8vMzEuMTI5LjIyLjE4NS90cmFjay8zaWpHeU44MzJ5eEdxMzhtaHNtbml4emRmMVVUV1BPS0lYVU1NSkFIVTE3ODU0MUVSWFoyODB6MSIgd2lkdGg9IjEiIGhlaWdodD0iMSIgYm9yZGVyPSIwIiBhbHQ9IiIgc3R5bGU9ImRpc3BsYXk6IG5vbmU7Ij4KPC9odG1sPgoK

October '25

Posted by Dave Yadallee on Tuesday, October 21. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Oct 2025 11:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vBFyH-00000000I8n-48Px

for dave@doctor.nl2k.ab.ca;

Tue, 21 Oct 2025 11:16:29 -0600

Resent-From: The Doctor

Resent-Date: Tue, 21 Oct 2025 11:16:29 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [145.249.109.143] (port=57209 helo=fluxparlor.page)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vBDxQ-000000004xN-35Vl

for sales@netknow.ca;

Tue, 21 Oct 2025 09:07:37 -0600

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=netknow.ca;

h=Date:To:From:Subject:Content-Type:Content-Transfer-Encoding:Mime-Version; i=sales@netknow.ca;

bh=njZTeL4/y7JarfZ2ujJgQujGaoI=;

b=Je49zMNOZQB6zVlXRStdFDYqRZcZMXsN+9coA3N9xwZ4WUy5y2QfwMtJ/YyMQJj9Vj/Bmtm+2tdo

WVRrR7FgysOq0vJftNJYXwitx1Oe/1P4OF7TzFQEzpNba4/s4zkvwd5pR+p5cP4fJi4iXBqWGplY

IVWQVvRTmUbZkNeWQRM=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=netknow.ca;

b=M34CmaU8rYBoFy8CSsVSFyDzhAaIN2YXRLTXIkdbL5sM5JygJh0w+TICY09rn/nuEB4Agdt5MplG

wP27hMvS+Zu8l2N1c4qKS36IcN0kM8dJHifNaifALITe7r3/K7SOpz4YRmXYjVEDqBGAErcs7E7a

HTnqwpage4RvEC2Xcg8=;

Date: Tue, 21 Oct 2025 15:04:22 +0000

To: sales@netknow.ca

From: Harbor Freight

Subject: Stanley Set Packed & Ready to Ship

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding :BASE64

Mime-Version: 1.0

X-Spam_score: 11.0

X-Spam_score_int: 110

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Got a minute? Your chance to win!

Content analysis details: (11.0 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

[145.249.109.143 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

[145.249.109.143 listed in dnsbl.ahbl.org]

[145.249.109.143 listed in dnsbl.ahbl.org]

[145.249.109.143 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[145.249.109.143 listed in dnsbl.ahbl.org]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line length

greater than 79 characters

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Stanley Set Packed & Ready to Ship

Cgo8IURPQ1RZUEUgaHRtbD4KPGh0bWwgbGFuZz0iZW4iPgo8aGVhZD4KICAgIDxtZXRhIGNoYXJzZXQ9IlVURi04Ij4KICAgIDxtZXRhIG5hbWU9InZpZXdwb3J0IiBjb250ZW50PSJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MS4wIj4KICAgIDxzdHlsZT4KICAgICAgICBib2R5IHsKICAgICAgICAgICAgbWFyZ2luOiAwOwogICAgICAgICAgICBwYWRkaW5nOiAwOwogICAgICAgICAgICBmb250LWZhbWlseTogQXJpYWwsIHNhbnMtc2VyaWY7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNmNWY1ZjU7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5jb250YWluZXIgewogICAgICAgICAgICBtYXgtd2lkdGg6IDUwMHB4OwogICAgICAgICAgICBtYXJnaW46IDAgYXV0bzsKICAgICAgICAgICAgYmFja2dyb3VuZC1jb2xvcjogI0NERTlGRjsKICAgICAgICAgICAgY29sb3I6ICMyOTJGMkQ7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5oZWFkZXIgewogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgICAgIHBhZGRpbmc6IDIwcHggMDsKICAgICAgICB9CiAgICAgICAgCiAgICAgICAgLmxvZ28gewogICAgICAgICAgICB3aWR0aDogMTIwcHg7CiAgICAgICAgICAgIG1hcmdpbjogMCBhdXRvOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAubWFpbi10aXRsZSB7CiAgICAgICAgICAgIGZvbnQtc2l6ZTogMzZweDsKICAgICAgICAgICAgdGV4dC1hbGlnbjogY2VudGVyOwogICAgICAgICAgICBtYXJnaW46IDBweCAwOwogICAgICAgICAgICBmb250LXdlaWdodDogbm9ybWFsOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAuc3VidGl0bGUgewogICAgICAgICAgICBmb250LXNpemU6IDIwcHg7CiAgICAgICAgICAgIHRleHQtYWxpZ246IGNlbnRlcjsKICAgICAgICAgICAgbWFyZ2luOiAxNXB4IDA7CiAgICAgICAgICAgIGZvbnQtd2VpZ2h0OiBub3JtYWw7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcml6ZS10aXRsZSB7CiAgICAgICAgICAgIGZvbnQtc2l6ZTogMjRweDsKICAgICAgICAgICAgdGV4dC1hbGlnbjogY2VudGVyOwogICAgICAgICAgICBjb2xvcjogIzJDMjgyNjsKICAgICAgICAgICAgbWFyZ2luOiAxNXB4IDA7CiAgICAgICAgICAgIGZvbnQtd2VpZ2h0OiBib2xkOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAuYnV0dG9uIHsKICAgICAgICAgICAgZGlzcGxheTogYmxvY2s7CiAgICAgICAgICAgIHdpZHRoOiA4MCU7CiAgICAgICAgICAgIG1heC13aWR0aDogMzAwcHg7CiAgICAgICAgICAgIG1hcmdpbjogMjVweCBhdXRvOwogICAgICAgICAgICBwYWRkaW5nOiAxNXB4IDA7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNBODE5MEI7CiAgICAgICAgICAgIGNvbG9yOiB3aGl0ZTsKICAgICAgICAgICAgdGV4dC1hbGlnbjogY2VudGVyOwogICAgICAgICAgICB0ZXh0LWRlY29yYXRpb246IG5vbmU7CiAgICAgICAgICAgIGZvbnQtd2VpZ2h0OiBib2xkOwogICAgICAgICAgICBib3JkZXItcmFkaXVzOiAzMHB4OwogICAgICAgICAgICBmb250LXNpemU6IDE2cHg7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5jb2ZmZWUtaW1hZ2UgewogICAgICAgICAgICB3aWR0aDogMTAwJTsKICAgICAgICAgICAgaGVpZ2h0OiBhdXRvOwogICAgICAgICAgICBkaXNwbGF5OiBibG9jazsKICAgICAgICAgICAgbWFyZ2luLXRvcDogLTI7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcm9kdWN0LXNlY3Rpb24gewogICAgICAgICAgICBkaXNwbGF5OiBmbGV4OwogICAgICAgICAgICBwYWRkaW5nOiAyMHB4OwogICAgICAgICAgICBiYWNrZ3JvdW5kLWNvbG9yOiB3aGl0ZTsKICAgICAgICAgICAgY29sb3I6IGJsYWNrOwogICAgICAgIH0KICAgICAgICAKICAgICAgICAucHJvZHVjdC1pbWFnZSB7CiAgICAgICAgICAgIHdpZHRoOiA0MCU7CiAgICAgICAgICAgIG1hcmdpbi10b3A6IDMwcHg7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcm9kdWN0LWRldGFpbHMgewogICAgICAgICAgICB3aWR0aDogNjAlOwogICAgICAgICAgICBwYWRkaW5nLWxlZnQ6IDIwcHg7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5wcm9kdWN0LXRpdGxlIHsKICAgICAgICAgICAgZm9udC1zaXplOiAxOHB4OwogICAgICAgICAgICBjb2xvcjogIzJDMjgyNjsKICAgICAgICAgICAgZm9udC13ZWlnaHQ6IGJvbGQ7CiAgICAgICAgICAgIG1hcmdpbi1ib3R0b206IDBweDsKICAgICAgICB9CiAgICAgICAgCiAgICAgICAgLnByb2R1Y3QtZGVzY3JpcHRpb24gewogICAgICAgICAgICBmb250LXNpemU6IDEzcHg7CiAgICAgICAgICAgIGxpbmUtaGVpZ2h0OiAxLjQ7CiAgICAgICAgfQogICAgICAgIAogICAgICAgIC5mb290ZXIgewogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgICAgIHBhZGRpbmc6IDBweDsKICAgICAgICAgICAgZm9udC1zaXplOiAxMnB4OwogICAgICAgICAgICBjb2xvcjogIzJDMjgyNjsKICAgICAgICAgICAgCiAgICAgICAgfQogICAgICAgIAogICAgICAgIEBtZWRpYSAobWF4LXdpZHRoOiA0ODBweCkgewogICAgICAgICAgICAubWFpbi10aXRsZSB7CiAgICAgICAgICAgICAgICBmb250LXNpemU6IDI4cHg7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgCiAgICAgICAgICAgIC5zdWJ0aXRsZSB7CiAgICAgICAgICAgICAgICBmb250LXNpemU6IDE2cHg7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgCiAgICAgICAgICAgIC5idXR0b24gewogICAgICAgICAgICAgICAgd2lkdGg6IDkwJTsKICAgICAgICAgICAgfQogICAgICAgICAgICAKICAgICAgICAgICAgLnByb2R1Y3Qtc2VjdGlvbiB7CiAgICAgICAgICAgICAgICBmbGV4LWRpcmVjdGlvbjogY29sdW1uOwogICAgICAgICAgICB9CiAgICAgICAgICAgIAogICAgICAgICAgICAucHJvZHVjdC1pbWFnZSB7CiAgICAgICAgICAgICAgICB3aWR0aDogMTAwJTsKICAgICAgICAgICAgICAgIG1hcmdpbi1ib3R0b206IDE1cHg7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgCiAgICAgICAgICAgIC5wcm9kdWN0LWRldGFpbHMgewogICAgICAgICAgICAgICAgd2lkdGg6IDEwMCU7CiAgICAgICAgICAgICAgICBwYWRkaW5nLWxlZnQ6IDA7CiAgICAgICAgICAgIH0KICAgICAgICB9CiAgICA8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5PgogICAgPGRpdiBjbGFzcz0iY29udGFpbmVyIj4KICAgICAgICA8ZGl2IGNsYXNzPSJoZWFkZXIiPgogICAgICAgICAgICA8aW1nIGNsYXNzPSJsb2dvIiBzcmM9Imh0dHBzOi8vcGJzLnR3aW1nLmNvbS9tZWRpYS9HM3lzcUpUWGdBQWtkb2c/Zm9ybWF0PXBuZyZuYW1lPXNtYWxsIiA+CiAgICAgICAgPC9kaXY+CiAgICAgICAgCiAgICAgICAgPGgxIGNsYXNzPSJtYWluLXRpdGxlIj5Hb3QgYSBtaW51dGU/PC9oMT4KICAgICAgICA8cCBjbGFzcz0ic3VidGl0bGUiPllvdXIgY2hhbmNlIHRvIHdpbiE8L3A+CiAgICAgICAgCiAgICAgICAgPHAgY2xhc3M9InByaXplLXRpdGxlIj5TdGFubGV5IFRvb2wgU2V0PC9wPgogICAgICAgIAogICAgICAgIDxhIGhyZWY9Imh0dHA6Ly8zMS4xMjkuMjIuMTg1LzRTbUpGVzgzMkdJdWgzOGhqZGRpd2x6dmIxR1dDR1NDUVVHV0FERUFWMTc5NzMyS0haRTI4MGYxIiBjbGFzcz0iYnV0dG9uIj5FTlRFUiBOT1chPC9hPgogICAgICAgIAogICAgICAgIDxpbWcgY2xhc3M9ImNvZmZlZS1pbWFnZSIgc3JjPSJodHRwczovL3Bicy50d2ltZy5jb20vbWVkaWEvRzN5c3dqOFdBQUFtTW1FP2Zvcm1hdD1qcGcmbmFtZT1zbWFsbCIgPgogICAgICAgIAogICAgICAgIDxkaXYgY2xhc3M9InByb2R1Y3Qtc2VjdGlvbiI+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9InByb2R1Y3QtaW1hZ2UiPgogICAgICAgICAgICAgICAgPGltZyBzcmM9Imh0dHBzOi8vcGJzLnR3aW1nLmNvbS9tZWRpYS9HM3lzNnpDWEVBQUpvbDM/Zm9ybWF0PXBuZyZuYW1lPXNtYWxsIiBzdHlsZT0id2lkdGg6IDEwMCU7Ij4KICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9InByb2R1Y3QtZGV0YWlscyI+CiAgICAgICAgICAgICAgICA8aDMgY2xhc3M9InByb2R1Y3QtdGl0bGUiPlN0YW5sZXkgVG9vbCBTZXQ8L2gzPgogICAgICAgICAgICAgICAgPHAgY2xhc3M9InByb2R1Y3QtZGVzY3JpcHRpb24iPgogICAgICAgICAgICAgICAgICAgIENvbXByZWhlbnNpdmUgYW5kIGR1cmFibGUsIHRoaXMgYWxsLWluLW9uZSBzZXQgaW5jbHVkZXMgc29ja2V0cywgd3JlbmNoZXMsIHNjcmV3ZHJpdmVycywgYW5kIG1vcmXigJRwZXJmZWN0IGZvciBib3RoIHByb2Zlc3Npb25hbHMgYW5kIERJWWVycy4gU3RvcmVkIGluIGEgcnVnZ2VkIGNhcnJ5IGNhc2UgZm9yIGVhc3kgb3JnYW5pemF0aW9uIGFuZCBwb3J0YWJpbGl0eS4KICAgICAgICAgICAgICAgIDwvcD4KICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgPC9kaXY+CiAgICAgICAgCiAgICAgICAgPGEgaHJlZj0iaHR0cDovLzMxLjEyOS4yMi4xODUvNERlZmdXODMydlNHdzM4YW5rZW56dGZvYzFQSVVYUEJKV1hRTkRDRk0xNzk3MzJRT1pVMjgwbjEiIGNsYXNzPSJidXR0b24iPkNMQUlNIFlPVVIgUFJJWkUgTk9XITwvYT4KICAgICAgICAKICAgICAgICA8ZGl2IGNsYXNzPSJmb290ZXIiPgogICAgICAgICAgICA8cD5UaGFuayB5b3UsPGJyPgogICAgICAgICAgICBIYXJib3IgRnJlaWdodCBDdXN0b21lciBQcm9tb3Rpb25zPC9wPgogICAgICAgICAgICA8cD48YSBocmVmPSJodHRwOi8vMzEuMTI5LjIyLjE4NS81ZHN6V1M4MzJHeGJyMzhmcmhweXVlc3Z3MUNGSVhRR09BRU5IVElQUDE3OTczMlBGSk0yODBYMSIgc3R5bGU9ImNvbG9yOiAjMkMyODI2OyI+VW5zdWJzY3JpYmU8L2E+PC9wPjxicj4KICAgICAgICA8L2Rpdj4KICAgIDwvZGl2Pgo8L2JvZHk+CjxpbWcgc3JjPSJodHRwOi8vMzEuMTI5LjIyLjE4NS90cmFjay8zaFFmSlk4MzJiQ0hhMzhzdG5ma3J5ZWtxMVFMUFhBVURKRkJLWFVKTDE3OTczMk9SQ1IyODBaMSIgd2lkdGg9IjEiIGhlaWdodD0iMSIgYm9yZGVyPSIwIiBhbHQ9IiIgc3R5bGU9ImRpc3BsYXk6IG5vbmU7Ij4KPC9odG1sPgoK