0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[40.93.2.12 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[40.93.2.12 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[40.93.2.12 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[40.93.2.12 listed in dnsbl.ahbl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[40.93.2.12 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.0 HK_RANDOM_FROM From username looks random

3.5 VOWEL_FROM_7 Impronouncable from header (7+ consecutive vowels)

0.5 FROM_LOCAL_NOVOWEL From: localpart has series of non-vowel letters

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[40.93.2.12 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[40.93.2.12 listed in wl.mailspike.net]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[haressaznzxrrsxaxz321(at)gmail.com]

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[haressaznzxrrsxaxz321(at)gmail.com]

2.6 HK_SCAM_N13 BODY: No description available.

0.1 TW_RW BODY: Odd Letter Triples with RW

0.3 LONGWORD BODY: Uses overlong words

0.6 MEGALONGWORD BODY: Uses really overlong words

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

0.1 TO_IN_SUBJ To address is in Subject

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} =?UTF-8?Q?Pozv=C3=A1nky=3A_Important_Transaction_Alert_=2D_BTC_Order_S?=

=?UTF-8?Q?ubmitted_=40_po_22=2E_j=C3=BAn_2026_=28cynthiaperez389903=40groups=2Eoutlo?=

=?UTF-8?Q?ok=2Ecom=29?=





Haresasz Nxysarwsa has invited you to Important Transaction Alert – BTC Order Submitted

Title: Important Transaction Alert – BTC Order Submitted

When: June 22, 2026

Organizer:

Haresasz Nxysarwsa

Description: Dear Customer,



This email confirms that your PayPal payment for Bitcoin has been received and your order is now under review.



Transaction Overview:



Payment Method: PayPal

Asset Purchased: Bitcoin (BTC)

Amount Paid: $500.00

Current Status: Under Review



Our security team is currently validating the transaction. Once approved, your order will be completed automatically.



If you did not authorize this activity, please call +1 813 934 5533 immediately to prevent further processing.



Thank you for your prompt attention.



Sincerely,

Customer Support Team

Attendees:



cynthiaperez389903@groups.outlook.com





Dear Customer,



This email confirms that your PayPal payment for Bitcoin has been received and your order is now under review.



Transaction Overview:



Payment Method: PayPal

Asset Purchased: Bitcoin (BTC)

Amount Paid: $500.00

Current Status: Under Review



Our security team is currently validating the transaction. Once approved, your order will be completed automatically.



If you did not authorize this activity, please call +1 813 934 5533 immediately to prevent further processing.



Thank you for your prompt attention.



Sincerely,

Customer Support Team

Kedy

pondelok 22. jún 2026

Organizátor

Haresasz Nxysarwsa

haressaznzxrrsxaxz321@gmail.com

Hostia

(Zoznam hostí bol na žiadosť organizátora skrytý)

Odpoveď na cynthiaperez389903@groups.outlook.com

Áno



Nie



Možno

Ďalšie možnosti



Pozvánka z Kalendára Google



Túto správu ste dostali, pretože ste účastníkom danej udalosti.



Ak túto pozvánku prepošlete, ktorýkoľvek jej príjemca bude môcť odoslať odpoveď organizátorovi, byť pridaný do zoznamu hostí, pozývať iných bez ohľadu na ich vlastný stav pozvánky alebo meniť vaše potvrdenie účasti. Ďalšie informácie

Microsoft-Antispam-Message-Info:

=?utf-8?B?TjduMm9Gc3BqNUgzaUs5TlA3VkE2TVBqQzlQQ2FLb1JLM0NneUlQVzBFM3Jo?=

=?utf-8?B?ejkvVjR2TWhha0tBVFdFK3RPeGxrYlBYMHJHZ2c2bUpyZHRBRVF0ZHJhazhL?=

=?utf-8?B?RzRjSG92Q0x4MUw2OXJBUkpscFFCS2JJdU05ckY5aDU1dFIxVGJRV1JPWVMz?=

=?utf-8?B?Lzl6UnJzajhmMVRocUVTZmhxdWlOTGRPdU9ja2VpNGRYc1dRZFJTbDZ4WG9K?=

=?utf-8?B?RlBNbjhMbytXYWk4QzdxYjZZL3ZLdXM4a2Rpc0MwZkNJTG9kRDNlQXgrRi9K?=

=?utf-8?B?bWpEZDVNY0VHZExUdlNYd3VhSFY3bWJJb1pIR0U0cWNEWUtRanR0UW0wbWE2?=

=?utf-8?B?NDJ4a2V2TzkzZDhYN0RKM2pPTmJLTGdOUkRUZjhybE8xckExYzJWdEp6R2Nn?=

=?utf-8?B?dmc0RVFMTjhET2pXOExIRHVYbUFvVmVNbENUM2NueDhlZm9Fbkxpd05ZMVZR?=

=?utf-8?B?WEpRZXBEYklGcHV6VGtzZklPSnhNcWhjem9zdXIzMGFtUFlUNjNaVDJ5ZUM5?=

=?utf-8?B?MUsxeGJYS0JaRFcyeTIrNkk5WmlWR0FoMXFRQ2djUHp5bWFLbHUxVnhkSFdK?=

=?utf-8?B?SHJZbTgyS0I0aDJIU1UvS25TMkswRHBrQmdON1l0VXlhSVhtQmlEa1pQcXFw?=

=?utf-8?B?SW5BUUFzTjlQTzBGMGE2eVpNRzdJKzUzWGgxOHVncDlwVzdKZ2FlRDFTUThD?=

=?utf-8?B?UzkvT1dwcDVMSFE5QWYrSXN3ekx0WVVmTXhoQWdja1lwQU0vTkF5VWtwYjFC?=

=?utf-8?B?elRqNHA4dE9oN2p6YWhBSEhlUkFKbnJnZnRLQU4xZzlybnI2cTZBMG5NN1VO?=

=?utf-8?B?aTF2MmFLdUpmcCs5eG9zdmZyZkRmdlZNUTdwMzRYYXgwdkpRaythVDY2RHJP?=

=?utf-8?B?eFhaM2pZcklEVU5GVGZaTk9penVxOXAvMnFkdHdMRVd3YmFpL1AvaTBKYVZh?=

=?utf-8?B?d016cDl3d05jZloycjJ1R2Jmcks4L1lPeG84akh3M01PWm5CNjk5K2dhSXo4?=

=?utf-8?B?VXZvV3VaNmkrazRpQUk4NEVYMWVuU1gvRUxSaVdDRFpUNHQ0dHJXY3ExOXc0?=

=?utf-8?B?VExVNmh0VXBKeDZKQUhBQ0xBREdUdkhXSDhhVTl3ckdtY1ZjWi9WZVVGck9E?=

=?utf-8?B?bDVhTytBNm9aaXRlL2syRjc2clhqZVdQbDIyVlpQQUNOd1o0ZkRqR3UvODRz?=

=?utf-8?B?NUkzWWNyN1M2WkZsWjVZTUFnZVBkaWw5VzQyaUp4TVEydmpUSW0xamMvQlY0?=

=?utf-8?B?bWJTdVh6eXBwTFpSMXVhZlVoSkNaeDRoT1J1N0tuaUFLTXROTGdGaks5NUQ3?=

=?utf-8?B?blZaNTFoakcrUTVSU1hGY0FseG0xS2lIdmkxVE40cXNENjU0eVIrK1Q1aVFi?=

=?utf-8?B?QUp1NTJpNnJBVmg0eDBpdWdNZWV2blpUcmV0MjFKSC9FSVFSRURjNkJBclJM?=

=?utf-8?B?VStMVmpWQTN0SzI1RFI1aXJHZldjUHJ4U25KTitCMXgyYmdzVnJJdjVOalVR?=

=?utf-8?B?MkFuNkN1YVhWMDJPUGY2djZyMnhNM0IyUjV4SFYwZ3BYMDdoZkRZdXRMRlQx?=

=?utf-8?B?YnYrUWRiSUhQNUJySjVSaWxHemdjNmdGSVpSajMxVkdwckdrZGx4d3pCQTVo?=

=?utf-8?B?S2FuVVJnZWl5R1NzbDM3ZGRUQXQvMDB4ODM3aG5GZzg0bVBXRllFeTl4bHk0?=

=?utf-8?B?a0dqN2Z6TFZOdjVNWmdpRWJvbnNpc1l3ZlBLaWx6Q0doWjh3ajViVnQvTHQw?=

=?utf-8?B?MW8rb2xDWTFUVzB3STNXREFHdnNiZFBDQjlSU3B2UWxURWtGa3dHM1EwOXFW?=

=?utf-8?B?dWxhYWUwRk1ZWTB0WjlsamdZWWJjN2RQWDEwb08wUzBEMEVHUERld0lvVTNJ?=

=?utf-8?B?b0dubUNwaUt3a01ybVBTSHQzZDFSRnVWY0lMZmVCSWd4Q3JpM0cwVm52VDVi?=

=?utf-8?B?SkdBOTVQV0t2YUdUY3FVdkg5SUk3WmNGaDNzZElXOXE1UkZVU3dIZ1QvQ2M4?=

=?utf-8?B?N3lPNmNtdnY2c295OFppbmdUTFdtMVFpeTNub2xqdlY2bGlMTHczektzdGJM?=

=?utf-8?B?K2N4N0piVHVLMVZlbWZUcHVXMVJTZmdUd0FRYW5zSC9sRnNYYVUyZW8zTmEr?=

=?utf-8?B?a2tIc2htbTR1aXVTNUFKWkxiY09yMklZVGF6OEM5eTd3OTdBUS9YMUx3RGh3?=

=?utf-8?B?Uzh6dHpCWGtTUU9TVE8vTFhoTnRsb0NiODc5SUczbzlzaURCbXo4WUlDeFRt?=

=?utf-8?B?TDAxK1ZpQ3JqM3M5QitOQlBBRFAvQTZYRlZ4RWFrNGZ5U0w4OGRyN3VSaWZQ?=

=?utf-8?B?bXhNb0UrT1E0U1p5aDRlL0cvRGlGRWpoL0tUWGRiUlk1VU5mdzZJTWNQM1Js?=

=?utf-8?B?MU5raGphZkkrVU5FN29CbitqemdOOTZjR0tvTnJBTThtVWFaY1VWdklqQXNm?=

=?utf-8?B?c2h4dDlLMUQyVzBIdUpQcTlDNm1SOW5Ec2xmMWVjcHExMWRpWU8rZjhiMXd0?=

=?utf-8?B?Q2FlSE1IbmZqZmhJY1VQRzBoaWN3djN1VHdaU3p0UjdnMitoVnk1VTFZZ1A1?=

=?utf-8?B?YWVseHN4Nk16RngrRkJsdXlOM2d0OGpsSEJRVExlcDJmNzhudlR2dm15emJo?=

=?utf-8?B?OXpadGZ1bUZSRXZ5MVRmd1RJOS9hd1NYbS9wNEdOQkpyN01OSnIvb1lzaDQ3?=

=?utf-8?B?ZGsvclJoejltQ1F1YzNPZ1RPMVF6YWNEcXg5djlzVlo0emNqcjF5ekVLaUlX?=

=?utf-8?B?N284R2NEOEFFcFVpeGl4cUxiNTdKZmRXR1BkZEZpRTRFbittUVMrR0REUXhY?=

=?utf-8?B?SVJjblBCOWtNcVJFN1dLQlI2QWZpRjNUTm94QXpSWVZpczREbGxSaytQYzRG?=

=?utf-8?B?TFpONExmd2hMZ2FRVDdadW00NE5wY0k0c0dMbjl1cXRZSGM0M2tpUkd6YzlG?=

=?utf-8?B?djBQeWozdzd5VjMxbWp0dVpHSnlGWE85M0lvaFVObXV1UzRFcm9QL0dBWmpP?=

=?utf-8?B?VW02dWU1VkNnUnhDTkxjd2NwSE9sUGhhNWJDZ0pqTjRhRFdhY24vNWNDMDN1?=

=?utf-8?B?WGtERGpPVFFlemMxTGJxVGwxQWc3U2gyR3UzZmZaRDMxNG5JTGNSMDlnM3VH?=

=?utf-8?B?cW8weWVseVd4cmZic3dwY0k3ellmLzd0SVNLczVIdVlhSHM2b3N0cWJlZ2li?=

=?utf-8?B?V2dtRzZjQ1RCNWtNLzdpc0trcWtTK2pZdUsvSS96L21oODhDL0FwVTM4NzI4?=

=?utf-8?B?YmdTekhlSmNrQUtYRFdZNk1lRTBKQ25xOS80RUVXV2Zsdy9lL2VHdTdCMDZK?=

=?utf-8?B?WVI3dytycmV1dmdFMXlkZ1ZCQVo4TW44NkZSNGhSSmRJVEpFNFVtbzNIcmJX?=

=?utf-8?B?aXNoUXVRZ3RLMTZWTWdKVTFsNWtQbTBFRCtOcElQL0xIMXFGeDkrcWlkejcw?=

=?utf-8?B?RlZWSEJPaFlYeWIybEhUVEk2NHAzcTRqc1ZrSHovUFZLUE13NS9BUXJOWlc1?=

=?utf-8?Q?PpsNnO7R10z0GM7uV5znjNjHd/FTu06tsHmLcQ=3D?=

X-Auto-Response-Suppress: DR, OOF, AutoReply

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-090a5.templateTenant

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jun 2026 16:37:11.0893

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: 320a8db9-f339-4eed-528f-08ded07c8226

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-AuthSource: BL6PEPF00020E66.namprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA2PR18MB5936

X-Spam_score: 16.3

X-Spam_score_int: 163

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Important Transaction Alert – BTC Order Submitted pondelok

22. jún 2026 Dear Customer, This email confirms that your PayPal payment

for Bitcoin has been received and your order is now under review.



Content analysis details: (16.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.128.71 listed in will-spam-for-food.eu.org]

[209.85.128.71 listed in will-spam-for-food.eu.org]

[209.85.128.71 listed in will-spam-for-food.eu.org]

[209.85.128.71 listed in will-spam-for-food.eu.org]

[209.85.128.71 listed in will-spam-for-food.eu.org]

[209.85.128.71 listed in will-spam-for-food.eu.org]

[209.85.128.71 listed in will-spam-for-food.eu.org]

[209.85.128.71 listed in will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

[40.93.2.12 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[40.93.2.12 listed in dnsbl.ahbl.org]

[40.93.2.12 listed in dnsbl.ahbl.org]

[40.93.2.12 listed in dnsbl.ahbl.org]

[40.93.2.12 listed in dnsbl.ahbl.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:fb:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:fb:cafe:0:0:4c listed in]

[dnsbl.ahbl.org]

[209.85.128.71 listed in dnsbl.ahbl.org]

[209.85.128.71 listed in dnsbl.ahbl.org]

[209.85.128.71 listed in dnsbl.ahbl.org]

[209.85.128.71 listed in dnsbl.ahbl.org]

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 10:47:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbhn4-00000000863-3fi7

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 10:46:30 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 10:46:30 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-eastusazlp17011012.outbound.protection.outlook.com ([40.93.2.12]:21784 helo=BL2PR02CU003.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbhf0-000000007fl-0XW0

for doctor@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 10:38:22 -0600

Received: from BN9PR03CA0060.namprd03.prod.outlook.com (2603:10b6:408:fb::35)

by IA2PR18MB5936.namprd18.prod.outlook.com (2603:10b6:208:4b0::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.139.20; Mon, 22 Jun

2026 16:37:11 +0000

Received: from BL6PEPF00020E66.namprd04.prod.outlook.com

(2603:10b6:408:fb:cafe::4c) by BN9PR03CA0060.outlook.office365.com

(2603:10b6:408:fb::35) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.21.139.20 via Frontend Transport; Mon,

22 Jun 2026 16:37:11 +0000

Authentication-Results: spf=pass (sender IP is 209.85.128.71)

smtp.mailfrom=gmail.com; dkim=pass (signature was verified)

header.d=google.com;dkim=pass (signature was verified)

header.d=gmail.com;dmarc=pass action=none header.from=gmail.com;compauth=pass

reason=100

Received-SPF: Pass (protection.outlook.com: domain of gmail.com designates

209.85.128.71 as permitted sender) receiver=protection.outlook.com;

client-ip=209.85.128.71; helo=mail-wm1-f71.google.com; pr=C

Received: from mail-wm1-f71.google.com (209.85.128.71) by

BL6PEPF00020E66.mail.protection.outlook.com (10.167.249.27) with Microsoft

SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.21.159.10

via Frontend Transport; Mon, 22 Jun 2026 16:37:11 +0000

X-IncomingTopHeaderMarker:

OriginalChecksum:353C9ECE102329C9EC5DBF32C636139E263CE78AADE8328C9BD85CBD52DC254A;UpperCasedChecksum:25789AA9A1369D055DF83B83E6F73A5DB67152E2B9A130837EA2761229321450;SizeAsReceived:3412;Count:15

Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-490b61243easo62988955e9.2

for ; Mon, 22 Jun 2026 09:37:11 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1782146230; x=1782751030; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=u/smOle5/+C8xsJFYiCqWlsJZg09/jYGlXCLRw/J4Gg=;

b=wN5E2K8ziNWYuTnmLAtFW28ThAwsexENcKkfsrMev5TPA5hVuQxg127FBpXEt8/P1O

Bhw9O55xrc/tjsfEfgyfSZitc3l4BRbi/kgZ9t6h7onDK+Q42nWCD7qyeFFb3hD42BRR

KkFclQv4KJFmaz6c6ZDxVrcCgb6unii3ggo4bxSATAOPPqwcIImCjtnAvtEQYYPJ5W+V

xmx2V4lktRZ1SGgEwlhDR/Abs+E4LiViHmDmKltHOm+Y2DutROV+mv/j/6k9GzOEoEC9

pmujzEJQTZ1ly8OzauHLiJL+kE6X7b8etzL5csllZ1pocNsOAppWPpJVENFyEXr0RlTT

gV/w==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1782146230; x=1782751030; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=u/smOle5/+C8xsJFYiCqWlsJZg09/jYGlXCLRw/J4Gg=;

b=bAglWO1wpFDmgKFDLi+IDavq3rjzovXrfovTql4xistmzdr8h8EbSnZSN2Ml2qQr+b

kSzPaseg2hpQRyfl47aBCVjXWEL4UJRe0ilxkcIlFxMrB2q4eiQ8mGkQK+6sL/6VOFHx

7sKRRRoVDbft0rSEG277XQFehxHj+28UjCagFBrz03hi05HxhItarqvtcV1jOUwe8yoK

q2GYG8p4vca7kzAJy1i9wbgEgpFJgfIn0wchBskT9RSpFneTl3DnI24uiCwmF10VUdm4

mKar/WJW3f0KWLbz5qeftbaAu/X6lNySbNpL4ZAtJWTY5WgaXJiTf2nq1ndEvdda3fcw

E58w==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782146230; x=1782751030;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=u/smOle5/+C8xsJFYiCqWlsJZg09/jYGlXCLRw/J4Gg=;

b=SI0ZKHW0N5x1j/raSRnZAG9x3PcxN6T0GkzD/FvckK6/+P9r6OfncSpq8YLlvo0ZsD

JK5Grb77LAnZksb2FqHa/VXP1wqp8YNGitfn+ZU8edrvmuDOvB15f+HKrkGrABIN+J0k

G15/TI4hSuNdyucqVhsmZOtx/KqtlPxg3NhDquQiE4kTUHp47FzzR7h3cGqgUai8mMQK

MkIFhZB4jLE+5rUwgjxQFyqgOQ4GdmLg8atJXV3Qt2Paa7MH/zSPSPkYCE6cqFx9VdFN

q8aMtm1U6xv8+TANo/3U2veHu4wzIMdpQPz1eIhNuy1WCsX25kfBFzh2LiLCW/pOVMFy

LvZA==

X-Gm-Message-State: AOJu0Yxlp8s4pWsV19VUmApWHMIwR+fsVaMRWuY2K2UGLLTMkdOPqcmP

4NqdHa2mvJP6LTCKOlHlm9fxHhC7uCzDna9ZC6euv2ta78ReOf7Q6rfOCKcpT0vDQWwrKTOpvIt

/11r5Qvhx+IkVRQeGkgi8VhdxOL2bfoW2Btw=

MIME-Version: 1.0

X-Received: by 2002:a05:600c:c3ce:20b0:490:b294:c652 with SMTP id

5b1f17b1804b1-49240e85c12mr192988575e9.20.1782146229916; Mon, 22 Jun 2026

09:37:09 -0700 (PDT)

Reply-To: Haresasz Nxysarwsa

Sender: =?UTF-8?Q?Kalend=C3=A1r_Google?=

Message-ID:

Date: Mon, 22 Jun 2026 16:37:09 +0000

Subject: =?UTF-8?Q?Pozv=C3=A1nky=3A_Important_Transaction_Alert_=2D_BTC_Order_S?=

=?UTF-8?Q?ubmitted_=40_po_22=2E_j=C3=BAn_2026_=28cynthiaperez389903=40groups=2Eoutlo?=

=?UTF-8?Q?ok=2Ecom=29?=

From: Haresasz Nxysarwsa

To: cynthiaperez389903@groups.outlook.com

Content-Type: multipart/mixed; boundary="000000000000f8d8b10654da40d2"

X-IncomingHeaderCount: 15

X-EOPAttributedMessage: 0

X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: BL6PEPF00020E66:EE_|IA2PR18MB5936:EE_

X-MS-Office365-Filtering-Correlation-Id: 320a8db9-f339-4eed-528f-08ded07c8226

X-MS-Exchange-EOPDirect: true

X-Sender-IP: 209.85.128.71

X-SID-PRA: HARESSAZNZXRRSXAXZ321@GMAIL.COM

X-SID-Result: PASS

X-MS-Consumer-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-MS-Exchange-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-Microsoft-Antispam:

BCL:0;ARA:1444111002|6092099016|16001999021|29080799009|24102599021|9400799043|3069299007|9000799056|6149299003|6019299003|5139299004|26000799027|1680799066|34130799006|16200799027|32020799003|4040799016|9020799019|26130799012|22000799015|3151999006|970799063|18021999003|440099028|4302099013|3412199025|1602099012|2145499017|1041999012|30041999003|1380799030|1370799030|1360799030|26104999009|21002599022;

X-

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 10:47:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbhmm-0000000084x-01C5

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 10:46:12 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 10:46:11 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from notify.vobie.mobi ([34.168.17.114]:47036)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbh1r-0000000069q-40LD

for root@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:57:52 -0600

Received: from ec2-52-40-185-211.us-west-2.compute.amazonaws.com ([52.40.185.211] helo=[127.0.0.1])

by notify.vobie.mobi with esmtpa (Exim 4.92)

(envelope-from )

id 1wbh16-0008IR-DX

for root@doctor.nl2k.ab.ca; Mon, 22 Jun 2026 23:56:56 +0800

Content-Type: multipart/mixed; boundary="===============8385200649584704537=="

MIME-Version: 1.0

From: Vobile Compliance

To: root@doctor.nl2k.ab.ca

Subject: Notice of Claimed Infringement - Case ID 0532c646773ca9480bc3

Reply-To: p2p@copyright-notice.com

X-Originator: p2p@copyright-notice.com

Message-Id: e7a32fb1-dc93-44b2-92cd-73735100693f@copyright-notice.com>

X-Mail-From: p2p@copyright-notice.com

X-Message-ID: e7a32fb1-dc93-44b2-92cd-73735100693f@copyright-notice.com>

X-Notice-ID: 0532c646773ca9480bc3

Auto-Submitted: auto-generated

Date: Mon, 22 Jun 2026 23:56:56 +0800

X-Spam_score: 6.0

X-Spam_score_int: 60

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Notice ID: 0532c646773ca9480bc3

Notice Date: 2026-06-22T15:56:56Z WorldGate



Content analysis details: (6.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.40.185.211 listed in dnsbl.ahbl.org]

[52.40.185.211 listed in dnsbl.ahbl.org]

[52.40.185.211 listed in dnsbl.ahbl.org]

[52.40.185.211 listed in dnsbl.ahbl.org]

[34.168.17.114 listed in dnsbl.ahbl.org]

[34.168.17.114 listed in dnsbl.ahbl.org]

[34.168.17.114 listed in dnsbl.ahbl.org]

[34.168.17.114 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.40.185.211 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.40.185.211 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.40.185.211 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.40.185.211 listed in dnsbl.ahbl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

0.3 LONGWORD BODY: Uses overlong words

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[34.168.17.114 listed in bl.score.senderscore.com]

1.2 INVALID_MSGID Message-Id is not valid, according to RFC 2822

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

Subject: {SPAM?} Notice of Claimed Infringement - Case ID 0532c646773ca9480bc3



-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



Notice ID: 0532c646773ca9480bc3

Notice Date: 2026-06-22T15:56:56Z



WorldGate



Dear Sir or Madam:



I certify under penalty of perjury that I am authorized to act on behalf of the Paramount Global companies CBS Broadcasting Inc., CBS Studios Inc., Paramount Pictures Corporation, Showtime Networks Inc., Viacom International, Inc., Black Entertainment Television LLC, and other Paramount Global subsidiaries and affiliates (collectively, the “Rights Owners”), the owners of certain exclusive intellectual property rights in the copyrighted work(s) identified in this notice. I have a good faith belief that the information in this notice is accurate.



We have become aware that the below IP addresses have been using your service for distributing video files, which contain infringing video content that is exclusively owned by the Rights Owners.



We have a good faith belief that the Rights Owners’ video content that is described in the below report has not been authorized for sharing or distribution by the copyright owner, its agent, or the law. Such copying and use of this material constitutes clear infringement of the Rights Owners' rights under the Copyright Act and its counterpart laws around the world.



We are requesting your immediate assistance in removing and disabling access to the infringing material from your network. We also ask that you ensure the user and/or IP address owner refrains from future use and sharing of the Rights Owners’ materials and property.



In complying with this notice, you should not destroy any evidence that may be relevant in a lawsuit relating to the infringement alleged; including all associated electronic documents and data relating to the presence of the infringing items on your site, which shall be preserved while disabling public access, irrespective of any document retention or corporate policy to the contrary.



Nothing in this letter shall be construed as a waiver or relinquishment of any right, remedy, or claims possessed by the Rights Owners, or any affiliated party, all of which are expressly reserved.



Should you have any questions, please contact me at the information below.



Ben Sodos

Vobile, Inc.

Address: 2880 Lakeside Drive, Suite 200

Santa Clara, CA 95054, United States

Email: p2p@copyright-notice.com

408.217.5026











0532c646773ca9480bc3

Open

Normal





Paramount Global

Vobile - Compliance

2880 Lakeside Drive, Suite 200

Santa Clara, CA 95054

+1 (408) 492 1100

p2p@copyright-notice.com





WorldGate

root@doctor.nl2k.ab.ca





2026-06-22T15:56:53Z

204.209.81.1

55714

BitTorrent



1







2026-06-22T15:56:53Z



The.Neighborhood.S06E08.HDTV.x264-TORRENTGALAXY[TGx]

181901647

9084b7f589e00191999a8ad05e806128373d6f08







-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2.0.22 (GNU/Linux)



iQEcBAEBAgAGBQJqOVtIAAoJEN5LM3Etqs/WDYsH/jhcJ/skdNcKfUhUKq2E/Vxw

YAIhzQZ1GKgz8j2mNMg0pY3xNw9goKceSC3cnplf1Dr62Rt4xm/dttKleS9zSUP9

QzrQsr8SxOWtND3EOAWVPi2anoAwNqxA1mJEjwR8U5ONBrB6KiU3sP69OWIgngSL

m61qk3SqrNFyK6EmYCTsMODx2zRf/oVOT6mZuT2YjUNqdr9qaVbKmBrhbGbPPcV+

lL+XoPpTlBuWUbpHFd/8pefvLNu+j5GtXoSD926LnLa0rTpUEPHvNH4g3n0GUb8a

zab7WfMo+HO92hCEK84ofpsj7tE18puGKfinKbzzkXgasCgVC4WxVykYZCQ7LrA=

=ntX7

-----END PGP SIGNATURE-----

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 10:46:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbhmV-0000000083L-3zFh

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 10:45:55 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 10:45:55 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from notify.vobie.mobi ([34.168.17.114]:54080)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbglp-000000002J4-0wr3

for root@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:41:17 -0600

Received: from ec2-52-40-185-211.us-west-2.compute.amazonaws.com ([52.40.185.211] helo=[127.0.0.1])

by notify.vobie.mobi with esmtpa (Exim 4.92)

(envelope-from )

id 1wbgl0-0001CJ-1M

for root@doctor.nl2k.ab.ca; Mon, 22 Jun 2026 23:40:18 +0800

Content-Type: multipart/mixed; boundary="===============9172095869058102498=="

MIME-Version: 1.0

From: Vobile Compliance

To: root@doctor.nl2k.ab.ca

Subject: Notice of Claimed Infringement - Case ID 6b3a13769cbab28b9bc4

Reply-To: p2p@copyright-notice.com

X-Originator: p2p@copyright-notice.com

Message-Id: d097014a-e6e2-4790-b980-73b767ef4f55@copyright-notice.com>

X-Mail-From: p2p@copyright-notice.com

X-Message-ID: d097014a-e6e2-4790-b980-73b767ef4f55@copyright-notice.com>

X-Notice-ID: 6b3a13769cbab28b9bc4

Auto-Submitted: auto-generated

Date: Mon, 22 Jun 2026 23:40:18 +0800

X-Spam_score: 6.0

X-Spam_score_int: 60

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Notice ID: 6b3a13769cbab28b9bc4

Notice Date: 2026-06-22T15:40:18Z WorldGate



Content analysis details: (6.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[52.40.185.211 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

[34.168.17.114 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.168.17.114 listed in dnsbl.ahbl.org]

[34.168.17.114 listed in dnsbl.ahbl.org]

[34.168.17.114 listed in dnsbl.ahbl.org]

[34.168.17.114 listed in dnsbl.ahbl.org]

[52.40.185.211 listed in dnsbl.ahbl.org]

[52.40.185.211 listed in dnsbl.ahbl.org]

[52.40.185.211 listed in dnsbl.ahbl.org]

[52.40.185.211 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.168.17.114 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.168.17.114 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.168.17.114 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.168.17.114 listed in dnsbl.ahbl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

0.3 LONGWORD BODY: Uses overlong words

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[34.168.17.114 listed in bl.score.senderscore.com]

1.2 INVALID_MSGID Message-Id is not valid, according to RFC 2822

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

Subject: {SPAM?} Notice of Claimed Infringement - Case ID 6b3a13769cbab28b9bc4



-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



Notice ID: 6b3a13769cbab28b9bc4

Notice Date: 2026-06-22T15:40:18Z



WorldGate



Dear Sir or Madam:



I certify under penalty of perjury that I am authorized to act on behalf of the Paramount Global companies CBS Broadcasting Inc., CBS Studios Inc., Paramount Pictures Corporation, Showtime Networks Inc., Viacom International, Inc., Black Entertainment Television LLC, and other Paramount Global subsidiaries and affiliates (collectively, the “Rights Owners”), the owners of certain exclusive intellectual property rights in the copyrighted work(s) identified in this notice. I have a good faith belief that the information in this notice is accurate.



We have become aware that the below IP addresses have been using your service for distributing video files, which contain infringing video content that is exclusively owned by the Rights Owners.



We have a good faith belief that the Rights Owners’ video content that is described in the below report has not been authorized for sharing or distribution by the copyright owner, its agent, or the law. Such copying and use of this material constitutes clear infringement of the Rights Owners' rights under the Copyright Act and its counterpart laws around the world.



We are requesting your immediate assistance in removing and disabling access to the infringing material from your network. We also ask that you ensure the user and/or IP address owner refrains from future use and sharing of the Rights Owners’ materials and property.



In complying with this notice, you should not destroy any evidence that may be relevant in a lawsuit relating to the infringement alleged; including all associated electronic documents and data relating to the presence of the infringing items on your site, which shall be preserved while disabling public access, irrespective of any document retention or corporate policy to the contrary.



Nothing in this letter shall be construed as a waiver or relinquishment of any right, remedy, or claims possessed by the Rights Owners, or any affiliated party, all of which are expressly reserved.



Should you have any questions, please contact me at the information below.



Ben Sodos

Vobile, Inc.

Address: 2880 Lakeside Drive, Suite 200

Santa Clara, CA 95054, United States

Email: p2p@copyright-notice.com

408.217.5026











6b3a13769cbab28b9bc4

Open

Normal





Paramount Global

Vobile - Compliance

2880 Lakeside Drive, Suite 200

Santa Clara, CA 95054

+1 (408) 492 1100

p2p@copyright-notice.com





WorldGate

root@doctor.nl2k.ab.ca





2026-06-22T15:40:14Z

204.209.81.1

53401

BitTorrent



1







2026-06-22T15:40:14Z



The.Neighborhood.S06E05.1080p.x265-ELiTE

438846401

cee4335763650adc7ccf82b723aa401505b89628







-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2.0.22 (GNU/Linux)



iQEcBAEBAgAGBQJqOVdhAAoJEN5LM3Etqs/WPdcIAJ5yT3p/1poaS2thnlLGRfur

jWR8P02qaHfktJzhkJBrVqihs9p1KDOvayFGNrbWOjCo6SXKPjFNAu5TmHmcDOUy

OyC3pMFGgVZMqpYVu8oGkmxQnEz7Z5+GkYgjdFaep1IbwLno7mkLZBHknx3b0o0f

VrMpBDeVRKH6Tx6ivkJ12vGJbpqDXOAuVul76KxIJfpp6cKkzjajHqCNyggcPX78

dTnlQwCmbXvvSo/zHVHGuHYigiBBW2edQd076oc/y44eA7bGrhhMzLx7d+ZDuvGA

NmTnOlOhjqKzBWitmpQrO4vsQohwo1ZmyB+LCRDxs3vywEtSIcWgzXwtDsrAs2Y=

=AjD3

-----END PGP SIGNATURE-----

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:33:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgd8-000000000JA-38RA

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:32:10 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:32:10 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-m82213642.xmail.ntesmail.com ([8.221.36.42]:48936)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgVx-00000000PVP-06b7

for sales@nk.ca;

Mon, 22 Jun 2026 09:25:00 -0600

Content-Type: multipart/alternative; BOUNDARY="=_Part_1644124_946528744.1782141825398"

To: sales

Reply-To: nancy@lei-ou.com

Subject: =?UTF-8?B?UmU6UU1NIFNPQ0sgU09MVVRJT04gRlJPTSBDSElOQQ==?=

X-Priority: 3

MIME-Version: 1.0

Received: from nancy@lei-ou.com( [10.139.4.160] ) by ajax-webmail ( [127.0.0.1] ) ; Mon, 22 Jun 2026 23:23:45 +0800 (GMT+08:00)

From: Nancy

Date: Mon, 22 Jun 2026 23:23:45 +0800 (GMT+08:00)

X-WM-Tid: 0a9eefee30b8d0c0kusycda64a192102f1

DKIM-Signature: a=rsa-sha256;

b=hB+SoWBcffG1J40vNINf9IpXcD30spswwhFaAe78uEq/Rt4EmGXFGrnJKCoKV9/o+kHcpDUeBV/uxjPY7il3Zsd+jeZqMvRmHuR3+UCpI5KYT/zFfJyz0QUD2HkHT3vOw94dUvhdQuwd8wUKzWMxMeUaXH75rTTLayKG3NynGImtg/sJrCp/MEyxxNzweAmrNX1wJiZ2gtznpUut51bSEaBHsad8AUr2v90eU2ZqX7bLKNzjyY+ut37CcD6bRi3p4OrUI3UOAN5dOa4wJFvlkXn0y5fMb8Au2KI8Gv7HKk1fVZm4Vs4VqodAyk/2Sy+K48zqNm8dAoLYJXuOluPgVQ==; s=default; c=relaxed/relaxed; d=lei-ou.net; v=1;

bh=XAJlDnXEGH9tTywBKgWaxzcWna1EZUTIoGCS7O2emAk=;

h=date:mime-version:subject:message-id:from;

Message-ID:



Hi sales,

I hope this email finds you well.

Thank you for subscribing to our newsletter. We're thrilled to have you on board!

I am excited to inform you that we are currently offering a special promotion on our products.If you have any needs, please let me know as soon as possible so I can secure a discounted spot for you.

Thank you for your attention, and I look forward to hearing from you soon.

Best regards,







Enable premium notifications for product growth via . Keep My Alerts Active



To override these emails, visit Tweak Email Delivery.









Nancy Huang

General Manager

Hangzhou Qing Mian Mian Accessory Co Ltd

nancy@qmmapparel.com

www.qmmapparel.com









在2026-06-17，Nancy Huang 写道:



-----原始邮件-----

发件人： Nancy Huang

发件时间: 2026年06月17日 周三

收件人： [sales ]

主题： QMM SOCK SOLUTION FROM CHINA









Maintain your entry to exclusive updates by selecting . Continue Getting Alerts



To discontinue these messages, visit Refine Delivery Settings.







Hi Sales,



I'm Nancy Huang from Hangzhou Qing Mian Mian Co., Ltd (QMM), a specialist in sock manufacturing with 20 years of expertise. We partner with global brands to develop innovative footwear solutions across three core categories: pediatric, women's, and men's functional socks.



Our technical focus includes:

- Diabetic-friendly socks with enhanced circulation support

- Coolmax® moisture-wicking technology for active lifestyles

- Dairy Compression socks

- Waterproof outdoor socks

-Seamless Pants and Bra

-Legging and Thermal Tights



Should HEALTHCARE & REHAB SPECIALTIES require assistance in product development or market expansion strategies, I'd be pleased to arrange a consultation at your convenience.



Best regards,

Nancy Huang

nancy@lei-ou.com

General Manager

QMM Sock Solutions

www.lei-ou.com



















Nancy Huang

General Manager

Hangzhou Qing Mian Mian Accessory Co Ltd

nancy@lei-ou.com

www.lei-ou.com

Anouluck Wilms has invited you to Your Malwarebytes Subscription Renewal is Paid































































Your Malwarebytes Subscription Renewal is Paid

Malwarebytes Upgrade Confirmation Upgrade Date: Monday, 22 June 2026 23:21:40 Upgrade ID: SUEUT7VFB87N8 Account Reference: NA351XR1S Premium Support: +1 (810) 210-5434 Congratulations! Your account





Malwarebytes Upgrade Confirmation



Upgrade Date: Monday, 22 June 2026 23:21:40

Upgrade ID: SUEUT7VFB87N8

Account Reference: NA351XR1S

Premium Support: +1 (810) 210-5434



Congratulations!



Your account has been successfully upgraded to Malwarebytes. The upgrade fee of $199.99 USD has been processed and confirmed.



This upgrade unlocks premium protection features and enhances your account security level. All services are now active without any further action required.



Upgrade Summary



Account ID: G4R93MD3AX

New Plan: Premium Plus

Subscription Type: Full Coverage

Features: Real-Time Protection + VPN + Advanced Firewall

Device Coverage: Up to 5 Devices

Billing Cycle: Annual

Upgrade Charge: $199.99 USD

Payment Status: Completed

Security Token: 1c3b4bca-3130-413b-aa3b-3385f97a64b1



Additional Information



Your license has been securely linked to your account. Future updates and protection patches will be applied automatically. No manual configuration is required from your side.



If you did not request this upgrade or need assistance, please contact support immediately.



Support Contact: +1 (810) 210-5434



Thank you for choosing Malwarebytes.



Cheers,

Malwarebytes Team

When

Tuesday Jun 23, 2026 ⋅ 12:21am (Eastern Time - New York)

Organizer

Anouluck Wilms

anouluckwilms@hissbet.com

Guests

(Guest list has been hidden at organizer's request)

Reply for doctor@nl2k.ab.ca

Yes



No



Maybe

More options



Invitation from Google Calendar



You are receiving this email because you are an attendee on the event.



Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:33:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgd4-000000000Ik-1LxH

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:32:06 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:32:06 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oo1-f70.google.com ([209.85.161.70]:54601)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgU9-00000000PRT-3VyW

for doctor@nl2k.ab.ca;

Mon, 22 Jun 2026 09:23:03 -0600

Received: by mail-oo1-f70.google.com with SMTP id 006d021491bc7-6a0e15d07e6so3794861eaf.1

for ; Mon, 22 Jun 2026 08:22:06 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1782141721; x=1782746521; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=W+m7aVCqqlXw8+iHwlf5ruI0yNkPvZfQ4BoP6Xra2v4=;

b=CW8gLVFBz2rQJaXU3RdgRuwdVPnof3M5Fx+/jAAeuwskkGSQVVFVYWBZDknz1I+AJn

UFjRkB6pT4o0/ogxearHHUEy0GMw5XUnDbo1+xrxzLwXDyVcbpLF4ly4qF/2ICKw6rfD

jUqA6qQ7HZINxcX9Q3J3xwLbhj/w971JaE4c1hX2GM2iibjc2NRPfITZqEIEdokcICcI

f8jX9lOc6RRJswZnuZRX4FI2zNDpBfRivgDywFTmzxqGbRAAhcXyNq9igwMUqtLVnKJe

KLeOS+RYcy9kBffsIP/3zL+NmfQl/UE0gi875nLq1KB9HzyaapFLbpvw6omHGQvdNzPf

JdsA==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=hissbet-com.20251104.gappssmtp.com; s=20251104; t=1782141721; x=1782746521; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=W+m7aVCqqlXw8+iHwlf5ruI0yNkPvZfQ4BoP6Xra2v4=;

b=qRfaR7n94QyJx++7JooPVKSPB72i6WHGqV/HOV4IDicJIQSPSMTEdSyZ8c6sFx7Gm/

CDMjgwFwXlMgN0TnqDq0HZ8XzcqdbPdQQtYuSF79Jb3qYBvIUoAm1aeWkyaTrHO5XIeY

qWrcMU+Rc7jmbtur2LP5e7iCvxIQPTkXHoVN1BdSxjVz4fFNB9+hySUPVw5pjf4LAWL2

IPD4h3FGRcUgHtnJeK1kflkzJYiXGk9NaOnsbWAbUNXT8Muesu7hINuA9Mx1DJUQX58f

smHad0qooGk6H56NA72lzYxI5+Tso0rHCbXeDlhr3eQMKajMhgf5H/QKceeZIcOpQidd

INow==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782141721; x=1782746521;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=W+m7aVCqqlXw8+iHwlf5ruI0yNkPvZfQ4BoP6Xra2v4=;

b=KMC6rjpdeHawo+dfS8bXl4uYmey8ce1c2pl6IKEpH5jZ3j/xPz7uxGzS60BGkPNLGY

ITKTvX+wVZbmBzh7C0XqJn0d5RdhP9CQarFBfvo4lU9R976gcxDOEjkgPNLw2UFFrxXe

C3mEscOP4U33/wkcDksOaKzHqNvu3CEloO/VLcKbVJviIkAXIDYhGBbL9g5nB2J4vp7U

JwgkhKvUN+lTCK28LnXIn7ef1PnefZHR1cyLsxlDo/NJ27lmKdGQFdorKX9tQEABHdNQ

/61sHRzTu9eAPrUez/4mm9jwdpING8KEXW9u0SUzmpj/FgDZBQZhctz172ghjPsmwrRa

kDeQ==

X-Gm-Message-State: AOJu0YzA7AtwQyoOAdXy6rkw/WeAgGcsaY5UAYAO6QCk5gXSzspNqf4i

iqNKh3NkLJdF2KnN9EaacfTuMnldK3oXwPKrVqnqTG3njEojWHnG6HdXLZaK6Y2wSaRzlsKePiS

mOtMuAy78aAzflkBzWThdcg/bcef/b/c5PDTBOUGAnCcVZskqc7P2hoGY

MIME-Version: 1.0

X-Received: by 2002:a4a:ec44:0:b0:69e:3563:4424 with SMTP id

006d021491bc7-6a0d88b4be3mr10823403eaf.24.1782141720718; Mon, 22 Jun 2026

08:22:00 -0700 (PDT)

Reply-To: Anouluck Wilms

Sender: Google Calendar

Message-ID:

Date: Mon, 22 Jun 2026 15:22:00 +0000

Subject: Invitation: Your Malwarebytes Subscription Renewal is Paid @ Tue Jun

23, 2026 12:21am (GMT-4) (doctor@nl2k.ab.ca)

From: Anouluck Wilms

To: doctor@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="00000000000033f42b0654d934b4"

X-Spam_score: 8.7

X-Spam_score_int: 87

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Your Malwarebytes Subscription Renewal is Paid Tuesday Jun

23, 2026 â‹… 12:21am Eastern Time - New York Malwarebytes Upgrade Confirmation

Upgrade Date: Monday, 22 June 2026 23:21:40 Upgrade ID: SUEUT7VFB87N8 Account

Reference: NA351XR1S Premium Support: +1 (810) 210-5434 Congratulations!

Your account ha [...]



Content analysis details: (8.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.161.70 listed in will-spam-for-food.eu.org]

[209.85.161.70 listed in will-spam-for-food.eu.org]

[209.85.161.70 listed in will-spam-for-food.eu.org]

[209.85.161.70 listed in will-spam-for-food.eu.org]

[209.85.161.70 listed in will-spam-for-food.eu.org]

[209.85.161.70 listed in will-spam-for-food.eu.org]

[209.85.161.70 listed in will-spam-for-food.eu.org]

[209.85.161.70 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.161.70 listed in dnsbl.ahbl.org]

[209.85.161.70 listed in dnsbl.ahbl.org]

[209.85.161.70 listed in dnsbl.ahbl.org]

[209.85.161.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.161.70 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.161.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.161.70 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.161.70 listed in dnsbl.ahbl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.3 LONGWORD BODY: Uses overlong words

0.6 MEGALONGWORD BODY: Uses really overlong words

1.5 TVD_PH_SEC BODY: Message includes a phrase commonly used in phishing

mails

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.161.70 listed in bl.score.senderscore.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.161.70 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Invitation: Your Malwarebytes Subscription Renewal is Paid @ Tue Jun 23, 2026 12:21am (GMT-4) (doctor@nl2k.ab.ca)

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:02:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbg9o-00000000NGB-3nGM

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:01:52 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:01:52 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mta43-63.mmglsmd.net ([103.37.43.63]:55053)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbfGe-00000000C1A-1CeX

for root@nk.ca;

Mon, 22 Jun 2026 08:05:00 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;

d=hn.threeway-pipe.com; i=@hn.threeway-pipe.com;

q=dns/txt; s=umail; t=1782137042; h=content-type :

mime-version : message-id : reply-to : subject : from :

to : date : subject : from : date;

bh=PlUEGZPBM4N1vYDzWpb65I9mLJap8TAY4nC8Q7uuXZE=;

b=cdDGWqNHOqhg2hfLvanGMHleFA6Lo5MOrsBlv90eFIvuhl63V2VXgAo8

kgQ2gDXDfxwCpi+T4I2p5QqS9Uqb6DGMj/VkHfqUoNQhw3ZGAvqdaP0RpR

p9NLTcQbq8yFF4pMxJL7cfJiCkHcptG8EQakjNJpj6vyyP7usj2t2T278=

Received: from helo (unknown [127.0.0.1])

by smtp.hn.threeway-pipe.com (Postfix) with ESMTP id qGokpPBHmexl

for ; Mon, 22 Jun 2026 22:04:02 +0800

Content-Type: multipart/mixed; boundary="===============3627567543641820540=="

MIME-Version: 1.0

Message-Id: <20260622220402.99860-{13453:20260622220231-13453-19}-0048485@hn.threeway-pipe.com>

Reply-to: sophia@threewaysteel.com

Subject: =?utf-8?q?Re=3ASpecialty_Alloy_Steel_Pipes_=E2=80=93_Alternative_Source_f?=

=?utf-8?q?or_Canadian_EPCs?=

From: Sophia-Threeway steel

To: "www.nk.ca"

Date: Mon, 22 Jun 2026 22:04:02 +0800

Mail-ID: 6a3940bee1382308adf08436

X-Spam_score: 13.3

X-Spam_score_int: 133

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Purchasing Manager, Good day !



Content analysis details: (13.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

[103.37.43.63 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

[103.37.43.63 listed in dnsbl.ahbl.org]

[103.37.43.63 listed in dnsbl.ahbl.org]

[103.37.43.63 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[103.37.43.63 listed in dnsbl.ahbl.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: shinestarsteel.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: count.shinestarsteel.com]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[103.37.43.63 listed in bb.barracudacentral.org]

0.6 URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist

[URI: ns17.xincache.com/112.80.181.45]

[URI: ns18.xincache.com/112.80.181.111]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[103.37.43.63 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

3.4 RATWARE_RCVD_PF Bulk email fingerprint (Received PF) found

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.6 J_CHICKENPOX_45 BODY: 4alpha-pock-5alpha

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} =?utf-8?q?Re=3ASpecialty_Alloy_Steel_Pipes_=E2=80=93_Alternative_Source_f?=

=?utf-8?q?or_Canadian_EPCs?=







Dear Purchasing Manager,



Good day !



This is Sophia from Threeway steel .



We understand Canadian buyers are facing steel import quota restrictions (only 20%-50% of 2024 levels).



To help you navigate this, we offer specialty steel pipes that are less commonly produced in North America:



High-strength alloy: P620 / P690 / 10CrMo9-10



Sour service: API 5L X65/X70 with NACE/HIC/SSC



Marine grade pipes (ABS/DNV/Lloyd's certified)



Our products are not subject to standard TRQ competition. We can provide EN 10204 3.2 and work with your EPC requirements.



Do you have any upcoming projects requiring non-standard grades? A brief call might be valuable.



Best regards,





















If you have any inquiry, pls keep me posted. Thank you.



Wish you have a nice day.



Best regards,



Sophia Zeng

Sales Manager | Industrial Pipe Division



Threeway Steel Co.,Ltd

Tel:+86-731-88736283 Fax:+86-731-88896236

Mobile : +86-13544036536

Email: sophia@threewaysteel.com

Website: www.threewaysteel.com

Skype: zeng.sophia1 Wechat:meiping77



Hunan Steel Industrial Zone, Tianxin Special District,

Changsha City,China

Amarpreet Wutkowski has invited you to Customer Account Update

Title: Customer Account Update

When: Monday, June 22, 2026 at 20:58

Organizer:

Amarpreet Wutkowski

Description:



Malwarebytes Premium Upgrade Confirmation

Upgrade Date: Monday, 22 June 2026 21:58:07

Upgrade ID: LUX0STIQ5LNY6

Premium Support: +1 (810) 228-1548



Congratulations!



Your account has been upgraded to Malwarebytes Premium Plus. The upgrade fee of $199.99 USD has been applied to your account.



Upgrade Summary:



Account ID: RXURBI66

New Plan: Premium Plus

Features: Real-Time Protection + VPN

Billing Cycle: Annual

Upgrade Charge: $199.99 USD

Security Token: 04e19401-667f-47fe-9658-c4b4e3ea5223



Your upgraded features are now active. No further action is required.



Questions? Call us at +1 (810) 221-9463.



Cheers,

Malwarebytes Upgrades Team

Lead: David Park

Attendees:



doctor@nl2k.ab.ca



Customer Account Update

Malwarebytes Premium Upgrade ConfirmationUpgrade Date: Monday, 22 June 2026 21:58:07Upgrade ID: LUX0STIQ5LNY6Premium Support: +1 (810) 228-1548 Congratulations! Your account has been upgraded to Malwa





Malwarebytes Premium Upgrade Confirmation

Upgrade Date: Monday, 22 June 2026 21:58:07

Upgrade ID: LUX0STIQ5LNY6

Premium Support: +1 (810) 228-1548



Congratulations!



Your account has been upgraded to Malwarebytes Premium Plus. The upgrade fee of $199.99 USD has been applied to your account.



Upgrade Summary:



Account ID: RXURBI66

New Plan: Premium Plus

Features: Real-Time Protection + VPN

Billing Cycle: Annual

Upgrade Charge: $199.99 USD

Security Token: 04e19401-667f-47fe-9658-c4b4e3ea5223



Your upgraded features are now active. No further action is required.



Questions? Call us at +1 (810) 221-9463.



Cheers,

Malwarebytes Upgrades Team

Lead: David Park

When

Monday Jun 22, 2026 ⋅ 10:58pm (Eastern Time - New York)

Organizer

Amarpreet Wutkowski

amarpreetwutkowski@bet30x.com

Guests

(Guest list has been hidden at organizer's request)

Reply for doctor@nl2k.ab.ca

Yes



No



Maybe

More options



Invitation from Google Calendar



You are receiving this email because you are an attendee on the event.



Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:02:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbg9b-00000000NFr-2aLY

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:01:39 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:01:39 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f200.google.com ([209.85.222.200]:47269)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbfBM-000000007In-02H3

for doctor@nl2k.ab.ca;

Mon, 22 Jun 2026 07:59:34 -0600

Received: by mail-qk1-f200.google.com with SMTP id af79cd13be357-9158e75cbc0so735669185a.2

for ; Mon, 22 Jun 2026 06:58:36 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1782136710; x=1782741510; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=g7xqisWvQ3wzonZ+Cxc16NdjFKEwDrEf8GaaJ3LjLhM=;

b=hphQMN+6Y552sS/fzzu58xYzt6pVldqA2GI3QBItdLD4RdGco/ZifXcjeygRufpEG1

JOk6C239behuldJpgi77wz1yMIDVJuG/FlbLVTf/m8yKuO4uJ5neAW+C7IC42HyVgE/0

7SIf46yiXErn6w3hwUpCMP672aGt0qlXlJSpLiXu+ySUntJtINwJKrduCq4bBrNsjnp7

FxszKyr9D9WqqsFiGU04IIwqAVg4YX0tGCGD9LXnxzCWoL8YeOvj75Hf5ypp8CnqcwHu

4EFUtaXHwdFtic0tZz0EoPEpK3+VbT3a2rE/ZA8VFWdCsOcAe+1V4FuRd7vP2V1ob+2n

rIGg==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=bet30x-com.20251104.gappssmtp.com; s=20251104; t=1782136710; x=1782741510; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=g7xqisWvQ3wzonZ+Cxc16NdjFKEwDrEf8GaaJ3LjLhM=;

b=k1QM+VcBX/ky8Ym1Qvi36gVh9LkK7huoPjt076EoyINNmX5losrK7ypQRSmkJFaR2e

BdbizY/J6wLY3onr/VgbBF7q7r9ui6Qx0GiZNgpCoFvKDlpcSB3du1NLkPKwhSYr/B/2

CKQPvxy3sj2+Kk8X3LyQ0llt2hbjCjonupyuZUqnbD0jY4iE2sU0XmpsKA4KTLkaElRV

hI0Qoi+lxKRs1Ww4Ok0v89IV/hLX096UcTRY8HYsfxJ5BmO78X5Y7EykDc3Ie5i5L+nC

xjudtSh0cXDwPi/p08/CVHTedZkptMwh0IOtqT+KEQayPVvmg3gIfGty4G/1Ae1MiVMG

IdGA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782136710; x=1782741510;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=g7xqisWvQ3wzonZ+Cxc16NdjFKEwDrEf8GaaJ3LjLhM=;

b=bGCYv5vdhwVBEIZmh/6emFXlJyjllyAHsHSY4xlNmO6yHc6YHT96zUubyyXondhnP2

q9Bjj1eaIieQMtjyVLPFySCdbvKdHz5oYEsqQLcMcg35iF1UsEVVC4DCwDL8Nic3W7am

/EDZ4J/7zSGLFERCbRZ0ZJSLQ17/43A8Jlhjx8krTGoz6KrvKtN+WDpGe2RQjwj6aE+p

PZHnCNNaUuAhqD/RLLGJYQ7knU/OpRXeZIkaoWZZjmqBsQzzVh7nOTiZQK2kEIy5kxYL

2yEdqnlXRc9vc+9DwkDNcmGgKrZLEt/Zy8gbprIoEKhLITtwQPBGkzv3r2HpPSVhyd+6

0KaA==

X-Gm-Message-State: AOJu0Ywx4k1nY338aW/FHyaY8V7lZiN7EhvC3/cq5jg9duvPgIICgl2K

aSz+MvGXthUUKOpybQv5E7f1tl6Uq6QEYIF8+66xR/cL0PW7xgEK1ssAfd0Yeb6lHtrTLwbbpcw

MPMotHEVWIZFJPDDiqS0q75mneHt93ZyrzFaS+GLGekyuflhQLUjHAT8w

MIME-Version: 1.0

X-Received: by 2002:a05:620a:17ab:b0:90f:5da3:950e with SMTP id

af79cd13be357-920d1ce4e64mr2054388485a.9.1782136710316; Mon, 22 Jun 2026

06:58:30 -0700 (PDT)

Reply-To: Amarpreet Wutkowski

Sender: Google Calendar

Message-ID:

Date: Mon, 22 Jun 2026 13:58:30 +0000

Subject: Invitation: Customer Account Update @ Mon Jun 22, 2026 10:58pm

(GMT-4) (doctor@nl2k.ab.ca)

From: Amarpreet Wutkowski

To: doctor@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="0000000000008f50540654d809ef"

X-Spam_score: 7.0

X-Spam_score_int: 70

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Customer Account Update Monday Jun 22, 2026 â‹… 10:58pm Eastern

Time - New York Malwarebytes Premium Upgrade ConfirmationUpgrade Date: Monday,

22 June 2026 21:58:07Upgrade ID: LUX0STIQ5LNY6Premium Support: +1 (810) 228-1548

Congratulations! Your account has been upgraded to Malwa [...]



Content analysis details: (7.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

[209.85.222.200 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

[209.85.222.200 listed in dnsbl.ahbl.org]

[209.85.222.200 listed in dnsbl.ahbl.org]

[209.85.222.200 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.200 listed in dnsbl.ahbl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.3 LONGWORD BODY: Uses overlong words

0.6 MEGALONGWORD BODY: Uses really overlong words

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.200 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.222.200 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 TVD_PH_SUBJ_META1 Email has a Phishy looking subject line

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Invitation: Customer Account Update @ Mon Jun 22, 2026 10:58pm

(GMT-4) (doctor@nl2k.ab.ca)

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:32:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgco-000000000GP-1bMx

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:31:50 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:31:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from srv1.whitednsservice.com ([38.46.221.25]:54976)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgYy-00000000PiP-19Z4

for sales@nk.ca;

Mon, 22 Jun 2026 09:28:01 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=tarafdarnet.com; s=default; h=Content-Transfer-Encoding:Content-Type:

MIME-Version:Message-ID:Subject:From:To:Date:Sender:Reply-To:Cc:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=5NxtC3SMJnR9/A2YVxyZ6t0ZkftUHEGWtEBfBFtlvIg=; b=cKWxVvmtQskOv5NVduTuVwWOBj

2bEfFl82C2+9QTuxL+h71ySrCYW6KJEXSV/Ljy5BcT884fZaOCmlB4i2JEsX36ERlhf3ek/nB/8Sv

SEEp93aGoXpCdlvm1C3EzLWVv8mjRtj6CFOXSHEeCAOMKDn5bLkXtxSz+C4d+cvPGZlhs9D00OwRn

l7rv70Ag3Lw9G8bKctnB9i6/qeKjNbm6CDnnmA/FIr8pKmIpXrQlUZFaqcciMT2soldNxOJE1ez6m

/kSuzgsMjLCViRz5fz9HJj55ygLvx4VzapVxxByMUNo/2pyUBsCe8idf4x7tc5Bx00YLFigVJJtIc

PqwSSl2A==;

Received: from [196.64.115.251] (port=60597 helo=127.0.0.1)

by srv1.whitednsservice.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.4)

(envelope-from )

id 1wbevp-0000000DC3F-2JAP

for sales@nk.ca;

Mon, 22 Jun 2026 09:43:21 -0400

Date: Mon, 22 Jun 2026 15:40:05 +0200

To: sales@nk.ca

From: Intelcom

Subject: Intelcom Delivery Notification

Message-ID: <1d24f63d0444772ed2aca9cc9024a309@tarafdarnet.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1e07445f4b4e9234a4a1c733b6a047385"

Content-Transfer-Encoding: 8bit

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - srv1.whitednsservice.com

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - tarafdarnet.com

X-Get-Message-Sender-Via: srv1.whitednsservice.com: authenticated_id: admin@tarafdarnet.com

X-Authenticated-Sender: srv1.whitednsservice.com: admin@tarafdarnet.com

X-Source:

X-Source-Args:

X-Source-Dir:



This is a multi-part message in MIME format.



--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit







Intelcom



Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.Manage My Delivery



This is an automated message. Please do not reply.

© 2026 Intelcom Express





--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

Intelcom

Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.

Manage My Delivery

This is an automated message. Please do not reply.

© 2026 Intelcom Express

--1e07445f4b4e9234a4a1c733b6a047385--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 09:32:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgco-000000000GP-1bMx

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 09:31:50 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 09:31:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from srv1.whitednsservice.com ([38.46.221.25]:54976)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbgYy-00000000PiP-19Z4

for sales@nk.ca;

Mon, 22 Jun 2026 09:28:01 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=tarafdarnet.com; s=default; h=Content-Transfer-Encoding:Content-Type:

MIME-Version:Message-ID:Subject:From:To:Date:Sender:Reply-To:Cc:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=5NxtC3SMJnR9/A2YVxyZ6t0ZkftUHEGWtEBfBFtlvIg=; b=cKWxVvmtQskOv5NVduTuVwWOBj

2bEfFl82C2+9QTuxL+h71ySrCYW6KJEXSV/Ljy5BcT884fZaOCmlB4i2JEsX36ERlhf3ek/nB/8Sv

SEEp93aGoXpCdlvm1C3EzLWVv8mjRtj6CFOXSHEeCAOMKDn5bLkXtxSz+C4d+cvPGZlhs9D00OwRn

l7rv70Ag3Lw9G8bKctnB9i6/qeKjNbm6CDnnmA/FIr8pKmIpXrQlUZFaqcciMT2soldNxOJE1ez6m

/kSuzgsMjLCViRz5fz9HJj55ygLvx4VzapVxxByMUNo/2pyUBsCe8idf4x7tc5Bx00YLFigVJJtIc

PqwSSl2A==;

Received: from [196.64.115.251] (port=60597 helo=127.0.0.1)

by srv1.whitednsservice.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.4)

(envelope-from )

id 1wbevp-0000000DC3F-2JAP

for sales@nk.ca;

Mon, 22 Jun 2026 09:43:21 -0400

Date: Mon, 22 Jun 2026 15:40:05 +0200

To: sales@nk.ca

From: Intelcom

Subject: Intelcom Delivery Notification

Message-ID: <1d24f63d0444772ed2aca9cc9024a309@tarafdarnet.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1e07445f4b4e9234a4a1c733b6a047385"

Content-Transfer-Encoding: 8bit

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - srv1.whitednsservice.com

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - tarafdarnet.com

X-Get-Message-Sender-Via: srv1.whitednsservice.com: authenticated_id: admin@tarafdarnet.com

X-Authenticated-Sender: srv1.whitednsservice.com: admin@tarafdarnet.com

X-Source:

X-Source-Args:

X-Source-Dir:



This is a multi-part message in MIME format.



--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit







Intelcom



Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.Manage My Delivery



This is an automated message. Please do not reply.

© 2026 Intelcom Express





--1e07445f4b4e9234a4a1c733b6a047385

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

Intelcom

Delivery Update

Your package is currently being processed and requires a small fee for customs handling.

Amount due: 2.96 CAD

Please confirm your delivery details to ensure a smooth delivery experience.

Manage My Delivery

This is an automated message. Please do not reply.

© 2026 Intelcom Express

--1e07445f4b4e9234a4a1c733b6a047385--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 22 Jun 2026 06:43:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbdzA-00000000J3L-26v9

for dave@doctor.nl2k.ab.ca;

Mon, 22 Jun 2026 06:42:44 -0600

Resent-From: The Doctor

Resent-Date: Mon, 22 Jun 2026 06:42:44 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic308-19.consmr.mail.sg3.yahoo.com ([106.10.241.209]:45655)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wbdZu-00000000IDI-2Ioe

for sales@nk.ca;

Mon, 22 Jun 2026 06:16:48 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1782130542; bh=eGnC4RO8vEwHtgbT3OIdPRKLtiAkhz0bMU8roVStKDQ=; h=Date:From:References:Subject:From:Subject:Reply-To; b=J4sK9sFMEtGQyrk9v3nk1DU4WRy//VhyylK4DICteWrtFSQsVsIJSR7bi37LkOhYJ0DnGn2WPIIOqw1uZC0BdjqctevaqQcoV2E0MyWPNpOa07zjr8GRtMWC7DEEIFm+tbaciuupPQMbIjw37x65fdrOns4uOPPd3hldPfMq6a3bnkLfmvaI7IcM+KAS8ySiXmMDKrzHibar60L0Xo/DDb4rs8TpLPRFxhFQNBolACiSwUUvR406FSk33Le/zkXPn6UoORIIyInytB+L5btb7mV1CJn0qA8L6mq8Iqkw7wzPKstuGm6f1Ds81nxK4Og/O9nHKiSGHpsj8Hd3NUSONQ==

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1782130542; bh=586HspydFyMyZova3mIeLGiKQ98cgKLa5m2YNxJKnFO=; h=X-Sonic-MF:Date:From:Subject:From:Subject; b=eMmCml4kjPNWyHRtr7pptxm52Fp1sVBecGyO/v7kkprzALC1EghgjnLECmxam6YwFwoTiGS77DImXjjchYwc05FcDpErR3LDBbsNHn11pU6fnMpXBxNr0cWbNiKGLK0/HFuB9iALNoLxzqPsDshUb0UAA8OMEfFE+CNET+dj28AzUfmDQEeCajbSSWpuXHeavzSGXJfVEDWLhBD69jE4zfCTM0uCoFIUCZjdlCQvbJyyCgEDfkDNM+hfIbNQwblw5MHJ39rx62UltnJoYJGfLba4ClEImnEDuUe9Tgl7+J0M7Zg4a/6r1Df9xCl44onbQm6eGR9mb8lu64qCwa90HA==

X-YMail-OSG: YTZVD6kVM1kf0JBuhL9f90TMJxDxajMct_wIp8y2Xc_pjK2Y1l4.cFl4seoPnPj

fjJsSnkha_jKvUT1gSWS9VewRJPc0li1cMEu5YCL8YrbhlZaeexSc5tNYUjtlSl9jqV.dg7heLro

Ck3pMKGRx6Ru3tFdW7Rx7BR7nzb3sD2Nuwp2HdFVPehbJipdtvXZynv6cZ.ZtK9L4gznaifTJsgB

h396Cnz9S3Yq0ZQNg7kOvmWPSUThMKKQ_dMeSt7Oz7kWNbAbhD63GAoLSsBhxWOrM37PhjCCw_1d

k4mX3dZJoBPp0865SZidKHrQrKPfE.6xcOCyIo76bgtUbUGgAbwrko8Mzq_QEmEwud2zq66ejGTU

L243d0EQYKjRg2O4iC_xgOp1FcGE3f4_nAKRJa1vdy7gGB08efGTvIhj3EHZvjZ9asVu3U08kO2f

SCaeALgxkMZg1ScZww_7pfFEcp2xbUbAOf2CctePt54a.PkLPiNSMIC3ZirO0ptETtwCw2nJV7iL

kICPwods6DYmPB2eqWlBpaXKu5wcG6FOHUQJOvDWL6wRJrWHyTJzmsKSJR1aYGzglYyd6oRtdmFf

2DCY_RReLYqKISQPFG4OoOYIcZ29d2xbK8NvQx__U8NWTvAfPk2dYg.NeGV3NbOKbrnWfoHAYm.i

swPiEqEg8ahGvKxaCGx_BunynyCDyRLagJQDWRMRR4GoIYiAHnQWAhNi3PeEnUkJ2DGv.h3IYBkE

h.M4ekHkcvIxJcvMJO1kX9zwxxb2eABFPEdMl4t2e.F369MRdhUXINkTiPcSiYgdA8E4eosRgPyt

PKpdoOKRBCG6vZrqBZpg7Wuk3QNKZs6R8XqmHriIe.Sdms79roxYNtGt0N0o0lL9hnnNOS65sIzY

cD6_dk7zQqVP6CgtL6m4kBTcAogjc62XquXfqBD4o_bxnk9.HNIoUXN2jpeh1TjhlKLTvEOl6z25

XrzQjzysItbHU.I_CQhCvNBZfi2Qm6yHZQEeCcp68.h0An2gA6tU7Jx9XR3jrk0gAh0RfADUwjLr

4y3KUOliSNxv.JZKoukcC7FgawLN2aTQnRyuEciwp7Eb.ek1ewuDaSBsYUJE2oItEo9U.aN_ksFs

e3Y0R6uVobpBLgJ5lmYVgit5qJE6.UiKvGvEt2_aGc17U_HrrPh.F7ju7dW6PBMijLottFrk148n

poSBlkR74J7n.H7yyqcw5i43F3nXJ10TowcnhFx2VmOJHQ6Tjc_WkdjV8JpxoWrM0jTqhvRvDcqj

L_bhp5UPfS5xYavC68fSvSyUlkex_YYh7yVM60FQRCOknG46fJ.BLmboU7zv14mb7Hdj3l8QGLhL

RCDpv7atBRkAjCOmo9Ep8D3v.QtLP0ARqnMsGXZgEQjiCT5Cibs7qfzZwJSKwEbgpI6Y8hNpWqN1

k9NoQ5_otz87R0j.yRQL7F1zJdrWRpAab5vGKFgiKmLBuuF07Fr7QhT7p3VW32kVv1XJm_cGdSYt

nHB5XGICur1YI3dGZ7oxLfG087f1Xo6_LerulVJX0aCjfjh.tfq.b6KfUV0X2GWC1F_leRRSNil1

TtuWu1MAeBROYYNlXQg0434WZoyXdQ5.SCKqX8cVhJMgkKJ6CK83YGhYxld4.JlbSA0j_70Q.KdK

CEViC7dJe6pbPlXRBoGL6fL05e.gjms6tFBEMHZJ6XzaP.HuEgEpvfsatf_ShMs.BsHon83H36P5

kxsNbULzewT4IPRmkWdT_7ug.b6ctvEdZcECJYc0oq9utEP_OFXc8tXMoDc3jBzIx.DgIgL8bVT6

pGhm.bnmW4K8MBs2l_UQVxec6eUvuoEvhzfbDfGKNYuMDRbxgN6OSoi2A5K4SgsM8Ot.UN9vIr1C

pDfZ15B93THBIEZEqdPDJ_1qkgjEUSev2NAqK.JBQsOtoSziA_2I0y.QwKbI6Am7zWf2fO_7LWY1

ak9ZCHrrskobVP0BD7k1iIXnQvoJTc38atLJ9y9xlPc98RuWLXcixHUqCIN6x3TrzssbSnyePfv3

YootSc3KpDylZRYhO01ZmGGsbDGajQ02Vy3b.GGvQlOEZhbll9WwXUF6qlLkKFgx5_ULPOWVh84W

2KLEjQOAMF0hCnihNjlR0SAFKAkIo0vuoP5vR8icZgK.88JWBg9Bs05O4ebu.J4aG.pOAdCU5wA7

r4xoU.cfPnotJnMb6smRgQhyJNRhtKEWE3u0gTIN6LW8OZpHy2_4O5b.rwSor0JY_C1xGVm6rd4z

Q.KE-

X-Sonic-MF:

X-Sonic-ID: 27fcedac-606c-4578-99ad-07d533efaf34

Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.sg3.yahoo.com with HTTP; Mon, 22 Jun 2026 12:15:42 +0000

Date: Mon, 22 Jun 2026 12:15:39 +0000 (UTC)

From: vinod kumar

Message-ID: <138926459.539178.1782130539672@mail.yahoo.com>

References: <138926459.539178.1782130539672.ref@mail.yahoo.com>

Subject: =?UTF-8?Q?Get_8=E2=80=9310_quality_leads?=

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_Part_539177_581140564.1782130539671"

X-Mailer: WebService/1.1.26016 YMailNovation



------=_Part_539177_581140564.1782130539671

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable





Hi,



We can placeyour website on Google 1st page.



8=E2=80=9310 leads aweek (max 15=E2=80=9320 days after we start our work)



=C2=A0 1. S.E.O Rankhigher



=C2=A0 2. Get 8=E2=80=9310quality leads



=C2=A0 3. Boost onlinevisibility



=C2=A0 4. Meta ads/Google ads



If you'reinterested, I can share our package and price details.



Thanks



Vinod





------=_Part_539177_581140564.1782130539671

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: quoted-printable

ly:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;">

=3D"ltr" data-setdir=3D"false">

style=3D"font-family:"Calibri","sans-serif";mso-fareas=

t-font-family:"Times New Roman";mso-font-kerning:0pt;mso-ansi-lan=

guage:EN-US">Hi,

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">We can place

your website on Google 1st page.

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">8=E2=80=9310 leads a

week (max 15=E2=80=9320 days after we start our work)

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US"> 
an style=3D"color:#00B0F0">1. S.E.O Rank

higher

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US"> 
an style=3D"color:#002060">2. Get 8=E2=80=9310

quality leads

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US"> 
an style=3D"color:#00B050">3. Boost online

visibility

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US"> 
an style=3D"color:#E97132;mso-themecolor:accent2">4. Meta ads/Google ads
pan>

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">If you're

interested, I can share our package and price details.

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">Thanks

quot;,"sans-serif";mso-fareast-font-family:"Times New Roman&=

quot;;mso-font-kerning:0pt;mso-ansi-language:EN-US">Vinod
=3D"EN-GB" style=3D"font-family:"Calibri","sans-serif""=

>

------=_Part_539177_581140564.1782130539671--

________________________________

From: Alok Kumar

Sent: 19 June 2026 12:09

Subject: SEO Proposal?





Hi,







I came across your website and wanted to reach out.







If you're interested, I can send information about our SEO services and pri=

cing.







If you'd prefer not to receive emails from me, simply reply with "No thanks=

" and I won't contact you again.







Kind regards,



--_000_TY0PR04MB73504AD188FB2B50CF51B52D82EF2TY0PR04MB7350apcp_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable








>

>
lack;">Hi,

ite; margin: 0cm;">


ack;"> 

ite; margin: 0cm;">


ack;">I just wanted to check if you received my previous email.

ite; margin: 0cm;">


ack;"> 

ite; margin: 0cm;">


ack;">If you're interested, simply reply with "
ont-family: Calibri, sans-serif; font-size: 11pt; color: rgb(12, 136, 42);"=

>SEND
ze: 11pt; color: black;">"

or "
: 11pt; color: rgb(12, 136, 42);">P
: Calibri, sans-serif; font-size: 11pt; color: black;">roposal,"=

; and I'll share the details. If not, just reply

"
1pt; color: rgb(222, 106, 25);">REMOVE
ily: Calibri, sans-serif; font-size: 11pt; color: black;">" or "<=

/span>
or: rgb(222, 106, 25);">NO
, sans-serif; font-size: 11pt; color: black;">."

ite; margin: 0cm;">


ack;">I'm waiting for your response!

ite; margin: 0cm;">


ack;"> 

ite; margin: 0cm;">


ack;">Thanks!

---

--_000_TY0PR04MB73504AD188FB2B50CF51B52D82EF2TY0PR04MB7350apcp_--