NetKnow Corporate Blog

Fedex Phish from Mailgun

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 14:15:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSLea-00000000E5Z-1d51

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 14:14:32 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 14:14:32 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from m228-58.mailgun.net ([159.135.228.58]:60042)

by doctor.nl2k.ab.ca with utf8esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSLRP-00000000Bkr-0RVA

for root@nk.ca;

Thu, 19 Jun 2025 14:01:02 -0600

DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=zekona.it.com; q=dns/txt; s=mailo; t=1750363126; x=1750370326;

h=Content-Type: Content-Transfer-Encoding: Message-Id: List-Unsubscribe: Reply-To: To: To: From: From: Subject: Subject: Mime-Version: Date: Sender: Sender;

bh=hVYfHOppTeX90GjLQ1Z9MnUM/xew3CmyoSPuqiJKcYc=;

b=xjKLpTA8vHreBPvU5MD5oplC5zqAd3WdT9E51vU3JU3wijZPH5tvaCxmj9AKenycEYOP8biecG97BWbl3t3WzhmF41vDiAg5dE5TFVWfCz4QMt0oLKGJod19oVpU4PNv6HxkHZjLuLcpXmbHEcDaP9Y9DUojD7HLz2H76W3w+XM=

X-Mailgun-Sid: WyIyY2Y0OSIsInJvb3RAbmsuY2EiLCIzNmE4OGMwIl0=

Received: by b82230418fe3 with HTTP id 68546bf64ce52476f8fc792c; Thu, 19 Jun 2025

19:58:46 GMT

X-Mailgun-Sending-Ip: 159.135.228.58

Sender: no-reply@zekona.it.com

Date: Thu, 19 Jun 2025 19:58:46 +0000

Mime-Version: 1.0

Subject: =?UTF-8?q?=F0=9F=94=A5_20%_Discount_If_You_Pay_Before_Midnight!?=

From: FedEx Tracking

To: root@nk.ca

Reply-To: support@zekona.it.com

List-Unsubscribe:

Precedence: bulk

Message-Id: <20250619195846.366244b026b66b8c@zekona.it.com>

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset="utf-8"

X-Spam_score: 6.7

X-Spam_score_int: 67

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: FedEx Notification New Delivery Notice Hello, A shipment

associated with your name has arrived at your designated location in CA and

is ready for collection. Tracking ID: FEDEX-CA577215117391 Additional confirmation

ma [...]

Content analysis details: (6.7 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[159.135.228.58 listed in dnsbl.ahbl.org]

[159.135.228.58 listed in dnsbl.ahbl.org]

[159.135.228.58 listed in dnsbl.ahbl.org]

[159.135.228.58 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[159.135.228.58 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[159.135.228.58 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[159.135.228.58 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[159.135.228.58 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[159.135.228.58 listed in will-spam-for-food.eu.org]

[159.135.228.58 listed in will-spam-for-food.eu.org]

[159.135.228.58 listed in will-spam-for-food.eu.org]

[159.135.228.58 listed in will-spam-for-food.eu.org]

[159.135.228.58 listed in will-spam-for-food.eu.org]

[159.135.228.58 listed in will-spam-for-food.eu.org]

[159.135.228.58 listed in will-spam-for-food.eu.org]

[159.135.228.58 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[159.135.228.58 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

Subject: {SPAM?} =?UTF-8?q?=F0=9F=94=A5_20%_Discount_If_You_Pay_Before_Midnight!?=

FedEx Notification

bgcolor=3D"#f4f6f9" style=3D"padding:30px 0;">

=3D"0" bgcolor=3D"#ffffff" style=3D"border:1px solid #dcdcdc; font-family:A=

rial, sans-serif;">

nter-logo-w9vr0z7u0hbyri8f-2.png" alt=3D"FedEx" width=3D"150" style=3D"disp=

lay:block;">

eight:bold; color:#333333;">

New Delivery Notice

#555555;">

Hello,

#555555;">

A shipment associated with your name has arrived at your de=

signated location in CA and is ready for collection.

or:#444;">

Tracking ID: FEDEX-CA577215117391

der-left:4px solid #4e2a84; font-size:14px; color:#333;">

Additional confirmation may be needed before retrieval.

le=3D"background-color:#4e2a84; color:#ffffff; text-decoration:none; paddin=

g:12px 24px; border-radius:5px; display:inline-block; font-weight:bold; fon=

t-size:14px;">

View Details

or:#999999; text-align:center;">

=C2=A9 2025 FedEx Corporation. This message was generated a=

utomatically.

Spanish language phish from OVH

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 14:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSLdu-00000000Dzn-2P00

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 14:13:50 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 14:13:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from vps-7f92053e.vps.ovh.net ([57.129.62.51]:50602)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSK5S-00000000NTu-3Sd2

for doctor@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 12:34:18 -0600

Received: by vps-7f92053e.vps.ovh.net (Postfix, from userid 0)

id 76D4047C10; Thu, 19 Jun 2025 18:32:17 +0000 (UTC)

X-Mailer: mail (GNU Mailutils 3.7)

Content-Type: multipart/mixed; boundary="054f231437a97e82176df5886339d4c8"

Content-Transfer-Encoding: 7bit

Subject: Factura Electronica 892101 Serie 219 Adjunta

From: Facturacion Electronica 219

To:

Message-Id: <8CDETXnmV6JbN0=7FjFjWHvhtv9RGGuj1eDGKUel@vps-7f92053e.vps.ovh.net>

Reply-To:

X-Originating-Email: facturacionelectronica219@vps-7f92053e.vps.ovh.net

List-Unsubscribe:

Importance: High

X-Priority: 1 (Highest)

Priority: Urgent

MIME-Version: 1.0

Date: Thu, 19 Jun 2025 18:32:17 +0000 (UTC)

X-Spam_score: 10.4

X-Spam_score_int: 104

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hola estimado usuario(a): doctor@doctor.nl2k.ab.ca Se adjunta

su factura electrónica. 892101 serie 219, facturado en 12:32 PM

Content analysis details: (10.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[57.129.62.51 listed in dnsbl.ahbl.org]

[57.129.62.51 listed in dnsbl.ahbl.org]

[57.129.62.51 listed in dnsbl.ahbl.org]

[57.129.62.51 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[57.129.62.51 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[57.129.62.51 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[57.129.62.51 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[57.129.62.51 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[57.129.62.51 listed in will-spam-for-food.eu.org]

[57.129.62.51 listed in will-spam-for-food.eu.org]

[57.129.62.51 listed in will-spam-for-food.eu.org]

[57.129.62.51 listed in will-spam-for-food.eu.org]

[57.129.62.51 listed in will-spam-for-food.eu.org]

[57.129.62.51 listed in will-spam-for-food.eu.org]

[57.129.62.51 listed in will-spam-for-food.eu.org]

[57.129.62.51 listed in will-spam-for-food.eu.org]

0.8 DKIM_ADSP_NXDOMAIN No valid author signature and domain not in DNS

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.5 MR_STRANGE_QUESTION URI: No description available.

2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line length

greater than 79 characters

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 LOTS_OF_MONEY Huge... sums of money

Subject: {SPAM?} Factura Electronica 892101 Serie 219 Adjunta

--054f231437a97e82176df5886339d4c8

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: base64

PGh0bWw+CjxoZWFkPgo8L2hlYWQ+Cjxib2R5Pgo8ZGl2Pgo8cD48YmlnPjxzcGFuIHN0eWxlPSJmb250LXNpemU6IG1lZGl1bTsiPjwvc3Bhbj48L2JpZz48c3Bhbgogc3R5bGU9ImZvbnQtZmFtaWx5OiBWZXJkYW5hLEFyaWFsLEhlbHZldGljYSxzYW5zLXNlcmlmOyBmb250LXNpemU6IG1lZGl1bTsiPkhvbGEKZXN0aW1hZG8gdXN1YXJpbyhhKTombmJzcDs8L3NwYW4+PGJpZwogc3R5bGU9ImZvbnQtd2VpZ2h0OiBib2xkOyI+PHNwYW4KIHN0eWxlPSJmb250LXNpemU6IG1lZGl1bTsiPmRvY3RvckBkb2N0b3Iubmwyay5hYi5jYTwvc3Bhbj48L2JpZz48L3A+CjxwPjxzcGFuCiBzdHlsZT0iZm9udC1mYW1pbHk6IFZlcmRhbmEsQXJpYWwsSGVsdmV0aWNhLHNhbnMtc2VyaWY7IGZvbnQtc2l6ZTogbWVkaXVtOyI+PC9zcGFuPjwvcD4KPHA+PHNwYW4KIHN0eWxlPSJmb250LWZhbWlseTogVmVyZGFuYSxBcmlhbCxIZWx2ZXRpY2Esc2Fucy1zZXJpZjsgZm9udC1zaXplOiBtZWRpdW07Ij5TZQphZGp1bnRhIHN1IGZhY3R1cmEgZWxlY3RyJm9hY3V0ZTtuaWNhLiA4OTIxMDEgc2VyaWUKMjE5LCBmYWN0dXJhZG8gZW4gMTI6MzIgUE08L3NwYW4+PC9wPgo8cD48c3Bhbgogc3R5bGU9ImZvbnQtZmFtaWx5OiBWZXJkYW5hLEFyaWFsLEhlbHZldGljYSxzYW5zLXNlcmlmOyBmb250LXNpemU6IG1lZGl1bTsiPjwvc3Bhbj48L3A+CjwvZGl2Pgo8ZGl2Pgo8cD48c3Bhbgogc3R5bGU9ImZvbnQtZmFtaWx5OiBWZXJkYW5hLEFyaW

FsLEhlbHZldGljYSxzYW5zLXNlcmlmOyBmb250LXNpemU6IG1lZGl1bTsiPjxzcGFuCiBzdHlsZT0iZm9udC1mYW1pbHk6IFZlcmRhbmEsQXJpYWwsSGVsdmV0aWNhLHNhbnMtc2VyaWY7IGZvbnQtc2l6ZTogbWVkaXVtOyI+PHN0cm9uZz5WQUxPUjoKPHNwYW4gc3R5bGU9ImNvbG9yOiByZ2IoMCwgMCwgMCk7Ij4kMzAyLjgwNSwwNDwvc3Bhbj48L3N0cm9uZz48L3NwYW4+PC9zcGFuPjwvcD4KPHA+PHNwYW4KIHN0eWxlPSJmb250LWZhbWlseTogVmVyZGFuYSxBcmlhbCxIZWx2ZXRpY2Esc2Fucy1zZXJpZjsgZm9udC1zaXplOiBtZWRpdW07Ij48c3Bhbgogc3R5bGU9ImZvbnQtZmFtaWx5OiBWZXJkYW5hLEFyaWFsLEhlbHZldGljYSxzYW5zLXNlcmlmOyBmb250LXNpemU6IG1lZGl1bTsiPjxzdHJvbmc+PGJyPgpQREYgRkFDVFVSQSBCSVBIUlhDTyA6PC9zdHJvbmc+IDxhIGhyZWY9Imh0dHBzOi8vdm1pMjY2NDY4My5jb250YWJvc2VydmVyLm5ldC8/X3Rhc2s9bWFpbCZfYWN0aW9uPWdldCZfbWJveD1JTkJPWCZfdWlkPTY4MDYxJl90b2tlbj0xZmYxYTQzNTUwNTBlMGY5OTA5YTcxZDg3ODBkZDIzODc3ZDFiY2RhNjc0N2M5NTRlYjA1ZGUyZGNmYmNkMDc4Jl9wYXJ0PTIuMC45Jl9lbWJlZD0xJl9taW1lY2xhc3M9aW1hZ2UiPlZlcgpmYWN0dXJhIGVuIFBERjwvYT48YnI+Cjxicj4KPHN0cm9uZz5YTUwgRkFDVFVSQSBJU1M1TFZXQiA6PC9zdHJvbmc+IDxhCiBocmVmPSJodHRwczovL3ZtaTI2NjQ2ODMuY29udGF

ib3NlcnZlci5uZXQvP190YXNrPW1haWwmX2FjdGlvbj1nZXQmX21ib3g9SU5CT1gmX3VpZD02ODA2MSZfdG9rZW49MWZmMWE0MzU1MDUwZTBmOTkwOWE3MWQ4NzgwZGQyMzg3N2QxYmNkYTY3NDdjOTU0ZWIwNWRlMmRjZmJjZDA3OCZfcGFydD0yLjAuOSZfZW1iZWQ9MSZfbWltZWNsYXNzPWltYWdlIj5WZXIgZmFjdHVyYSBlbiBYTUw8L2E+PC9zcGFuPjwvc3Bhbj48L3A+CjwvZGl2Pgo8ZGl2PiZuYnNwOzwvZGl2Pgo8ZGl2Pgo8cD5Fc3RlIGVzIHVuIGNvcnJlbyBlbGVjdHImb2FjdXRlO25pY28gYXV0b20mYWFjdXRlO3RpY28uPC9wPgo8L2Rpdj4KPGRpdj4KPHA+PHN0cm9uZz5Bdmlzbzo8L3N0cm9uZz4gU2kgc3UgcGVkaWRvIGNvbnRpZW5lCm0mYWFjdXRlO3MgcHJvZHVjdG9zCmNvbiBlbnRyZWdhcyBpbmRlcGVuZGllbnRlcyBxdWUgbm8gZXN0JmFhY3V0ZTtuIGluY2x1aWRvcyBlbiBlc3RhCkZhY3R1cmEsIGVzcGVyZSBlbCBlbnYmaWFjdXRlO28gcG9zdGVyaW9yLjwvcD4KPC9kaXY+CjxwPjxlbT5OTyBSRVNQT05EQSBBIEVTVEUgQ09SUkVPIEVMRUNUUk9OSUNPPC9lbT48L3A+CjwvYm9keT4KPC9odG1sPg==

--054f231437a97e82176df5886339d4c8--

Keyword stuffing spam from Google Gmail

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 14:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSLdR-00000000DuZ-3McC

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 14:13:21 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 14:13:21 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pg1-f182.google.com ([209.85.215.182]:45118)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSIop-00000000A6O-0zO6

for doctor@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 11:13:02 -0600

Received: by mail-pg1-f182.google.com with SMTP id 41be03b00d2f7-b0b2d0b2843so728971a12.2

for ; Thu, 19 Jun 2025 10:11:02 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1750353056; x=1750957856; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=AX0t3iUzTK+K6gaJ58iDR+r/J1qCtx55Zn3NHb2+Ecs=;

b=fe+hegKP7GezFFHJ8xOq3ddkVdnAI1OIgsw4JWjpXHAD/EE6B4wP7SZHOdTT5mZiLY

vMAri8PkaPCPpGYGINmvQ4EPK2tndCGWnn4AeUsoHhCk28b9v8WZ2Vesq4w/TI+zPYs6

yfEcEWRPsGYNL9yW3j1IvNhYDorTKZ5Uz+HGaZ82OkUnaARcknvpDW39Y5MUtkZABMyn

u1MNKQXuk9flOrA1reVNhR1q/SEbrC7pn3/byTbrkvyw80qeN2SDT464L7NB46SIWV5E

WWDSBCupYNihNLpG1Yml1N7wtkPyeFAd6iXIjlMCYX/PHuKrLhIhGOBACLkiB+z5ygnW

wi3g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1750353056; x=1750957856;

h=to:subject:message-id:date:from:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=AX0t3iUzTK+K6gaJ58iDR+r/J1qCtx55Zn3NHb2+Ecs=;

b=ke4FdUK+ih2xzpuo8VkBBM1w4Nf6JNgTYP8gwzbrRh91lozmfdcSQH26V1Dx2nDlZR

aJyWCqXlhvOWxRJU0RILycLZPVUvi+4S1uHalG7TXhjUE+vRx5p8FasmY1APiyOWdvA4

7G4yU0QyzHzYVSOLvrIq5L18EpzhdtNCq/yzFBsZa7IrzWh9VOzAU/E9a8OGoin5wkNS

B9J8Tl3/C6UQDCxvHP3lhCoXGBtPL8cKO+VQAZgmiQKQg440P23mzQy7/CUK9LTA5YEv

Fe+ZdYjnoBaPNm23j+EqMQU28CYcnS6GM0Inc5a5PE3xJWGcqCflA0VdQKIL21lsLuAz

sRhQ==

X-Forwarded-Encrypted: i=1; AJvYcCXuZsmFIXNFMY8URPE39XLySFdrBjRzfKdF5RoRMcIqO3w19/FJsKPwJTpxjooGhVsqKrUGOb4=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YzBinxxhJtp562JiTVBeAzp4N2jAkwX8KDyD5z8sbaMy0dhoJsr

VcCmux7EV+nhqtQVLccnkDQKykCg3UiNUaQ2/282gAEP+ymI9Ti+yjPEdpiLMKSlyx0suOE1gs7

noZQy/UkohXC9qVPZ9hTQrgKgUweMSfM=

X-Gm-Gg: ASbGnct1exi5M6XP5m08FLLnKpgodTuVAPVSBpf3jbG26PjZzPXy2srcEtMi1+sDIB5

2vWhcQsU6LpaNF4xj1+WeMJYO/8WOIxEV0Ky3XfsUaQiqbO28O1y2iDUVCjifmR2a8K6MjwEYie

I8IJOWbYnJhmlt5yMKdTAKtQC5M3z7VA3XMw99cxfThJ5ZdtjSj5oyXz2owm9Xbna562+LQ2cKM

OZ2iA==

X-Google-Smtp-Source: AGHT+IEh02K2SR9cmBVNRcjiIfh3RLo9r/3ncwbeNDsPc/1FcAu354muNp96wBbS/rpd82tACN5ueFxsVNhbQ1y+5J4=

X-Received: by 2002:a17:90a:e185:b0:312:e6f1:c05d with SMTP id

98e67ed59e1d1-3159d62abb2mr60661a91.2.1750353055269; Thu, 19 Jun 2025

10:10:55 -0700 (PDT)

MIME-Version: 1.0

From: Jza ayudar a Jza a ganar millones siempre cada dia

Date: Thu, 19 Jun 2025 19:10:43 +0200

X-Gm-Features: AX0GCFt1IKmjDPfm2D2KDUvw7yb0ArtpYJIa1Z6UrgfeoVEl6WmT2ioSJvswRFs

Message-ID:

Subject: solve, solve, resolve, repair, fix, compose, remedy, conclude,

satisfy, arbitrate, amend, straighten, perfect, decide, settle, correct,

save. help, auxiliary, assist, protect, help, support, second, protect,

defend, reinforce, favor, encourage, promote, collaborate, cooperate,

contribute, mediate, influence, contribute, subsidize, subsidize, sponsor,

alleviate, remedy, support, finance, donate, alleviate lend a shoulder, lend

a hand, extend a hand, lend a helping hand, lend a cape, go to one, help the

square We want absolute peace, silence, to enjoy our rights and freedoms.

solucionar, solventar, resolver, reparar, arreglar, componer, remediar,

concluir, satisfacer, arbitrar, enmendar, enderezar, perfeccionar, decidir,

zanjar, corregir, salvar. ayudar, auxiliar, asistir, amparar, socorrer,

apoyar, secundar, proteger, defender, reforzar, favorecer, fomentar,

impulsar, colaborar, cooperar, coadyuvar, mediar, influir, contribuir,

subvenir, subvencionar, patrocinar, paliar, remedia...

To: bedmonds@cs.ubc.ca, cfortier@videotron.ca, agomory@bcr.bc.ca,

d.cox@sk.sympatico.ca, bbastien@videotron.ca, daliaga@ucalgary.ca,

bigr@direct.ca, alain.martineau@ccr.hydro.qc.ca, aboivinfilion@ubisoft.qc.ca,

alsandorz@netcom.ca, coffee_901562700@daisy.uwaterloo.ca, cfaasen@sprint.ca,

cole64@sprint.ca, aa443@chebucto.ns.ca, cden.hammond@sympatico.ca,

dalemc@nbnet.nb.ca, camelot@sprint.ca, cklmaj@idirect.ca, cbridgma@netcom.ca,

cems@sprint.ca, cheanchhoun@sprint.ca, chris.carveth@cgi.ca,

coffee_900957901@daisy.uwaterloo.ca, cdcprods@isys.ca,

brent.eldstrom@sk.sympatico.ca, al442@freenet.carleton.ca, bert@admicro.bc.ca,

archang@sfu.ca, dahlc@direct.ca, aeglauer@eba.ca, ada@sk.sympatico.ca,

coulombe-a@immedia.ca, catalyst@direct.ca, brt@nbnet.nb.ca,

chefbernards@cyberlink.bc.ca, auction@debug.ca, asaunder@netcom.ca,

bsmarjan@calcna.ab.ca, aj083@freenet.carleton.ca, ad013@sfn.saskatoon.sk.ca,

csalter@chat.carleton.ca, cpdohert@csclub.uwaterloo.ca,

ag384@freenet.carleton.ca, csnco@sprint.ca, alfkid@videotron.ca,

alopez-o@daisy.uwaterloo.ca, clewis@ferret.ocunix.on.ca,

crooks.mechanical@ns.sympatico.ca, akeller@uvic.ca,

b5hzgate.35bbe95a.1298@bnr.ca, bbowman@julian.uwo.ca, apwilson@storm.ca,

aa325@pgfn.bc.ca, dan@multicorpora.ca, blnmckay@direct.ca, daleyj@nbnet.nb.ca,

adam.johnston@sympatico.ca, awatt@triton.bc.ca, coaxial@escape.ca,

dagbrown@calum.csclub.uwaterloo.ca, d.peters@sympatico.ca,

andrew_burkett@pch.gc.ca, alam@bnr.ca, ben_marzouk@ville.montreal.qc.ca,

compcare@wchat.on.ca, css@access.wave.ca, alayton@videotron.ca,

atkinson@cryston.ca, aaron@3d.ca, bonwitt@escape.ca, cstanley@direct.ca,

charronp@videotron.ca, ag414@freenet.carleton.ca, bliengme@stfx.ca,

daniel.rivard@cgocable.ca, ae@play.psych.mun.ca, cosmo@nbnet.nb.ca,

aarnott@is.dal.ca, ab616@chebucto.ns.ca, chasede@nbnet.nb.ca,

charlene@sprint.ca, andrew.currie@sympatico.ca, beay@sympatico.ca,

benw@netcom.ca, christineb@sprint.ca, csmith@stellar.bc.ca, abz@videotron.ca,

crawshaw@a1.lethbridgec.ab.ca, cpatterson@fanshawec.on.ca, ak764@ncf.ca,

ceph@is.dal.ca, antonio.castro@pwgsc.gc.ca, brault.simon@ic.gc.ca,

cadtech@sympatico.ca, allen@sd71.bc.ca, amit@wiznet.ca, arnoldp@direct.ca,

calderb@nbnet.nb.ca, bgreer@videotron.ca, ab496@freenet.carleton.ca,

dgermain@videotron.ca, dave.cole@ns.sympatico.ca, info@zed.ca,

fidik@netcom.ca, jlaine@sprint.ca, grcm@videotron.ca, eric_briere@dmr.ca,

jing.duan@utoronto.ca, dicksc@wmhc1.moh.gov.on.ca, ghallick@escape.ca,

gwlhpu@weston.ca, jcaverly@sympatico.ca, jmerry@is.dal.ca,

jfmartin@sympatico.ca, e2g@knot.queensu.ca, ian.blair@dal.ca,

docmaster@connect.ab.ca, francisc@videotron.ca, david.shapiro@mah.gov.on.ca,

jiangyao@sprint.ca, david.spacek@utoronto.ca, jiff@engsoc.carleton.ca,

delrey@videotron.ca, djones@insight.mcmaster.ca, jgbennie@vcn.bc.ca,

jfmezei@videotron.ca, info@vec.bc.ca, golden_bridge@cyberus.ca,

ecasanas@sprint.ca, jle@videotron.ca, hislop@eba.ca, daniel@optc.ca,

glitwiller@sprint.ca, dartn4u@sprint.ca, formcn@videotron.ca, giom@istar.ca,

gerryb@netcom.ca, darryl.johnson@nlc-bnc.ca, jinxu@sprint.ca,

darryl.friesen@usask.ca, jerrytrudeau@sprint.ca, elnomis@videotron.ca,

jespur@recorder.ca, david@fundy.ca, delta@nbnet.nb.ca, jharnett@nrcan.gc.ca,

ellsworths@transcontinental.ca, draine@direct.ca, fehlerd@admin.gmcc.ab.ca,

jmgeldar@mccain.ca, goldstn@cc.umanitoba.ca, jmbeauch@sympatico.ca,

jkapica@globeandmail.ca, jhasting@sk.sympatico.ca, fidelis@netcom.ca,

gvautour@nb.sympatico.ca, jdhhdh@sk.sympatico.ca, jauvane@mcrlab.uottawa.ca,

hal@air.on.ca, igm5@malun1.mala.bc.ca, giasson@oricom.ca,

jlaurin@sympatico.ca, gspicer@dymaxion.ca, greg.murphy@cac.gc.ca,

gmiles@escape.ca, jeffremg@ednet.ns.ca, devotee@istar.ca, jc5@bcarh8ab.bnr.ca,

dharvey@lgs.ca, dave0@nbnet.nb.ca, jmquinn@sfu.ca, david@mindlink.bc.ca,

dlewis@bis.on.ca, gloucks@tti.bc.ca, dguo@erin.utoronto.ca,

eric.lizotte@collegeahuntsic.qc.ca, dwpayne@watserv1.uwaterloo.ca,

ddragan@istar.ca, dmarch@cmac.ca, gordon.mackenzie@pwgsc.gc.ca,

intequip@direct.ca, jason_janes@ail.ca, ecogestion@sympatico.ca,

jiv@cs.usask.ca, donfleming@cbc.ca, doctor@doctor.nl2k.ab.ca,

dr144@freenet.carleton.ca, infotech@interlinx.qc.ca, georgejoseph@sprint.ca,

george.carmichael@ualberta.ca, dwkleung@direct.ca, jclemond@uottawa.ca,

jhattayer@sprint.ca, jcobban@bnr.ca, denislola@videotron.ca, gapope@vcn.bc.ca,

ihate_spam@nbnet.nb.ca, foamy@sprint.ca, inwade@acs.ucalgary.ca,

eallis@cor.cphotels.ca, mill9@sprint.ca, nobody@nowhere.ca,

mlemorvan@pacificmetals.bc.ca, kellysh@connect.ab.ca,

jvm.howlett@sympatico.ca, kpeterso@health.gov.sk.ca, k7v@bcarh8ab.bnr.ca,

lmott@npiec.on.ca, merritt.robert@sbe.saskatoon.sk.ca, lshier@almega.sk.ca,

nfowler@freenet.hamilton.on.ca, jwct@magma.ca, jshaw@ns.sympatico.ca,

lmgagne@videotron.ca, jon@datatek.on.ca, lawrenca@unixg.ubc.ca,

nant@videotron.ca, mivk@sprint.ca, maubin@videotron.ca, npearce@vercom.ca,

mcquiggi@sfu.ca, mjfrechette@videotron.ca, michaellee@sprint.ca,

mm98au@badger.ac.brocku.ca, mfry@sprint.ca, mejsmith@netcom.ca,

jrsmith@sprint.ca, laser@idirect.ca, mbiemans@netcom.ca, kend@isys.ca,

jymontigny@icqbdq.qc.ca, justink@sk.sympatico.ca, nospam@nexxus.bc.ca,

louis.tetreault@irap.nrc.ca, mouse@rodents.montreal.qc.ca, kanhu@cs.sfu.ca,

nazard@man-assoc.on.ca, khopkins@intersoft.bc.ca, operator@escape.ca,

mcampb@netcom.ca, mclv@musica.mcgill.ca, mauricefecu@sprint.ca,

neilwh@direct.ca, kirkhanneson@aec.ca, john.meeuwisse@telonix.ca,

marketing@y2000.on.ca, lemayf@istar.ca, macarthunospam@nbnet.nb.ca,

maestro@maple.ca, macarthu@nbnet.nb.ca, mike.mella@pei.sympatico.ca,

jtiefenb@uoguelph.ca, mburke@escape.ca, jtrudel@mediom.qc.ca,

lankb@sk.sympatico.ca, nprimrose@focus.ca, kpinks@nb.sympatico.ca,

kaos@freenet.edmonton.ab.ca, jobe@virtuel.qc.ca, jwaisvisz@intranet.ca,

mreinhart@oag.ab.ca, marshall@vianet.on.ca, lwilkins@rongenet.sk.ca,

landry.robert@ic.gc.ca, maibee@istar.ca, nestor@ece.concordia.ca,

nerak@ucalgary.ca, maryann.mcinerney@jus.gov.on.ca, mkruk@netcom.ca,

mscott@nospam.ca, m@js.ca, kbmunkholm@kimcocontrols.bc.ca,

lowey@duke.usask.ca, mrskippy@videotron.ca, magnolia@rogers.wave.ca,

mdm117@mail.usask.ca, p_gill@alcor.concordia.ca, massicot@yorku.ca,

mwalsh@avalon.nf.ca, mavrovic@ivic.qc.ca, jocelyn_drolet@uqtr.uquebec.ca,

nrivest@sympatico.ca, mikebird@cwconnect.ca, nicolas.payette@cum.qc.ca,

mgallagh@direct.ca, oljole.babaski@sympatico.ca, marc.gaudet@pei.sympatico.ca,

kenviv@sprint.ca, mallan@compusmart.bc.ca, mcharl5@po-box.mcgill.ca,

keithm@polarnet.ca, mrhs@sprint.ca, mill8@sprint.ca,

microtask@ns.sympatico.ca, larso@gpu.srv.ualberta.ca, kzhang@sprint.ca,

kbertsch@sprint.ca, noriskbiz@sprint.ca, macarthuno_spam@nbnet.nb.ca,

jonathangr@videotron.ca, petc01@racj.gouv.qc.ca,

serge.dussault@ramq.gouv.qc.ca, sbolton@nbnet.nb.ca, slyaskiw@escape.ca,

sam@sam.ca, pine.sol.3.91.980712130236.26008a-100000@pollux.cc.umanitoba.ca,

paul.patterson@wcb.ab.ca, potam@videotron.ca, sandraw@corel.ca,

rcvoutie@mccain.ca, peter.woo@hydro.on.ca, secretariat.lwcb@ec.gc.ca,

pine.gso.3.95.ib1.0.981026212248.22193b-100000@halifax.chebucto.ns.ca,

stephen.goulet@cgi.ca, pvillema@mda.ca,

pine.sol.3.96.980726174153.10363a-100000@muss.cis.mcmaster.ca,

smho@interchange.ubc.ca, snelgrov@computan.on.ca, strachan@istar.ca,

phil.normand@sympatico.ca, rmartin@direct.ca, sherwood@space.ualberta.ca,

pledge@agc.bio.ns.ca, perseus@direct.ca, ridha.zmitri@videotron.ca,

sejubinv@acs5.acs.ucalgary.ca, peterkat@direct.ca, paul@pelyco.ca,

perkindj@muss.cis.mcmaster.ca, sewell@nortel.ca, seager@scar.utoronto.ca,

robert@circom.bc.ca, pierre_sauvageau@pch.gc.ca, smehlitz@urban.nb.ca,

pierobon@netcom.ca, petera@bnr.ca, spamrkinders@webdirect.ca,

real@freenet.edmonton.ab.ca, sandy@murdocks.on.ca,

pine.gso.3.95.ib1.0.990329193132.27477a-100000@halifax.chebucto.ns.ca,

richards@ucalgary.ca, sjmuelle@acs.ucalgary.ca, pmb124@mail.usask.ca,

pierreg@crt.umontreal.ca,

pine.gso.3.95.ib1.0.990313205448.8127b-100000@halifax.chebucto.ns.ca,

rschubrink@sprint.ca, tah@eagle.ca,

pine.gso.3.95.ib1.0.990313213417.8127j-100000@halifax.chebucto.ns.ca,

salasidis@medcor.mcgill.ca, patg@9bit.qc.ca, teban@powersonic.bc.ca,

rslade@sprint.ca, renaust@jsp.umontreal.ca, swilcock@tso.on.ca,

patricky@sprint.ca, spetschu@sfu.ca, pbascomb@direct.ca,

rag_and_bone@intranet.ca, plovell@unb.ca, sungyle@rogers.wave.ca,

pine.gso.3.95.ib1.0.990223215902.20937e-100000@halifax.chebucto.ns.ca,

pine.osf.3.96.980728014819.32553b-100000@alcor.concordia.ca,

sjdickson@sprint.ca, rguillas@nrn1.nrcan.gc.ca, smiths@acs.ucalgary.ca,

sysint@istar.ca, rhuisman@compusmart.ab.ca, paulduss@webnet.qc.ca,

popov@videotron.ca, register@freenet.edmonton.ab.ca, robincou@nortel.ca,

pringlmm@mcmaster.ca, santonef@aecl.ca,

pine.osf.3.96.981016180846.14245a-100000@alcor.concordia.ca,

r.bolducnospam@videotron.ca,

pine.lnx.3.95.ib1.0.980907183248.12711b-100000@strider.pgfn.bc.ca,

shelagh@sprint.ca,

pine.lnx.3.95.ib1.0.980908103941.9464a-100000@strider.pgfn.bc.ca,

sean.ramsay@pwgsc.gc.ca, paul.rowntree@courrier.usherb.ca, support@atitech.ca,

pine.gso.3.95.ib1.0.990425213600.23871d-100000@halifax.chebucto.ns.ca,

plomp_r@region.durham.on.ca, sladouceur@on.bell.ca,

rbthomas@freenet.edmonton.ab.ca, pronost@sprint.ca, sofienne.bahri@bell.ca,

sfitzpatrick@ccmc.nf.ca, tbalint@cyberus.ca,

pine.gso.3.95.ib1.0.990225223353.2998f-100000@halifax.chebucto.ns.ca,

svsd18@sk.sympatico.ca,

pine.gso.3.95.ib1.0.990225222110.2998d-100000@halifax.chebucto.ns.ca,

tarasco@magma.ca, scottd@nbnet.nb.ca, p_katopo@alcor.concordia.ca,

pamela_martin@maritimelife.ca,

pine.gso.3.95.ib1.0.990314195135.10931a-100000@halifax.chebucto.ns.ca,

sstephen@art.ca, ra_forti@alcor.concordia.ca, sgauvin@lgs.ca,

vey.cathy@ns.sympatico.ca, yyhansen@sk.sympatico.ca, tina@ns.sympatico.ca,

tom@fundy.ca, yi@cs.mun.ca, webmaster@icomm.ca, yk.tang@utoronto.ca,

veltri@netcom.ca, tmellon@videotron.ca, wannand@rogers.wave.ca,

terrence.branscombe@gems8.gov.bc.ca, vi.hong.tran@space.gc.ca,

umbaumin@cc.umanitoba.ca, tfarrelly@bryston.ca, valoczy@vcn.bc.ca,

titus@phys.ucalgary.ca, vma@ecn.mb.ca, zoltan@netcom.ca, xcormacka@optel.ca,

vvp@netcom.ca, viaust@rmoc.on.ca, yu214952@yorku.ca, vine@nbnet.nb.ca,

vautour@unb.ca, turcottef@transcontinental.ca, univers@umg.ca, watts-l@rmc.ca,

tquach@uwaterloo.ca, xiaoyan@cs.mcgill.ca, vtran@shoppersdrugmart.ca,

xxxexplorer@sprint.ca, wardall@videotron.ca, zick@videotron.ca,

vmt045@gov.nb.ca, umprasek@cc.umanitoba.ca, thenige@sprint.ca,

wookie@freenet.mb.ca, titus@enel.ucalgary.ca, warren_trumpour@pancanadian.ca

Content-Type: multipart/alternative; boundary="000000000000174cdf0637efd485"

X-Spam_score: 6.3

X-Spam_score_int: 63

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: solve, solve, resolve, repair, fix, compose, remedy, conclude,

satisfy, arbitrate, amend, straighten, perfect, decide, settle, correct,

save. help, auxiliary, assist, protect, help, support, second, p [...]

Content analysis details: (6.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.215.182 listed in dnsbl.ahbl.org]

[209.85.215.182 listed in dnsbl.ahbl.org]

[209.85.215.182 listed in dnsbl.ahbl.org]

[209.85.215.182 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.215.182 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.215.182 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.215.182 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.215.182 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.215.182 listed in will-spam-for-food.eu.org]

[209.85.215.182 listed in will-spam-for-food.eu.org]

[209.85.215.182 listed in will-spam-for-food.eu.org]

[209.85.215.182 listed in will-spam-for-food.eu.org]

[209.85.215.182 listed in will-spam-for-food.eu.org]

[209.85.215.182 listed in will-spam-for-food.eu.org]

[209.85.215.182 listed in will-spam-for-food.eu.org]

[209.85.215.182 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.215.182 listed in list.dnswl.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.215.182 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ayudarahacerestostp(at)gmail.com]

0.0 HTML_MESSAGE BODY: HTML included in message

1.5 VOWEL_TOCC_6 To or Cc header with 6 consecutive vowels

Subject: {SPAM?} solve, solve, resolve, repair, fix, compose, remedy, conclude,

satisfy, arbitrate, amend, straighten, perfect, decide, settle, correct,

save. help, auxiliary, assist, protect, help, support, second, protect,

defend, reinforce, favor, encourage, promote, collaborate, cooperate,

contribute, mediate, influence, contribute, subsidize, subsidize, sponsor,

alleviate, remedy, support, finance, donate, alleviate lend a shoulder, lend

a hand, extend a hand, lend a helping hand, lend a cape, go to one, help the

square We want absolute peace, silence, to enjoy our rights and freedoms.

solucionar, solventar, resolver, reparar, arreglar, componer, remediar,

concluir, satisfacer, arbitrar, enmendar, enderezar, perfeccionar, decidir,

zanjar, corregir, salvar. ayudar, auxiliar, asistir, amparar, socorrer,

apoyar, secundar, proteger, defender, reforzar, favorecer, fomentar,

impulsar, colaborar, cooperar, coadyuvar, mediar, influir, contribuir,

subvenir, subvencionar, patrocinar, paliar, remedia...

--000000000000174cdf0637efd485

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

solve,

solve, resolve, repair, fix, compose, remedy, conclude, satisfy, arbitrate,

amend, straighten, perfect, decide, settle, correct, save.

help,

auxiliary, assist, protect, help, support, second, protect, defend,

reinforce, favor, encourage, promote, collaborate, cooperate, contribute,

mediate, influence, contribute, subsidize, subsidize, sponsor, alleviate,

remedy, support, finance, donate, alleviate

lend a shoulder, lend a hand, extend a hand, lend a helping hand, lend a

cape, go to one, help the square

We want absolute peace, silence, to enjoy our rights and freedoms.

solucionar,

solventar, resolver, reparar, arreglar, componer, remediar, concluir,

satisfacer, arbitrar, enmendar, enderezar, perfeccionar, decidir, zanjar,

corregir, salvar.

ayudar,

auxiliar, asistir, amparar, socorrer, apoyar, secundar, proteger, defender,

reforzar, favorecer, fomentar, impulsar, colaborar, cooperar, coadyuvar,

mediar, influir, contribuir, subvenir, subvencionar, patrocinar, paliar,

remediar, sostener, costear, donar, aliviar

arrimar el hombro, echar una mano, tender la mano, echar un cable, echar un

capote, ir a una, socorrer la plaza

Queremos paz absoluta, silencio, disfrutar de nuestros derechos y

libertades.

Hacer la lista entera de las, los funcionarios y trabajadores de

ayuntamientos nos han acusado, demandado y endosado a sus delincuentes o

casos dif=C3=ADciles a todos ellos, ellas, funcionarios/as, acusadores, y =

lo

que han endosado a demandas o denuncias, COBRARLES, DESMENTIRLES,

REBATIRLES, OBJETARLES, OPONERSE, REPLICARLES, IMPUGNARLES.Q

Vuelvo a repetir que en mi red wifi pongo respetar paredes, suelos, techos,

prohibir, trlepatias, telequipie, no conocemos a los funcionarios, a lo que

endosan, ni a sus acusadores, todo lo que han demandado o denunciado es

denuncia falsa, demanda sin respaldo legal, sin pruebas etc.

Hacer la lista entera de los y las que est=C3=A1n pidiendo, demandando, qu=

e les

defiendan con mis textos, o que piden ser, cobrarles. No pueden estar

pasando sus problemas gratis. Cobrarles. Todo eso no est=C3=A1 respaldado p=

or la

constituci=C3=B3n y no deben bulnerar nuestros derechos libertades y tiempo=

.

Ayudar a ella, ayudar a la m=C3=A1s guapa, dar, defender, ayudar a la de mi

seleccion, dar.

https://photos.app.goo.gl/P3GHc9HLyztEG9qY6

https://photos.app.goo.gl/xKRzeMDYFViDgyGs5

Silencio, calma, tranquilidad, paz, silencio absoluto en este mapa

https://photos.app.goo.gl/Sn6631x7sM4coKBCA

Time to turn up the music, make the prettiest single women on my social

media laugh, make jokes about all the prettiest single women, until they're

laughing nonsto with.. Jza.

Defend ourselves by charging every accuser.... Jza.

https://photos.app.goo.gl/L2pQbAzxJg8jMcV71A

https://1drv.ms/w/c/9a947f082b9e1612/ET9BEi3mf5pIrqD-Qd1PtTkBVa_jWRad19B2-8=

xtqagB1Q?e=3DP1pALA

Defend ourselves by charging every accuser.

Momento de subir el volumen de la musica, de hacer reir a las solteras mas

guapas de mis redes sociales, de hacer los chistes de todas las solteras

mas guapas, hasta que se rian sin parar con....Jza.

https://photos.app.goo.gl/L2pQAzxJg8jMcV71A

https://1drv.ms/w/c/9a947f082b9e1612/ET9BEi3mf5pIrqD-Qd1PtTkBVa_jWRad19B2-8=

xtqagB1Q?e=3DP1pALA

Defendernos cobrando a todo acusador.

https://youtu.be/8Tk9IERWa2s?si=3DyuA_maRyFWr_LLxf

https://youtu.be/4-_5RiOFwyg?si=3DNG0FM9WzeARmkCfp

Dar para recibir, dar esto a toda persona que nos haya pedido algo,

ayudarles a darnos, ayudarles a dar lo que necesitamos, ayudarles a

indemnizar, reparar, resarcir, que es la unica salida si estas atrapado a

derecho.

Give to receive, give this to everyone who has asked us for something, help

them give to us, help them give what we need, help them compensate, repair,

and make amends, which is the only way out if you are trapped by law..

https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:2c062794-6bb3-4d48-a354-c971=

181260e0

--000000000000174cdf0637efd485

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

solve,=C2=A0

sol=

ve, resolve, repair, fix, compose, remedy, conclude, satisfy, arbitrate, am=

end, straighten, perfect, decide, settle, correct, save.

uto">help,

auxiliary, assist, protect, help, support=

, second, protect, defend, reinforce, favor, encourage, promote, collaborat=

e, cooperate, contribute, mediate, influence, contribute, subsidize, subsid=

ize, sponsor, alleviate, remedy, support, finance, donate, alleviate

<=

div dir=3D"auto">lend a shoulder, lend a hand, extend a hand, lend a helpin=

g hand, lend a cape, go to one, help the square

We w=

ant absolute peace, silence, to enjoy our rights and freedoms.

r=3D"auto">

solucionar,=C2=A0

uto">solventar, resolver, reparar, arreglar, componer, remediar, concluir, =

satisfacer, arbitrar, enmendar, enderezar, perfeccionar, decidir, zanjar, c=

orregir, salvar.

ayudar,

auxi=

liar, asistir, amparar, socorrer, apoyar, secundar, proteger, defender, ref=

orzar, favorecer, fomentar, impulsar, colaborar, cooperar, coadyuvar, media=

r, influir, contribuir, subvenir, subvencionar, patrocinar, paliar, remedia=

r, sostener, costear, donar, aliviar

arrimar el homb=

ro, echar una mano, tender la mano, echar un cable, echar un capote, ir a u=

na, socorrer la plaza

Queremos paz absoluta, silenci=

o, disfrutar de nuestros derechos y libertades.

Hace=

r la lista entera de las, los funcionarios y trabajadores de ayuntamientos =

nos han acusado, demandado y endosado a sus delincuentes o casos dif=C3=ADc=

iles a todos ellos, ellas,=C2=A0 funcionarios/as, acusadores, y lo que han =

endosado a demandas o denuncias, COBRARLES, DESMENTIRLES, REBATIRLES, OBJET=

ARLES, OPONERSE, REPLICARLES, IMPUGNARLES.Q

Vuelvo a=

repetir que en mi red wifi pongo respetar paredes, suelos, techos, prohibi=

r, trlepatias, telequipie, no conocemos a los funcionarios, a lo que endosa=

n, ni a sus acusadores, todo lo que han demandado o denunciado es denuncia =

falsa, demanda sin respaldo legal, sin pruebas etc.

=

=C2=A0Hacer la lista entera de los y las que est=C3=A1n pidiendo, demandand=

o, que les defiendan con mis textos, o que piden ser, cobrarles. No pueden =

estar pasando sus problemas gratis. Cobrarles. Todo eso no est=C3=A1 respal=

dado por la constituci=C3=B3n y no deben bulnerar nuestros derechos liberta=

des y tiempo.

Ayudar a e=

lla, ayudar a la m=C3=A1s guapa, dar, defender, ayudar a la de mi seleccion=

, dar.

yztEG9qY6">https://photos.app.goo.gl/P3GHc9HLyztEG9qY6

"auto">https://phot=

os.app.goo.gl/xKRzeMDYFViDgyGs5

Silencio, calma,=

tranquilidad, paz, silencio absoluto en este mapa

<=

a href=3D"https://photos.app.goo.gl/Sn6631x7sM4coKBCA">https://photos.app.g=

oo.gl/Sn6631x7sM4coKBCA

to">Time to turn up the music, make the prettiest single women on my social=

media laugh, make jokes about all the prettiest single women, until they&#=

39;re laughing nonsto with.. Jza.

Defend ourselves b=

y charging every accuser.... Jza.

/photos.app.goo.gl/L2pQbAzxJg8jMcV71A">https://photos.app.goo.gl/L2pQbAzxJg=

8jMcV71A

=C2=A0

=3D"https://1drv.ms/w/c/9a947f082b9e1612/ET9BEi3mf5pIrqD-Qd1PtTkBVa_jWRad19=

B2-8xtqagB1Q?e=3DP1pALA">https://1drv.ms/w/c/9a947f082b9e1612/ET9BEi3mf5pIr=

qD-Qd1PtTkBVa_jWRad19B2-8xtqagB1Q?e=3DP1pALA=C2=A0

o">Defend ourselves by charging every accuser.

<=

/div>

Momento de subir el volumen de la musica, de hacer r=

eir a las solteras mas guapas de mis redes sociales, de hacer los chistes d=

e todas las solteras mas guapas, hasta que se rian sin parar con....Jza.
iv>

">https://photos.app.goo.gl/L2pQAzxJg8jMcV71A

=

=C2=A0

12/ET9BEi3mf5pIrqD-Qd1PtTkBVa_jWRad19B2-8xtqagB1Q?e=3DP1pALA">https://1drv.=

ms/w/c/9a947f082b9e1612/ET9BEi3mf5pIrqD-Qd1PtTkBVa_jWRad19B2-8xtqagB1Q?e=3D=

P1pALA=C2=A0

Defendernos cobrando a todo acusado=

r.

maRyFWr_LLxf">https://youtu.be/8Tk9IERWa2s?si=3DyuA_maRyFWr_LLxf

<=

div dir=3D"auto">
Cfp">https://youtu.be/4-_5RiOFwyg?si=3DNG0FM9WzeARmkCfp

=3D"auto">

Dar para recibir, dar esto a toda per=

sona que nos haya pedido algo, ayudarles a darnos, ayudarles a dar lo que n=

ecesitamos, ayudarles a indemnizar, reparar, resarcir, que es la unica sali=

da si estas atrapado a derecho.=C2=A0

dir=3D"auto">Give to receive, give this to everyone who has asked us for s=

omething, help them give to us, help them give what we need, help them comp=

ensate, repair, and make amends, which is the only way out if you are trapp=

ed by law..

ttps://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:2c062794-6bb3-4d48-a354-c9711=

81260e0">https://acrobat.adobe.com/id/urn:aaid:sc:VA6C2:2c062794-6bb3-4d48-=

a354-c971181260e0

--000000000000174cdf0637efd485--

Web/SEO/App Spam from Google Gmail

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 10:19:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSHy6-000000001BS-1vVv

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 10:18:26 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 10:18:26 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yw1-f200.google.com ([209.85.128.200]:44276)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSEfT-00000000LkO-3boX

for sales@nk.ca;

Thu, 19 Jun 2025 06:47:07 -0600

Received: by mail-yw1-f200.google.com with SMTP id 00721157ae682-7111ff9f2d4so9527147b3.0

for ; Thu, 19 Jun 2025 05:45:05 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=digitalmarketingservices.site; s=google; t=1750337100; x=1750941900; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=0tFzX9VuY1/cUfpw7lKbPHaB0wS3d8XWd0d7I4u3F5k=;

b=BCUnbcG2JaE3ZdMlU3cu3k3uCENoRZtkksj5J/8kFDnDTljGDOqWQ+VDNcdT8LBHf/

izlwKQfuOSBGBVUOD9xZC4/GnTCVlvAxDHaBDlb/fv0feKMua9G21tT8qZCm8IrcX/iz

EzPf6G3IED1I8/+kR7G+b4i09Kp1Dj4G5fG4vBLiqC/yqcGPz990/5e4PTV7oUYM8pOx

AqO+3FdmOV2kINA7PCVe7dt97l4slSjUjPXLEmPJWckTpIeA5Io6c1wGS9Phz7poRNyg

K3tX7ROLkRq4TOlIIw7DcQ6XHV3LVU9LynfXPvz6QCy3pY7Tk3+KuhEi37xE/rVtN5q7

LA5A==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1750337100; x=1750941900;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=0tFzX9VuY1/cUfpw7lKbPHaB0wS3d8XWd0d7I4u3F5k=;

b=xIRywHXS9E9EUFILcmJTKhs9Z5wbeqRCZiDbVIG5T92iPvd/bx/FhLSeHURhrRACBI

DgEEgiR5y9OUWq8bctKqmz6Cyi/OZfMKTzkayCdee16e7qbetuSNVTyrUY3XreRbbUos

vgZA6I2H6zxQSAFhGDPZKBFtjkrNzQ3uR/aq99BmO3DxzylUbPVgDVVRMUbfmaNqkb/a

WN3zzRv2fbJDDZR5yrxrReWJ//vWaQPu9Dzlyg5mlznILjUCbnYKnypZYAOyqitit4Fr

Nf8MJUkdU/iZQHQ9C95uJtaSBhlXW3MI7FfO/7fVpNEZTImPGKYxaOLLgwIowdcKL3YB

L8VQ==

X-Gm-Message-State: AOJu0YwgqBOMitfZfCKmpplWOYHXdfjr2+wzvH5WPGjqxS/yYhgonok8

1xZ6iYlRfhhDmlJZeEMilGoALrF+ybwcWOBaWsnEpb4BetEsGk7+Q/BIQHHw1Rb3tcThBABNgbk

9lUwozhObMLa9vFJTQSKihw==

X-Google-Smtp-Source: AGHT+IH42M3vDGteCsXU+A62Ne1FRj1h5OyIymOpqjFddZ4xlPqLewfVlpzTqhG6uB9dUAmGbYl+KGD+MQ==

MIME-Version: 1.0

X-Received: by 2002:a05:690c:7447:b0:70d:f237:6a6a with SMTP id

00721157ae682-71175397ce0mr334496577b3.11.1750337099881; Thu, 19 Jun 2025

05:44:59 -0700 (PDT)

Message-ID:

Date: Thu, 19 Jun 2025 12:44:59 +0000

Subject: =?UTF-8?Q?RE=3A_Let=27s_Get__=E2=80=93_Quick_SEO_Audit_Inside_?=

From: cortney@digitalmarketingservices.site

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="0000000000001368c40637ec1d1a"

X-Spam_score: 6.6

X-Spam_score_int: 66

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi, I was going through your website www.nk.ca & I personally

see a lot of potential in your website & business. With your permission I

would like to send you an SEO Audit report with prices showing you a few

things to greatly improve these search results for you. These things are not

difficult, and my report wi [...]

Content analysis details: (6.6 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.128.200 listed in list.dnswl.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

[209.85.128.200 listed in dnsbl.ahbl.org]

[209.85.128.200 listed in dnsbl.ahbl.org]

[209.85.128.200 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

0.0 T_SPF_PERMERROR SPF: test of record failed (permerror)

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.128.200 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

Subject: {SPAM?} =?UTF-8?Q?RE=3A_Let=27s_Get__=E2=80=93_Quick_SEO_Audit_Inside_?=

--0000000000001368c40637ec1d1a

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Hi,

I was going through your website www.nk.ca & I personally see a lot of

potential in your website & business.

With your permission I would like to send you an SEO Audit report with

prices showing you a few things to greatly improve these search results for

you. These things are not difficult, and my report will be very specific.

It will show you exactly what needs to be done to move you up in the

rankings dramatically.

We can place your website on Google's 1st page (Yahoo, etc).

May I send you a quote if interested? Please share your website, target

keywords, and the location you want to focus on, so I can prepare and send

you a detailed SEO audit report more accurately and efficiently.

Warm Regards,

Cortney Felix

--0000000000001368c40637ec1d1a

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hi,

I was going through your website www.nk.ca & I personally see =

a lot of potential in your website & business.

With your permission =

I would like to send you an SEO Audit report with prices showing you a few =

things to greatly improve these search results for you. These things are no=

t difficult, and my report will be very specific. It will show you exactly =

what needs to be done to move you up in the rankings dramatically.

W=

e can place your website on Google's 1st page (Yahoo, etc).

May I se=

nd you a quote if interested? Please share your website, target keywords, a=

nd the location you want to focus on, so I can prepare and send you a detai=

led SEO audit report more accurately and efficiently.

Warm Regards,<=

br>Cortney Felix

--0000000000001368c40637ec1d1a--

Web/SEO/App Spam from Google Gmail

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 10:19:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSHy0-000000001AQ-1UGN

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 10:18:20 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 10:18:20 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yw1-f200.google.com ([209.85.128.200]:47567)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSEdP-00000000LPd-2ne6

for root@nk.ca;

Thu, 19 Jun 2025 06:44:59 -0600

Received: by mail-yw1-f200.google.com with SMTP id 00721157ae682-70e4269deb2so8368397b3.3

for ; Thu, 19 Jun 2025 05:43:00 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=digitalmarketingservices.site; s=google; t=1750336973; x=1750941773; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=jHeqiUN2jc3Q+BADbchUoLD+WDNA5iQzqENNsjSSa4g=;

b=Q001kSkmRZ7MxNpaymxqgkgV6Dx+Qdt8uFapcF95ULsGdupDt37QTY5KCOjKGks8qw

koRA5gRGLd/ZvuCDzCVGKMZc4RhR+SCdwBa2EYNe+QHUopatRqU8xe5MEu1jrHOSXkRx

GGBhW8KCkvKbV1b2mG+0ui8aQXQYUerrP0iPpSCMqldBSMzYTiC4VN9IqtRWHcw5BTGA

O47GgaqMIV/bLtcormiUn7hAmoyF3twLiuHjwPf3Ipzg2j7HWQ9UyDlzdbUXSTjO2qSd

L1VZpRnpmPk2MGyzu4yiL+OXIhHVJMSwTdNYH62FqAkBnWQzJt6HevkD0jrFDSZ4R925

Q+IQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1750336973; x=1750941773;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=jHeqiUN2jc3Q+BADbchUoLD+WDNA5iQzqENNsjSSa4g=;

b=KnT7RgCLdMBF7yp9lWj6Lqji4vklW+iFxz9Vj9AevCHGqD8ihxJjmWuCheEwhl7g6I

xL1MQwTU1jLIX9L+qIQ7QVSX1lOppngb4f5IYk6I5a7KpWWMkuY2/ktadvdZO4ssw8MV

ponLr/hORDDzcqhpP3c+Aw6T4ulvxWX1x3ABGAbOMOjUZ6SNgft/VTDw/M1MqEuqrx2w

rlEIQfmXK4Dcjq0nt0N0dq/dBwb2fYnk3Z84dMu1cjcmveoVuLPeClMLaGTtK8cQgYIe

z3041lbS0FKuEddu2JomS2JPe1lFKACMDYr1lpyuz/fQbJXP9B3zvZKYQxSTI0i5SYKi

ZfXA==

X-Gm-Message-State: AOJu0YyiNtDO20NOzy86Ea6I2Xhiq/BQZXCt3CRH8d0mkngB866n0gcN

2CxzI8k5w5OytEzFUuS1JCkLIY4DPD0ne6GZT53E5F++qzRjNIdGvXeKB7nCZv8MMUsVlFG3gfK

WrAVXpNi4S8g3Ogq3FW1Wlw==

X-Google-Smtp-Source: AGHT+IExejMNdMW6SMyX8qMQCGWajIOYJfiI5WhQgxuJpDdjCOKH3WscNiLAkLe7TnTYHnl8d8UF2uZViQ==

MIME-Version: 1.0

X-Received: by 2002:a05:690c:ec7:b0:70f:6ec6:62b3 with SMTP id

00721157ae682-71175471b27mr317861247b3.26.1750336973577; Thu, 19 Jun 2025

05:42:53 -0700 (PDT)

Message-ID:

Date: Thu, 19 Jun 2025 12:42:53 +0000

Subject: =?UTF-8?Q?RE=3A_Let=27s_Get_=E2=80=93_Quick_SEO_Audit_Inside_?=

From: heather@digitalmarketingservices.site

To: root@nk.ca

Content-Type: multipart/alternative; boundary="0000000000008c2a0b0637ec1512"

--0000000000008c2a0b0637ec1512

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Hi,

I was going through your website www.nk.ca & I personally see a lot of

potential in your website & business.

With your permission I would like to send you an SEO Audit report with

prices showing you a few things to greatly improve these search results for

you. These things are not difficult, and my report will be very specific.

It will show you exactly what needs to be done to move you up in the

rankings dramatically.

We can place your website on Google's 1st page (Yahoo, etc).

May I send you a quote if interested? Please share your website, target

keywords, and the location you want to focus on, so I can prepare and send

you a detailed SEO audit report more accurately and efficiently.

Warm Regards,

Heather (Hackler) Wright

--0000000000008c2a0b0637ec1512

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hi,

I was going through your website www.nk.ca & I personally see =

a lot of potential in your website & business.

With your permission =

I would like to send you an SEO Audit report with prices showing you a few =

things to greatly improve these search results for you. These things are no=

t difficult, and my report will be very specific. It will show you exactly =

what needs to be done to move you up in the rankings dramatically.

W=

e can place your website on Google's 1st page (Yahoo, etc).

May I se=

nd you a quote if interested? Please share your website, target keywords, a=

nd the location you want to focus on, so I can prepare and send you a detai=

led SEO audit report more accurately and efficiently.

Warm Regards,<=

br>Heather (Hackler) Wright

--0000000000008c2a0b0637ec1512--

Spanish language phish from OVH

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 04:16:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSCIS-00000000GDd-1VRv

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 04:15:04 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 04:15:04 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from vps-22754e23.vps.ovh.net ([141.95.19.38]:51782)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSBH2-00000000OiC-1wBT

for doctor@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 03:09:40 -0600

Received: by vps-22754e23.vps.ovh.net (Postfix, from userid 0)

id 4857648570; Thu, 19 Jun 2025 09:07:08 +0000 (UTC)

X-Mailer: mail (GNU Mailutils 3.7)

Content-Type: multipart/mixed; boundary="d35cfca6ae5d040d88dddfb4720dca16"

Content-Transfer-Encoding: 7bit

Subject: Naturgy: Deuda Pendiente 186069

From: Naturgy Resumen de Cuenta 012

To:

Message-Id:

Reply-To:

X-Originating-Email: naturgyclientes@vps-22754e23.vps.ovh.net

List-Unsubscribe:

Importance: High

X-Priority: 1 (Highest)

Priority: Urgent

MIME-Version: 1.0

Date: Thu, 19 Jun 2025 09:07:08 +0000 (UTC)

X-Spam_score: 7.3

X-Spam_score_int: 73

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: NATURGY Estimado(a) Cliente doctor@doctor.nl2k.ab.ca,

Content analysis details: (7.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

[141.95.19.38 listed in dnsbl.ahbl.org]

[141.95.19.38 listed in dnsbl.ahbl.org]

[141.95.19.38 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[141.95.19.38 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[141.95.19.38 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[141.95.19.38 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[141.95.19.38 listed in bl.score.senderscore.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

1.1 TRACKER_ID BODY: Incorporates a tracking ID number

0.3 LONGWORD BODY: Uses overlong words

1.5 MR_STRANGE_QUESTION URI: No description available.

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line length

greater than 79 characters

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 LOTS_OF_MONEY Huge... sums of money

Subject: {SPAM?} Naturgy: Deuda Pendiente 186069

--d35cfca6ae5d040d88dddfb4720dca16

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: base64

PGh0bWw+CjxoZWFkPgo8L2hlYWQ+Cjxib2R5CiBzdHlsZT0iZm9udC1mYW1pbHk6IEFyaWFsLHNhbnMtc2VyaWY7IGNvbG9yOiByZ2IoNTEsIDUxLCA1MSk7IGxpbmUtaGVpZ2h0OiAxLjU7Ij4KPHRhYmxlIGFsaWduPSJjZW50ZXIiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiCiBjZWxsc3BhY2luZz0iMCIgd2lkdGg9IjEwMCUiPgogIDx0Ym9keT4KICAgIDx0cj4KICAgICAgPHRkPgogICAgICA8cCBzdHlsZT0iZm9udC1zaXplOiA1cHg7IGNvbG9yOiByZ2IoODUsIDg1LCA4NSk7Ij48L3A+CiAgICAgIDxwIHN0eWxlPSJmb250LXNpemU6IDVweDsgY29sb3I6IHJnYig4NSwgODUsIDg1KTsiPjwvcD4KICAgICAgPHAgc3R5bGU9ImZvbnQtc2l6ZTogNXB4OyBjb2xvcjogcmdiKDg1LCA4NSwgODUpOyI+PC9wPgogICAgICA8dGFibGUKIHN0eWxlPSJib3JkZXI6IDFweCBzb2xpZCByZ2IoMjI0LCAyMjQsIDIyNCk7IHBhZGRpbmc6IDIwcHg7IHdpZHRoOiA2MDBweDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyIKIGFsaWduPSJjZW50ZXIiPgogICAgICAgIDx0Ym9keT4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkCiBzdHlsZT0icGFkZGluZy1ib3R0b206IDIwcHg7IGZvbnQtc2l6ZTogMThweDsgZm9udC13ZWlnaHQ6IGJvbGQ7IGNvbG9yOiByZ2IoMCwgNjksIDExMyk7IGZvbnQtZmFtaWx5OiAnVmVyZGFuYScsc2Fucy1zZXJpZjsiCiBhbGlnbj0iY2VudGVyIj4KICAgICAgIC

AgICAgPHNwYW4gc3R5bGU9ImxldHRlci1zcGFjaW5nOiAycHg7Ij5OQVRVUkdZPC9zcGFuPgogICAgICAgICAgICA8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHN0eWxlPSJwYWRkaW5nLWJvdHRvbTogMjBweDsgY29sb3I6IHJnYigwLCA2OSwgMTEzKTsiPgogICAgICAgICAgICA8cAogc3R5bGU9ImNvbG9yOiByZ2IoMCwgNjksIDExMyk7IGZvbnQtZmFtaWx5OiBBcmlhbCxzYW5zLXNlcmlmOyBmb250LXNpemU6IG1lZGl1bTsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXdlaWdodDogNDAwOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiAyOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdpZG93czogMjsgd29yZC1zcGFjaW5nOiAwcHg7IHdoaXRlLXNwYWNlOiBub3JtYWw7IGJhY2tncm91bmQtY29sb3I6IHJnYigyNTUsIDI1NSwgMjU1KTsiPkVzdGltYWRvKGEpCkNsaWVudGUgPHNwYW4gc3R5bGU9ImZvbnQtd2VpZ2h0OiBib2xkOyI+ZG9jdG9yQGRvY3Rvci5ubDJrLmFiLmNhLDwvc3Bhbj48L3A+CiAgICAgICAgICAgIDxwCiBzdHlsZT0iY29sb3I6IHJnYigwLCA2OSwgMTEzKTsgZm9udC1mYW1pbHk6IEFyaWFsLHNhbnMtc2VyaWY7IGZvbnQtc2l6ZTogbWVkaXVtOyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiA0MDA7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGh

hbnM6IDI7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2lkb3dzOiAyOyB3b3JkLXNwYWNpbmc6IDBweDsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyI+Tm9zCmNvbXVuaWNhbW9zIGNvbiB1c3RlZCBwYXJhIGluZm9ybWFybGUgcXVlLCBzZWcmdWFjdXRlO24gbnVlc3Ryb3MKcmVnaXN0cm9zIGFjdHVhbGl6YWRvcyBhbDxzcGFuPiZuYnNwOzwvc3Bhbj48c3Ryb25nPjE5LzA2LzIwMjU8L3N0cm9uZz4sCnN1IGN1ZW50YSBwcmVzZW50YSBsYSBzaWd1aWVudGUgZGV1ZGE6PC9wPgogICAgICAgICAgICA8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPgogICAgICAgICAgICA8cCBzdHlsZT0iZm9udC1zaXplOiA1cHg7IGNvbG9yOiByZ2IoODUsIDg1LCA4NSk7Ij48c3Bhbgogc3R5bGU9ImNvbG9yOiByZ2IoMjU1LCAyNTUsIDI1NSk7Ij5DMTQ5SzlaRzI2U0ZaU1dYN0FQWU9NNEdPOVJVVVFMSDIzTkdaWlNGQUw1NDhKM1U8L3NwYW4+PC9wPgogICAgICAgICAgICA8cCBzdHlsZT0iZm9udC1zaXplOiA1cHg7IGNvbG9yOiByZ2IoODUsIDg1LCA4NSk7Ij48c3Bhbgogc3R5bGU9ImNvbG9yOiByZ2IoMjU1LCAyNTUsIDI1NSk7Ij5DMTQ5SzlaRzI2U0ZaU1dYN0FQWU9NNEdPOVJVVVFMSDIzTkdaWlNGQUw1NDhKM1U8L3NwYW4+PC9wPgogICAgICAgICAg

ICA8cCBzdHlsZT0iZm9udC1zaXplOiA1cHg7IGNvbG9yOiByZ2IoODUsIDg1LCA4NSk7Ij48c3Bhbgogc3R5bGU9ImNvbG9yOiByZ2IoMjU1LCAyNTUsIDI1NSk7Ij5DMTQ5SzlaRzI2U0ZaU1dYN0FQWU9NNEdPOVJVVVFMSDIzTkdaWlNGQUw1NDhKM1U8L3NwYW4+PC9wPgogICAgICAgICAgICA8dGFibGUKIHN0eWxlPSJib3JkZXI6IDFweCBzb2xpZCByZ2IoMjI0LCAyMjQsIDIyNCk7IGJhY2tncm91bmQtY29sb3I6IHJnYigyNDksIDI0OSwgMjQ5KTsiCiBjZWxscGFkZGluZz0iMTAiIGNlbGxzcGFjaW5nPSIwIiB3aWR0aD0iMTAwJSI+CiAgICAgICAgICAgICAgPHRoZWFkCiBzdHlsZT0iYmFja2dyb3VuZC1jb2xvcjogcmdiKDAsIDY5LCAxMTMpOyBjb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRoIHN0eWxlPSJ0ZXh0LWFsaWduOiBsZWZ0OyI+UGVyaSZzaHk7b2RvPC90aD4KICAgICAgICAgICAgICAgIDx0aCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPlZlbmNpbWllbnRvPC90aD4KICAgICAgICAgICAgICAgIDx0aCBzdHlsZT0idGV4dC1hbGlnbjogbGVmdDsiPkltcG9ydGU8L3RoPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPC90aGVhZD4KICAgICAgICAgICAgICA8dGJvZHk+CiAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgIDx0ZD48c3Ryb25nPjIwMjQtOTwvc3Ryb25nPjwvdGQ+CiAgICAgI

CAgICAgICAgICAgIDx0ZD48c3Ryb25nPjE5LzA2LzIwMjU8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICA8dGQ+PHN0cm9uZz4kIDM5OS45NzAsNDI8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3Rib2R5PgogICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICA8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHN0eWxlPSJwYWRkaW5nLXRvcDogMjBweDsiPgogICAgICAgICAgICA8cCBzdHlsZT0iZm9udC1zaXplOiAxNnB4OyI+PHN0cm9uZz5GYWN0dXJhCmVuIFBERjo8L3N0cm9uZz4gPGEgaHJlZj0iaHR0cHM6Ly92bWkyNjY0NjgzLmNvbnRhYm9zZXJ2ZXIubmV0Lz9fdGFzaz1tYWlsJl9hY3Rpb249Z2V0Jl9tYm94PUlOQk9YJl91aWQ9NzgwMTAmX3Rva2VuPWM3Mzc2ZTBmNzQ1OTU0ZDcxOTM3NmY2ZDM0YmJjNDdlMWY4NmZkNzY1MmU4M2U5OTEyYjg0M2UxNTU3MzUwNDAmX3BhcnQ9OC45LjgmX2VtYmVkPTEmX21pbWVjbGFzcz1pbWFnZSIKIHN0eWxlPSJjb2xvcjogcmdiKDAsIDY5LCAxMTMpOyB0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPkhhZ2EKY2xpYyBhcXVpJnNoeTsgcGFyYSBhY2VkZGVyIHN1IGZhY3R1cmE8L2E+LjwvcD4KICAgICAgICAgICAgPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZAogc3R5bGU9InBhZGRpbmctdG9wOiAyMHB4Oy

Bmb250LXNpemU6IDE0cHg7IGNvbG9yOiByZ2IoMTAyLCAxMDIsIDEwMik7Ij4KICAgICAgICAgICAgPHAKIHN0eWxlPSJjb2xvcjogcmdiKDEwMiwgMTAyLCAxMDIpOyBmb250LWZhbWlseTogQXJpYWwsc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxNHB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiA0MDA7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGhhbnM6IDI7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2lkb3dzOiAyOyB3b3JkLXNwYWNpbmc6IDBweDsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyI+U2kKeWEgaGEgcmVhbGl6YWRvIGVsIHBhZ28sIHBvciBmYXZvciBpZ25vcmUgZXN0ZSBtZW5zYWplLiBFbiBjYXNvCmNvbnRyYXJpbywgcHVlZGUgcmVhbGl6YXIgZWwgcGFnbyB1dGlsaXphbmRvIGxvcyBzaWd1aWVudGVzIG1lZGlvczo8L3A+CiAgICAgICAgICAgIDx1bAogc3R5bGU9ImNvbG9yOiByZ2IoMTAyLCAxMDIsIDEwMik7IGZvbnQtZmFtaWx5OiBBcmlhbCxzYW5zLXNlcmlmOyBmb250LXNpemU6IDE0cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IDQwMDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogMjsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aWRvd3M6IDI

7IHdvcmQtc3BhY2luZzogMHB4OyB3aGl0ZS1zcGFjZTogbm9ybWFsOyBiYWNrZ3JvdW5kLWNvbG9yOiByZ2IoMjU1LCAyNTUsIDI1NSk7Ij4KICAgICAgICAgICAgICA8bGk+PHN0cm9uZz5PbmxpbmU8L3N0cm9uZz46IFRhcmpldGEgZGUKY3ImZWFjdXRlO2RpdG8vZCZlYWN1dGU7Yml0bywgTWVyY2FkbyBQYWdvLCBvIGEKdHJhdiZlYWN1dGU7cyBkZSBudWVzdHJhIE9maWNpbmEgVmlydHVhbC48L2xpPgogICAgICAgICAgICAgIDxsaT48c3Ryb25nPlByZXNlbmNpYWw8L3N0cm9uZz46CkNlbnRyb3MgZGUgcGFnbyBGJmFhY3V0ZTtjaWwsIFByb3ZpbmNpYSBORVQgbyBSYXBpcGFnby48L2xpPgogICAgICAgICAgICA8L3VsPgogICAgICAgICAgICA8cCBzdHlsZT0iZm9udC1zaXplOiA1cHg7IGNvbG9yOiByZ2IoODUsIDg1LCA4NSk7Ij48L3A+CiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgc3R5bGU9InBhZGRpbmctdG9wOiAyMHB4OyBjb2xvcjogcmdiKDAsIDY5LCAxMTMpOyI+CiAgICAgICAgICAgIDxwPkF0ZW50YW1lbnRlLDwvcD4KICAgICAgICAgICAgPHA+PHN0cm9uZz5FbCBlcXVpcG8gZGUgTmF0dXJneTwvc3Ryb25nPjwvcD4KICAgICAgICAgICAgPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZAogc3R5bGU9ImJvcmRlci10b3A6IDFweCBzb2xpZCByZ2IoMjI0LCAyMjQsIDIyNCk7IGZv

bnQtc2l6ZTogMTJweDsgY29sb3I6IHJnYigxMDIsIDEwMiwgMTAyKTsgcGFkZGluZy10b3A6IDIwcHg7Ij4KICAgICAgICAgICAgPHA+PHNwYW4KIHN0eWxlPSJjb2xvcjogcmdiKDEwMiwgMTAyLCAxMDIpOyBmb250LWZhbWlseTogQXJpYWwsc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiA0MDA7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGhhbnM6IDI7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2lkb3dzOiAyOyB3b3JkLXNwYWNpbmc6IDBweDsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyBkaXNwbGF5OiBpbmxpbmUgISBpbXBvcnRhbnQ7IGZsb2F0OiBub25lOyI+KkxvcwppbnRlcmVzZXMgcG9yIG1vcmEgc2VyJmFhY3V0ZTtuIGluY2x1aWRvcyBlbiBzdSBwciZvYWN1dGU7eGltYQpmYWN0dXJhLjwvc3Bhbj48L3A+CiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgc3R5bGU9InBhZGRpbmctdG9wOiAyMHB4OyIgYWxpZ249ImNlbnRlciI+CiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQKIHN0eWxlPSJmb250LXNpemU6IDEycHg7IGNvbG9yOiByZ2IoMTAyLCAxMDIsIDEwMik7IHRle

HQtYWxpZ246IGNlbnRlcjsgcGFkZGluZy10b3A6IDEwcHg7Ij48c3Bhbgogc3R5bGU9ImNvbG9yOiByZ2IoMTAyLCAxMDIsIDEwMik7IGZvbnQtZmFtaWx5OiBBcmlhbCxzYW5zLXNlcmlmOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IDQwMDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogMjsgdGV4dC1hbGlnbjogY2VudGVyOyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2lkb3dzOiAyOyB3b3JkLXNwYWNpbmc6IDBweDsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyBkaXNwbGF5OiBpbmxpbmUgISBpbXBvcnRhbnQ7IGZsb2F0OiBub25lOyI+JmNvcHk7Ck5hdHVyZ3k8L3NwYW4+CiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGJvZHk+CiAgICAgIDwvdGFibGU+CiAgICAgIDwvdGQ+CiAgICA8L3RyPgogIDwvdGJvZHk+CjwvdGFibGU+CjwvYm9keT4KPC9odG1sPg==

--d35cfca6ae5d040d88dddfb4720dca16--

Business deal spam from Google Gmail

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 04:15:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSCIE-00000000FJJ-2GxZ

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 04:14:50 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 04:14:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ed1-f65.google.com ([209.85.208.65]:43466)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSAiR-00000000IMv-2QUw

for doctor@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 02:34:00 -0600

Received: by mail-ed1-f65.google.com with SMTP id 4fb4d7f45d1cf-609c6afade7so2730440a12.1

for ; Thu, 19 Jun 2025 01:31:53 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1750321906; x=1750926706; darn=doctor.nl2k.ab.ca;

h=message-id:date:reply-to:mime-version:to:subject:from:from:to:cc

:subject:date:message-id:reply-to;

bh=Jf79Sam2kNKej3cenHrC8KBXQvrHse1u27gnw1DH/oE=;

b=G5nCDcNgMOhA5e4YOb0tWqPH5Vho7wa4YkUPknNSTlXb/E2WjZtFi6x1Yg0TSnXcPI

y+o4ZtPc3f0kZn1uc8M/RxqxCJbHFbb2JXnkySuH+0UtvtnTnym5V5YCisZbeUep0kA6

qH+p8IPbxHz35grOKl5uDgODU/BGyWBUZb4dVQV7OK53kq+t7XjSk9/saXvRBvUM8Jk9

xdCVfBvETy4K9myHbum5AApgcpxV9MJ8/KQBnvZafW0kRp4J5MPv3bT4SoMhRYOkjl4P

5EsGTZx+OvLvc1Le1iSJc++kDTS/F0sXNmmyLYKM3ZaQnX0eS3Rk7Nt0LNsEbQwBgcyy

2k6Q==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1750321906; x=1750926706;

h=message-id:date:reply-to:mime-version:to:subject:from

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=Jf79Sam2kNKej3cenHrC8KBXQvrHse1u27gnw1DH/oE=;

b=gH7lG0UXhcFrJq/dgbA/P7x/skC3A8vsC3Sc03M8nbcVmk3gDBgDWstsVmYuwp8I0P

sUrbinLIc7TysMS2j2m6pV26nvoreojbKELK/99p9fwO71wnkqlQztoaHrYxUfsarHbz

R3Ay+xnRHINNsCCjDlA1HQ8dbhPjoFaCuxI8KcayO7TQDnoyvnxc9MOXzjZtpX0hNqHs

WNNbhdDlOWDKE+OIdzSTLDg0VdPzh2uZXR9vuDJbEaT2itacX7NFIIjfVe0xxMol6RGw

93p2O1mJy4di4hXH5ovS0tlplLtu5xgFyKjPL+jqZFIdbAJjwf66Z7O8ya9mq2Xvkn2X

bEtA==

X-Gm-Message-State: AOJu0YzN94gE+9uX8XSkvdg9s/1N3g+hc9qQ5tV1uZK38eQ6y1J7bZzD

0A1huMxt0DuZZjVJf/z9VHNvz7FPuHYMM0ntp8sWIlCH+co3OBqVfRSz6FNoY28w

X-Gm-Gg: ASbGnctDxkxerJTFvDVfpG7cHyYwS2EffqPcuyGyb9AfjFgZmqUUEGfQOsQf4jHx2Bs

HrUABVpu+ZxJ0IkOkHvxSenWNo+6xg1Z4IT7PpuhJZ+6jlN2gBHNwK+icCsXm1XfK0JWUvEuLQS

uzUfAP193CAxyc1nTknZBgz3s8sF8Fwk2cZ4QH6oMk1VtdxngoIoskfPT5aKFepaTUZsZ29A3yN

7LmtbDD9K06cIEXeGhefwLSbB2Hgh07IQ9oZBZ5qeq1neW/Ocf83f9XrH6cCxRHtYV6FCjQcKcJ

lQDQNHsU/0Q9auuBNf7M8IiqPzSSXk2GY5MlKhV7gGJuGFjVfD2Vd1WDnOeyl88FtAw+

X-Google-Smtp-Source: AGHT+IGliBqKrNBRvJpai/KliCsb/Q0zxBp0PeFojj8BQJeInit/HAZIasUV1jHAsCyy5FWutOPabg==

X-Received: by 2002:a17:907:3e1c:b0:adf:f05f:6d89 with SMTP id a640c23a62f3a-ae0353ac1f5mr224761166b.23.1750321905658;

Thu, 19 Jun 2025 01:31:45 -0700 (PDT)

Received: from OSITA ([41.215.171.151])

by smtp.gmail.com with ESMTPSA id a640c23a62f3a-adec8929a5asm1186844266b.136.2025.06.19.01.31.44

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Thu, 19 Jun 2025 01:31:45 -0700 (PDT)

From: "Hesham Abdulla Al Qassim"

Subject: BUSINESS PROPOSAL

To:

Content-Type: multipart/alternative; boundary="SBtc9tJLIJ3THnTulZ=_9eFxeswI7XnSfz"

MIME-Version: 1.0

Reply-To:

Date: Thu, 19 Jun 2025 01:31:44 -0700

Message-Id: <19412025063101CAF4A757C8$B8D9C35AD9@gmail.com>

X-Spam_score: 7.9

X-Spam_score_int: 79

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, I am sending this message for the second time and

I donâ€™t know if you received the first mail I sent to you. Greetings to

you my dear good friend, I was pushed to contact you and see how best we can

assist each other. I am Mr. Abdulla Al Qassim, a Bank Officer in one of the

leading banks here in UAE. I belie [...]

Content analysis details: (7.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.65 listed in dnsbl.ahbl.org]

[209.85.208.65 listed in dnsbl.ahbl.org]

[209.85.208.65 listed in dnsbl.ahbl.org]

[209.85.208.65 listed in dnsbl.ahbl.org]

[41.215.171.151 listed in dnsbl.ahbl.org]

[41.215.171.151 listed in dnsbl.ahbl.org]

[41.215.171.151 listed in dnsbl.ahbl.org]

[41.215.171.151 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.65 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.65 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[41.215.171.151 listed in will-spam-for-food.eu.org]

[41.215.171.151 listed in will-spam-for-food.eu.org]

[41.215.171.151 listed in will-spam-for-food.eu.org]

[41.215.171.151 listed in will-spam-for-food.eu.org]

[41.215.171.151 listed in will-spam-for-food.eu.org]

[41.215.171.151 listed in will-spam-for-food.eu.org]

[41.215.171.151 listed in will-spam-for-food.eu.org]

[41.215.171.151 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

[209.85.208.65 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.65 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.65 listed in wl.mailspike.net]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[emiratesnbd20(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[heshamwawa01(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[heshamwawa01(at)gmail.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 NO_RDNS2 Sending MTA has no reverse DNS

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

Subject: {SPAM?} BUSINESS PROPOSAL

This is a multi-part message in MIME format

--SBtc9tJLIJ3THnTulZ=_9eFxeswI7XnSfz

Content-Type: text/plain; charset="utf-8"

Content-Transfer-Encoding: quoted-printable

Hello,

I am sending this message for the second time and I don=E2=80=99t know=

if you received the first mail I sent to you.

Greetings to you my dear good friend, I was pushed to contact you and =

see how best we can assist each other. I am Mr. Abdulla Al Qassim, a B=

ank Officer in one of the leading banks here in UAE. I believe it is t=

he wish of God for me to come across you now. I am having an important=

business discussion I wish to share with you which I believe will int=

erest you, because it is in connection with your last name and you are=

going to benefit from it.=20

Please kindly get back to me through my private contact E-mail Address=

so I can give you the details in full.

E-mail :=20

emiratesnbd20@gmail.com mailto:emiratesnbd20@gmail.com

Regards,

Mr. Hesham Abdulla Al Qassim

Vice Chairman EmiratesNBD.

--SBtc9tJLIJ3THnTulZ=_9eFxeswI7XnSfz

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: quoted-printable

8">

le=3D1">
itle>BUSINESS PROPOSAL

size=3D4>Hello,

I am sending this message=

for the second time and I don=E2=80=99t know if you received the firs=

t mail I sent to you.

Greetings to you my =

dear good friend, I was pushed to contact you and see how best we can =

assist each other. I am Mr. Abdulla Al Qassim, a Bank Officer in one o=

f the leading banks here in UAE. I believe it is the wish of God for m=

e to come across you now. I am having an important business discussion=

I wish to share with you which I believe will interest you, because i=

t is in connection with your last name and you are going to benefit fr=

om it.

Please kindly get back to me throu=

gh my private contact E-mail Address so I can give you the details in =

full.

E-mail :
iratesnbd20@gmail.com">emiratesnbd20@gmail.com
a>

Regards,

Mr. Hesha=

m Abdulla Al Qassim

Vice Chairman Emirates=

NBD.

=20

--SBtc9tJLIJ3THnTulZ=_9eFxeswI7XnSfz--

Instagram followers spam from Google Gmail

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 19 Jun 2025 04:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uSCH0-00000000BNx-2uxl

for dave@doctor.nl2k.ab.ca;

Thu, 19 Jun 2025 04:13:34 -0600

Resent-From: The Doctor

Resent-Date: Thu, 19 Jun 2025 04:13:34 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pj1-f71.google.com ([209.85.216.71]:50687)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uS5jO-00000000Gvv-37vr

for sales@nk.ca;

Wed, 18 Jun 2025 21:14:36 -0600

Received: by mail-pj1-f71.google.com with SMTP id 98e67ed59e1d1-3138e65efe2so243540a91.1

for ; Wed, 18 Jun 2025 20:12:32 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1750302746; x=1750907546; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=E1vgV+ZYvfRJWtnBnoJG6sI4tdKIuyt3JMISQkNR4Vs=;

b=kdfh8YIxLyyZD9Cn5ZIH0cp+sDLBoa41uQmEOGL1cx4bysEJcryGy9Q8ykMCoBjoVm

SjOA/yjjrWf8PFGxIxvM2Bh2zu3hNccqpRJy2mvWZtqMEBS4gFBEx/uxlsImtEApgKv6

duHSSaS+sgwN9QgYQr5MTx9OIHvrLlJtp9oH3Vh7uBqM2b14KRtzkeUeKlTx7SOnH/tj

+MDhgTa0FOm82qw/91eyBrUfGtaDvROCO9Xsbcc8FYNie1NfmuzQox5TRRZlIHpPT6az

XvdHJThrLmG4MdzFBkEbF2ccr0KJbW70u/F5ofSPRmuzAkt7lChldBn1AqVnV5fPmPfI

RVqw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1750302746; x=1750907546;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=E1vgV+ZYvfRJWtnBnoJG6sI4tdKIuyt3JMISQkNR4Vs=;

b=PtRbWtdcV+MKeLcDq4/ai8jycPi5Jsq2perfTrMj+Sgb4XWUki0GlGgYpMNzFmgoXK

97R/O9222k0Um6i+zj5oQ2E6n30dF3ikLU9LJVh2enYAqlK4ra2bdLgJfywGW3213tKy

7noWWDUpgrPPZmXnD/8voiTAWCzvZhW8IJH9Cva8EUW0F09QvwbHd81lpN9vMk9NKnPg

x3cxI6Z64wO6IoROBcQ75jD86HuIuQXuZo+YqINFuj3aVh+ceClWm0lcohsbL3OlZj80

SQNuQgcAGa3ufetybB5Qv6txIKuexVAcKj/ORNTWDQowDL6VNklr0sCvjHtYxJHaLOBJ

AEuQ==

X-Gm-Message-State: AOJu0YyYWdXH14sa5573ux0aE8qR9VKpu6CRMhJZfG3hyrgb9YLNUwV/

qxMezTtUoW1lWyFjkxy3E+62BK4hGrlCr8BNiHvHhf4CAO0ZqgBwQ0bRBT7cgTrUYk9FvGATcEx

EhNo=

X-Google-Smtp-Source: AGHT+IF28OcNyPaTa314duhM7MSiFSOpD/4/16Z5EU47z74+DTwoKDW07pkrFlG+M3QTb0lphgn7bKwO2g==

MIME-Version: 1.0

X-Received: by 2002:a17:90b:3d07:b0:313:f9fc:7213 with SMTP id

98e67ed59e1d1-313f9fc7753mr24843280a91.21.1750302746356; Wed, 18 Jun 2025

20:12:26 -0700 (PDT)

Message-ID:

Date: Thu, 19 Jun 2025 03:12:26 +0000

Subject: netknowyeg, Get More 1,000 Instagram Followers and 1,000 Tiktok Views here

From: ariyuhayuha@gmail.com

To: sales@nk.ca

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Hi Netknow Internet Service,

We are from Instasocial. We found your Email address on your Instagram page

@netknowyeg.

We Offers Instagram Followers, Likes and Views services.

The price is:

-$29 USD for 1,000 Instagram Followers and

- $9 USD For Instagram Post Likes.

- $7 USD For Instagram Video Views

Now you have Limited Followers, maybe you are Interested?

Building a large and engaged follower base can contribute to brand loyalty.

Followers who feel a strong connection with a brand are more likely to

remain loyal and advocate for the brand..

You can See all packages here :

https://sociobest.shop/

If you have any questions, feel free to ask them here.

I apologize if this message bothers you,

Also, We have Youtube, Tiktok and Twitter services too, Please check it now.

Thank you,

Regards,

Chinese parts spam from Google Gmail

Posted by Dave Yadallee on Thursday, June 19. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Jun 2025 21:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uS5i7-00000000H2G-0Gy8

for dave@doctor.nl2k.ab.ca;

Wed, 18 Jun 2025 21:13:07 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Jun 2025 21:13:07 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pj1-f65.google.com ([209.85.216.65]:53623)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uS5Ze-00000000FKN-1QV8

for doctor@doctor.nl2k.ab.ca;

Wed, 18 Jun 2025 21:04:32 -0600

Received: by mail-pj1-f65.google.com with SMTP id 98e67ed59e1d1-313a001d781so163267a91.3

for ; Wed, 18 Jun 2025 20:02:27 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=goodbomold.com; s=google; t=1750302141; x=1750906941; darn=doctor.nl2k.ab.ca;

h=disposition-notification-to:mime-version:date:subject:to:message-id

:reply-to:from:from:to:cc:subject:date:message-id:reply-to;

bh=rkQwh93pRSMi7F4lRJY7Sjk00qc7jbNaEjKs8j458BE=;

b=tXXafh+LWrzkyqvxpSh5zLdnDNIQT9P8RWdwlix0wOpkO3toIC5FRs7c1Tdb9Rpd6o

NrD4MiO8gNkCnClOAWLoFvQIbT5D9XkGto4c1RyY/Tiimc5UFwZY6R5gl9BP0j455CdZ

vyPsLxrgC+w9V/LyfExnPMq2rQaFw4wqapo3A=

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1750302141; x=1750906941;

h=disposition-notification-to:mime-version:date:subject:to:message-id

:reply-to:from:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=rkQwh93pRSMi7F4lRJY7Sjk00qc7jbNaEjKs8j458BE=;

b=jXP7sb3mxDxCFLCplOuiahTTVljXgCSv6HpZQ771fne7Ps6hFp5zjD8/nbBsFDwBbq

9ZtoRycORBx6dCHYOgfRN8Lcf7SzxcsrafQpu5xQsIY3k3kKGqTxGM/c3kOy+G+4aWZP

yYukPR08D+dPxOIkcWTTdeeMWtirSMqftoXhr9Iq9lIZUoId2Q/8kKBvkoOLCXvmBs0P

JFfJOMFLNSPi/Zty8oVL1Ah+cHMuCW8Qtvot/sEglVabTKyxVkoxBHqjHW1fy4W9PL9d

4p9kmvMN5sQhfm1ZLOzwgAtYoIRQxN9u+Gmw+eX4lS6ghKb3bbjNcjWbbqgq0kHncqUM

FAoQ==

X-Gm-Message-State: AOJu0YwCxi23rizBS50w9mqE5Lxcvdx3xKdzNzrrBXrM/QWqf3VG3Dfm

K94zhnYhQxCtewei4MhFeTEiFnu1RN3CC/rId1NVZ4OjlpvH9IKmsPnZDa8XrA5d7Bm8qv5AV+s

xZZEQZvU=

X-Gm-Gg: ASbGnct1mMrk0XiMNU6ZhF4NedINuZ09d03afzbiMhrBki3ppQfjS0cSGmgukKRLABm

IKL2jHyett97zcwi8NQkl/NB51wfmhFxBf8AgPHO2WdA1jLE3M540mmCMxrcVo07+6rh1a/1GBW

/IfqoLkP3V1wZfdfr5ONKliL6ZUqoJ7ql2AI5NJI28xCVlcNDKN1iwU2SkaVHLf2zreFu+eXCCD

HaHbHar5iBvl4TXhsAyTSb6naDWNUpMu13pPWtTvz3U00z90GAV7K+lxiJ/DkURV9u4ZNaiSxFH

KNR891PgP25wa5BfB49R+NsOjpjUR5QpwWr7ikxbTtZWuZo3iPCqSNwCvnhEbG2VtbeYvJv+wB2

zdGNnX28=

X-Google-Smtp-Source: AGHT+IEtJwkTiC+oChv8cqZmf4rLrHu8yDNE1idhpPKVzutZR+KEgD0Jju2hhA6NH+yobKl8LkMUPw==

X-Received: by 2002:a17:90b:540f:b0:311:b0ec:135f with SMTP id 98e67ed59e1d1-313f1e22bf7mr29032588a91.30.1750302141107;

Wed, 18 Jun 2025 20:02:21 -0700 (PDT)

Received: from izunzrg ([223.122.100.200])

by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-3158a2f0987sm987619a91.25.2025.06.18.20.02.19

for

(version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);

Wed, 18 Jun 2025 20:02:20 -0700 (PDT)

From: "grace@runtooprecision.com"

X-Google-Original-From: "grace@runtooprecision.com"

Reply-To:

Message-ID:

To:

Subject: Preferred supplier for injection molds and injection molding parts

Date: Thu, 19 Jun 2025 11:02:08 +0800

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_0C45_01A32BB1.196E7200"

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2900.5512

Disposition-Notification-To: grace@runtooprecision.com

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512

X-Spam_score: 7.1

X-Spam_score_int: 71

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello Dear Manager, How is everything going? This is Grace

from Runtoo Precision Technology Co., Ltd., located in Shenzhen, China. It

will be a great honor if we can establish a relationship with you in the

future. Runtoo Precision found in 2013 [...]

Content analysis details: (7.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.216.65 listed in dnsbl.ahbl.org]

[209.85.216.65 listed in dnsbl.ahbl.org]

[209.85.216.65 listed in dnsbl.ahbl.org]

[209.85.216.65 listed in dnsbl.ahbl.org]

[223.122.100.200 listed in dnsbl.ahbl.org]

[223.122.100.200 listed in dnsbl.ahbl.org]

[223.122.100.200 listed in dnsbl.ahbl.org]

[223.122.100.200 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.216.65 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.216.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.216.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.216.65 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[223.122.100.200 listed in will-spam-for-food.eu.org]

[223.122.100.200 listed in will-spam-for-food.eu.org]

[223.122.100.200 listed in will-spam-for-food.eu.org]

[223.122.100.200 listed in will-spam-for-food.eu.org]

[223.122.100.200 listed in will-spam-for-food.eu.org]

[223.122.100.200 listed in will-spam-for-food.eu.org]

[223.122.100.200 listed in will-spam-for-food.eu.org]

[223.122.100.200 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

[209.85.216.65 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.216.65 listed in list.dnswl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.216.65 listed in sa-accredit.habeas.com]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.216.65 listed in sa-trusted.bondedsender.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.0 HK_RANDOM_FROM From username looks random

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.6 HK_RANDOM_ENVFROM Envelope sender username looks random

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.216.65 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.216.65 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.216.65 listed in bl.score.senderscore.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

0.7 PDS_FROM_2_EMAILS No description available.

0.0 NO_RDNS2 Sending MTA has no reverse DNS

1.0 ZMIde_OutlookExpress Outlook Express should not be used anymore

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

2.0 MIXED_HREF_CASE Has href in mixed case

Subject: {SPAM?} Preferred supplier for injection molds and injection molding parts

This is a multi-part message in MIME format.

------=_NextPart_000_0C45_01A32BB1.196E7200

Content-Type: text/plain;

charset="gb2312"

Content-Transfer-Encoding: base64

SGVsbG8gRGVhciBNYW5hZ2VyLA0KDQpIb3cgaXMgZXZlcnl0aGluZyBnb2luZz8NCg0KVGhpcyBp

cyBHcmFjZSBmcm9tIFJ1bnRvbyBQcmVjaXNpb24gVGVjaG5vbG9neSBDby4sIEx0ZC4sIGxvY2F0

ZWQgaW4gU2hlbnpoZW4sIENoaW5hLg0KSXQgd2lsbCBiZSBhIGdyZWF0IGhvbm9yIGlmIHdlIGNh

biBlc3RhYmxpc2ggYSByZWxhdGlvbnNoaXAgd2l0aCB5b3UgaW4gdGhlIGZ1dHVyZS4gUnVudG9v

IFByZWNpc2lvbiBmb3VuZCBpbiAyMDEzLCBtYWpvcnMgaW4gbW9sZCBkZXNpZ24gYW5kIGluamVj

dGlvbiBzZXJ2aWNlIGZvciBvdmVyIDEwIHllYXJzLiBPdXIgcHJvZHVjdHMgZW5qb3kgZ3JlYXQg

cG9wdWxhcml0eSBhbW9uZyBFdXJvcGVhbiBhbmQgQW1lcmljYW4gbWFya2V0cy4NCldlIGNhbiBv

ZmZlciB5b3UgdGhlIGZvbGxvd2luZyBzZXJ2aWNlIGZvciB5b3UuDQouIE1vbGQgZGVzaWduIGFu

ZCBtb2xkIHByb2R1Y3Rpb24uDQouIEluamVjdGlvbiBzZXJ2aWNlLCBhc3NlbWJseSwgcHJpbnRp

bmcsIGFuZCBwYWNraW5nIHNlcnZpY2UuDQouIFJhcGlkIHByb3RvdHlwaW5nIG9yIDNEIHByaW50

aW5nIHNlcnZpY2UuDQouIEhhcmR3YXJlIHBhcnRzDQoNCklmIHlvdSBoYXZlIGFueSBwbGFzdGlj

IHBhcnQgbmVlZCB0byBjdXN0b21pemVkLCBjb3VsZCB5b3Ugb2ZmZXIgdXMgdGhlIDNEIGZpbGVz

IG9yIHNhbXBsZXMgeW91IGhhdmU/IFBsZWFzZSBkb24ndCBoZXNpdGF0ZSB0byBjb250YWN0IHVz

Lg0KTG9va2luZyBmb3J3YXJkIHRvIHlvdXIgZWFybHkgcmVwbHkgd2hpY2ggd2lsbCBiZSBoaWdo

bHkgYXBwcmVjaWF0ZWQuDQoNCg0KQmVzdCBSZWdhcmRzLA0KR3JhY2UNClNhbGVzIE1hbmFnZXIN

Cg0KDQpSdW50b28gUHJlY2lzaW9uIFRlY2hub2xvZ3kgQ28uLCBMdGQuICAgICAgICAgICAgICAg

ICAgICANCk1vYmlsZTogODYtMTM2MDMwMzc0NjkNClRlbDogICAgKzg2LTA3NTUtMjMxOTYxNjYN

CkVtYWlsOiBncmFjZUBydW50b29wcmVjaXNpb24uY29tICAgICAgICAgICAgICAgICAgICAgICAg

ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCldlYjogIGh0dHA6Ly93d3cucnVu

dG9vcHJlY2lzaW9uLmNvbS8g

------=_NextPart_000_0C45_01A32BB1.196E7200

Content-Type: text/html;

charset="gb2312"

Content-Transfer-Encoding: base64

PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv

L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWdi

MjMxMiIgaHR0cC1lcXVpdj1Db250ZW50LVR5cGU+DQo8TUVUQSBuYW1lPUdFTkVSQVRPUiBjb250

ZW50PSJNU0hUTUwgMTEuMDAuMTA1NzAuMTAwMSI+PC9IRUFEPg0KPEJPRFk+DQo8RElWIA0Kc3R5

bGU9J0ZPTlQtU0laRTogMTRweDsgRk9OVC1GQU1JTFk6ICJNaWNyb3NvZnQgWWFIZWkgVUkiOyBX

SElURS1TUEFDRTogbm9ybWFsOyBXT1JELVNQQUNJTkc6IDBweDsgVEVYVC1UUkFOU0ZPUk06IG5v

bmU7IEZPTlQtV0VJR0hUOiA0MDA7IENPTE9SOiByZ2IoMCwwLDApOyBGT05ULVNUWUxFOiBub3Jt

YWw7IE9SUEhBTlM6IDI7IFdJRE9XUzogMjsgTEVUVEVSLVNQQUNJTkc6IG5vcm1hbDsgQkFDS0dS

T1VORC1DT0xPUjogcmdiKDI1NSwyNTUsMjU1KTsgVEVYVC1JTkRFTlQ6IDBweDsgZm9udC12YXJp

YW50LWxpZ2F0dXJlczogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyAtd2Via2l0

LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IHRleHQtZGVjb3JhdGlvbi1zdHlsZTogaW5pdGlhbDsg

dGV4dC1kZWNvcmF0aW9uLWNvbG9yOiBpbml0aWFsOyB0ZXh0LWRlY29yYXRpb24tdGhpY2tuZXNz

OiBpbml0aWFsJz48U1BBTiANCnN0eWxlPSJGT05ULVNJWkU6IDE2cHgiPg0KPERJViANCnN0eWxl

PSJGT05ULVNJWkU6IDE0cHg7IEZPTlQtRkFNSUxZOiBBcmlhbDsgQ09MT1I6ICMwMDAwMDA7IExJ

TkUtSEVJR0hUOiAxLjciPg0KPFAgc3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXplPTMgZmFj

ZT0iTWljcm9zb2Z0IFlhSGVpIFVJIj5IZWxsbyBEZWFyIA0KTWFuYWdlciw8L0ZPTlQ+PC9QPg0K

PFAgc3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXplPTMgZmFjZT0iTWljcm9zb2Z0IFlhSGVp

IFVJIj48L0ZPTlQ+Jm5ic3A7PC9QPg0KPFAgc3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXpl

PTMgZmFjZT0iTWljcm9zb2Z0IFlhSGVpIFVJIj5Ib3cgaXMgZXZlcnl0aGluZyANCmdvaW5nPzwv

Rk9OVD48L1A+DQo8UCBzdHlsZT0iTUFSR0lOOiAwcHgiPjxGT05UIHNpemU9MyBmYWNlPSJNaWNy

b3NvZnQgWWFIZWkgVUkiPjwvRk9OVD4mbmJzcDs8L1A+DQo8UCBzdHlsZT0iTUFSR0lOOiAwcHgi

PjxGT05UIHNpemU9MyBmYWNlPSJNaWNyb3NvZnQgWWFIZWkgVUkiPlRoaXMgaXMgR3JhY2UgZnJv

bSANClJ1bnRvbyBQcmVjaXNpb24gVGVjaG5vbG9neSBDby4sIEx0ZC4sIGxvY2F0ZWQgaW4gU2hl

bnpoZW4sIENoaW5hLjwvRk9OVD48L1A+DQo8UCBzdHlsZT0iTUFSR0lOOiAwcHgiPjxGT05UIHNp

emU9MyBmYWNlPSJNaWNyb3NvZnQgWWFIZWkgVUkiPkl0IHdpbGwgYmUgYSBncmVhdCANCmhvbm9y

IGlmIHdlIGNhbiBlc3RhYmxpc2ggYSByZWxhdGlvbnNoaXAgd2l0aCB5b3UgaW4gdGhlIGZ1dHVy

ZS4gUnVudG9vIA0KUHJlY2lzaW9uIGZvdW5kIGluIDIwMTMsIG1ham9ycyBpbiBtb2xkIGRlc2ln

biBhbmQgaW5qZWN0aW9uIHNlcnZpY2UgZm9yIG92ZXIgMTAgDQp5ZWFycy4gT3VyIHByb2R1Y3Rz

IGVuam95IGdyZWF0IHBvcHVsYXJpdHkgYW1vbmcgRXVyb3BlYW4gYW5kIEFtZXJpY2FuIA0KbWFy

a2V0cy48L0ZPTlQ+PC9QPg0KPFAgc3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXplPTMgZmFj

ZT0iTWljcm9zb2Z0IFlhSGVpIFVJIj5XZSBjYW4gb2ZmZXIgeW91IA0KdGhlIGZvbGxvd2luZyBz

ZXJ2aWNlIGZvciB5b3UuPC9GT05UPjwvUD4NCjxQIHN0eWxlPSJNQVJHSU46IDBweCI+PEZPTlQg

c2l6ZT0zIGZhY2U9Ik1pY3Jvc29mdCBZYUhlaSBVSSI+LiZuYnNwO01vbGQgZGVzaWduIA0KYW5k

IG1vbGQgcHJvZHVjdGlvbi48L0ZPTlQ+PC9QPg0KPFAgc3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9O

VCBzaXplPTMgZmFjZT0iTWljcm9zb2Z0IFlhSGVpIFVJIj4uJm5ic3A7SW5qZWN0aW9uIA0Kc2Vy

dmljZSwgYXNzZW1ibHksIHByaW50aW5nLCBhbmQgcGFja2luZyBzZXJ2aWNlLjwvRk9OVD48L1A+

DQo8UCBzdHlsZT0iTUFSR0lOOiAwcHgiPjxGT05UIHNpemU9MyBmYWNlPSJNaWNyb3NvZnQgWWFI

ZWkgVUkiPi4mbmJzcDtSYXBpZCANCnByb3RvdHlwaW5nIG9yIDNEIHByaW50aW5nIHNlcnZpY2Uu

PC9GT05UPjwvUD4NCjxQIHN0eWxlPSJNQVJHSU46IDBweCI+PEZPTlQgc2l6ZT0zIGZhY2U9Ik1p

Y3Jvc29mdCBZYUhlaSBVSSI+LiZuYnNwO0hhcmR3YXJlIA0KcGFydHM8L0ZPTlQ+PC9QPg0KPFAg

c3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXplPTMgZmFjZT0iTWljcm9zb2Z0IFlhSGVpIFVJ

Ij48L0ZPTlQ+Jm5ic3A7PC9QPg0KPFAgc3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXplPTMg

ZmFjZT0iTWljcm9zb2Z0IFlhSGVpIFVJIj5JZiB5b3UgaGF2ZSBhbnkgDQpwbGFzdGljIHBhcnQg

bmVlZCB0byBjdXN0b21pemVkLCBjb3VsZCB5b3Ugb2ZmZXIgdXMgdGhlIDNEIGZpbGVzIG9yIHNh

bXBsZXMgeW91IA0KaGF2ZT8gUGxlYXNlIGRvbid0IGhlc2l0YXRlIHRvIGNvbnRhY3QgdXMuPC9G

T05UPjwvUD4NCjxQIHN0eWxlPSJNQVJHSU46IDBweCI+PEZPTlQgc2l6ZT0zIGZhY2U9Ik1pY3Jv

c29mdCBZYUhlaSBVSSI+TG9va2luZyBmb3J3YXJkIHRvIA0KeW91ciBlYXJseSByZXBseSB3aGlj

aCB3aWxsIGJlIGhpZ2hseSBhcHByZWNpYXRlZC48L0ZPTlQ+PC9QPg0KPFAgc3R5bGU9Ik1BUkdJ

TjogMHB4Ij48Rk9OVCBmYWNlPSJNaWNyb3NvZnQgWWFIZWkgVUkiPjxCUj48Rk9OVCANCnNpemU9

Mz48L0ZPTlQ+PC9GT05UPjwvUD4NCjxQIHN0eWxlPSJNQVJHSU46IDBweCI+PEZPTlQgc2l6ZT0z

IGZhY2U9Ik1pY3Jvc29mdCBZYUhlaSBVSSI+QmVzdCANClJlZ2FyZHMsPC9GT05UPjwvUD4NCjxQ

IHN0eWxlPSJNQVJHSU46IDBweCI+PEZPTlQgc2l6ZT0zIGZhY2U9Ik1pY3Jvc29mdCBZYUhlaSBV

SSI+R3JhY2U8L0ZPTlQ+PC9QPg0KPFAgc3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXplPTMg

ZmFjZT0iTWljcm9zb2Z0IFlhSGVpIFVJIj5TYWxlcyANCk1hbmFnZXI8L0ZPTlQ+PC9QPg0KPFAg

c3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBmYWNlPSJNaWNyb3NvZnQgWWFIZWkgVUkiPjxCUj48

Rk9OVCANCnNpemU9Mz48L0ZPTlQ+PC9GT05UPjwvUD4NCjxQIHN0eWxlPSJNQVJHSU46IDBweCI+

PEZPTlQgc2l6ZT0zIGZhY2U9Ik1pY3Jvc29mdCBZYUhlaSBVSSI+UnVudG9vIFByZWNpc2lvbiAN

ClRlY2hub2xvZ3kgQ28uLCBMdGQuJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAm

bmJzcDsgJm5ic3A7ICZuYnNwOyANCiZuYnNwOyAmbmJzcDsmbmJzcDs8L0ZPTlQ+PC9QPg0KPFAg

c3R5bGU9Ik1BUkdJTjogMHB4Ij48Rk9OVCBzaXplPTMgZmFjZT0iTWljcm9zb2Z0IFlhSGVpIFVJ

Ij5Nb2JpbGU6IA0KODYtMTM2MDMwMzc0Njk8L0ZPTlQ+PC9QPg0KPFAgc3R5bGU9Ik1BUkdJTjog

MHB4Ij48Rk9OVCBzaXplPTMgZmFjZT0iTWljcm9zb2Z0IFlhSGVpIFVJIj5UZWw6Jm5ic3A7ICZu

YnNwOyANCis4Ni0wNzU1LTIzMTk2MTY2PC9GT05UPjwvUD4NCjxQIHN0eWxlPSJNQVJHSU46IDBw

eCI+PEZPTlQgc2l6ZT0zIGZhY2U9Ik1pY3Jvc29mdCBZYUhlaSBVSSI+RW1haWw6IA0KZ3JhY2VA

cnVudG9vcHJlY2lzaW9uLmNvbSZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5i

c3A7ICZuYnNwOyAmbmJzcDsgDQombmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZu

YnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IA0KJm5ic3A7ICZuYnNwOyAm

bmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDsgJm5ic3A7IA0K

Jm5ic3A7PC9GT05UPjwvUD4NCjxQIHN0eWxlPSJNQVJHSU46IDBweCI+PEZPTlQgc2l6ZT0zIGZh

Y2U9Ik1pY3Jvc29mdCBZYUhlaSBVSSI+V2ViOiZuYnNwOyANCjwvRk9OVD48QSBocmVmPSJodHRw

Oi8vd3d3LnJ1bnRvb3ByZWNpc2lvbi5jb20vIiANCl9zcmM9Imh0dHA6Ly93d3cucnVudG9vcHJl

Y2lzaW9uLmNvbS8iPjxGT05UIHNpemU9MyANCmZhY2U9Ik1pY3Jvc29mdCBZYUhlaSBVSSI+aHR0

cDovL3d3dy5ydW50b29wcmVjaXNpb24uY29tLzwvRk9OVD48L0E+PEZPTlQgDQpmYWNlPSJNaWNy

b3NvZnQgWWFIZWkgVUkiPiA8L0ZPTlQ+PC9QPjwvRElWPjwvU1BBTj48L0RJVj48L0JPRFk+PC9I

VE1MPg0K

------=_NextPart_000_0C45_01A32BB1.196E7200--

Spanish language phish from OVH

Posted by Dave Yadallee on Wednesday, June 18. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Jun 2025 14:27:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uRzN4-000000003UX-1zHR

for dave@doctor.nl2k.ab.ca;

Wed, 18 Jun 2025 14:26:58 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Jun 2025 14:26:58 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from vps-22754e23.vps.ovh.net ([141.95.19.38]:42622)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uRwzR-000000006B8-2fig

for doctor@doctor.nl2k.ab.ca;

Wed, 18 Jun 2025 11:54:39 -0600

Received: by vps-22754e23.vps.ovh.net (Postfix, from userid 0)

id D1C2148819; Wed, 18 Jun 2025 17:52:27 +0000 (UTC)

X-Mailer: mail (GNU Mailutils 3.7)

Content-Type: multipart/mixed; boundary="c184496dcfc7b5d58773d13239f9da0a"

Content-Transfer-Encoding: 7bit

Subject: Pago Pendiente 714E9NC7 - CFE

From: CFE Facturacion 182

To:

Message-Id:

Reply-To:

X-Originating-Email: CFEContigoApp@vps-22754e23.vps.ovh.net

List-Unsubscribe:

Importance: High

X-Priority: 1 (Highest)

Priority: Urgent

MIME-Version: 1.0

Date: Wed, 18 Jun 2025 17:52:27 +0000 (UTC)

X-Spam_score: 10.4

X-Spam_score_int: 104

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: TU PAGO FÁCIL Y RÁPIDO APP CFE CONTIGO 085963139711 Te informamos

que tenés facturas pendientes de pago que deberán ser abonadas en las próximas

72 horas.

Content analysis details: (10.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

[141.95.19.38 listed in dnsbl.ahbl.org]

[141.95.19.38 listed in dnsbl.ahbl.org]

[141.95.19.38 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[141.95.19.38 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

[141.95.19.38 listed in will-spam-for-food.eu.org]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

1.5 MR_STRANGE_QUESTION URI: No description available.

2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line length

greater than 79 characters

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

0.0 URI_GOOGLE_PROXY Accessing a blacklisted URI or obscuring source of

phish via Google proxy?

Subject: {SPAM?} Pago Pendiente 714E9NC7 - CFE

--c184496dcfc7b5d58773d13239f9da0a

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: base64

PGh0bWw+CjxoZWFkPgogIDxtZXRhIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1JU08tODg1OS0xIgogaHR0cC1lcXVpdj0iY29udGVudC10eXBlIj4KICA8dGl0bGU+PC90aXRsZT4KPC9oZWFkPgo8Ym9keT4KPHRhYmxlCiBzdHlsZT0iYm9yZGVyLWNvbGxhcHNlOiBjb2xsYXBzZTsgY29sb3I6IHJnYig0NCwgNTQsIDU4KTsgZm9udC1mYW1pbHk6IFJvYm90byxzYW5zLXNlcmlmOyBmb250LXNpemU6IDE0cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IDQwMDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogMjsgdGV4dC1hbGlnbjogbGVmdDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdpZG93czogMjsgd29yZC1zcGFjaW5nOiAwcHg7IHdoaXRlLXNwYWNlOiBub3JtYWw7IGJhY2tncm91bmQtY29sb3I6IHJnYigyNTUsIDI1NSwgMjU1KTsgd2lkdGg6IDgwMHB4OyIKIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSI4MDAiPgogIDx0aGVhZCBzdHlsZT0iIj48dHIgc3R5bGU9IiI+CiAgICA8dGggY29sc3Bhbj0iMiIgc3R5bGU9IiI+CiAgICA8cCBzdHlsZT0ibWFyZ2luLXRvcDogMHB4OyI+PGltZwogaWQ9InYxbV8tMzI1NDg3Mjk5MTkzODQ5NTE4NV94MDAwMF9pMTAzMyIKIHNyYz0iaHR0cHM6Ly9jaTUuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3Byb3h5L1ZYeEtOQWFxQm0tbk9OdHJnNm1zeF9Oa3Fra3ZQanB6ZVE2UjZWZXI4WWN1Nncxc3BYczFmbG1FNWlSaUVrWW

x0Rm12SkhaV1psUGtzZkRBcE1YTHhHU05fLVE0REVON0ZOOE1QM3FuQ1AwWVQzLWk9czAtZC1lMS1mdCNodHRwczovL2FwcC5jZmUubXgvZXMvaW1hZ2VuZXMvY2ZlbWFpbC8yMDIzL3BhZ29vcG9ydHVuby9sb2dvLmpwZyIKIHN0eWxlPSJib3JkZXItc3R5bGU6IG5vbmU7IHZlcnRpY2FsLWFsaWduOiBtaWRkbGU7IHdpZHRoOiAxMC40MTY2aW47IGhlaWdodDogMS45Njg3aW47IgogaGVpZ2h0PSIxODkiIHdpZHRoPSIxMDAwIj48L3A+CiAgICA8L3RoPgogIDwvdHI+CiAgPC90aGVhZD48dGJvZHkgc3R5bGU9IiI+CiAgICA8dHIgc3R5bGU9IiI+CiAgICAgIDx0ZCBzdHlsZT0id2lkdGg6IDQwMHB4OyI+CiAgICAgIDx0YWJsZSBzdHlsZT0iYm9yZGVyLWNvbGxhcHNlOiBjb2xsYXBzZTsgd2lkdGg6IDQwMHB4OyIKIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSI0MDAiPgogICAgICAgIDx0Ym9keSBzdHlsZT0iIj4KICAgICAgICAgIDx0ciBzdHlsZT0iIj4KICAgICAgICAgICAgPHRkIHN0eWxlPSIiPgogICAgICAgICAgICA8aDIKIHN0eWxlPSJtYXJnaW4tdG9wOiAwcHg7IGZvbnQtd2VpZ2h0OiA3MDA7IGxpbmUtaGVpZ2h0OiAxLjI7IGZvbnQtc2l6ZTogMS41ZW07IgogYWxpZ249ImNlbnRlciI+VFUgUEFHTyBGJkFhY3V0ZTtDSUwgWSBSJkFhY3V0ZTtQSURPPC9oMj4KICAgICAgICAgICAgPGgzCiBzdHlsZT0ibWFyZ2luLXRvcDogMHB4OyBmb250LXdlaWdodDogNzAwOyBsaW5lLWhlaWdodDo

gMS4yOyBmb250LXNpemU6IDEuMjVlbTsgY29sb3I6IHJnYigwLCAxNTQsIDEwMik7IgogYWxpZ249ImNlbnRlciI+QVBQIENGRSBDT05USUdPPC9oMz4KICAgICAgICAgICAgPGRpdiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyI+PHN0cm9uZz4wODU5NjMxMzk3MTE8L3N0cm9uZz48c3Ryb25nPjwvc3Ryb25nPjxicj4KICAgICAgICAgICAgPHNwYW4gc3R5bGU9ImZvbnQtd2VpZ2h0OiBib2xkOyI+IDxicj4KICAgICAgICAgICAgPGJyPgogICAgICAgICAgICA8L3NwYW4+IDwvZGl2PgogICAgICAgICAgICA8ZGl2IHN0eWxlPSJ0ZXh0LWFsaWduOiBsZWZ0OyI+IFRlIGluZm9ybWFtb3MKcXVlCnRlbiZlYWN1dGU7cyBmYWN0dXJhcyBwZW5kaWVudGVzIGRlIHBhZ28gcXVlIGRlYmVyJmFhY3V0ZTtuIHNlcgphYm9uYWRhcyBlbiBsYXMgcHImb2FjdXRlO3hpbWFzIDcyIGhvcmFzLjxicj4KICAgICAgICAgICAgPGJyPgpUdSBFbmVyZyZpYWN1dGU7YSBlc3QmYWFjdXRlOyBwcm9ncmFtYWRhIHBhcmEgc2VyIGFwYWdhZGEgZWwgPHNwYW4KIHN0eWxlPSJmb250LXdlaWdodDogYm9sZDsiPjIwLzA2LzIwMjU8L3NwYW4+IHBvciBmYWx0YQpkZSBwYWdvIGRlIGxhIEN1ZW50YS48YnI+CiAgICAgICAgICAgIDwvZGl2PgogICAgICAgICAgICA8YnI+Ck1vbnRvOiA8c3BhbiBzdHlsZT0iZm9udC13ZWlnaHQ6IGJvbGQ7Ij41Ny4zNjMsNDYKUEVTT1MmbmJzcDsgTVhOLjwvc3Bhbj48YnI+CiAgICAgICAgICAgIDxicj4K

RmVjaGE6Jm5ic3A7PHNwYW4gc3R5bGU9ImZvbnQtd2VpZ2h0OiBib2xkOyI+MTgvMDYvMjAyNTwvc3Bhbj48YnI+CiAgICAgICAgICAgIDxicj4KICAgICAgICAgICAgPGJyPgogICAgICAgICAgICA8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0ciBzdHlsZT0iIj4KICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiIHN0eWxlPSIiPgogICAgICAgICAgICA8aDIKIHN0eWxlPSJtYXJnaW4tdG9wOiAwcHg7IGZvbnQtd2VpZ2h0OiA3MDA7IGxpbmUtaGVpZ2h0OiAxLjI7IGZvbnQtc2l6ZTogMS41ZW07IgogYWxpZ249ImNlbnRlciI+Jm5ic3A7PC9oMj4KICAgICAgICAgICAgPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHIgc3R5bGU9IiI+CiAgICAgICAgICAgIDx0ZCBzdHlsZT0iIj4KICAgICAgICAgICAgPHAgc3R5bGU9Im1hcmdpbi10b3A6IDBweDsiIGFsaWduPSJjZW50ZXIiPjxhCiBocmVmPSJodHRwczovL3ZtaTI2NjM0MDIuY29udGFib3NlcnZlci5uZXQvP190YXNrPW1haWwmX2FjdGlvbj1nZXQmX21ib3g9SU5CT1gmX3VpZD04MTY1MSZfdG9rZW49YWUzMjUxOTQwMTZmMGNmNDdhMzFhNGQ3MzcyMWZiNDM1M2Y0NjM3MmNlNDc4MDY3NThmNjI1NmI1NjVhZjc0NCZfcGFydD0wLjUuMSZfZW1iZWQ9MSZfbWltZWNsYXNzPWltYWdlIiB0YXJnZXQ9Il9ibGFuayIgcmVsPSJub3JlZmVycmVyIgogc3R5bGU9ImNvbG9yOiByZ2IoMCwgMTcyLCAyNTUpOyB0ZXh0LWRlY29yYXRpb246I

G5vbmU7IGJhY2tncm91bmQtY29sb3I6IHRyYW5zcGFyZW50OyI+PGltZwogaWQ9InYxbV8tMzI1NDg3Mjk5MTkzODQ5NTE4NV94MDAwMF9pMTAzMiIKIHNyYz0iaHR0cHM6Ly9jaTQuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3Byb3h5L1hxaDNPeWF1aVBVOHZBSFZmUjYzeU0zd05NbVhOWmJxVzB5Y05mQ3B5Z2c0SUxVdDJrRXJMT2RNSUdzeTFfQnBtR3o0SlJ2V293dFNTelpLc0djeWZqeDhpUG8yalAzVV80bi1tVTZQSWJnY0dRWT1zMC1kLWUxLWZ0I2h0dHBzOi8vYXBwLmNmZS5teC9lcy9pbWFnZW5lcy9jZmVtYWlsLzIwMjMvcGFnb29wb3J0dW5vL3BkZi5wbmciCiBzdHlsZT0iYm9yZGVyLXN0eWxlOiBub25lOyB2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlOyB3aWR0aDogMS40MDYyaW47IGhlaWdodDogMC40NTgzaW47IgogYm9yZGVyPSIwIiBoZWlnaHQ9IjQ0IiB3aWR0aD0iMTM1Ij48L2E+Jm5ic3A7Jm5ic3A7Jm5ic3A7PGEKIGhyZWY9Imh0dHBzOi8vdm1pMjY2MzQwMi5jb250YWJvc2VydmVyLm5ldC8/X3Rhc2s9bWFpbCZfYWN0aW9uPWdldCZfbWJveD1JTkJPWCZfdWlkPTgxNjUxJl90b2tlbj1hZTMyNTE5NDAxNmYwY2Y0N2EzMWE0ZDczNzIxZmI0MzUzZjQ2MzcyY2U0NzgwNjc1OGY2MjU2YjU2NWFmNzQ0Jl9wYXJ0PTAuNS4xJl9lbWJlZD0xJl9taW1lY2xhc3M9aW1hZ2UiIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vcmVmZXJyZXIiCiBzdHlsZT0iY29sb3I6IHJnYigwLCAxNzIsIDI1NSk7IHRleHQtZGVjb3

JhdGlvbjogbm9uZTsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7Ij48aW1nCiBpZD0idjFtXy0zMjU0ODcyOTkxOTM4NDk1MTg1X3gwMDAwX2kxMDMxIgogc3JjPSJodHRwczovL2NpNS5nb29nbGV1c2VyY29udGVudC5jb20vcHJveHkvZFZ3OHBmWnJfeEZWZTVnaGo1bzl6TllDUzNQMXBuQjE4cFJHdUE0UmFNUG1xSnQxY01UVmY5elZaUldza3R0OHhfNTNHZTVMZXI5bkY2NVM3cnA2bjAzWE1HZkF6ZXVIQjBIYzAtd1FIRnM2aTZjPXMwLWQtZTEtZnQjaHR0cHM6Ly9hcHAuY2ZlLm14L2VzL2ltYWdlbmVzL2NmZW1haWwvMjAyMy9wYWdvb3BvcnR1bm8veG1sLnBuZyIKIHN0eWxlPSJib3JkZXItc3R5bGU6IG5vbmU7IHZlcnRpY2FsLWFsaWduOiBtaWRkbGU7IHdpZHRoOiAxLjQwNjJpbjsgaGVpZ2h0OiAwLjQ1ODNpbjsiCiBib3JkZXI9IjAiIGhlaWdodD0iNDQiIHdpZHRoPSIxMzUiPjwvYT48L3A+CiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgIDx0ZCBzdHlsZT0iIj4mbmJzcDs8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICA8L3Rib2R5PgogICAgICA8L3RhYmxlPgogICAgICA8L3RkPgogICAgICA8dGQgc3R5bGU9IndpZHRoOiA0MDBweDsiPgogICAgICA8cCBzdHlsZT0ibWFyZ2luLXRvcDogMHB4OyI+PGEgaHJlZj0iaHR0cHM6Ly92bWkyNjYzNDAyLmNvbnRhYm9zZXJ2ZXIubmV0Lz9fdGFzaz1tYWlsJl9hY3Rpb249Z2V0Jl9tYm94PUlOQk9YJl91aWQ9ODE2NTEmX3Rva2VuPWFlMzI

1MTk0MDE2ZjBjZjQ3YTMxYTRkNzM3MjFmYjQzNTNmNDYzNzJjZTQ3ODA2NzU4ZjYyNTZiNTY1YWY3NDQmX3BhcnQ9MC41LjEmX2VtYmVkPTEmX21pbWVjbGFzcz1pbWFnZSIKIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vcmVmZXJyZXIiCiBzdHlsZT0iY29sb3I6IHJnYigwLCAxNzIsIDI1NSk7IHRleHQtZGVjb3JhdGlvbjogbm9uZTsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7Ij48aW1nCiBpZD0idjFtXy0zMjU0ODcyOTkxOTM4NDk1MTg1X3gwMDAwX2kxMDMwIgogc3JjPSJodHRwczovL2NpMy5nb29nbGV1c2VyY29udGVudC5jb20vcHJveHkvYTBZT0NPMWtBTWlCak5kLWlGMHUyMUhQRWhhVjVjb2JzbXZEZW9XUDlqOWpQLUhmQVdoMU1mUnNzaHlSamlESVNFTmpPZGpkTnVzR244ZUQwMk45SnByUlZBbDNPVmc2cDY4bzMzaEhPcGVSUkRWY3gtaWQySXBFPXMwLWQtZTEtZnQjaHR0cHM6Ly9hcHAuY2ZlLm14L2VzL2ltYWdlbmVzL2NmZW1haWwvMjAyMy9wYWdvb3BvcnR1bm8vaGVhZGVyaGFsZi5qcGciCiBzdHlsZT0iYm9yZGVyLXN0eWxlOiBub25lOyB2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlOyB3aWR0aDogNS4yMDgzaW47IGhlaWdodDogNC40ODk1aW47IgogYm9yZGVyPSIwIiBoZWlnaHQ9IjQzMSIgd2lkdGg9IjUwMCI+PC9hPjwvcD4KICAgICAgPC90ZD4KICAgIDwvdHI+CiAgICA8dHIgc3R5bGU9IiI+CiAgICAgIDx0ZCBjb2xzcGFuPSIyIiBzdHlsZT0iIj4KICAgICAgPGgyCiBzdHlsZT0ibWFy

Z2luLXRvcDogMHB4OyBmb250LXdlaWdodDogNzAwOyBsaW5lLWhlaWdodDogMS4yOyBmb250LXNpemU6IDEuNWVtOyIKIGFsaWduPSJjZW50ZXIiPlR1IHBhZ28gRiZhYWN1dGU7Y2lsIHkgUiZhYWN1dGU7cGlkbzwvaDI+CiAgICAgIDxwIHN0eWxlPSJtYXJnaW4tdG9wOiAwcHg7IiBhbGlnbj0iY2VudGVyIj5UZQppbnZpdGFtb3MgYSBwYWdhciBlbjo8L3A+CiAgICAgIDwvdGQ+CiAgICA8L3RyPgogICAgPHRyIHN0eWxlPSIiPgogICAgICA8dGQgc3R5bGU9IndpZHRoOiA0MDBweDsiPgogICAgICA8cCBzdHlsZT0ibWFyZ2luLXRvcDogMHB4OyI+PGEgaHJlZj0iaHR0cHM6Ly92bWkyNjYzNDAyLmNvbnRhYm9zZXJ2ZXIubmV0Lz9fdGFzaz1tYWlsJl9hY3Rpb249Z2V0Jl9tYm94PUlOQk9YJl91aWQ9ODE2NTEmX3Rva2VuPWFlMzI1MTk0MDE2ZjBjZjQ3YTMxYTRkNzM3MjFmYjQzNTNmNDYzNzJjZTQ3ODA2NzU4ZjYyNTZiNTY1YWY3NDQmX3BhcnQ9MC41LjEmX2VtYmVkPTEmX21pbWVjbGFzcz1pbWFnZSIKIHRhcmdldD0iX2JsYW5rIiByZWw9Im5vcmVmZXJyZXIiCiBzdHlsZT0iY29sb3I6IHJnYigwLCAxNzIsIDI1NSk7IHRleHQtZGVjb3JhdGlvbjogbm9uZTsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7Ij48aW1nCiBpZD0idjFtXy0zMjU0ODcyOTkxOTM4NDk1MTg1X3gwMDAwX2kxMDI5Igogc3JjPSJodHRwczovL2NpNi5nb29nbGV1c2VyY29udGVudC5jb20vcHJveHkvMUNGUDRjb0xCU1BPMjRGU

kQwS2dmNFZhNHR5d29Sa3VnXzVqZHBkX0UwRFN1NHZibzlMeGRVVVVxa204cmtsd3Q2S3BXc2hhbEFpaDlSTE1zbWttMmhrQ3JWTjBDT25KUF9yeVh1NHh1T0JPUWdSdEZ2bUU4Y3JodFE9czAtZC1lMS1mdCNodHRwczovL2FwcC5jZmUubXgvZXMvaW1hZ2VuZXMvY2ZlbWFpbC8yMDIzL3BhZ29vcG9ydHVuby9wYWdvdGFyamV0YS5qcGciCiBzdHlsZT0iYm9yZGVyLXN0eWxlOiBub25lOyB2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlOyB3aWR0aDogNS4yMDgzaW47IGhlaWdodDogMi4zOTU4aW47IgogYm9yZGVyPSIwIiBoZWlnaHQ9IjIzMCIgd2lkdGg9IjUwMCI+PC9hPjwvcD4KICAgICAgPC90ZD4KICAgICAgPHRkIHN0eWxlPSJ3aWR0aDogNDAwcHg7Ij4KICAgICAgPHAgc3R5bGU9Im1hcmdpbi10b3A6IDBweDsiPjxhIGhyZWY9Imh0dHBzOi8vdm1pMjY2MzQwMi5jb250YWJvc2VydmVyLm5ldC8/X3Rhc2s9bWFpbCZfYWN0aW9uPWdldCZfbWJveD1JTkJPWCZfdWlkPTgxNjUxJl90b2tlbj1hZTMyNTE5NDAxNmYwY2Y0N2EzMWE0ZDczNzIxZmI0MzUzZjQ2MzcyY2U0NzgwNjc1OGY2MjU2YjU2NWFmNzQ0Jl9wYXJ0PTAuNS4xJl9lbWJlZD0xJl9taW1lY2xhc3M9aW1hZ2UiCiB0YXJnZXQ9Il9ibGFuayIgcmVsPSJub3JlZmVycmVyIgogc3R5bGU9ImNvbG9yOiByZ2IoMCwgMTcyLCAyNTUpOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IGJhY2tncm91bmQtY29sb3I6IHRyYW5zcGFyZW50OyI+PGltZwogaWQ9InYxbV8tMz

I1NDg3Mjk5MTkzODQ5NTE4NV94MDAwMF9pMTAyOCIKIHNyYz0iaHR0cHM6Ly9jaTUuZ29vZ2xldXNlcmNvbnRlbnQuY29tL3Byb3h5L2c2Mm9yZTlpN3NzbGI3QnZqSXl4VnM4eGZNaWNPSnFZbTZTeXllMXFrbDljN0prbVNxanNPUEhHS3BBTFpaWE92bjdhbkN2OS1YQURZcmNtVDV4bXFsQ0ZjTUc2NS1XdG9sY1IzRVRMenBEWEFPMkthajVLPXMwLWQtZTEtZnQjaHR0cHM6Ly9hcHAuY2ZlLm14L2VzL2ltYWdlbmVzL2NmZW1haWwvMjAyMy9wYWdvb3BvcnR1bm8vcGFnb2FwcC5qcGciCiBzdHlsZT0iYm9yZGVyLXN0eWxlOiBub25lOyB2ZXJ0aWNhbC1hbGlnbjogbWlkZGxlOyB3aWR0aDogNS4yMDgzaW47IGhlaWdodDogMi4zOTU4aW47IgogYm9yZGVyPSIwIiBoZWlnaHQ9IjIzMCIgd2lkdGg9IjUwMCI+PC9hPjwvcD4KICAgICAgPC90ZD4KICAgIDwvdHI+CiAgPC90Ym9keT4KPC90YWJsZT4KPHAKIHN0eWxlPSJtYXJnaW4tdG9wOiAwcHg7IGNvbG9yOiByZ2IoNDQsIDU0LCA1OCk7IGZvbnQtZmFtaWx5OiBSb2JvdG8sc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxNHB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiA0MDA7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGhhbnM6IDI7IHRleHQtYWxpZ246IGxlZnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aWRvd3M6IDI7IHdvcmQtc3BhY2luZzogMHB4OyB3aGl0ZS1zcGFjZTogbm9ybWFsOyBiYWNrZ3JvdW5kLWN

vbG9yOiByZ2IoMjU1LCAyNTUsIDI1NSk7Ij4mbmJzcDs8L3A+CjxwIHN0eWxlPSJtYXJnaW4tdG9wOiAwcHg7IHRleHQtYWxpZ246IGp1c3RpZnk7Ij48c3Ryb25nCiBzdHlsZT0iZm9udC13ZWlnaHQ6IGJvbGRlcjsgZm9udC1mYW1pbHk6ICZxdW90O09wZW4gU2FucyZxdW90OyxzYW5zLXNlcmlmOyBmb250LXNpemU6IDE4cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogMjsgdGV4dC1hbGlnbjoganVzdGlmeTsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdpZG93czogMjsgd29yZC1zcGFjaW5nOiAwcHg7IHdoaXRlLXNwYWNlOiBub3JtYWw7IGJhY2tncm91bmQtY29sb3I6IHJnYigyNTUsIDI1NSwgMjU1KTsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBjb2xvcjogcmdiKDAsIDE1NCwgMTAyKTsiPkFWSVNPCkRFIFBSSVZBQ0lEQUQuPC9zdHJvbmc+PHNwYW4KIHN0eWxlPSJjb2xvcjogcmdiKDQ0LCA1NCwgNTgpOyBmb250LWZhbWlseTogJnF1b3Q7T3BlbiBTYW5zJnF1b3Q7LHNhbnMtc2VyaWY7IGZvbnQtc2l6ZTogMThweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXdlaWdodDogNDAwOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiAyOyB0ZXh0LWFsaWduOiBqdXN0aWZ5OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2lkb3dzOiAyOyB3b3JkLXNwYWNpbmc6IDBweDsgd2hpdGUtc3Bh

Y2U6IG5vcm1hbDsgYmFja2dyb3VuZC1jb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUpOyBkaXNwbGF5OiBpbmxpbmUgISBpbXBvcnRhbnQ7IGZsb2F0OiBub25lOyI+PHNwYW4+Jm5ic3A7PC9zcGFuPlN1cwpEYXRvcyBQZXJzb25hbGVzIGVuIHBvc2VzaSZvYWN1dGU7biBkZSBsYSBlbXByZXNhICJDRkUKU3VtaW5pc3RyYWRvciBkZSBTZXJ2aWNpb3M8YnI+CkImYWFjdXRlO3NpY29zIiBlc3QmYWFjdXRlO24gcHJvdGVnaWRvcy4gUGFyYSBtYXlvcgppbmZvcm1hY2kmb2FjdXRlO24gcHVlZGVzIGNvbnN1bHRhciBlbDxzcGFuPiZuYnNwOzwvc3Bhbj48L3NwYW4+PGEKIGhyZWY9Imh0dHBzOi8vd3d3LmNmZS5teC9QYWdlcy9Qb2xpdGljYV9kZV9wcml2YWNpZGFkLmFzcHgiCiB0YXJnZXQ9Il9ibGFuayIgcmVsPSJub3JlZmVycmVyIgogc3R5bGU9ImNvbG9yOiByZ2IoMCwgMTU0LCAxMDIpOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IGJhY2tncm91bmQtY29sb3I6IHJnYigyNTUsIDI1NSwgMjU1KTsgZm9udC1mYW1pbHk6ICZxdW90O09wZW4gU2FucyZxdW90OyxzYW5zLXNlcmlmOyBmb250LXNpemU6IDE4cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IDQwMDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogMjsgdGV4dC1hbGlnbjoganVzdGlmeTsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdpZG93czogMjsgd29yZC1zcGFjaW5nOiAwcHg7IHdoaXRlLXNwY

WNlOiBub3JtYWw7Ij5BdmlzbwpkZSBQcml2YWNpZGFkPC9hPjxhCiBocmVmPSJodHRwczovL3d3dy5jZmUubXgvUGFnZXMvUG9saXRpY2FfZGVfcHJpdmFjaWRhZC5hc3B4IgogdGFyZ2V0PSJfYmxhbmsiIHJlbD0ibm9yZWZlcnJlciIKIHN0eWxlPSJjb2xvcjogcmdiKDAsIDE1NCwgMTAyKTsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBiYWNrZ3JvdW5kLWNvbG9yOiB0cmFuc3BhcmVudDsiPjwvYT48L3A+Cjxicj4KPC9ib2R5Pgo8L2h0bWw+

--c184496dcfc7b5d58773d13239f9da0a--

Paypal Phish from Google Gmail

Posted by Dave Yadallee on Wednesday, June 18. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Jun 2025 14:25:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uRzKa-000000002yt-3ash

for dave@doctor.nl2k.ab.ca;

Wed, 18 Jun 2025 14:24:24 -0600

Resent-From: The Doctor

Resent-Date: Wed, 18 Jun 2025 14:24:24 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-wm1-f48.google.com ([209.85.128.48]:59538)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uRtxh-0000000018u-1Pbm

for doctor@nl2k.ab.ca;

Wed, 18 Jun 2025 08:40:33 -0600

Received: by mail-wm1-f48.google.com with SMTP id 5b1f17b1804b1-451ebd3d149so47649255e9.2

for ; Wed, 18 Jun 2025 07:38:30 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1750257503; x=1750862303; darn=nl2k.ab.ca;

h=priority:importance:subject:from:to:mime-version:date:message-id

:from:to:cc:subject:date:message-id:reply-to;

bh=RVlmiy6GwaQQaIlmlzUpwOZKJUH/2/meHPSF0UHVpL4=;

b=SiRMvRDxwMO215a+3CHa6G2T04YWtu6Wag7vZVMqXoRXSFCX3tqgIf8BkHm5g9qDle

S8EOOoahbhtpZXeUHPHvJ7c52kRV6b0hv9mqyfMWb9DgYDeLPq8R8YG6fwTyvPZuyRAO

w9peLX/vnkU5bEmfdRekPwtR10Ecb3P0hazRHoO9HeV9yVDs/+EWTl/oMam817AkWYR8

u6XjKXecGHQ0RNx5hbTRS3MkmNASHNzL+wtHRVaOWyL3zLHtWdNUNLv3NIN71qAcTl3N

LYF4oOFKrTLgmAn+QOwuA/Zn+LCB0b5tlOE0RekosqSpCBeJfL2bh384ecjvNj56RRl0

Z1tQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1750257503; x=1750862303;

h=priority:importance:subject:from:to:mime-version:date:message-id

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=RVlmiy6GwaQQaIlmlzUpwOZKJUH/2/meHPSF0UHVpL4=;

b=VdgrcAiah8hwTuMqNXSOve005kFzMC5n81YG68eg9l+hltvUE558BvIM+G56YJko8G

bvSXSz/2a3Z0gcZNgTkqM178OX60R3cLN/gYJqNWtY1OldxRk1GEBjSA2P2zCKZSH5Wh

O3UqmvCPXzaGzPUkCYkmWDW7L8R2Hs+q5M/N73SxKyjYPJ0RqxKsghILks4jWhDqne1M

9rKxAutYNetdvR5tAOzSB6bMcDc1jKeX0sb0Qh3brzQiyzC3dqMmfCKRst2dECc5VdzB

4vee/dk3qNd2lquRjcnP2gUOcppfTw6nWkaZEWftFEcz3RvLPAD4zMTiG7tW2ZxvEwPW

RR+w==

X-Gm-Message-State: AOJu0Yw8Hgyl7c3d7TdtVP2GiwEpxoepqx+PeHfKWveEjaKEmyYWqdN8

RhTeP0voafk3Suw6IRVsBy7cmioQ78nQduh+ocPTUXe3lwiVkqPY9DAcWNk2BdBNZ3o=

X-Gm-Gg: ASbGncvp8yPGjbfzXboveCcHyiaBDx1NIaB+BWaSJGLQT2w4exhDLONLhYH98GJNBDc

uZM+AmQdESCiItXCKVnqFgRqRHirGZOf+WnGVlmnVHGg9qXE/0hg5sUj7dILaMWjmnaTPpot9VP

YQhZwzcN4pUW3YK0yBmZk/n6DP6/OLPrE3/vU5oa1JoG7Q153uEtIXjOy2RZU7FkHBANsIdfjVw

8+nKgoEq9Xfy1wMyDiVMkkh0ZUsMpaaRWGk30OeKA2BlaxBeOg2TPc3bFakyZa0YcPwaqbhOSQc

xIhvpY0X6ibnsKA33xcegLsVOUTR+XJphrM3uDpY5Pfn0qjC1t5yxj3xUF/RM8cK1rkPjXCfuea

PbzwN2EH1SIGf/7o=

X-Google-Smtp-Source: AGHT+IHjlXOYMU7hNa+vVP/ShLYQRHKhHWK0e71UH6V98VIlPNSyuFlSvhursOQmsHyRwEsy6T3iRw==

X-Received: by 2002:a05:600c:1c0b:b0:453:1058:f8aa with SMTP id 5b1f17b1804b1-453418d1130mr171892045e9.15.1750257502917;

Wed, 18 Jun 2025 07:38:22 -0700 (PDT)

Received: from [172.28.1.23] ([162.62.55.125])

by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3a568a7f8f9sm16983914f8f.42.2025.06.18.07.38.22

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Wed, 18 Jun 2025 07:38:22 -0700 (PDT)

Message-ID: <6852cf5e.df0a0220.28bea4.e139@mx.google.com>

Date: Wed, 18 Jun 2025 07:38:22 -0700 (PDT)

Content-Type: multipart/mixed; boundary="===============1238949131612921133=="

MIME-Version: 1.0

to: Doctor

from: Sariyah Standen

subject: Reminder: Payment Due on Wednesday, June 18, 2025

Importance: normal

Priority: normal

X-Mailer: X-Mailer LiteMail v2.4

X-MimeOLE: X-MimeOLE SenderPro [v1.6.7]

X-Spam_score: 7.4

X-Spam_score_int: 74

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: You have a pending request Confirmation of your recent pay

Content analysis details: (7.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.128.48 listed in dnsbl.ahbl.org]

[209.85.128.48 listed in dnsbl.ahbl.org]

[209.85.128.48 listed in dnsbl.ahbl.org]

[209.85.128.48 listed in dnsbl.ahbl.org]

[162.62.55.125 listed in dnsbl.ahbl.org]

[162.62.55.125 listed in dnsbl.ahbl.org]

[162.62.55.125 listed in dnsbl.ahbl.org]

[162.62.55.125 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.128.48 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.128.48 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.128.48 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.128.48 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[162.62.55.125 listed in will-spam-for-food.eu.org]

[162.62.55.125 listed in will-spam-for-food.eu.org]

[162.62.55.125 listed in will-spam-for-food.eu.org]

[162.62.55.125 listed in will-spam-for-food.eu.org]

[162.62.55.125 listed in will-spam-for-food.eu.org]

[162.62.55.125 listed in will-spam-for-food.eu.org]

[162.62.55.125 listed in will-spam-for-food.eu.org]

[162.62.55.125 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

[209.85.128.48 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.128.48 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[sknizam02465(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[sknizam02465(at)gmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.128.48 listed in wl.mailspike.net]

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.4 MALFORMED_FREEMAIL Bad headers on message from free email service

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.0 T_MXG_LOWER_HDR_SPAM Lower case header spam

Subject: {SPAM?} Reminder: Payment Due on Wednesday, June 18, 2025

--===============1238949131612921133==

Content-Type: text/html; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

ft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:office">

You have a pending request

">

=3D1">

=20

00" rel=3D"stylesheet" type=3D"text/css">

=3D"stylesheet" type=3D"text/css">

=20

=20

=20

=20

=20

=20

=20

=20

=20

=20

=20

=20

=20

=3D"0" role=3D"presentation" style=3D"width:100%;">

0px;text-align:center;">

=20

ize:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:t=

op;width:100%;">

=20

ntation" style=3D"vertical-align:top;" width=3D"100%">

=20

=20

=20

=20

=20

=20

=20

=20

=20

=20

=20