CVS Phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 14:05:35 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taLJk-00000000G43-1ALy

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 13:57:48 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 13:57:48 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [103.214.113.44] (port=55043 helo=roofingcontractorsoregon.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

id 1taHEJ-000000000Tp-29eV

for doctor@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 09:36:02 -0700

Received: from a27-123.smtp-out.us-west-2.amazonses.com (a27-123.smtp-out.us-west-2.amazonses.com. [54.240.27.123])

by mx.google.com with ESMTPS id 41be03b00d2f7-7fc9c380b6asi13165356a12.713.2024.12.03.02.38.25

for

(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);

Tue, 03 Dec 2024 02:38:25 -0800 (PST)

Received-SPF: pass (google.com: domain of 010101938c198d35-f5195b23-82c6-4a44-a19f-3017fd90759b-000000@us-west-2.amazonses.com designates 54.240.27.123 as permitted sender) client-ip=54.240.27.123;

Authentication-Results: mx.google.com;

dkim=pass header.i=@tradingview.com header.s=k3edjogkpt66rlyhj672zwuhwslbz2h3 header.b=iyp0HoRg;

dkim=pass header.i=@amazonses.com header.s=7v7vs6w47njt4pimodk5mmttbegzsi6n header.b=bTUUu6ko;

spf=pass (google.com: domain of 010101938c198d35-f5195b23-82c6-4a44-a19f-3017fd90759b-000000@us-west-2.amazonses.com designates 54.240.27.123 as permitted sender) smtp.mailfrom=010101938c198d35-f5195b23-82c6-4a44-a19f-3017fd90759b-000000@us-west-2.amazonses.com;

dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=tradingview.com

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=k3edjogkpt66rlyhj672zwuhwslbz2h3; d=tradingview.com; t=1733222305; h=Content-Type:MIME-Version:Content-Transfer-Encoding:Subject:From:To:Date:Message-ID; bh=IMk6BcFkpFg7nJmDPywSrlv0r3IhjR7aKfoxKNXWMR8=; b=iyp0HoRg6YAS9XqtmgsdeBnHxdrOaVNEdSmJttGga+0T+zLL1PQf8yuuGcv7heqZ dr3Tl+iKq7ylVZrFowhBZzUlJMbtcckUT+fXHIKeJL3i4PEIrc2pBTYSmtRz5SiW00q IFahIaDXDDaZZkWgTx/WbwYHAD9WQfis1L2HGuR0=

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=7v7vs6w47njt4pimodk5mmttbegzsi6n; d=amazonses.com; t=1733222305; h=Content-Type:MIME-Version:Content-Transfer-Encoding:Subject:From:To:Date:Message-ID:Feedback-ID; bh=IMk6BcFkpFg7nJmDPywSrlv0r3IhjR7aKfoxKNXWMR8=; b=bTUUu6koxPRDHyQ4qwhhH4OFIh5WCSVstGzqCpvebub14X2nOStPnwoNauNVGhDC lqpL9VESJcnQD7LAIDRemkJVfBSA7euDfLhPd29Oui/eCyzWLUUmlHr4gENFPg59Eh1 jVvOku8vhth5ZuQSKP2DjmqxYB4NEK97F/67yRuI=

Content-Type: multipart/alternative; boundary="----=_Part_9006_1222595691.Gpli1ef1G6p3yD"

Date: [email_date]

From: "CVS Team"

Mime-Version: 1.0

Message-ID:

Subject: Don’t Miss Out – A Medicare Kit is Yours

X-Feedback-ID: 78451958:SG

X-SG-EID: r1V9BfdMcvJHybJekVkb4Mt99CLYvHeT8da61Kq7uX1Spy7Go70B8ueHAGzoKjQHZkNw6ARLtZJLkigyH2AJ7vTD8sXmZe3oziMb+xoLygCHpyqzNib28ollVVD7TtOSrByPEl3ksoa1FbDkG09WVwI0cpvpPr17Y6ndHn4wRbrJBOvC6zJNz8E59Xgv8XF6Ck13sKG0yimO7mWfH+VBHg5DzfH7Q0ZMvFIwZXxRR5UhfDYoAc3D261yKF+65GhSd9zrOAVfKIomnKGO1kdDWx==

X-SG-ID: Bazt4wqddkANU1LlcqRRynTpQDDqilSjEtRpd2JT4/ruelV6fwob6PGAlZtJlxA9LnXjc04xUPWKhjrMW6BtUdt9qdqZyeo8qyooCukv8hra5rHW/wjojg/+OdxCYzWkzqCcelaQsMhiGS0VU1WQ07XasQtq5aCtXO/h0s9Ya+maZ7W4F0K1J/umnZwwHuo3MxWr7uvArdcWP5ya/OdxCYzWkzqCcelaQsMhiGS0VU1WQ07XasQtq5aCtXO+4bAAgyVUtV/uDboVMXTFzDJpwsh0vJA2leymKUCPySjfuKNdk+umnZwwHuo3MxWr7uvArdcWP5ya+5T7t3Oe4Eq6B04mIE8bFrGZUKIlqnEEnf17Tz7zibE04Q/XLuDBRnNME8dSU3mj6qIaQ27bF03rRC==

To:

X-Entity-ID: u001.QULGV9L4SISVIPRRZR5KRX==

X-Spam_score: 23.9

X-Spam_score_int: 239

X-Spam_bar: +++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please confirm your email address Click here to confirm your

email address To receive HubSpot content on marketing, sales and/or service

topics - please confirm your email address. You will be added to our email

distribution list. You can unsubscribe at any time. BJYRVSBK Th [...]



Content analysis details: (23.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[103.214.113.44 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[54.240.27.123 listed in dnsbl.ahbl.org]

[54.240.27.123 listed in dnsbl.ahbl.org]

[54.240.27.123 listed in dnsbl.ahbl.org]

[54.240.27.123 listed in dnsbl.ahbl.org]

[103.214.113.44 listed in dnsbl.ahbl.org]

[103.214.113.44 listed in dnsbl.ahbl.org]

[103.214.113.44 listed in dnsbl.ahbl.org]

[103.214.113.44 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[54.240.27.123 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[54.240.27.123 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[54.240.27.123 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[54.240.27.123 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.240.27.123 listed in will-spam-for-food.eu.org]

[54.240.27.123 listed in will-spam-for-food.eu.org]

[54.240.27.123 listed in will-spam-for-food.eu.org]

[54.240.27.123 listed in will-spam-for-food.eu.org]

[54.240.27.123 listed in will-spam-for-food.eu.org]

[54.240.27.123 listed in will-spam-for-food.eu.org]

[54.240.27.123 listed in will-spam-for-food.eu.org]

[54.240.27.123 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

[103.214.113.44 listed in will-spam-for-food.eu.org]

3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS

[103.214.113.44 listed in zen.spamhaus.org]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: soundcast.me]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.4 INVALID_DATE Invalid Date: header (not RFC 2822)

2.0 GR_DOMAIN_AMAZON1 Received contains spam friendly host (amazon)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.3 LONGWORD BODY: Uses overlong words

0.3 OFFER BODY: Offers you Something

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.3 MIME_8BIT_HEADER Message header contains 8-bit character

3.2 HTML_TAG_BALANCE_CENTER Malformatted HTML

0.8 A_HREF_NOWHERE A link tag with empty href

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 HTML_FONT_TINY_NORDNS Font too small to read, no rDNS

1.6 HREF_EMPTY_NORDNS Empty href + no rDNS

0.0 NORDNS_LOW_CONTRAST No rDNS + hidden text

Subject: {SPAM?} Don’t Miss Out – A Medicare Kit is Yours



------=_Part_9006_1222595691.Gpli1ef1G6p3yD

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable



Please confirm your email address



Click here to confirm your email address



To receive HubSpot content on marketing, sales and/or service topics -Â please confirm your email address. You will be added to our email distribution list. You can unsubscribe at any time.

BJYRVSBK

The 90s had seen the apotheosis of the form, including Take That and Backstreet Boys, but those bands’ robust anthems and breezy dance-pop seemed to flame out in 2001 with the over-egged futurism of ‘NSync’s Pop, the first single from an album with the jaded title Celebrity.

Thanks,



The HubSpot Team



HubSpot, 25 1st St., Cambridge, MA 02141, USA, 888-482-7768



HubSpot, 2 Canal Park, , Cambridge, MA 02141, USA, 888-482-7768









Unsubscribe (https://hs-53.s.hubspotemail.net/hs/manage-preferences/unsubscribe-all?languagePreference=en&d=MnbTK9GK15VW3_Vshk4hHDBPW3T2_Lm2m40KfW3T0pbm43T3CZVmWFg14N_KfmN5fr_5C25rVhW8xS7DT8t0gJQVWmbwB8c2k7nMXk_7QbvZTwVMrv2h5s79sCW1P-vmr68hV1J32Kw2&v=3 )



Manage preferences (https://hs-53.s.hubspotemail.net/hs/manage-preferences/unsubscribe?languagePreference=en&d=MnbTK9GK15VW3_Vshk4hHDBPW3T2_Lm2m40KfW3T0pbm43T3CZVmWFg14N_KfmN5fr_5C25rVhW8xS7DT8t0gJQVWmbwB8c2k7nMXk_7QbvZTwVMrv2h5s79sCW1P-vmr68hV1J32Kw2&v=3 )

------=_Part_9006_1222595691.Gpli1ef1G6p3yD

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: quoted-printable





Bitte bestätigen Sie Ihre E-Mail-Adresse there | Confirm your e-mail address there

































Exclusive Offer: Claim Your Medicare Kit Now













Costco Phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: daave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 14:06:54 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taLJI-00000000Fya-11mN

for daave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 13:57:20 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 13:57:20 -0700

Resent-Message-ID:

Resent-To: daave@doctor.nl2k.ab.ca

Received: from [202.131.82.179] (port=49900 helo=surendanielyan.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taGlN-00000000Lxt-1xdv

for doctor@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 09:06:08 -0700

X-Spam-Flag: NO

Received-SPF: pass (mail119c60.megamailservers.eu: domain of 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com designates 54.240.9.27 as permitted sender) receiver=mail119c60.megamailservers.eu; client-ip=54.240.9.27; helo=a9-27.smtp-out.amazonses.com; envelope-from=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10;

DMARC-Filter: OpenDMARC Filter v1.3.2 mail119c60.megamailservers.eu 50K6eVVd109533

Authentication-Results: mail119c60.megamailservers.eu; dmarc=none (p=none dis=none) header.from=am.co.za

Authentication-Results: mail119c60.megamailservers.eu; spf=pass smtp.mailfrom=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

X-Envelope-From: 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

Authentication-Results: mail119c60.megamailservers.eu;

dkim=pass (2048-bit key) header.d=am.co.za header.i=@am.co.za header.b="lQ4Igng3";

dkim=pass (1024-bit key) header.d=amazonses.com header.i=@amazonses.com header.b="pz45L9IM"

Received: from a9-27.smtp-out.amazonses.com (a9-27.smtp-out.amazonses.com [54.240.9.27])

by mail119c60.megamailservers.eu (8.14.9/8.13.1) with ESMTP id 50K6eVVd109533

(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NO)

for ; Mon, 20 Jan 2025 06:40:34 +0000

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=jellpegaops4ewog2i62oroykyrj5w53; d=am.co.za; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=lQ4Igng3FDs1QNge0ZCZMMc6vTPGXAThYuaV9L18zWasYLDkHlrUeWXcp0xnbahc

mvNSYoe7kaUB6IV1TK7Id8xQXvUNl+gXq4pxorP8YKrDPPwyT/eHGNHxuhMwm+DTLLi

0pf1bIkz9bj0TVHwDvKdLOFubC+wkwrow2JpxIkTX/Nx0HkttzZfmL9JRF2473GOL78

c/wzEGhyyucp/vn/iyH7wcmzzk9zjvNldvF0tsLARLUCTpigli+f9NaIcK/4EX9pxzo

uT/fPp+uRoqIGIvnffNFxBlLIcftp1bqs7AevbpgIZ8bJwbR7z9RSD9YwbJjHovVTDz

KfYyWcYcvw==

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type:Feedback-ID;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=pz45L9IMpT+qbwZ5pK757FTU/QnVoTnHt2l++Tg+qqGlSMTQo1XHZ/tFxTqpFtPF

UHatq1jep2fcoPAnbEBeaw22DiuZDbbCvOY3G3eTbgzIgeW/Lqs5GWHlpw/PZmPreHX

L91mz/fRWXf8qomqQyZ4RYZ/Y9ABhuFoedvX/hbc=

Date: Tue, 21 Jan 2025 09:43:42 -0600

To: doctor@doctor.nl2k.ab.ca

From: Costco Rewards

Reply-To: "AM.CO.ZA"

Subject: Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today

Message-ID: <3000647484010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@email.amazonses.com>

X-Mailer:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-Unsubscribe: ,

Precedence: Bulk

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_612cfa5c735d29a8d303a2c34fb35a69"

Feedback-ID: ::1.us-east-1.LKUVh6t63l7O6yIB1m15hzwDEjZQwa0iGlH8nisfPi4=:AmazonSES

X-SES-Outgoing: 2025.01.20-54.240.9.27

X-VADE-SPAMSTATE: commercial:mce

X-VADE-SPAMSCORE: 17

X-VADE-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeefuddrudeikedgleeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecujffquffvqffrkfetpdfgpfggqdeviedtnecuuegrihhlohhuthemuceftddunecundfotefknffkpffiucdludejmdenucfjughrpeffvffhrhfukffojfhpgggtsegrtderphdttdejnecuhfhrohhmpedftefordevqfdrkgetfdcuoehuphgurghtvghssegrmhdrtghordiirgeqnecuggftrfgrthhtvghrnhepiefgtdfhheelgeektdeuleevheefhfdujefhtddufeeggfdvuefgfedtheffjeefnecuffhomhgrihhnpegrfihsthhrrggtkhdrmhgvpdgrmhdrtghordiirgdphihouhhtuhgsvgdrtghomhdpsghuhihthhhishdrtghordiirgenucfkphepheegrddvgedtrdelrddvjeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeehgedrvdegtddrledrvdejpdhhvghloheprgelqddvjedrshhmthhpqdhouhhtrdgrmhgriihonhhsvghsrdgtohhmpdhmrghilhhfrhhomheptddutddttdduleegkedvjedtfhguvdefqdehtdgujedttggtvddqfeejsgguqdegfeduugdqrgehrggsqdehugeitggrvgduieelvgdtugdqtddttddttddtsegrmhgriihonhhsvghsrdgtohhmpdhnsggprhgtphhtthhopedupdhrtghpthhtohepkhgrrghnuggvrhdvsehonhhlihhnvgdrnhho

X-Rspamd-Status: No, score=2.22

X-Rspamd-Result: default: False [2.22 / 6.00];

SUSPICIOUS_URL_IN_SUSPICIOUS_MESSAGE(1.00)[];

R_PARTS_DIFFER(0.92)[96.0%];

FORGED_SENDER(0.30)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

BAD_REP_POLICIES(0.10)[];

MIME_GOOD(-0.10)[multipart/alternative,text/plain];

URIBL_PBL(0.01)[108.157.150.105:services.am.co.za:email,108.157.150.100:services.am.co.za:email,108.157.150.39:services.am.co.za:email,108.157.150.89:services.am.co.za:email];

HAS_LIST_UNSUB(-0.01)[];

R_DKIM_ALLOW(0.00)[am.co.za:s=jellpegaops4ewog2i62oroykyrj5w53,amazonses.com:s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug];

TO_DN_ALL(0.00)[];

FROM_HAS_DN(0.00)[];

ARC_NA(0.00)[];

RCPT_COUNT_ONE(0.00)[1];

DMARC_NA(0.00)[am.co.za];

MIME_TRACE(0.00)[0:+,1:+,2:~];

TO_MATCH_ENVRCPT_ALL(0.00)[];

DKIM_TRACE(0.00)[am.co.za:+,amazonses.com:+];

HAS_REPLYTO(0.00)[updates@am.co.za];

RCVD_COUNT_ZERO(0.00)[0];

PRECEDENCE_BULK(0.00)[];

FROM_NEQ_ENVFROM(0.00)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

HAS_PHPMAILER_SIG(0.00)[];

REDIRECTOR_URL(0.00)[awstrack.me];

ASN(0.00)[asn:14618, ipnet:54.240.8.0/21, country:US];

R_SPF_ALLOW(0.00)[+ip4:54.240.0.0/18];

REDIRECTOR_FALSE(0.00)[am.co.za->awstrack.me:awstrack.me,buythis.co.za->awstrack.me:awstrack.me,youtube.com->awstrack.me:awstrack.me];

REPLYTO_EQ_FROM(0.00)[]

X-Origin-Country: US

X-Origin-ASN: 14618

X-WHL: LR

X-Spam_score: 18.7

X-Spam_score_int: 187

X-Spam_bar: ++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: 🔴 High Quality DTF Printing with Compact A3 XP600 Printhead

DTF Printer for Business Start-ups Costco - Loyalty Program Congratulations!





Content analysis details: (18.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[202.131.82.179 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS

[202.131.82.179 listed in zen.spamhaus.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in sa-accredit.habeas.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[202.131.82.179 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[202.131.82.179 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

2.0 GR_DOMAIN_AMAZON1 Received contains spam friendly host (amazon)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

2.4 ACT_NOW_CAPS BODY: Talks about 'acting now' with capitals

0.0 WIKI_IMG URI: Image from wikipedia

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.0 AC_BR_BONANZA RAW: Too many newlines in a row... spammy template

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

3.0 GOOG_STO_NOIMG_HTML Apparently using google content hosting to avoid

URIBL

Subject: {SPAM?} Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today



This is a multi-part message in MIME format.

--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit



🔴 High Quality DTF Printing with Compact A3 XP600 Printhead DTF Printer for Business Start-ups





--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit























Costco - Loyalty Program








































































































































































































































































































































































































































































































































































































































































































rn:schemas-microsoft-com:office:office" lang=3D"en">
eta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
a name=3D"viewport" content=3D"width=3Ddevice-width,initial-scale=3D1">
d>
;-webkit-text-size-adjust:none;text-size-adjust:none">
ntainer" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" ro=

le=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0;backgrou=

nd-color:#262626">

align=3D"center" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=

=3D"0" role=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0=

">

=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"m=

so-table-lspace:0;mso-table-rspace:0;color:#000;width:600px;margin:0 auto" =

width=3D"600">

style=3D"mso-table-lspace:0;mso-table-rspace:0;font-weight:400;text-align:l=

eft;border-top:5px solid #6dcff6;vertical-align:top;border-right:0;border-b=

ottom:0;border-left:0">
order=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" styl=

e=3D"mso-table-lspace:0;mso-table-rspace:0;word-break:break-word">

lass=3D"pad">

style=3D"font-size:14px;font-family:Arial,Helvetica Neue,Helvetica,sans-ser=

if;mso-line-height-alt:16.8px;color:#777676;line-height:1.2">


rgin:0;font-size:14px;text-align:center;mso-line-height-alt:16.8px;letter-s=

pacing:1px">=



--b1_612cfa5c735d29a8d303a2c34fb35a69--

Business Proposal spam fdrom Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 09:07:09 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taGle-00000000M3H-1SN9

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 09:06:18 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 09:06:18 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f174.google.com ([209.85.222.174]:61670)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1taG3H-00000000CLF-04YO

for root@nk.ca;

Tue, 21 Jan 2025 08:20:32 -0700

Received: by mail-qk1-f174.google.com with SMTP id af79cd13be357-7b6f0afda3fso629801985a.2

for ; Tue, 21 Jan 2025 07:18:41 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1737472715; x=1738077515; darn=nk.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=fd5dHwhfRwu3F6ZnKU1YlxzltYRIkbdZRa0NBqtxSxI=;

b=d0itJypW/+iKsW/wi0Cr3ozpZTkuW6VjEEuTlKfoyVGDtNFpM31RzHo9FtEZj70aID

Mwwp51wD5yb39lT5+elHuEWytbEFYSVBRdqf6LlQs1UOrKgyz1zj9Ii8hDt7VlfRrVaM

lUvhbcVT8tPjmkAbU4KCCWRx4kz+QT2dO2mAcoD9zJXHh7mqZWcRlEf2weiyHqZSDVMN

6tKUXLgDYCZIrEKnET3GvuSmA/JBUhrO2UAhx4EsIHgmS6kTY8Xp7kWfQmq/laJ6onT8

Hxu7tFFOVur7Vf9Ia05C41hJvf8Y2+j1RCH2Jyp8g8odNc64eNozJONDsVjqkVqkA3qC

OOng==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1737472715; x=1738077515;

h=to:subject:message-id:date:from:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=fd5dHwhfRwu3F6ZnKU1YlxzltYRIkbdZRa0NBqtxSxI=;

b=ehLqnewMwmTbVs8uKUSMD/fnXh5jijU0n5OWk4lilsHgvfm3RPNEXg4iRIyNoN6IyB

5HUvLclHgRB01OAzuUAk9JptDFVvsMcD8XaNaLrme5QsXTrj0qQu4tok5LPfCThJEJQl

X+15u5o0bywMFj9WpEyts6li3+lYSPcLPdV2WPBfPAFDe5wCf+NMzFcKOvQOlqTkqanj

HS0Bq2Q+UmKd0HlS09BNiV5Dfm9ckc5QDLcxicMkSviExKqnAiSMxQkqpxGJuaIYrhqD

CwC04fOXOaaNOVL2HmgKgUaacTRda80CoLohwBxdlGiTDegGMmvTVRWxjbKLZRJoQm3o

DrgA==

X-Forwarded-Encrypted: i=1; AJvYcCVgcSr1WZP6YyWkfPjpIcPrzXaplYdOtSkzJ2Z5CKtWCs3PT5N4AaY8LKqiCU9vAiPgH5jP@nk.ca

X-Gm-Message-State: AOJu0YzcShofzgW8NFV3kiu80XM2vj3ehYd8O/UXnkDT4rP7CwvLekGp

qwAqgRyAO9vxObTiMgTHBhy8O7PwCj6xrm37ZIVNqws5AhIGmRFAz0aSmsgQgW8vuYQkde35szT

K40w43PCmsLgHGP6l0gbZsvEvEmQ=

X-Gm-Gg: ASbGncvgAxUoWblYF8ePuOz4/oA5RwvglCg1lpoKpFQCYslS8rQUzD+Ou2EW8GTCNep

w5L24oUzGg43kj1Cus8tx+7VrxC7BLdH1ISQigzAz92opr/2zPQ==

X-Google-Smtp-Source: AGHT+IHH+f9lybhp1dh2oqUsbx3n9mLd32Aho4C+BZMJ1FDLD2bKTDWgVkwE50MkLHYP7qFB7nPsvX+xKEM/jlRatBI=

X-Received: by 2002:a05:620a:28ca:b0:7b6:f595:36ad with SMTP id

af79cd13be357-7be6324d832mr2958381385a.37.1737472714821; Tue, 21 Jan 2025

07:18:34 -0800 (PST)

MIME-Version: 1.0

Reply-To: robertbalansag4@gmail.com

From: Robert Balansag

Date: Tue, 21 Jan 2025 07:18:23 -0800

X-Gm-Features: AbW1kvZA4SUCir9A72lW-NiWWZeA2bgpUgLgKMfnoYcx4gnnLoAOvojXgSJLXrg

Message-ID:

Subject: Business opportunity with you.

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000f955be062c38e3cf"

Bcc: root@nk.ca

X-Spam_score: 11.0

X-Spam_score_int: 110

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Good day, I have an investment / business proposal l would

like to share with you. I will give you more details immediately l hear from

you.my email i.d robertbalansag4@gmail.com Warm regards,



Content analysis details: (11.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

[209.85.222.174 listed in dnsbl.ahbl.org]

[209.85.222.174 listed in dnsbl.ahbl.org]

[209.85.222.174 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.174 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

[209.85.222.174 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.174 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.174 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[robertbalansag4(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[santosmichael12340(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[santosmichael12340(at)gmail.com]

0.6 J_CHICKENPOX_32 BODY: 3alpha-pock-2alpha

0.0 HTML_MESSAGE BODY: HTML included in message

2.8 UNDISC_FREEM Undisclosed recipients + freemail reply-to

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

Subject: {SPAM?} Business opportunity with you.



--000000000000f955be062c38e3cf

Content-Type: text/plain; charset="UTF-8"



Good day,



I have an investment / business proposal l would like to share with you. I

will give you more details immediately l hear from you.my email i.d

robertbalansag4@gmail.com



Warm regards,



Regards,



Robert Balansag.



--000000000000f955be062c38e3cf

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable











Good day,

I have an investment / business proposal =C2=A0l would lik=

e=20

to share with you. I will give you more details immediately l hear from=20

you.my email i.d robertbalansa=

g4@gmail.com

Warm regards,

Regards,

Robert Balansa=

g.



















--000000000000f955be062c38e3cf--

Costco phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 09:07:10 -0700

Received: from [202.131.82.179] (port=49900 helo=surendanielyan.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taGlV-00000000Lxt-0TXI

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 09:06:14 -0700

X-Spam-Flag: NO

Received-SPF: pass (mail119c60.megamailservers.eu: domain of 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com designates 54.240.9.27 as permitted sender) receiver=mail119c60.megamailservers.eu; client-ip=54.240.9.27; helo=a9-27.smtp-out.amazonses.com; envelope-from=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10;

DMARC-Filter: OpenDMARC Filter v1.3.2 mail119c60.megamailservers.eu 50K6eVVd109533

Authentication-Results: mail119c60.megamailservers.eu; dmarc=none (p=none dis=none) header.from=am.co.za

Authentication-Results: mail119c60.megamailservers.eu; spf=pass smtp.mailfrom=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

X-Envelope-From: 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

Authentication-Results: mail119c60.megamailservers.eu;

dkim=pass (2048-bit key) header.d=am.co.za header.i=@am.co.za header.b="lQ4Igng3";

dkim=pass (1024-bit key) header.d=amazonses.com header.i=@amazonses.com header.b="pz45L9IM"

Received: from a9-27.smtp-out.amazonses.com (a9-27.smtp-out.amazonses.com [54.240.9.27])

by mail119c60.megamailservers.eu (8.14.9/8.13.1) with ESMTP id 50K6eVVd109533

(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NO)

for ; Mon, 20 Jan 2025 06:40:34 +0000

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=jellpegaops4ewog2i62oroykyrj5w53; d=am.co.za; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=lQ4Igng3FDs1QNge0ZCZMMc6vTPGXAThYuaV9L18zWasYLDkHlrUeWXcp0xnbahc

mvNSYoe7kaUB6IV1TK7Id8xQXvUNl+gXq4pxorP8YKrDPPwyT/eHGNHxuhMwm+DTLLi

0pf1bIkz9bj0TVHwDvKdLOFubC+wkwrow2JpxIkTX/Nx0HkttzZfmL9JRF2473GOL78

c/wzEGhyyucp/vn/iyH7wcmzzk9zjvNldvF0tsLARLUCTpigli+f9NaIcK/4EX9pxzo

uT/fPp+uRoqIGIvnffNFxBlLIcftp1bqs7AevbpgIZ8bJwbR7z9RSD9YwbJjHovVTDz

KfYyWcYcvw==

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type:Feedback-ID;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=pz45L9IMpT+qbwZ5pK757FTU/QnVoTnHt2l++Tg+qqGlSMTQo1XHZ/tFxTqpFtPF

UHatq1jep2fcoPAnbEBeaw22DiuZDbbCvOY3G3eTbgzIgeW/Lqs5GWHlpw/PZmPreHX

L91mz/fRWXf8qomqQyZ4RYZ/Y9ABhuFoedvX/hbc=

Date: Tue, 21 Jan 2025 08:12:26 -0600

To: dave@doctor.nl2k.ab.ca

From: Costco Rewards

Reply-To: "AM.CO.ZA"

Subject: Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today

Message-ID: <5619900251010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@email.amazonses.com>

X-Mailer:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-Unsubscribe: ,

Precedence: Bulk

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_612cfa5c735d29a8d303a2c34fb35a69"

Feedback-ID: ::1.us-east-1.LKUVh6t63l7O6yIB1m15hzwDEjZQwa0iGlH8nisfPi4=:AmazonSES

X-SES-Outgoing: 2025.01.20-54.240.9.27

X-VADE-SPAMSTATE: commercial:mce

X-VADE-SPAMSCORE: 17

X-VADE-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeefuddrudeikedgleeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecujffquffvqffrkfetpdfgpfggqdeviedtnecuuegrihhlohhuthemuceftddunecundfotefknffkpffiucdludejmdenucfjughrpeffvffhrhfukffojfhpgggtsegrtderphdttdejnecuhfhrohhmpedftefordevqfdrkgetfdcuoehuphgurghtvghssegrmhdrtghordiirgeqnecuggftrfgrthhtvghrnhepiefgtdfhheelgeektdeuleevheefhfdujefhtddufeeggfdvuefgfedtheffjeefnecuffhomhgrihhnpegrfihsthhrrggtkhdrmhgvpdgrmhdrtghordiirgdphihouhhtuhgsvgdrtghomhdpsghuhihthhhishdrtghordiirgenucfkphepheegrddvgedtrdelrddvjeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeehgedrvdegtddrledrvdejpdhhvghloheprgelqddvjedrshhmthhpqdhouhhtrdgrmhgriihonhhsvghsrdgtohhmpdhmrghilhhfrhhomheptddutddttdduleegkedvjedtfhguvdefqdehtdgujedttggtvddqfeejsgguqdegfeduugdqrgehrggsqdehugeitggrvgduieelvgdtugdqtddttddttddtsegrmhgriihonhhsvghsrdgtohhmpdhnsggprhgtphhtthhopedupdhrtghpthhtohepkhgrrghnuggvrhdvsehonhhlihhnvgdrnhho

X-Rspamd-Status: No, score=2.22

X-Rspamd-Result: default: False [2.22 / 6.00];

SUSPICIOUS_URL_IN_SUSPICIOUS_MESSAGE(1.00)[];

R_PARTS_DIFFER(0.92)[96.0%];

FORGED_SENDER(0.30)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

BAD_REP_POLICIES(0.10)[];

MIME_GOOD(-0.10)[multipart/alternative,text/plain];

URIBL_PBL(0.01)[108.157.150.105:services.am.co.za:email,108.157.150.100:services.am.co.za:email,108.157.150.39:services.am.co.za:email,108.157.150.89:services.am.co.za:email];

HAS_LIST_UNSUB(-0.01)[];

R_DKIM_ALLOW(0.00)[am.co.za:s=jellpegaops4ewog2i62oroykyrj5w53,amazonses.com:s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug];

TO_DN_ALL(0.00)[];

FROM_HAS_DN(0.00)[];

ARC_NA(0.00)[];

RCPT_COUNT_ONE(0.00)[1];

DMARC_NA(0.00)[am.co.za];

MIME_TRACE(0.00)[0:+,1:+,2:~];

TO_MATCH_ENVRCPT_ALL(0.00)[];

DKIM_TRACE(0.00)[am.co.za:+,amazonses.com:+];

HAS_REPLYTO(0.00)[updates@am.co.za];

RCVD_COUNT_ZERO(0.00)[0];

PRECEDENCE_BULK(0.00)[];

FROM_NEQ_ENVFROM(0.00)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

HAS_PHPMAILER_SIG(0.00)[];

REDIRECTOR_URL(0.00)[awstrack.me];

ASN(0.00)[asn:14618, ipnet:54.240.8.0/21, country:US];

R_SPF_ALLOW(0.00)[+ip4:54.240.0.0/18];

REDIRECTOR_FALSE(0.00)[am.co.za->awstrack.me:awstrack.me,buythis.co.za->awstrack.me:awstrack.me,youtube.com->awstrack.me:awstrack.me];

REPLYTO_EQ_FROM(0.00)[]

X-Origin-Country: US

X-Origin-ASN: 14618

X-WHL: LR

X-Spam_score: 22.4

X-Spam_score_int: 224

X-Spam_bar: ++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: 🔴 High Quality DTF Printing with Compact A3 XP600 Printhead

DTF Printer for Business Start-ups Costco - Loyalty Program Congratulations!





Content analysis details: (22.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS

[202.131.82.179 listed in zen.spamhaus.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[202.131.82.179 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[202.131.82.179 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

2.0 GR_DOMAIN_AMAZON1 Received contains spam friendly host (amazon)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

2.4 ACT_NOW_CAPS BODY: Talks about 'acting now' with capitals

0.0 WIKI_IMG URI: Image from wikipedia

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.0 AC_BR_BONANZA RAW: Too many newlines in a row... spammy template

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

3.0 GOOG_STO_NOIMG_HTML Apparently using google content hosting to avoid

URIBL

Subject: {SPAM?} Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today



This is a multi-part message in MIME format.

--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit



🔴 High Quality DTF Printing with Compact A3 XP600 Printhead DTF Printer for Business Start-ups





--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit























Costco - Loyalty Program








































































































































































































































































































































































































































































































































































































































































































rn:schemas-microsoft-com:office:office" lang=3D"en">
eta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
a name=3D"viewport" content=3D"width=3Ddevice-width,initial-scale=3D1">
d>
;-webkit-text-size-adjust:none;text-size-adjust:none">
ntainer" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" ro=

le=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0;backgrou=

nd-color:#262626">

align=3D"center" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=

=3D"0" role=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0=

">

=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"m=

so-table-lspace:0;mso-table-rspace:0;color:#000;width:600px;margin:0 auto" =

width=3D"600">

style=3D"mso-table-lspace:0;mso-table-rspace:0;font-weight:400;text-align:l=

eft;border-top:5px solid #6dcff6;vertical-align:top;border-right:0;border-b=

ottom:0;border-left:0">
order=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" styl=

e=3D"mso-table-lspace:0;mso-table-rspace:0;word-break:break-word">

lass=3D"pad">

style=3D"font-size:14px;font-family:Arial,Helvetica Neue,Helvetica,sans-ser=

if;mso-line-height-alt:16.8px;color:#777676;line-height:1.2">


rgin:0;font-size:14px;text-align:center;mso-line-height-alt:16.8px;letter-s=

pacing:1px">=



--b1_612cfa5c735d29a8d303a2c34fb35a69--

Costco Phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 07:20:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF62-00000000AMu-12m8

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 07:19:14 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 07:19:14 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [202.131.82.179] (port=33144 helo=surendanielyan.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF24-000000009kZ-0lnk

for doctor@nl2k.ab.ca;

Tue, 21 Jan 2025 07:15:17 -0700

X-Spam-Flag: NO

Received-SPF: pass (mail119c60.megamailservers.eu: domain of 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com designates 54.240.9.27 as permitted sender) receiver=mail119c60.megamailservers.eu; client-ip=54.240.9.27; helo=a9-27.smtp-out.amazonses.com; envelope-from=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10;

DMARC-Filter: OpenDMARC Filter v1.3.2 mail119c60.megamailservers.eu 50K6eVVd109533

Authentication-Results: mail119c60.megamailservers.eu; dmarc=none (p=none dis=none) header.from=am.co.za

Authentication-Results: mail119c60.megamailservers.eu; spf=pass smtp.mailfrom=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

X-Envelope-From: 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

Authentication-Results: mail119c60.megamailservers.eu;

dkim=pass (2048-bit key) header.d=am.co.za header.i=@am.co.za header.b="lQ4Igng3";

dkim=pass (1024-bit key) header.d=amazonses.com header.i=@amazonses.com header.b="pz45L9IM"

Received: from a9-27.smtp-out.amazonses.com (a9-27.smtp-out.amazonses.com [54.240.9.27])

by mail119c60.megamailservers.eu (8.14.9/8.13.1) with ESMTP id 50K6eVVd109533

(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NO)

for ; Mon, 20 Jan 2025 06:40:34 +0000

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=jellpegaops4ewog2i62oroykyrj5w53; d=am.co.za; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=lQ4Igng3FDs1QNge0ZCZMMc6vTPGXAThYuaV9L18zWasYLDkHlrUeWXcp0xnbahc

mvNSYoe7kaUB6IV1TK7Id8xQXvUNl+gXq4pxorP8YKrDPPwyT/eHGNHxuhMwm+DTLLi

0pf1bIkz9bj0TVHwDvKdLOFubC+wkwrow2JpxIkTX/Nx0HkttzZfmL9JRF2473GOL78

c/wzEGhyyucp/vn/iyH7wcmzzk9zjvNldvF0tsLARLUCTpigli+f9NaIcK/4EX9pxzo

uT/fPp+uRoqIGIvnffNFxBlLIcftp1bqs7AevbpgIZ8bJwbR7z9RSD9YwbJjHovVTDz

KfYyWcYcvw==

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type:Feedback-ID;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=pz45L9IMpT+qbwZ5pK757FTU/QnVoTnHt2l++Tg+qqGlSMTQo1XHZ/tFxTqpFtPF

UHatq1jep2fcoPAnbEBeaw22DiuZDbbCvOY3G3eTbgzIgeW/Lqs5GWHlpw/PZmPreHX

L91mz/fRWXf8qomqQyZ4RYZ/Y9ABhuFoedvX/hbc=

Date: Tue, 21 Jan 2025 08:06:44 -0600

To: doctor@nl2k.ab.ca

From: Costco Rewards

Reply-To: "AM.CO.ZA"

Subject: Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today

Message-ID: <0835862093010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@email.amazonses.com>

X-Mailer:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-Unsubscribe: ,

Precedence: Bulk

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_612cfa5c735d29a8d303a2c34fb35a69"

Feedback-ID: ::1.us-east-1.LKUVh6t63l7O6yIB1m15hzwDEjZQwa0iGlH8nisfPi4=:AmazonSES

X-SES-Outgoing: 2025.01.20-54.240.9.27

X-VADE-SPAMSTATE: commercial:mce

X-VADE-SPAMSCORE: 17

X-VADE-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeefuddrudeikedgleeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecujffquffvqffrkfetpdfgpfggqdeviedtnecuuegrihhlohhuthemuceftddunecundfotefknffkpffiucdludejmdenucfjughrpeffvffhrhfukffojfhpgggtsegrtderphdttdejnecuhfhrohhmpedftefordevqfdrkgetfdcuoehuphgurghtvghssegrmhdrtghordiirgeqnecuggftrfgrthhtvghrnhepiefgtdfhheelgeektdeuleevheefhfdujefhtddufeeggfdvuefgfedtheffjeefnecuffhomhgrihhnpegrfihsthhrrggtkhdrmhgvpdgrmhdrtghordiirgdphihouhhtuhgsvgdrtghomhdpsghuhihthhhishdrtghordiirgenucfkphepheegrddvgedtrdelrddvjeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeehgedrvdegtddrledrvdejpdhhvghloheprgelqddvjedrshhmthhpqdhouhhtrdgrmhgriihonhhsvghsrdgtohhmpdhmrghilhhfrhhomheptddutddttdduleegkedvjedtfhguvdefqdehtdgujedttggtvddqfeejsgguqdegfeduugdqrgehrggsqdehugeitggrvgduieelvgdtugdqtddttddttddtsegrmhgriihonhhsvghsrdgtohhmpdhnsggprhgtphhtthhopedupdhrtghpthhtohepkhgrrghnuggvrhdvsehonhhlihhnvgdrnhho

X-Rspamd-Status: No, score=2.22

X-Rspamd-Result: default: False [2.22 / 6.00];

SUSPICIOUS_URL_IN_SUSPICIOUS_MESSAGE(1.00)[];

R_PARTS_DIFFER(0.92)[96.0%];

FORGED_SENDER(0.30)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

BAD_REP_POLICIES(0.10)[];

MIME_GOOD(-0.10)[multipart/alternative,text/plain];

URIBL_PBL(0.01)[108.157.150.105:services.am.co.za:email,108.157.150.100:services.am.co.za:email,108.157.150.39:services.am.co.za:email,108.157.150.89:services.am.co.za:email];

HAS_LIST_UNSUB(-0.01)[];

R_DKIM_ALLOW(0.00)[am.co.za:s=jellpegaops4ewog2i62oroykyrj5w53,amazonses.com:s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug];

TO_DN_ALL(0.00)[];

FROM_HAS_DN(0.00)[];

ARC_NA(0.00)[];

RCPT_COUNT_ONE(0.00)[1];

DMARC_NA(0.00)[am.co.za];

MIME_TRACE(0.00)[0:+,1:+,2:~];

TO_MATCH_ENVRCPT_ALL(0.00)[];

DKIM_TRACE(0.00)[am.co.za:+,amazonses.com:+];

HAS_REPLYTO(0.00)[updates@am.co.za];

RCVD_COUNT_ZERO(0.00)[0];

PRECEDENCE_BULK(0.00)[];

FROM_NEQ_ENVFROM(0.00)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

HAS_PHPMAILER_SIG(0.00)[];

REDIRECTOR_URL(0.00)[awstrack.me];

ASN(0.00)[asn:14618, ipnet:54.240.8.0/21, country:US];

R_SPF_ALLOW(0.00)[+ip4:54.240.0.0/18];

REDIRECTOR_FALSE(0.00)[am.co.za->awstrack.me:awstrack.me,buythis.co.za->awstrack.me:awstrack.me,youtube.com->awstrack.me:awstrack.me];

REPLYTO_EQ_FROM(0.00)[]

X-Origin-Country: US

X-Origin-ASN: 14618

X-WHL: LR

X-Spam_score: 18.9

X-Spam_score_int: 189

X-Spam_bar: ++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: 🔴 High Quality DTF Printing with Compact A3 XP600 Printhead

DTF Printer for Business Start-ups Costco - Loyalty Program Congratulations!





Content analysis details: (18.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[202.131.82.179 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS

[202.131.82.179 listed in zen.spamhaus.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[202.131.82.179 listed in bl.score.senderscore.com]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

2.0 GR_DOMAIN_AMAZON1 Received contains spam friendly host (amazon)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

2.4 ACT_NOW_CAPS BODY: Talks about 'acting now' with capitals

0.0 WIKI_IMG URI: Image from wikipedia

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.0 AC_BR_BONANZA RAW: Too many newlines in a row... spammy template

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

3.0 GOOG_STO_NOIMG_HTML Apparently using google content hosting to avoid

URIBL

Subject: {SPAM?} Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today



This is a multi-part message in MIME format.

--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit



🔴 High Quality DTF Printing with Compact A3 XP600 Printhead DTF Printer for Business Start-ups





--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit























Costco - Loyalty Program








































































































































































































































































































































































































































































































































































































































































































rn:schemas-microsoft-com:office:office" lang=3D"en">
eta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
a name=3D"viewport" content=3D"width=3Ddevice-width,initial-scale=3D1">
d>
;-webkit-text-size-adjust:none;text-size-adjust:none">
ntainer" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" ro=

le=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0;backgrou=

nd-color:#262626">

align=3D"center" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=

=3D"0" role=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0=

">

=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"m=

so-table-lspace:0;mso-table-rspace:0;color:#000;width:600px;margin:0 auto" =

width=3D"600">

style=3D"mso-table-lspace:0;mso-table-rspace:0;font-weight:400;text-align:l=

eft;border-top:5px solid #6dcff6;vertical-align:top;border-right:0;border-b=

ottom:0;border-left:0">
order=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" styl=

e=3D"mso-table-lspace:0;mso-table-rspace:0;word-break:break-word">

lass=3D"pad">

style=3D"font-size:14px;font-family:Arial,Helvetica Neue,Helvetica,sans-ser=

if;mso-line-height-alt:16.8px;color:#777676;line-height:1.2">


rgin:0;font-size:14px;text-align:center;mso-line-height-alt:16.8px;letter-s=

pacing:1px">=



--b1_612cfa5c735d29a8d303a2c34fb35a69--

Costco Phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 07:20:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF62-00000000AMu-12m8

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 07:19:14 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 07:19:14 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [202.131.82.179] (port=33144 helo=surendanielyan.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF24-000000009kZ-0lnk

for doctor@nl2k.ab.ca;

Tue, 21 Jan 2025 07:15:17 -0700

X-Spam-Flag: NO

Received-SPF: pass (mail119c60.megamailservers.eu: domain of 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com designates 54.240.9.27 as permitted sender) receiver=mail119c60.megamailservers.eu; client-ip=54.240.9.27; helo=a9-27.smtp-out.amazonses.com; envelope-from=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10;

DMARC-Filter: OpenDMARC Filter v1.3.2 mail119c60.megamailservers.eu 50K6eVVd109533

Authentication-Results: mail119c60.megamailservers.eu; dmarc=none (p=none dis=none) header.from=am.co.za

Authentication-Results: mail119c60.megamailservers.eu; spf=pass smtp.mailfrom=010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

X-Envelope-From: 010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com

Authentication-Results: mail119c60.megamailservers.eu;

dkim=pass (2048-bit key) header.d=am.co.za header.i=@am.co.za header.b="lQ4Igng3";

dkim=pass (1024-bit key) header.d=amazonses.com header.i=@amazonses.com header.b="pz45L9IM"

Received: from a9-27.smtp-out.amazonses.com (a9-27.smtp-out.amazonses.com [54.240.9.27])

by mail119c60.megamailservers.eu (8.14.9/8.13.1) with ESMTP id 50K6eVVd109533

(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-SHA256 bits=128 verify=NO)

for ; Mon, 20 Jan 2025 06:40:34 +0000

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=jellpegaops4ewog2i62oroykyrj5w53; d=am.co.za; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=lQ4Igng3FDs1QNge0ZCZMMc6vTPGXAThYuaV9L18zWasYLDkHlrUeWXcp0xnbahc

mvNSYoe7kaUB6IV1TK7Id8xQXvUNl+gXq4pxorP8YKrDPPwyT/eHGNHxuhMwm+DTLLi

0pf1bIkz9bj0TVHwDvKdLOFubC+wkwrow2JpxIkTX/Nx0HkttzZfmL9JRF2473GOL78

c/wzEGhyyucp/vn/iyH7wcmzzk9zjvNldvF0tsLARLUCTpigli+f9NaIcK/4EX9pxzo

uT/fPp+uRoqIGIvnffNFxBlLIcftp1bqs7AevbpgIZ8bJwbR7z9RSD9YwbJjHovVTDz

KfYyWcYcvw==

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1737355230;

h=Date:To:From:Reply-To:Subject:Message-ID:List-Unsubscribe-Post:List-Unsubscribe:MIME-Version:Content-Type:Feedback-ID;

bh=fLTXSQPXCKuEVbWiYtIQCj9REuE8MOn3BhQ9KCpz19Q=;

b=pz45L9IMpT+qbwZ5pK757FTU/QnVoTnHt2l++Tg+qqGlSMTQo1XHZ/tFxTqpFtPF

UHatq1jep2fcoPAnbEBeaw22DiuZDbbCvOY3G3eTbgzIgeW/Lqs5GWHlpw/PZmPreHX

L91mz/fRWXf8qomqQyZ4RYZ/Y9ABhuFoedvX/hbc=

Date: Tue, 21 Jan 2025 08:06:44 -0600

To: doctor@nl2k.ab.ca

From: Costco Rewards

Reply-To: "AM.CO.ZA"

Subject: Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today

Message-ID: <0835862093010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@email.amazonses.com>

X-Mailer:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-Unsubscribe: ,

Precedence: Bulk

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_612cfa5c735d29a8d303a2c34fb35a69"

Feedback-ID: ::1.us-east-1.LKUVh6t63l7O6yIB1m15hzwDEjZQwa0iGlH8nisfPi4=:AmazonSES

X-SES-Outgoing: 2025.01.20-54.240.9.27

X-VADE-SPAMSTATE: commercial:mce

X-VADE-SPAMSCORE: 17

X-VADE-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeefuddrudeikedgleeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecujffquffvqffrkfetpdfgpfggqdeviedtnecuuegrihhlohhuthemuceftddunecundfotefknffkpffiucdludejmdenucfjughrpeffvffhrhfukffojfhpgggtsegrtderphdttdejnecuhfhrohhmpedftefordevqfdrkgetfdcuoehuphgurghtvghssegrmhdrtghordiirgeqnecuggftrfgrthhtvghrnhepiefgtdfhheelgeektdeuleevheefhfdujefhtddufeeggfdvuefgfedtheffjeefnecuffhomhgrihhnpegrfihsthhrrggtkhdrmhgvpdgrmhdrtghordiirgdphihouhhtuhgsvgdrtghomhdpsghuhihthhhishdrtghordiirgenucfkphepheegrddvgedtrdelrddvjeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeehgedrvdegtddrledrvdejpdhhvghloheprgelqddvjedrshhmthhpqdhouhhtrdgrmhgriihonhhsvghsrdgtohhmpdhmrghilhhfrhhomheptddutddttdduleegkedvjedtfhguvdefqdehtdgujedttggtvddqfeejsgguqdegfeduugdqrgehrggsqdehugeitggrvgduieelvgdtugdqtddttddttddtsegrmhgriihonhhsvghsrdgtohhmpdhnsggprhgtphhtthhopedupdhrtghpthhtohepkhgrrghnuggvrhdvsehonhhlihhnvgdrnhho

X-Rspamd-Status: No, score=2.22

X-Rspamd-Result: default: False [2.22 / 6.00];

SUSPICIOUS_URL_IN_SUSPICIOUS_MESSAGE(1.00)[];

R_PARTS_DIFFER(0.92)[96.0%];

FORGED_SENDER(0.30)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

BAD_REP_POLICIES(0.10)[];

MIME_GOOD(-0.10)[multipart/alternative,text/plain];

URIBL_PBL(0.01)[108.157.150.105:services.am.co.za:email,108.157.150.100:services.am.co.za:email,108.157.150.39:services.am.co.za:email,108.157.150.89:services.am.co.za:email];

HAS_LIST_UNSUB(-0.01)[];

R_DKIM_ALLOW(0.00)[am.co.za:s=jellpegaops4ewog2i62oroykyrj5w53,amazonses.com:s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug];

TO_DN_ALL(0.00)[];

FROM_HAS_DN(0.00)[];

ARC_NA(0.00)[];

RCPT_COUNT_ONE(0.00)[1];

DMARC_NA(0.00)[am.co.za];

MIME_TRACE(0.00)[0:+,1:+,2:~];

TO_MATCH_ENVRCPT_ALL(0.00)[];

DKIM_TRACE(0.00)[am.co.za:+,amazonses.com:+];

HAS_REPLYTO(0.00)[updates@am.co.za];

RCVD_COUNT_ZERO(0.00)[0];

PRECEDENCE_BULK(0.00)[];

FROM_NEQ_ENVFROM(0.00)[updates@am.co.za,010001948270fd23-50d70cc2-37bd-431d-a5ab-5d6cae169e0d-000000@amazonses.com];

HAS_PHPMAILER_SIG(0.00)[];

REDIRECTOR_URL(0.00)[awstrack.me];

ASN(0.00)[asn:14618, ipnet:54.240.8.0/21, country:US];

R_SPF_ALLOW(0.00)[+ip4:54.240.0.0/18];

REDIRECTOR_FALSE(0.00)[am.co.za->awstrack.me:awstrack.me,buythis.co.za->awstrack.me:awstrack.me,youtube.com->awstrack.me:awstrack.me];

REPLYTO_EQ_FROM(0.00)[]

X-Origin-Country: US

X-Origin-ASN: 14618

X-WHL: LR

X-Spam_score: 18.9

X-Spam_score_int: 189

X-Spam_bar: ++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: 🔴 High Quality DTF Printing with Compact A3 XP600 Printhead

DTF Printer for Business Start-ups Costco - Loyalty Program Congratulations!





Content analysis details: (18.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[202.131.82.179 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[54.240.9.27 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

[202.131.82.179 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[54.240.9.27 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[54.240.9.27 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

[202.131.82.179 listed in will-spam-for-food.eu.org]

3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS

[202.131.82.179 listed in zen.spamhaus.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[202.131.82.179 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[202.131.82.179 listed in bl.score.senderscore.com]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

2.0 GR_DOMAIN_AMAZON1 Received contains spam friendly host (amazon)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

2.4 ACT_NOW_CAPS BODY: Talks about 'acting now' with capitals

0.0 WIKI_IMG URI: Image from wikipedia

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.0 AC_BR_BONANZA RAW: Too many newlines in a row... spammy template

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

3.0 GOOG_STO_NOIMG_HTML Apparently using google content hosting to avoid

URIBL

Subject: {SPAM?} Hurry, Act Now! Get Your 2KG Fresh Salmon Fillet Reward Today



This is a multi-part message in MIME format.

--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit



🔴 High Quality DTF Printing with Compact A3 XP600 Printhead DTF Printer for Business Start-ups





--b1_612cfa5c735d29a8d303a2c34fb35a69

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit























Costco - Loyalty Program








































































































































































































































































































































































































































































































































































































































































































rn:schemas-microsoft-com:office:office" lang=3D"en">
eta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
a name=3D"viewport" content=3D"width=3Ddevice-width,initial-scale=3D1">
d>
;-webkit-text-size-adjust:none;text-size-adjust:none">
ntainer" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" ro=

le=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0;backgrou=

nd-color:#262626">=0A =

=0A =0A =0A =0A =0A =0A

align=3D"center" width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=

=3D"0" role=3D"presentation" style=3D"mso-table-lspace:0;mso-table-rspace:0=

">=0A =0A =

=0A =0A =

=0A

=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"m=

so-table-lspace:0;mso-table-rspace:0;color:#000;width:600px;margin:0 auto" =

width=3D"600">=0A =

=0A =

=0A =0A =0A =


style=3D"mso-table-lspace:0;mso-table-rspace:0;font-weight:400;text-align:l=

eft;border-top:5px solid #6dcff6;vertical-align:top;border-right:0;border-b=

ottom:0;border-left:0">
order=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" styl=

e=3D"mso-table-lspace:0;mso-table-rspace:0;word-break:break-word">=0A =

=0A =0A =

=0A =0A
e>=0A

lass=3D"pad">

style=3D"font-size:14px;font-family:Arial,Helvetica Neue,Helvetica,sans-ser=

if;mso-line-height-alt:16.8px;color:#777676;line-height:1.2">


rgin:0;font-size:14px;text-align:center;mso-line-height-alt:16.8px;letter-s=

pacing:1px">=



--b1_612cfa5c735d29a8d303a2c34fb35a69--

Paypal Phish from Microsoft Outlook

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 07:23:00 -0700

Received: from mail-mw2nam12lp2043.outbound.protection.outlook.com ([104.47.66.43]:40493 helo=NAM12-MW2-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF8s-00000000AVs-1Dyy

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 07:22:20 -0700

Received: from MW6P221MB1193.NAMP221.PROD.OUTLOOK.COM (2603:10b6:303:248::16)

by CO6P221MB0807.NAMP221.PROD.OUTLOOK.COM (2603:10b6:303:14b::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.21; Tue, 21 Jan

2025 14:20:09 +0000

Received: from MW4P221MB0973.NAMP221.PROD.OUTLOOK.COM (2603:10b6:303:1ef::11)

by MW6P221MB1193.NAMP221.PROD.OUTLOOK.COM (2603:10b6:303:248::16) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.20; Tue, 21 Jan

2025 14:19:41 +0000

Received: from MW4P221MB0973.NAMP221.PROD.OUTLOOK.COM

([fe80::b187:58a9:2040:73eb]) by MW4P221MB0973.NAMP221.PROD.OUTLOOK.COM

([fe80::b187:58a9:2040:73eb%6]) with mapi id 15.20.8377.009; Tue, 21 Jan 2025

14:19:40 +0000

ARC-Seal: i=4; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass;

b=k5j2dq41bpHZVj0NlmY9Srp5q2D6MtMZDjfcwq0sOGYeaTwkCmIkMPthD07PhZZXnFMfxUR+xV+FpwzJNruXUppqLqn2rD+pwVMSfWYS0vRxS77kMxr7vqYBRK8q6Cj0+Dc1LBU0RM4knZaWlaFzhut0Igo3YPqD1MhXBvs2d1Oli5s/otOF1zY1e+jtphS3tcKujYpnu2q6h6nFWo4/A8NNZsR5wCzi27cbxKf8uCoMMEiJrU9yBJ3CiIj/WsBLgwcWmyL9rt7cDmUXfv7XJt0BQ59myVXWlIA41wH4AzT7tIsrIeR5mhz1KkOlgdG+LCyT6Xi6Zm00XojGQHFeag==

ARC-Message-Signature: i=4; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=XAnNRWRDjuvqAxjij0hu+WJbGR7RaL0/aMOnmAeuaLU=;

b=qvxY2RR6Dnl5PDPSLm9T4IashngEM0bFaa68aQHXe1tO7kdES1uvMQ9SiG0+b/dC1u+VACkNKcxWsT9MKqpaGOXe3rVdCMkpH+xBBVMUajgdJHOUpuTyz6XQlr5jGSww+nuL0n2ZT8RindOuT17s1n/iKL1i266A2egNoTOFaIakQCAT8KQD1+KBWTiRJvdfA/OdmWFMbfwOqZtcWLKscW6XQzFSZL19GHBrtLR2lafeq3ny+nprMvGKgPB0n0iW3XGyRLHSPNtFK8oJDwJZGj8s0S3NgJiy5lchp5CCSt07eZdfYPi77St/cmZKvcvOT2UD4FSGkpg/38IHb+oF6w==

ARC-Authentication-Results: i=4; mx.microsoft.com 1; spf=pass (sender ip is

2a01:111:f403:c409::1) smtp.rcpttodomain=carpentermiranda.onmicrosoft.com

smtp.mailfrom=phoenixgldaide.onmicrosoft.com; dmarc=pass (p=reject sp=reject

pct=100) action=none header.from=paypal.com; dkim=pass (signature was

verified) header.d=paypal.com; arc=pass (0 oda=1 ltdi=1

spf=[1,2,smtp.mailfrom=service@paypal.com] dkim=[1,3,header.d=paypal.com]

dmarc=[1,3,header.from=paypal.com])

Received: from DS7PR03CA0079.namprd03.prod.outlook.com (2603:10b6:5:3bb::24)

by IA2P221MB1376.NAMP221.PROD.OUTLOOK.COM (2603:10b6:208:4ab::13) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.22; Tue, 21 Jan

2025 14:08:05 +0000

Received: from DS1PEPF00017092.namprd03.prod.outlook.com

(2603:10b6:5:3bb:cafe::3e) by DS7PR03CA0079.outlook.office365.com

(2603:10b6:5:3bb::24) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.20.8356.22 via Frontend Transport; Tue,

21 Jan 2025 14:08:05 +0000

Authentication-Results: spf=pass (sender IP is 2a01:111:f403:c409::1)

smtp.mailfrom=PhoenixGldaide.onmicrosoft.com; dkim=pass (signature was

verified) header.d=paypal.com;dmarc=pass action=none header.from=paypal.com;

Received-SPF: Pass (protection.outlook.com: domain of

PhoenixGldaide.onmicrosoft.com designates 2a01:111:f403:c409::1 as permitted

sender) receiver=protection.outlook.com; client-ip=2a01:111:f403:c409::1;

helo=MA0PR01CU009.outbound.protection.outlook.com; pr=C

Received: from MA0PR01CU009.outbound.protection.outlook.com

(2a01:111:f403:c409::1) by DS1PEPF00017092.mail.protection.outlook.com

(2603:10b6:2c:400:0:1002:0:7) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.20.8377.8 via Frontend Transport; Tue,

21 Jan 2025 14:08:04 +0000

Received: from PN3P287MB1523.INDP287.PROD.OUTLOOK.COM (2603:1096:c01:19a::10)

by PN3PPFD6F0367B6.INDP287.PROD.OUTLOOK.COM (2603:1096:c04:1::d7) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.23; Tue, 21 Jan

2025 14:08:02 +0000

Received: from PN3P287MB1523.INDP287.PROD.OUTLOOK.COM

([fe80::97ce:2fff:d05c:1dcc]) by PN3P287MB1523.INDP287.PROD.OUTLOOK.COM

([fe80::97ce:2fff:d05c:1dcc%4]) with mapi id 15.20.8356.020; Tue, 21 Jan 2025

14:08:02 +0000

ARC-Seal: i=3; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass;

b=SwwxMlXG2pdNagZs7IYkpvjGHgi3BFPORlG9+2F6wHxgWnCZukFOlvKe2GseQLmkfa6SAsNN6xxWvBSQlB93vQ2ixc+x7bNw8WTLTbBoRWEf3AXCPzLJL3qvzCZvBKeoVLUgprmD9G4b1mdQFnWnDNqsxJPKsknlDPHoHHNOBKTS4vIunLOriUilpr0FQbQT0m1Fr/GnjLpzCuw6kofbmJOd0BA69v+mgRKfXwg+64FKGHD1mAo6mJJWx+Iz3PnC2cQUxTQJvT4nM1sfPrgzKNQR10qJOxgxTXAL2S8yNuKuIqCHFin9oFS5stPpdyINmXJWbTsjYAfDT/p/Y/578w==

ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=XAnNRWRDjuvqAxjij0hu+WJbGR7RaL0/aMOnmAeuaLU=;

b=oK/813wJxbFUg3ODlvh5qQZCuIDSakxytFXO8aRvna4FlxOOr+LiaOu56EbjFfff+tww/pD3/OjHUFexs7odEw72gmt/PTCCadZGB9fS2OErRxIs24MynZjHNwz9wJ3oBG1ub2AwLKY+Aj9Q5ipOpadflXPzP+9eNmwAIKYenIQ6v65WtBmbbtyfW1lOtEqRpCWrtCW9tNC7qUjBWsXp00D0qpt6L08sDxDKLdaKGTC8JRAIaIehZSBvBthhhzKk9PW8vRmBdiCUq2FmQjZaNI50N8UlvV8FtSUHWVPxQQBOrMifmSE8pzliUiPcdmZ1QCDp/eLMyRwYMgGLsULvOQ==

ARC-Authentication-Results: i=3; mx.microsoft.com 1; spf=pass (sender ip is

2607:f8b0:4864:20::1033) smtp.rcpttodomain=phoenixgldaide.onmicrosoft.com

smtp.mailfrom=gmail.com; dmarc=pass (p=reject sp=reject pct=100) action=none

header.from=paypal.com; dkim=pass (signature was verified)

header.d=paypal.com; arc=pass (0 oda=1 ltdi=1

spf=[1,2,smtp.mailfrom=service@paypal.com] dkim=[1,2,header.i=@paypal.com]

dmarc=[1,2,header.from=paypal.com])

Received: from PN2PR01CA0169.INDPRD01.PROD.OUTLOOK.COM (2603:1096:c01:26::24)

by PN3P287MB0113.INDP287.PROD.OUTLOOK.COM (2603:1096:c01:d8::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.22; Tue, 21 Jan

2025 14:05:28 +0000

Received: from PN2PEPF0000018D.INDPRD01.PROD.OUTLOOK.COM

(2603:1096:c01:26:cafe::a) by PN2PR01CA0169.outlook.office365.com

(2603:1096:c01:26::24) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.20.8356.22 via Frontend Transport; Tue,

21 Jan 2025 14:05:28 +0000

Authentication-Results-Original: spf=pass (sender IP is

2607:f8b0:4864:20::1033) smtp.mailfrom=gmail.com; dkim=pass (signature was

verified) header.d=paypal.com;dmarc=pass action=none header.from=paypal.com;

Received-SPF: Pass (protection.outlook.com: domain of gmail.com designates

2607:f8b0:4864:20::1033 as permitted sender) receiver=protection.outlook.com;

client-ip=2607:f8b0:4864:20::1033; helo=mail-pj1-x1033.google.com; pr=C

Received: from mail-pj1-x1033.google.com (2607:f8b0:4864:20::1033) by

PN2PEPF0000018D.mail.protection.outlook.com (2603:1096:c04::1054) with

Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id

15.20.8377.8 via Frontend Transport; Tue, 21 Jan 2025 14:05:27 +0000

Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-2ee989553c1so9682309a91.3

for ; Tue, 21 Jan 2025 06:05:27 -0800 (PST)

ARC-Seal: i=2; a=rsa-sha256; t=1737468325; cv=pass;

d=google.com; s=arc-20240605;

b=DvdAzRIRDo1BPFFHUnubmVx2Dqx4ZBWA6POtkyMNpiGN64HByShz4GmnQRJBc7m9Ug

DY/OsB1Nzjl9Uif8STc5loIgu/f0jUvLIEakHvtNCTDmiAVyx5zxV7+qODSp5kZjJqch

885/YofLpDcYcYudCqba1mY2ycDa6XjQp29gFewcHIzqeI1U/WiNMo6EmT7LnA7aoDZS

nhltb7ip1YETz8R70tZU9Lc/0qMXiYZ4xtHEBbC2dpb9ETq28qan38/AmhFCUVNH/MS/

HbmDogtjm5tSOgCx/yh0Nt1swgl69A6FwLof2Z1hClj1FmLXXQ7BRvSn10A+OxwaCC6I

TTnQ==

ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=amq-delivery-message-id:pp-correlation-id:subject:to:from

:mime-version:message-id:date:content-transfer-encoding

:dkim-signature:delivered-to;

bh=XAnNRWRDjuvqAxjij0hu+WJbGR7RaL0/aMOnmAeuaLU=;

fh=EeItoLeC0hbttvMWI4WImCU3vtZVXgCMnL+FDAMgrSk=;

b=BS0a4Lkps/ZwYX6zLO2b3KPrWWc9NQuBoIHBJEZbAQBUtbMRXkL1vSW12pSTsGVz3t

4UjsvCIX/MFePwsdD6sFBuzICkWyydyNH0pc9erdqLTPxytVJ+Tt6Vh8LGUIOiqatrwq

XZTF1f0JkeE8IOrX9zn0wmVuPN/B/nYfsUPUlwqjwIH33y16DxUKgkDV6ysCzzSaCswm

30PXckcCaLC+kR/ZMFvsL+97p4dSYItA59pxpOq3FhheTZ6odDp5Qrg0bhECzYqTET15

YS+FC7P3iiXmMQhxfk36CUb3kMU8RG1UeBofbnaX2gOlNF7T4XEjQ4egxj9rcDptrhwP

3XpQ==;

darn=phoenixgldaide.onmicrosoft.com

ARC-Authentication-Results: i=2; mx.google.com;

dkim=pass header.i=@paypal.com header.s=pp-dkim1 header.b=C4jzbql8;

spf=pass (google.com: domain of service@paypal.com designates 66.211.170.93 as permitted sender) smtp.mailfrom=service@paypal.com;

dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=paypal.com

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1737468325; x=1738073125;

h=amq-delivery-message-id:pp-correlation-id:subject:to:from

:mime-version:message-id:date:content-transfer-encoding

:dkim-signature:delivered-to:x-forwarded-for:x-forwarded-to

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=XAnNRWRDjuvqAxjij0hu+WJbGR7RaL0/aMOnmAeuaLU=;

b=PuygcwvQm2U4QEAZLOLgrfSRQd8YJmHpua+b++boVvCCejaSNll45IbG2O2mVaSGfP

yuWz+KB0uP03ThOtqAiIoyqrDDANn7GNf5z/MweZ1Z8yRDXtPz64sVFR8Pm4m0n/2IU6

+lYtjSydo86hV5P4XJws6PBCBGACe1R2cTw5Gd0JgOfCDoCi+nxFQx/Lqx/QWbybLaat

Nf930cp+Z1hKe2qGvBNgq6wWFcTl8SMQmlhLmxDQ9PmewMRQh2WeGlo0m10pOvJ+ZwIo

EPLX9VCAQgOu8zYD6JDxI4mYE9q4DCOoitrFMRckIc6Q5qBlLWXLGLErr6+oBVouPj/X

osBQ==

X-Forwarded-Encrypted: i=2; AJvYcCXSFI/oI3Z6KtzY0lGrwqDEXxCVGx7p+6+hrYEklkCK3yRv7WsAEDCmiVTWcnh49Is1X5xpcKZPpg==@phoenixgldaide.onmicrosoft.com

X-Gm-Message-State: AOJu0YxV3brN/ZoYxqbrhxNTFQOxVgU5l9n0OsntYaeNQ2Y0bPuX6QaX

l2gz+4R8MW13SUH1zO09abG/d0J/yaNhb1ulTWLKjNZGndIxETpQQUw7l2TdwOoYzvtJ7cQZQhF

NKagH/PyKPKxks5VPZcIwbAvyQuGCnOLEleWKkKoQpK/ShPlPBqL8J1Gozpx+QYU=

X-Received: by 2002:a17:90b:3503:b0:2ee:d96a:5831 with SMTP id 98e67ed59e1d1-2f782d7dc10mr25934177a91.30.1737468325001;

Tue, 21 Jan 2025 06:05:25 -0800 (PST)

X-Forwarded-To: noreply1@PhoenixGldaide.onmicrosoft.com

X-Forwarded-For: anatolbragin6@gmail.com noreply1@PhoenixGldaide.onmicrosoft.com

Delivered-To: anatolbragin6@gmail.com

Received: by 2002:a17:522:9085:b0:5dd:7d65:227b with SMTP id b5csp169052pvv;

Tue, 21 Jan 2025 06:05:23 -0800 (PST)

X-Google-Smtp-Source: AGHT+IFUx36A5jZCGdps6yI6tNOvmRAr+Sce/CU7u5gLxIcuJTnjKW26qOzqgbazKlxQLmEl8iKt

X-Received: by 2002:a05:6808:2f1b:b0:3eb:4f87:97b4 with SMTP id 5614622812f47-3f19fd3050emr10075156b6e.24.1737468323275;

Tue, 21 Jan 2025 06:05:23 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1737468323; cv=none;

d=google.com; s=arc-20240605;

b=d2DnynOyRnUrpG/JS4gZPCcIKFbrexFgFFCy5JsyPrxm0LWSw4TrTabT6BahdJkcDw

0C66du+DfkVGi2QWMAew59SHFWIPVo2QYPziTg3FmDctns0lpFj2y0JI8Cx3vwFI4Ezd

6+dyHh1PMFEWtZqWY80hIeaPkzwXPDyRVzU3YHzYKhF56cvDvfBPGArYTd/bSeq9swB8

/juOyItuJNlVfgeizSPypN7OLs5ON2ciovAAOUew6DcmUF1S/9d4BsVeCzlRlra2f0id

iUKpu6TJWUSEWoFmzGwYiKEyWv4zcDyr1OK/Ev+I2A/xQQEqN6t/frSThz1+4nNoqB8s

5e0Q==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=amq-delivery-message-id:pp-correlation-id:subject:to:from

:mime-version:message-id:date:content-transfer-encoding

:dkim-signature;

bh=XAnNRWRDjuvqAxjij0hu+WJbGR7RaL0/aMOnmAeuaLU=;

fh=5faWbAo6FvF32PfHt62u3v1+R+E2qmGnmRwpmw+V0OQ=;

b=SDZ5NRD6dCSM+rhx8fcGLT7vVMAJI3d0dc6MBldCgOA2STvJk/SMRoG1QpzuBhz0nT

kV4xBColeyaLiYke6UNVu43mMj57OSP29y5ssRj5k3RJmbTzo7IAEUNFCKBPE1n0d0Ld

QWfKtMoXNRQEDiQtffnuI5VDn2hYp+oMxqswu2LnOcFH7qTH9/VzDczNkBRf+urNpRun

TxJvCWxIfdUMoeWHOwztWWvzSwvyqGOk+OWp+cOfAW14VDZ0h0pV90nNMDnvHz8LGL8d

pibDm1j/6Y56QsNrYoC5o4hQlWVrK9Xbycn5tvuH8/hioXrwL1RPDsuFiVp4DB86VpbQ

Narg==;

dara=google.com

ARC-Authentication-Results: i=1; mx.google.com;

dkim=pass header.i=@paypal.com header.s=pp-dkim1 header.b=C4jzbql8;

spf=pass (google.com: domain of service@paypal.com designates 66.211.170.93 as permitted sender) smtp.mailfrom=service@paypal.com;

dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=paypal.com

Received: from mx9.phx.paypal.com (mx9.phx.paypal.com. [66.211.170.93])

by mx.google.com with ESMTPS id 006d021491bc7-5fa35ec49c0si8456899eaf.10.2025.01.21.06.05.22

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Tue, 21 Jan 2025 06:05:23 -0800 (PST)

Received-SPF: pass (google.com: domain of service@paypal.com designates 66.211.170.93 as permitted sender) client-ip=66.211.170.93;

Authentication-Results-Original: mx.google.com; dkim=pass

header.i=@paypal.com header.s=pp-dkim1 header.b=C4jzbql8; spf=pass

(google.com: domain of service@paypal.com designates 66.211.170.93 as

permitted sender) smtp.mailfrom=service@paypal.com; dmarc=pass

(p=REJECT sp=REJECT dis=NONE) header.from=paypal.com

DKIM-Signature: v=1; a=rsa-sha256; d=paypal.com; s=pp-dkim1; c=relaxed/relaxed;

q=dns/txt; i=@paypal.com; t=1737468322;

h=From:From:Subject:Date:To:MIME-Version:Content-Type;

bh=XAnNRWRDjuvqAxjij0hu+WJbGR7RaL0/aMOnmAeuaLU=;

b=C4jzbql8AnSU54HUu4GQcYbxCsFnKUA5SqBN2v+I4/sqfOpuGV8JLLWExl7EeT4g

vtZ3SG7PNV4h1BpkL0uD3pHD3ebPPSdnfxdWJ9o6drQR1AmUysNdTrOSVwDx/6J3

xG3U+4fscuOxkNQ6ZcOGnNn42NWTvouXVlmzg8N2ZQS/dsKr/z6ptCWz3zzF0BU9

O+lV+NLK9J2fI9HssftUzEeJ/YBIedTXOLa8TEre+itQxktj7ew940fHUyOCh19f

46+Vuql0SX3jezAPPSiiEvQ8BsMzIBDhbnMNWI8CAq2YsTBtZfyNvtBKLweAxK8l

8Ohmx4c32TEKrozFzgAgNw==;

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset="UTF-8"

Date: Tue, 21 Jan 2025 06:05:22 -0800

Message-ID: <99.1D.57551.2A9AF876@ccg01mail09>

MIME-Version: 1.0

From: "service@paypal.com"

To: Melinda Borbely

Subject: =?UTF-8?Q?Invoice_from_If_this_Charge_is_not_for_your_Subs-cription?=

=?UTF-8?Q?_Quickly_reach_us_at=C2=A0=28808=29=C2=A0751-1384_=28PP4928=29?=

X-MaxCode-Template: RT000238

X-PP-Priority: 0-paypal-true

PP-Correlation-Id: f553980cf0970

X-PP-Email-transmission-Id: c1681d2c-d800-11ef-bf87-7f595b87146b

X-PP-REQUESTED-TIME: 1737468318933

X-Email-Type-Id: RT000238

AMQ-Delivery-Message-Id: nullval

X-XPT-XSL-Name: nullval

X-EOPAttributedMessage: 1

X-MS-TrafficTypeDiagnostic:

PN2PEPF0000018D:EE_|PN3P287MB0113:EE_|PN3PPFD6F0367B6:EE_|DS1PEPF00017092:EE_|IA2P221MB1376:EE_|MW6P221MB1193:EE_|CO6P221MB0807:EE_

X-MS-Office365-Filtering-Correlation-Id: 5b57a6b9-c74b-44c8-bb37-08dd3a250662

X-Moderation-Data: 1/21/2025 2:08:01 PM

X-LD-Processed: b1491ca5-49ea-4a46-a77d-7145b70c75e5,ExtAddr

X-Auto-Response-Suppress: DR, OOF, AutoReply

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PN3PPFD6F0367B6

X-EOPTenantAttributedMessage: 44eb7add-7c3c-4029-ba89-701663f3c803:0

X-MS-Exchange-Transport-CrossTenantHeadersStripped: DS1PEPF00017092.namprd03.prod.outlook.com

X-MS-Exchange-Transport-CrossTenantHeadersPromoted: DS1PEPF00017092.namprd03.prod.outlook.com

X-MS-PublicTrafficType: Email

X-MS-Office365-Filtering-Correlation-Id-Prvs:

39171879-4b58-425b-c806-08dd3a24a8be

X-Moderation-Data: 1/21/2025 2:19:39 PM

X-LD-Processed: 44eb7add-7c3c-4029-ba89-701663f3c803,ExtAddr,ExtAddr

X-OriginatorOrg: CarpenterMiranda.onmicrosoft.com

X-MS-Exchange-CrossTenant-Network-Message-Id: 5b57a6b9-c74b-44c8-bb37-08dd3a250662

X-MS-Exchange-CrossTenant-Id: 44eb7add-7c3c-4029-ba89-701663f3c803

X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017092.namprd03.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jan 2025 14:19:40.9835

(UTC)

X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6P221MB0807



=0A=0A =0A
ent-Type" content=3D"text/html; charset=3Dutf-8" />=0A
wport" content=3D"initial-scale=3D1.0,minimum-scale=3D1.0,maximum-scale=3D1=

.0,width=3Ddevice-width,height=3Ddevice-height,target-densitydpi=3Ddevice-=

dpi,user-scalable=3Dno" />=0A Invoice from If this Charge is not =<br /><br /> for your Subs-cription Quickly reach us at=C2=A0(808)=C2=A0751-1384 (PP4928=<br /><br /> )=0A =0A =0A=0A =0A


=3D"display:none;color:#F5F7FA;font-size:0px;line-height:0px">anatolbragin6=

@gmail.com, here are your invoice details

=0A
0" cellSpacing=3D"0" border=3D"0" width=3D"100%" role=3D"presentation">=0A =

=0A =0A =0A =0A =

=0A =0A =

=0A =0A =0A =

=0A

nt-size:0px">
=3D"center" class=3D"mobContent">=0A
llSpacing=3D"0" border=3D"0" width=3D"100%" dir=3D"ltr" role=3D"presentatio=

n">=0A =0A =0A =0A =

=0A =0A
=

=0A
"0" width=3D"100%" role=3D"presentation">=0A =

=0A =0A =0A =

=0A =0A =0A =0A =

=0A
=0A =


0" border=3D"0" dir=3D"ltr" style=3D"background:#fff" role=3D"presentation"=

>=0A =0A =

=0A =0A =

=0A =0A =


or:#929496;font-weight:450;font-size:12px;line-height:9px;padding:10px 0px"=

>Hello, anatolbragin6@gmail.com
=0A
=

=0A
Spacing=3D"0" border=3D"0" dir=3D"ltr" role=3D"presentation">=0A =

=0A =0A =

=0A =0A =

=0A

40px 24px">
-triggered-email/n/layout/images/ppe/pp-logo_x2.png" style=3D"display:block=

" border=3D"0" width=3D"51" height=3D"51" alt=3D"PayPal" title=3D"PayPal" /=

>
=0A =

=0A
=0A
cellPadding=3D"0" cellSpacing=3D"0" border=3D"0" width=3D"100%" class=3D"p=

psans" dir=3D"ltr" role=3D"presentation">=0A
=0A =


rder=3D"0" role=3D"presentation">=0A =0A =

=0A =0A =0A =

=0A

e=3D"padding:0px 24px 40px 24px;word-break:break-word">=0A =


-height:46px;color:#000;margin:0">Here's your invoice

=0A =

=0A
able width=3D"100%" cellSpacing=3D"0" cellPadding=3D"0" border=3D"0" role=

=3D"presentation">=0A

>=0A
lPadding=3D"0" border=3D"0">=0A =0A =

=0A =0A =0A =

=0A

lign=3D"top">=0A


0px;line-height:28px;color:#000000;margin:0" dir=3D"ltr">If this Char=

ge is not for your Subs-cription Quickly reach us at=C2=A0(808)=C2=A0751-13=

84 sent you an invoice for $499.00=C2=A0USD

=0A =

=0A =

=0A
width=3D"100%" cellSpacing=3D"0" cellPadding=3D"0" border=3D"0" role=3D"pr=

esentation">=0A
=0A =


ng=3D"0" border=3D"0">=0A =0A =

=0A =0A =

=0A =0A =


=3D"top">=0A


line-height:28px;color:#000000;margin:0" dir=3D"ltr">Due on receipt.<=

/span>

=0A
=0A

llSpacing=3D"0" cellPadding=3D"0" border=3D"0">=0A
ody>=0A =0A =0A =0A =

=0A

=3D"padding:0px 24px 24px 24px">=0A
=3D"100%" cellSpacing=3D"0" cellPadding=3D"0" border=3D"0" style=3D"backgro=

und:#fff;border-radius:18px">=0A =0A =

=0A =0A =0A =

=0A

lign=3D"center" class=3D"ppsans" style=3D"vertical-align:top;padding:20px 2=

4px">=0A
ng=3D"0" cellPadding=3D"0" border=3D"0" role=3D"presentation">=0A =

=0A =

=0A =0A =0A =

=0A <=

/table>=0A =0A =

=0A =0A =

=0A =

=0A =0A =

=0A =

=0A

x">=0A
lSpacing=3D"0" cellPadding=3D"0" border=3D"0">=0A =

=0A =

=0A =0A
>=0A =0A =


op">=0A


-weight:500;font-size:20px;line-height:28px;color:#000000;margin:0" dir=3D"=

ltr">Invoice details

=0A =
=0A =
=0A=


cellPadding=3D"0" border=3D"0" dir=3D"ltr">=0A =

=0A =0A =

=0A =

=0A =0A =


0px 24px 0px">=0A
transactionRow" width=3D"100%" cellPadding=3D"0" cellSpacing=3D"0" border=

=3D"0" dir=3D"ltr">=0A =

=0A =0A =

=0A =0A =

=0A =

=0A =

=0A =

=0A

;line-height:20px;font-weight:700;padding-bottom:2px">Amount requeste=

d

height:20px">$499.00=C2=A0USD
=0A =
=0A
able width=3D"100%" cellSpacing=3D"0" cellPadding=3D"0" border=3D"0" dir=3D=

"ltr">=0A

align=3D"center" style=3D"padding:0px 0px 24px 0px">=0A =


ding=3D"0" cellSpacing=3D"0" border=3D"0" dir=3D"ltr">=0A =

=0A =

=0A =0A =

=0A =

=0A =0A =

=0A =

=0A =


ign=3D"top" style=3D"font-size:14px;line-height:20px;font-weight:700;paddin=

g-bottom:2px">Invoice number

op" style=3D"font-size:14px;line-height:20px">PP4928
=0A
=0A =

=0A =

=0A
ble width=3D"100%" border=3D"0" cellSpacing=3D"0" cellPadding=3D"0" dir=3D"=

ltr" role=3D"presentation">=0A

4px 24px" align=3D"center">=0A
0" cellSpacing=3D"0" cellPadding=3D"0" dir=3D"ltr" role=3D"presentation">=

=0A =0A =

=0A =0A =

=0A =

=0A

00000" style=3D"border-radius:60px;border:2px solid #ffffff">
ps://www.paypal.com/invoice/payerView/details/INV2-V5BT-AKGV-96EG-H9WH=3Fv=

=3D1&utm_source=3Dunp&utm_medium=3Demail&utm_campaign=3DRT000238&utm_unptid=

=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&ppid=3DRT000238&cnac=3DUS&rsta=3Den=

_US%28en-US%29&cust=3DF8BMWKU6PPSEA&unptid=3Dc1681d2c-d800-11ef-bf87-7f595b=

87146b&calc=3Df553980cf0970&unp_tpcid=3Dinvoice-buyer-notification&page=3Dm=

ain%3Aemail%3ART000238&pgrp=3Dmain%3Aemail&e=3Dcl&mchn=3Dem&s=3Dci&mail=3Ds=

ys&appVersion=3D1.300.0&tenant_name=3DPAYPAL&xt=3D145585%2C134644%2C150948%=

2C104038&link_ref=3Ddetails_inv2-v5bt-akgv-96eg-h9wh" target=3D"_blank" sty=

le=3D"line-height:20px;font-size:18px;border-radius:60px;padding:15px 30px;=

display:inline-block;border:1px solid #000000;font-weight:700;text-align:ce=

nter;text-decoration:none;cursor:pointer;min-width:150px;background-color:#=

000000;color:#ffffff" role=3D"button">View and Pay Invoice
=0A
=0A
ng=3D"0" cellPadding=3D"0" border=3D"0" role=3D"presentation">=0A =

=0A =0A =

=0A
tr>=0A =0A
=0A =

=0A=

=0A
>=0A =0A =

=0A =0A =

=0A =


000;margin:0" dir=3D"ltr">Don't recognize this invoice=3F

=

=0A
=0A
=0A =


rder=3D"0">=0A =0A =

=0A =0A =0A =

=0A

=3D"ltr">=0A
=3D"0" cellPadding=3D"0" border=3D"0" dir=3D"ltr">=0A =

=0A =0A =

=0A =0A =0A =

=0A

ypal.com/invoice/payerView/details/INV2-V5BT-AKGV-96EG-H9WH=3Faction=3Drepo=

rt-spam&v=3D1&utm_source=3Dunp&utm_medium=3Demail&utm_campaign=3DRT000238&u=

tm_unptid=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&ppid=3DRT000238&cnac=3DUS&=

rsta=3Den_US%28en-US%29&cust=3DF8BMWKU6PPSEA&unptid=3Dc1681d2c-d800-11ef-bf=

87-7f595b87146b&calc=3Df553980cf0970&unp_tpcid=3Dinvoice-buyer-notification=

&page=3Dmain%3Aemail%3ART000238&pgrp=3Dmain%3Aemail&e=3Dcl&mchn=3Dem&s=3Dci=

&mail=3Dsys&appVersion=3D1.300.0&tenant_name=3DPAYPAL&xt=3D145585%2C134644%=

2C150948%2C104038&link_ref=3Ddetails_inv2-v5bt-akgv-96eg-h9wh" target=3D"_b=

lank">=0A
acing=3D"0" cellPadding=3D"0" border=3D"0" dir=3D"ltr" role=3D"presentation=

">=0A =0A =

=0A
d align=3D"center" class=3D"ppsans" style=3D"padding:0px 0px 0px 0px">
class=3D"" src=3D"https://www.paypalobjects.com/digitalassets/system-trigge=

red-email/warning.png" style=3D"display:block;border:0" border=3D"0" alt=3D=

"" height=3D"18" width=3D"18" />=0A =

=0A =0A =
=0A =


">
V-96EG-H9WH=3Faction=3Dreport-spam&v=3D1&utm_source=3Dunp&utm_medium=3Demai=

l&utm_campaign=3DRT000238&utm_unptid=3Dc1681d2c-d800-11ef-bf87-7f595b87146b=

&ppid=3DRT000238&cnac=3DUS&rsta=3Den_US%28en-US%29&cust=3DF8BMWKU6PPSEA&unp=

tid=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&calc=3Df553980cf0970&unp_tpcid=

=3Dinvoice-buyer-notification&page=3Dmain%3Aemail%3ART000238&pgrp=3Dmain%3A=

email&e=3Dcl&mchn=3Dem&s=3Dci&mail=3Dsys&appVersion=3D1.300.0&tenant_name=

=3DPAYPAL&xt=3D145585%2C134644%2C150948%2C104038&link_ref=3Ddetails_inv2-v5=

bt-akgv-96eg-h9wh" target=3D"_blank" style=3D"text-decoration:none">
lass=3D"" style=3D"font-size:14px;color:palblue">Report this invoice<=

/span>
=0A =

=0A
e width=3D"100%" cellPadding=3D"0" cellSpacing=3D"0" border=3D"0">=0A =

=0A =


ht:20px;color:#000000;margin:0;word-break:break-word" dir=3D"ltr">Bef=

ore paying, make sure you recognize this invoice. If you don't, report it. =


=3D1&utm_source=3Dunp&utm_medium=3Demail&utm_campaign=3DRT000238&utm_unptid=

=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&ppid=3DRT000238&cnac=3DUS&rsta=3Den=

_US%28en-US%29&cust=3DF8BMWKU6PPSEA&unptid=3Dc1681d2c-d800-11ef-bf87-7f595b=

87146b&calc=3Df553980cf0970&unp_tpcid=3Dinvoice-buyer-notification&page=3Dm=

ain%3Aemail%3ART000238&pgrp=3Dmain%3Aemail&e=3Dcl&mchn=3Dem&s=3Dci&mail=3Ds=

ys&appVersion=3D1.300.0&tenant_name=3DPAYPAL&xt=3D145585%2C134644%2C150948%=

2C104038&link_ref=3Dsecurity_common-scams" target=3D"_blank" style=3D"text-=

decoration:none">Learn more about common security threats and how to sp=

ot them. For example, PayPal would never use an invoice or a money request =

to ask you for your account credentials.

=0A =

=0A
=0A =


order=3D"0" dir=3D"ltr">=0A =0A =

=0A =0A =

=0A =0A
=0A =

=0A=

=0A
>=0A =0A =

=0A =0A
able>=0A =0A =0A =

=0A

tyle=3D"padding:30px 24px 30px 24px">
com/digitalassets/c/system-triggered-email/n/layout/images/ppe/pp-logo_x2.p=

ng" width=3D"40" height=3D"40" style=3D"display:block" border=3D"0" alt=3D"=

PayPal" />=0A

" style=3D"border-top:1px solid #C6C6C6;margin:30px 0px 0px 0px" />=0A =
=0A =


llSpacing=3D"0" border=3D"0" style=3D"margin-bottom:0px" dir=3D"ltr">=0A =

=0A =0A =

=0A =0A =

=0A =0A =

=0A =0A
=0A =


%" style=3D"padding:5px 24px 20px 24px">=0A =0A =

=0A =0A =0A =0A =

=0A =


=3D"0" cellSpacing=3D"0" border=3D"0">=0A =0A =

=0A =0A =

=0A =0A
ble>=0A

ze:12px;line-height:16px;padding:6px 0px">=0A
class=3D"ppsans" style=3D"font-size:12px;margin:0" dir=3D"ltr">PayPa=

l is committed to preventing fraudulent emails. Emails from PayPal will alw=

ays contain your full name.
p/security/suspicious-activity=3Fv=3D1&utm_source=3Dunp&utm_medium=3Demail&=

utm_campaign=3DRT000238&utm_unptid=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&p=

pid=3DRT000238&cnac=3DUS&rsta=3Den_US%28en-US%29&cust=3DF8BMWKU6PPSEA&unpti=

d=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&calc=3Df553980cf0970&unp_tpcid=3Di=

nvoice-buyer-notification&page=3Dmain%3Aemail%3ART000238&pgrp=3Dmain%3Aemai=

l&e=3Dcl&mchn=3Dem&s=3Dci&mail=3Dsys&appVersion=3D1.300.0&tenant_name=3DPAY=

PAL&xt=3D145585%2C134644%2C150948%2C104038&link_ref=3Dsecurity_suspicious-a=

ctivity" target=3D"_blank" style=3D"text-decoration:none">Learn to identify=

phishing

=0A

ellPadding=3D"0" cellSpacing=3D"0" border=3D"0">=0A
body>=0A =0A =0A =

=0A =0A

=3D"font-size:12px;line-height:16px;padding:6px 0px">=0A =

=

Please don't reply to this email. To get in touch with us, click
ref=3D"https://www.paypal.com/selfhelp/home=3Fv=3D1&utm_source=3Dunp&utm_me=

dium=3Demail&utm_campaign=3DRT000238&utm_unptid=3Dc1681d2c-d800-11ef-bf87-7=

f595b87146b&ppid=3DRT000238&cnac=3DUS&rsta=3Den_US%28en-US%29&cust=3DF8BMWK=

U6PPSEA&unptid=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&calc=3Df553980cf0970&=

unp_tpcid=3Dinvoice-buyer-notification&page=3Dmain%3Aemail%3ART000238&pgrp=

=3Dmain%3Aemail&e=3Dcl&mchn=3Dem&s=3Dci&mail=3Dsys&appVersion=3D1.300.0&ten=

ant_name=3DPAYPAL&xt=3D145585%2C134644%2C150948%2C104038&link_ref=3Dselfhel=

p_home" target=3D"_blank" style=3D"text-decoration:none">Help & Contact=

.

=0A
=0A =


ing=3D"0" border=3D"0">=0A =0A =

=0A =0A =

=0A =0A =


ight:16px;padding:6px 0px">=0A


s" style=3D"font-size:12px;margin:0" dir=3D"ltr">Not sure why you rec=

eived this email=3F
why-am-i-receiving-emails-from-paypal-when-i-dont-have-an-account-faq4172=

=3Fv=3D1&utm_source=3Dunp&utm_medium=3Demail&utm_campaign=3DRT000238&utm_un=

ptid=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&ppid=3DRT000238&cnac=3DUS&rsta=

=3Den_US%28en-US%29&cust=3DF8BMWKU6PPSEA&unptid=3Dc1681d2c-d800-11ef-bf87-7=

f595b87146b&calc=3Df553980cf0970&unp_tpcid=3Dinvoice-buyer-notification&pag=

e=3Dmain%3Aemail%3ART000238&pgrp=3Dmain%3Aemail&e=3Dcl&mchn=3Dem&s=3Dci&mai=

l=3Dsys&appVersion=3D1.300.0&tenant_name=3DPAYPAL&xt=3D145585%2C134644%2C15=

0948%2C104038&link_ref=3Darticle_why-am-i-receiving-emails-from-paypal-when=

-i-dont-have-an-account-faq4172" target=3D"_blank" style=3D"text-decoration=

:none">Learn more

=0A
=0A
cellSpacing=3D"0" border=3D"0">=0A =0A =

=0A =0A =

=0A =0A

;line-height:16px;padding:6px 0px">=0A


=3D"ppsans" style=3D"font-size:12px;margin:0" dir=3D"ltr">=0A =

Copyright &co=

py; 1999-2025 PayPal, Inc. All rights reserved. PayPal is located at 2211 N=

. First St., San Jose, CA 95131.
=0A =

PayPal RT000238:en_US(en-US):1.8.=

1:f553980cf0970

3D""
=3D"https://t.paypal.com/ts=3Fv=3D1&utm_source=3Dunp&utm_medium=3De=

mail&utm_campaign=3DRT000238&utm_unptid=3Dc1681d2c-d800-11ef-bf87-7=

f595b87146b&ppid=3DRT000238&cnac=3DUS&rsta=3Den_US%28en-US%29&a=

mp;cust=3DF8BMWKU6PPSEA&unptid=3Dc1681d2c-d800-11ef-bf87-7f595b87146b&a=

mp;calc=3Df553980cf0970&unp_tpcid=3Dinvoice-buyer-notification&page=

=3Dmain%3Aemail%3ART000238&pgrp=3Dmain%3Aemail&e=3Dop&mchn=3Dem=

&s=3Dci&mail=3Dsys&appVersion=3D1.300.0&tenant_name=3DPAYPA=

L&xt=3D145585%2C134644%2C150948%2C104038&link_ref=3Dt.paypal.com_ts=

" />

=0A
=0A =
=0A
"font-size:0px">
=0A <=

/body>=0A=0A



Web / SEO / App spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 07:20:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF5u-00000000ALl-1S2f

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 07:19:06 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 07:19:06 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qv1-f49.google.com ([209.85.219.49]:51534)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1taEwT-000000008cj-3z8U

for root@nk.ca;

Tue, 21 Jan 2025 07:10:17 -0700

Received: by mail-qv1-f49.google.com with SMTP id 6a1803df08f44-6e1a41935c3so78955956d6.3

for ; Tue, 21 Jan 2025 06:07:26 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1737468440; x=1738073240; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=H0RmrCE1rLx0La4EDsb2e5awcrtUH2grgQl0QRWbFwI=;

b=cIsmAzVFkGl99siGqgcHaiv77v4mennPqn+elDZVYjsLSbLzGlJ/KfO/2DZ4Jdy/y6

WACr/+YwzX3GsfV/xi9HkIwiLHGb32IlkgULVjNmHR/N7uwgFDk8Vz82SpENa+uqhOnn

QUyKCPQMJEuxYU+lw/AwHPWie3RtIXUW7WwNed3UUI9jyT6SA/yvfF6Dq1a0+TZY1NVT

11Dg/OWM5DC79iZuvaCPWeFEgqHE5KukbUPd3r3P4vkN47XuD3MZ5euJ1lB41ROry6mx

1SmmQfin6zEtCZSpFTaaJSiUduXnJCV6HZYQR32PHyUOPWZdlrOXCfrU5C89Q5VQUOzl

Tvaw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1737468440; x=1738073240;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=H0RmrCE1rLx0La4EDsb2e5awcrtUH2grgQl0QRWbFwI=;

b=C//t8tnHpvUImW6eKlcizGcgyqwxFPz7eUCSfP3x/7QCnDYvMtFn/WCnidPMUnloYw

xtfEgbQsyNiBn64P77KohNsQqo8pFICFB1yrCP+Who/vAtYkXYugu6wPbi/zl2Wzep0n

4KI5qB0KnFH27NoDywB3BwivP2yCRRaM6Jkc7yRcsoMFkZlRhbV+6sb20zAt2HFV97XW

hMIxtETLIPMJnlWT0h0X7S/a7r+AqbUGdnl0M82mIgU6ngpSfohLI+AHd4XykHUWZftt

kDEGiATi7BOw8Lk+CXXZvEHFakF/A6YCcxcfX9EOV4KYnZlwis168l0Vqt8p/WqRYgd4

6Qlg==

X-Gm-Message-State: AOJu0YyLNaOUun5Y+tafNjhsTGsV1lThzdkAxFegeO6Lh3kJlxGQACE9

0pZJk635OEBPNPgmkm9m9ZaqwQEKG7nIhJgnZK4cX5ma8f/HjYVm7jOmSXzG

X-Gm-Gg: ASbGncsNDTPBwoeQMwCPWUonTwvpkeJTu/UmX67IwvJzB+BNp2e6ZSKXpt5/yfleWpL

mdURXZYJoJm7cdtKQzuONM2TJZgvoj9xc7YLg8SFELSLfK6mCC2vSOgLml5P/goU+Fjankcwh5w

h/fSMWJOXX7rAOvuiWqY9MKphWRxGtdDgV6y2P85XpeYAzRjCYL86zxZl8vIITCHvQ1vnr2EAKb

ICQA7uWILzTkQdY4nWeeVpVFemXpQm8/suDGIFkcP4+EHu0ZfbQXXGFuXz/WGTZIXhKNLVBfQvp

zspudg0PmA0=

X-Google-Smtp-Source: AGHT+IF7Hwn2nMap68nJ4t3gIsDrFfOuSfIeuXlP/zliRNQgJyBqHT7yJUqtA8EfmL+CuywE1pBvZQ==

X-Received: by 2002:a05:6a20:6a0a:b0:1e0:d87a:f67 with SMTP id adf61e73a8af0-1eb21485364mr27976099637.13.1737467776800;

Tue, 21 Jan 2025 05:56:16 -0800 (PST)

Received: from DESKTOP5K6VSPA ([2401:4900:741e:5331:d964:f4c0:d698:c45f])

by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-a9bcc323847sm7411537a12.23.2025.01.21.05.56.15

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Tue, 21 Jan 2025 05:56:16 -0800 (PST)

From: "Ryan"

To:

Subject: Re: Website design, redesign?

Date: Tue, 21 Jan 2025 19:25:27 +0530

Message-ID: <05e401db6c0c$3dac7000$b9055000$@com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_05E5_01DB6C3A.5764AC00"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AdtsDBFzQYlGCHPxTiG6KvaR3ha7/A==

Content-Language: en-us

X-Spam_score: 5.1

X-Spam_score_int: 51

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, root@nk.ca You must be doing well, I hope. We create outstanding

"Mobile apps and websites" with our in-house developers and designers. Boost

your online presence with us!



Content analysis details: (5.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.219.49 listed in dnsbl.ahbl.org]

[209.85.219.49 listed in dnsbl.ahbl.org]

[209.85.219.49 listed in dnsbl.ahbl.org]

[209.85.219.49 listed in dnsbl.ahbl.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in dnsbl.ahbl.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in dnsbl.ahbl.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in dnsbl.ahbl.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.219.49 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.219.49 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.219.49 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.219.49 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[2401:4900:741e:5331:d964:f4c0:d698:c45f listed]

[in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

[209.85.219.49 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.219.49 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.219.49 listed in wl.mailspike.net]

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ryanshaunmo(at)gmail.com]

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} Re: Website design, redesign?



This is a multipart message in MIME format.



------=_NextPart_000_05E5_01DB6C3A.5764AC00

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hi, root@nk.ca



You must be doing well, I hope.



We create outstanding "Mobile apps and websites" with our in-house

developers and designers. Boost your online presence with us!



1. Website design, redesign, and development



2. Mobile app creation, and development (Android, iOS, iPhone)



3. Maintaining a website, website optimization, and more.



If you have any specific needs, kindly let me know, also let's connect on

Google Meet or Zoom at your convenience time.



Thanks,



Ryan,



P.S.: If you are not interested in our services, please write Unsubscribe in

the Subject and send it to us.





------=_NextPart_000_05E5_01DB6C3A.5764AC00

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">






charset=3Dus-ascii">



















Hi, root@nk.ca





You must be doing well, I hope.





We create outstanding "Mobile apps and =

websites"

with our in-house developers and designers. Boost your online presence =

with us!





1. Website design, redesign, and development





2. Mobile app creation, and development (Android, =

iOS,

iPhone)





3. Maintaining a website, website optimization, and =

more.





If you have any specific needs, kindly let me know, =

also

let's connect on Google Meet or Zoom at your convenience time.





Thanks,





Ryan,





P.S.: If you are not interested in our services, =

please

write Unsubscribe in the Subject =

and send

it to us.

















------=_NextPart_000_05E5_01DB6C3A.5764AC00--



Web / SEO / App spam from Microsoft Outlook

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 07:18:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF4l-00000000AAi-2Ojd

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 07:17:55 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 07:17:55 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-bn8nam12olkn2036.outbound.protection.outlook.com ([40.92.21.36]:50049 helo=NAM12-BN8-obe.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1taD4I-00000000HSN-0d0G;

Tue, 21 Jan 2025 05:10:21 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=YK9wGhHCbcmvY46gJRB2qU/JJbs6aBNnjObY+3AHlh5hDYoXOCHvnyD0eNATuqFWSPnSVC3bEvGUQ41UI7gxBO8Kcs+KczXrC1c56B6lANV+TibNYrTToAtwsSrGQdeNhWlXBSWCBMQkAD5MykAGjMl5tUMcDzfqhglzTh+5DMG9ZqGKwdIBzOR0kBc3XttIglwQxR0BdBftQDm2u1GCFtXmLI8bMBZMiRoXpwUm3wANY7hL3zeQym8Bh+/sAiTTHNF5TYsqynatMbu/A67xGycXg93xa2kIWu62MTQO0RGsd69U4n6TJjCuPHpo+axwmLH/R8FlFFaP+U6LrKa/tA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=6fPuJcP4sBuzkBFIaIqrO2eE+bkOQCEDoRYEeoHrCvw=;

b=lSaw4Ml1XyP+4ALrtL/XnJlA8SZ8skI1jEL6Om/Dm7pL94nelAcVyBvdjgMgQjMJSF+N/+t1dGRX+SCFEdOUvBA/lHC/qhnaVKaFyAJ2flEE2pLiBHf5msrNg/prRT25HrDscVB6c+m95jjru4V3GwgtSXHsrLmFlf2v7c1nUaQyY5uEDT5hyq3sS4cV0QlsSTc55K+HaYUjsrxvyUhMaihnG84fKGI+0qaLvOeJYdQF3sG+MDx4W9UA01S+sqpuQtIa1UkWMLmHjFTArJxtpPT2hCjQQoWvMGiXapx3DnZ1nKCXSozOuQTfndjHNK3FHP/OZ14iN6ips+fx85Cbmw==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=6fPuJcP4sBuzkBFIaIqrO2eE+bkOQCEDoRYEeoHrCvw=;

b=Atf3BXdFoteDTVDK7UXyg6nCPeJBi5dYToX0ysMlDB01ycPrxdDmld1uFgK9pIdBLR0SBZsc6gJS2zthFIKD9h/d8tQBgz8cfzLmFAWp/jEk5bbBe63rRJ6o9A9O/FwACvRUpcHukVypwbi4iBrkh5tJcIflUPAMkjxVyPQkLu/NRY557yS4c6zd+B8LjPk0681orNJCWgJABTwJltWwhMSMmLQ9M49GQdaoq32rSf9NnLPfVancNevlIMAL5NG+rWsVg0JwWTI95XT1PdR0r+9K1ZpFIT6bR9nxFMeq0XTgdI+h9kPtTJCI6GJ8uZg0p1TNw3gOkUNRYTbwku8Jmw==

Received: from EA2P223MB0908.NAMP223.PROD.OUTLOOK.COM (2603:10b6:303:253::6)

by BL3P223MB0321.NAMP223.PROD.OUTLOOK.COM (2603:10b6:208:34a::15) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.22; Tue, 21 Jan

2025 12:07:10 +0000

Received: from EA2P223MB0908.NAMP223.PROD.OUTLOOK.COM

([fe80::b8c4:44c5:4a8d:b107]) by EA2P223MB0908.NAMP223.PROD.OUTLOOK.COM

([fe80::b8c4:44c5:4a8d:b107%4]) with mapi id 15.20.8356.020; Tue, 21 Jan 2025

12:07:10 +0000

From: Shannon Durrett

Subject: Need App.

Thread-Topic: Need App.

Thread-Index: AQHba/z/WgiCqSlenUqRll8LNIEE1g==

Date: Tue, 21 Jan 2025 12:07:09 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-exchange-messagesentrepresentingtype: 1

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: EA2P223MB0908:EE_|BL3P223MB0321:EE_

x-ms-office365-filtering-correlation-id: 42f14d51-484b-4108-6a37-08dd3a1421f6

x-microsoft-antispam:

BCL:0;ARA:14566002|7092599003|8060799006|19110799003|15030799003|461199028|8062599003|15080799006|440099028|3412199025|102099032;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?+cYmbdE4dRPzrGhKnf5+iwkLctBifSlr/K2JQXvDq/rUjmiWOmldOJZo?=

=?Windows-1252?Q?lCbh4vLOA0axBXe/ut2ErS3ruWd3r7nu6Veb2aMgG1X38F2LTIrSXaO5?=

=?Windows-1252?Q?hcXuxRcDG9j+2zOohi0lw0CzV85IHVSa3729te79gOvVKr5rfpmfb78c?=

=?Windows-1252?Q?fERdkMkE7DVUh+oouCykWItg9CZAE5MglbUg2SPwjDATdnLkgS5mLXTf?=

=?Windows-1252?Q?xxHet3Q2RTvyiDAyJwY8dEYl4y4SrIKXTaifM4TeMtp2wNNTfuEaNbAy?=

=?Windows-1252?Q?q4+I8CL3xBcLMG8Y4rR5pnJMD9s9rf9PRLOpt3SiXopq4p9LOocxmWNk?=

=?Windows-1252?Q?te+kbte1wQV3YT75ufhrVCUU1GFjNuhxyC15J3ega1cAYRZSZsDpLYBw?=

=?Windows-1252?Q?NT/xPyMgAxgaeYNHGznt1Gd/7GoLmhfHWc8CV7wRSy6EeuOH5wGfphzy?=

=?Windows-1252?Q?BMHLpQvxYK4HiqtoZ9PpoGEVVWXOg2B+YnsVCP+Y8bsLKPP1K+/iLFqu?=

=?Windows-1252?Q?sHKz1z5qVPebkJ1TVN5lj+JTGHZOP+AB4hu4BzYqAc/98Wzzx+L5ob5H?=

=?Windows-1252?Q?D90kL6shI9d2LrF9xekR2EsKKInK3MA5WANtQM1UiiQN7k70UD/VN1ht?=

=?Windows-1252?Q?WCwURWzL4yYWYBWTrV9kWh444v0fMGah1ATr97evX1vHFdhLn5FNee6i?=

=?Windows-1252?Q?GYa5oy22g7YGoBEAhNNB1W0cS9stjfEqfBbo9eJVk/52AxBsLS8cWslk?=

=?Windows-1252?Q?H8TlTibLV2q8H22Sws5WFYZRkiqXwY0QheJAaRFZKUH5j/v2Y4bnSGNu?=

=?Windows-1252?Q?3QoY1mXm7c9MxjNccmomZ8nE0CsIbmO8ERkSQ+ge4piizSdVKycvQjc+?=

=?Windows-1252?Q?U6BMpd2sJppEXhT2812tnID948C7NdQNFEDzMxzcSzvNFjlE1IxFwMpj?=

=?Windows-1252?Q?tzjmaXmGf+MBNush/Swn4t2N+zzfzpPIYL4s3ERIm12cBCNW2t32gmAU?=

=?Windows-1252?Q?n4w1K7oxtPQN+vomm60zFUGLBqC7/2a1svU9X6ZWMmssyHqvHjkKGnKK?=

=?Windows-1252?Q?qUfRw2HCuQRA98d0L+f5gxfL5GumrjVQnvh9+41HYoKNSvVY0Vn6h2S9?=

=?Windows-1252?Q?5UdsMlgocglJN9qDpKhbeXO1AzgoeFfwOhMh1mSLHqZ3oNf1c1GOzeTM?=

=?Windows-1252?Q?Q0XPjA0tQpc=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?C/KOX9F4zafn8f3CIeNmxzm+pKd9N8GSpSNYDCAQTbm/rGZsAmvMV49C?=

=?Windows-1252?Q?mxjgCKWbbuBrSsmKHVxOuMEBGaI2zF1IDNTOcEbTOyjRJHrRogupYy1j?=

=?Windows-1252?Q?a+vlWd4aGll8YzdzzQz4JOfzwzYm0enqWgfuYUtCsIiz2drHjrJZ/lgv?=

=?Windows-1252?Q?RqsV1WXZUQulRKwCvGEOedIBL2aiuvZojA+mjoyM8Bpu8eoaESIMQGmy?=

=?Windows-1252?Q?7VYLYREY6n+fyvvOq/QkNzcVaa6/CT0ykD0HmiAsIiTMY1ffrqySxVLt?=

=?Windows-1252?Q?blmoVze5ODuZxlKGVoGl2gw8o2GJRj1qRf7IYZxmy9vXZg6lSecboUle?=

=?Windows-1252?Q?kNOvQ4AW3LyyqPQHeD+87sxV/uUSXskdTMhq2AjPhpCGny72Xfy1Fkx4?=

=?Windows-1252?Q?f7V4wNiKZCXdeW6+Omfllf1ppbi+UhmVqXzMsf9Unqo/A9iUeERStYow?=

=?Windows-1252?Q?lWxt4lcuuS7yaYJHPO8b/2gKRNkezyOJHy2r4kwi6kAJqSSRBIHCl1p2?=

=?Windows-1252?Q?+f5j1S3p0qN3i1LnkQVoKeFZ5RSl9TevsAPaEjsp/YVtFjlMOnHD8uz+?=

=?Windows-1252?Q?0ajc+WQ6PFWtS8k0mf+TLYjj1bNCsJ1lP7kLS/GgqLnsc/jMa2FF0Cr1?=

=?Windows-1252?Q?dUiSvcNEyG8GeCPDy7gLNVYs5VRqDCOBfGK3/CGXnH3n+2ckbJSQCN6X?=

=?Windows-1252?Q?ps4tUJqU34Em1Ks80Q5/LkYq8zlkeJFvVL5mQiHBQ/ZNkZya3eqw9nGz?=

=?Windows-1252?Q?fVc0fdS13um2iJA6rIicrNrIEdyQ4w89CGPOFxQTWxhoTT02SEmKz/KZ?=

=?Windows-1252?Q?l77XpCY9lkoPqzpGO+wdvBclkt9FpnV1yGYanDP2GqC+gm1TJ6VE6nKT?=

=?Windows-1252?Q?kLkoKWmpWj3i4VtbA0TecgeWG1oCExVdcbMDiP+mebx1AVBTMEnWbS7t?=

=?Windows-1252?Q?JxKkmHo8AaHFBrt2cKrKVgpTON0YN7EkZe7ITNxN44a9LAjNp1O1u7mC?=

=?Windows-1252?Q?LtHNR/tvA671e+P//5YZ+hXwCuC+BE96r9Gx8qbx4F6ZOeVecMsyK+Q2?=

=?Windows-1252?Q?bT/dP2mwajDNhhqotKWnWOSW0fG2km3PjzVLUGMfgFvL9eZvlgImG4a6?=

=?Windows-1252?Q?GNICJbmsqDsEqHAi2+Msshpc8vkGadXQIYn6YPLVlvLUEeMPZ8dgcrdv?=

=?Windows-1252?Q?+g8f4AB356TMZVo/qHGgn85mem4ghgiSjc4gqHZ4OMl1E0NJGcA78UwL?=

=?Windows-1252?Q?+M3U81Ul26HNOjHNYKpPl3tk55Dl+KOs9UhEek+hUNCqD6f6Pb55NZDY?=

=?Windows-1252?Q?OK/yS0wYn8bPxcfgiyl8ZiMjVa0sNTu01C5rVBe0oU2g177Y2BYHqE0r?=

=?Windows-1252?Q?uWPwJNSKIcxnyGnCHXyIc+7ESDNfED8qw91k0LRKmeCSBLqk31ZeeBqb?=

Content-Type: multipart/alternative;

boundary="_000_EA2P223MB09082CC36BEC726AE45A4545CEE62EA2P223MB0908NAMP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: EA2P223MB0908.NAMP223.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 42f14d51-484b-4108-6a37-08dd3a1421f6

X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jan 2025 12:07:09.9732

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3P223MB0321



--_000_EA2P223MB09082CC36BEC726AE45A4545CEE62EA2P223MB0908NAMP_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,

We can develop a low-budget high-performance application for you.

We are specialized in:

1. Event App

2. Online booking App

3. Fitness app

4. Food App

5. Accounting App

6. Healthcare App

7. Social Media App

8. Education App

9. Real Estate App

10. Training App

If you are interested, then please share your app requirements,

I would be happy to send you our portfolio, pricing and timeline.

Have a App project? Let=92s discuss!

Kind Regards,



--_000_EA2P223MB09082CC36BEC726AE45A4545CEE62EA2P223MB0908NAMP_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hi,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

We can develop a low-budget high-performance application for you.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

We are specialized in:



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

1. Event App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

2. Online booking App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

3. Fitness app



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

4. Food App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

5. Accounting App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

6. Healthcare App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

7. Social Media App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

8. Education App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

9. Real Estate App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

10. Training App



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

If you are interested, then please share your app requirements,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I would be happy to send you our portfolio, pricing and timeline.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Have a App project? Let=92s discuss!



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Kind Regards,








--_000_EA2P223MB09082CC36BEC726AE45A4545CEE62EA2P223MB0908NAMP_--

Nigerian Spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 04:24:01 -0700

Received: from mail-oa1-f67.google.com ([209.85.160.67]:61866)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1taCLq-00000000ANp-1Tgf

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 04:23:52 -0700

Received: by mail-oa1-f67.google.com with SMTP id 586e51a60fabf-29ff8053384so3242489fac.3

for ; Tue, 21 Jan 2025 03:21:31 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1737458486; x=1738063286; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=w27/+QanJ0ZjZlgOgMK7GWk6KhpULgZ8EUgrKHrl9lA=;

b=brKCsLbJdJe2tK3WmuNZXb7UDE86hXXaqd2RWGhzr+Zvzn86Vjg5Qynx9p/w5vJwYF

3OxMfwaRDzL/X2Al4v+DGh2r/iDOgYQXunYG28Qbo0JUk4CtlmtM+ETdHWywmkPHb9s0

3+E2bzPUwYGZLE8prHpa3Kbum6eCOmIFxy0L66bexJIyusWO1lT6m121rXaOLucFv2YV

uiH7QWQnmND0cgpVqaR9xyAuvrtA0FSfT49iZBO/+Gx16ICU+I1bVGCQPuP9KeRejYzt

XbQ2c3nf0saHwl2jdXMIsfLvEd1bRpYlVeuQOnEvSoGpR2bTwz4kwg7YKK9hjmdjg7Fp

Yipg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1737458486; x=1738063286;

h=to:subject:message-id:date:from:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=w27/+QanJ0ZjZlgOgMK7GWk6KhpULgZ8EUgrKHrl9lA=;

b=ZdXtRhj98B6vxSa8JJM/2MJVfo2cH/+l8BJEEEpJUxXCmsDRAo+1wDUor/FZQkgCfG

YNbh9YCZFQTxNXJmXTr6DCM0XijtTcuSLwfSpM1I9mCM+bRV5gKZXrJO24UbiBok3FSz

at0INwzUosiXAGBJgNTd38oagUuluePEct9QKqhuwnzpGmsOGxW7QzxP8h4DaKKKinQk

aeUCh3Ak2UB+LgsNLePBXHWm+yxlItsEaIWzt8bW6+jIWQzfPtqaOqbs66r3URNJN/g9

6KQxmgS/c7D3AztGk4/Bg6EWjPc/3PDVRWcIc2pGFBQPDkOi7KsZvaw7iI4Wo+enV502

dVKw==

X-Forwarded-Encrypted: i=1; AJvYcCUbUT2wH92cV8OlsFYK6+Pr1n9qNpAoj+TtNEvaIsrz2bKZLhFKoDDWMHAJSxeHMVrIfvQ0@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0Yxzh6UQt7WeZKkf92Mhcj80hQw2NzC9VxbJHmG29A4/Vp1nKlk+

7qEVlwWlpDromgEWETUCKXo6ND79AE89HkkN3UZTFuqucrOs85rAwkqeDVOizksJ1vYPPyPyVgw

gSRMoHCKd1oWYw2SF8bLxqg5Hh2k=

X-Gm-Gg: ASbGnctJExfLxafXUcPTtiMXuZ/Ki9D87T3LBAh1rzixKzzioyV/RGDxPhpZ3VetDqE

kQ0KzDEswWbE61pUP3hfw16psmN+uAv26wccIp5jGegdWVSNfVI5dgz60O0b6J7yTYGrQuejoWj

a63HS54K23+g==

X-Google-Smtp-Source: AGHT+IHdfJvb5SBUbIjDO87nojDAkcJ3pXJ9D5h6W7nm0gzW3kqE/v6Y2y5nO/fbBvmbyCx/HIHKKjxoJgtas9MlNGM=

X-Received: by 2002:a05:6871:aa17:b0:29e:5e7b:dc0f with SMTP id

586e51a60fabf-2b1c0babde6mr9359534fac.38.1737458485713; Tue, 21 Jan 2025

03:21:25 -0800 (PST)

MIME-Version: 1.0

Reply-To: georgebongaani@gmail.com

From: George Bongani

Date: Tue, 21 Jan 2025 11:21:14 +0000

X-Gm-Features: AbW1kvb4rZyN1zceSrjzKaHyjBMaa9_BRBAHfeV-lshn-sKNi4SAPxCP6m0rLD4

Message-ID:

Subject: I Look Forward To Your Urgent Response.

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000da63e5062c3593a9"

Bcc: dave@doctor.nl2k.ab.ca

X-Spam_score: 20.8

X-Spam_score_int: 208

X-Spam_bar: ++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Greetings to you, I am a banker by profession,In my department

in the bank, I discovered an abandoned sum of $11.3million us dollars,that

belongs to one of our foreign customers who died with his enti [...]



Content analysis details: (20.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.160.67 listed in dnsbl.ahbl.org]

[209.85.160.67 listed in dnsbl.ahbl.org]

[209.85.160.67 listed in dnsbl.ahbl.org]

[209.85.160.67 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.160.67 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.160.67 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.160.67 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.160.67 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.160.67 listed in will-spam-for-food.eu.org]

[209.85.160.67 listed in will-spam-for-food.eu.org]

[209.85.160.67 listed in will-spam-for-food.eu.org]

[209.85.160.67 listed in will-spam-for-food.eu.org]

[209.85.160.67 listed in will-spam-for-food.eu.org]

[209.85.160.67 listed in will-spam-for-food.eu.org]

[209.85.160.67 listed in will-spam-for-food.eu.org]

[209.85.160.67 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.160.67 listed in list.dnswl.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.160.67 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.160.67 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.160.67 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.160.67 listed in bl.score.senderscore.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.160.67 listed in wl.mailspike.net]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[gone63012(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[gone63012(at)gmail.com]

0.6 J_CHICKENPOX_102 BODY: 10alpha-pock-2alpha

3.6 NA_DOLLARS BODY: Talks about a million North American dollars

2.7 UNCLAIMED_MONEY BODY: People just leave money laying around

2.0 BANKING_LAWS BODY: Talks about banking laws

0.6 J_CHICKENPOX_54 BODY: 5alpha-pock-4alpha

0.9 URG_BIZ BODY: Contains urgent matter

0.6 J_CHICKENPOX_74 BODY: 7alpha-pock-4alpha

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

0.0 XFER_LOTSA_MONEY Transfer a lot of money

1.8 UNDISC_MONEY Undisclosed recipients + money/fraud signs

0.5 MONEY_FRAUD_8 Lots of money and very many fraud phrases

3.7 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} I Look Forward To Your Urgent Response.



--000000000000da63e5062c3593a9

Content-Type: text/plain; charset="UTF-8"



Greetings to you, I am a banker by profession,In my department in the bank,

I discovered an abandoned sum of $11.3million us dollars,that belongs to

one of our foreign customers who died with his entire family on 16th

October 2005 in a plane crash. Since his death,none of his relatives has

come forward to lay claims to his funds.



The banking laws here do not allow such money to stay more than 20 years

because the money will be recalled to the bank treasury account as

unclaimed funds. That is the reason why I contacted you for this business.



I need your urgent assistance in transferring the funds into your private

bank account.The money has been lying dormant here in our bank for years

now without anybody coming to claim it.



I want the bank to release the money to you as the beneficiary and the

nearest relative to our deceased customer. By indicating your interest i

will send you the full details on how the transfer will be processed

immediately i get your response.



My regards to your family

Mr.George



--000000000000da63e5062c3593a9

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Greetings to you, I am a banker by profession,In my depart=

ment in the bank, I discovered an abandoned sum of $11.3million us dollars,=

that belongs to one of our foreign customers who died with his entire famil=

y on 16th October 2005 in a plane crash. Since his death,none of his relati=

ves has come forward to lay claims to his funds.

The banking laws he=

re do not allow such money to stay more than 20 years because the money wil=

l be recalled to the bank treasury account as unclaimed funds. That is the =

reason why I contacted you for this business.

I need your urgent ass=

istance in transferring the funds into your private bank account.The money =

has been lying dormant here in our bank for years now without anybody comin=

g to claim it.

I want the bank to release the money to you as the be=

neficiary and the nearest relative to our deceased customer. By indicating =

your interest i will send you the full details on how the transfer will be =

processed immediately i get your response.

My regards to your family=


Mr.George




--000000000000da63e5062c3593a9--

Web / SEO / App spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 21 Jan 2025 07:17:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1taF3W-000000009ym-0A1a

for dave@doctor.nl2k.ab.ca;

Tue, 21 Jan 2025 07:16:38 -0700

Resent-From: The Doctor

Resent-Date: Tue, 21 Jan 2025 07:16:38 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yb1-f193.google.com ([209.85.219.193]:61872)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta9ts-00000000N3R-2QSo

for root@nk.ca;

Tue, 21 Jan 2025 01:46:55 -0700

Received: by mail-yb1-f193.google.com with SMTP id 3f1490d57ef6-e4930eca0d4so8148086276.3

for ; Tue, 21 Jan 2025 00:44:24 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1737449058; x=1738053858; darn=nk.ca;

h=to:subject:message-id:date:from:sender:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=bopNFsQkj58oqLiHhZkffe1gQ0zY/cQsXlbPzmPPrN8=;

b=Q5yhggxjnwT37O5Ul7Raw/P0iAQRr/EXEXSpJi1C1mKx4w92tIF7HLuqghv+3hSffB

Dil3DuyretHb23Kzb0XPHbOrjV8P8B+3WL3mN7tORfijD6sv3+O2463/p5SBEODP80rX

G685Af8Eukgi97jWrcq0yxiA59Mbt8pxg7IUflSaFnUC42CAMfJIPHiFDgIgRZF5tbFm

2tpMAz1SXVGYFrZy1U6t69rgTqPrHY4r87ZWb0/Bp1BiYJ0j1pxqkOyYQRn7y9WqWZCZ

qzmqD01A+7kn93ysTTnDUJSl2b9Kz6SlmS/HkWU6FhjkdpUKlCf2Je85EgwgKGJLgTsa

CcfQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1737449058; x=1738053858;

h=to:subject:message-id:date:from:sender:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=bopNFsQkj58oqLiHhZkffe1gQ0zY/cQsXlbPzmPPrN8=;

b=fh0Jn6I5Pk03OTCqc3ZpVzi2phn3R9HxsYKoBeSnb6Yv5dt07WFZbcfmYQDvkV1qsV

dQcv9qWxDgJQH6+Q9l76VsjGMNC/+75L/bl4+gKHH4vIu8SLI9hLERNloQihgcJQxp03

cuBCWflO2zEpQqhzB+N+w5pnX3ASUIVzWbso1PEGRVBXYPc2aJWbZ3AB9JzvQTKeQtuw

5y5FEM9taFl/BX0XcuXynG8Wvcrj081XZnCkDca50qaILeUcRBDLAj0QRLHOlVpx2Wif

E74eW0bmnDzpe3YOdi+QtM92CvzWmbd7JMXJoc+vChJFWJGwrZKabzA8ez0s0BMpbcPd

k+pg==

X-Gm-Message-State: AOJu0YzqkrUmEHnEG9dRYJ+a7sLTRPOdMj4tgI+bDC17IzqEqpzp02Ar

h8PjsA1nHRG4w71w/O7KjjlhCIickkJhUh+u9YZdw/W6JGmT7P88Y9z0nkji0eQJo/kfp761mer

i5f7ZM3dwfxJCQ3AIT/XmVJ67B4XnRcw1

X-Gm-Gg: ASbGncs4mwq5JFiMcBFdcpwzekIz5gQh08qo66iKXx27xncGvzj0pcrRBPTUnfkrbYR

VoJaQw5u4hvKNyBh4SYLt6cwt47j8sB2pk9y4kpPGYwqka3oxPty4Sy31ZBInqd1csVkK/OWPtv

A0aip/74XN4A==

X-Google-Smtp-Source: AGHT+IFugtOacnmdErszpKMxxEValX6glBbuKsnTIbB4qw0D3hTQVjx38MkfZqbJzgajJjVxqmi7q8saJdidJIgsj7o=

X-Received: by 2002:a05:6902:a91:b0:e57:44de:abc2 with SMTP id

3f1490d57ef6-e57b103bf91mr12669106276.10.1737449057657; Tue, 21 Jan 2025

00:44:17 -0800 (PST)

Received: from 52669349336 named unknown by gmailapi.google.com with HTTPREST;

Tue, 21 Jan 2025 02:44:16 -0600

Received: from 52669349336 named unknown by gmailapi.google.com with HTTPREST;

Tue, 21 Jan 2025 02:44:16 -0600

MIME-Version: 1.0

Sender: Anjali

From: Anjali

Date: Tue, 21 Jan 2025 02:44:16 -0600

X-Google-Sender-Auth: 7QMSnm5gF0sCysQ3i33C4F500z4

X-Gm-Features: AbW1kvbzDrarmMq_fss6jNfRq4X2Rg4yplAUDLGa1qxm0XYKOadoVUlEsxVyLsI

Message-ID:

Subject: Re: Website App/ Development

To: Root

Content-Type: multipart/alternative; boundary="000000000000e5aa69062c33615d"



--000000000000e5aa69062c33615d

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hey,



Thanks for accepting my invite.



I am a Business Development Executive for IT Company.



We Offer Following Services: - Website Design and Development,

E-commerce/Responsive Website Designing, Website Online Marketing, Mobile

Apps Development etc=E2=80=A6



I can share more details and portfolios of my company in the next email, if

you are interested.



Please contact us, if you are interested.



Regards,



Anjali

[image: beacon]



--000000000000e5aa69062c33615d

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




eight:115%;font-size:11pt;font-family:Calibri,"sans-serif"">
lang=3D"EN-GB">Hey,






ize:11pt;font-family:Calibri,"sans-serif"">T=

hanks for

accepting my invite.






ize:11pt;font-family:Calibri,"sans-serif"">I=

am a

Business Development Executive for IT Company.






ize:11pt;font-family:Calibri,"sans-serif"">W=

e Offer

Following Services: - Website Design and Development, E-commerce/Responsive

Website Designing, Website Online Marketing, Mobile Apps Development etc=E2=

=80=A6






ize:11pt;font-family:Calibri,"sans-serif"">
tyle=3D"background:yellow">I can share more details and portfolios of my

company in the next email, if you are interested.






ize:11pt;font-family:Calibri,"sans-serif"">P=

lease

contact us, if you are interested.






ize:11pt;font-family:Calibri,"sans-serif"">R=

egards,






ize:11pt;font-family:Calibri,"sans-serif"">A=

njali




Yo_Ayv7nRHiwaNKI5sE8THMcJKAVEKcpAiIlAHgckntg3XJIJyWUDZurhmbdWvruInDqO0Zg0Tb=

BZweb-Kl-MOy_-WZk9Ox44TplKTHQ4CfRjgqOdVe-EqZN4DSIpbTWxw00a5FGUlfLv8" width=

=3D"1" height=3D"1" alt=3D"beacon" style=3D"display:none; display:none!impo=

rtant;">



--000000000000e5aa69062c33615d--

Desparation spam from Yahoo!

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 20 Jan 2025 18:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta2by-000000001XE-27qK

for dave@doctor.nl2k.ab.ca;

Mon, 20 Jan 2025 17:59:22 -0700

Resent-From: The Doctor

Resent-Date: Mon, 20 Jan 2025 17:59:22 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic313-14.consmr.mail.bf2.yahoo.com ([74.6.133.124]:44725)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta1NL-00000000FNK-3mq7

for root@nk.ca;

Mon, 20 Jan 2025 16:40:19 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aol.com; s=a2048; t=1737416292; bh=aYIoeAImmWe3Hhjt1i4fMfQSt8ADy8C7GOuKOJlke/Q=; h=Date:From:Reply-To:To:Subject:References:From:Subject:Reply-To; b=CsZIiCLNt7ODkZcO0LZi0n5xWdKr/ZQjbNgp1tkiRbdjrRpCfOm3qpaIa6738sgTficsa5WCJyJtvu6e2S2YnEgfQJG5b26bQccCceiCVX5VtI6GtIQ6b6QXig9m00m12ju+u5vslsG7kY40E68PDS5tLbEALKlFicmYCyofpPRWi/MOzsxIBmyJxX4a70ik8e6N0uyOMOIurmBeTujxe8QsyAEsm7Ph6s/C62T5QZQJjxdMx1raJbHxNkeSvpK3DKSp2+sSBdVTPNfa1ZhA6s1rHj9KETjOPhpofRZ0mmSr2uEMpnLvLymZ35z8J9smngrOBEKkOKtWA7KKsGQqdQ==

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1737416292; bh=oJf6vmsxJmA0gdfJqVWHl8MhAboHghmLk2TS6iDamuw=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=iy43MuFpcV5h7T4fyj1FyVbO0Xvxw+6OngGfq47isCDNPvKbrVLlzH5Z8YMG9IWh8Yov+WWq/KyVIRPAdrN5MzlE9YGztUzwt2LZ2DX4pt2xi2n+hEY9vMXzTOZnnf6vTNaUvNd3FStX63qiWOgOBXBnhFgb98RIMNtBC4xV1lkGgogF5WIb+K7wMZDM5+OTRqS8TJVBG91ED7AF8DAEOctX/y/eXnJvzqFZqwL0nq/vAENIC40wPYZ2O0p7YIcxe/kw1NZpMN6YbU/wcw3n+Y8SDKmuLQJoqV1HU8+nSDYBxm63UCLbc7DADS0KAXQ8+OQhrBco6FVQRPGYit5toA==

X-YMail-OSG: nR.gziEVM1nfBytIRbrfw85d81RjJzKJqZ3hTkPbGLP2KivOQOl8lWbrICz1bAH

GqAOYLTiBclAeVmmy0OlgiBojqQMQQ1RmnYwd9UVAvWjm9KaAhIUh1VBUeFbEw8j_tKUlz7AHJBd

gnTcaLHH77nz8yWtJsPGgbE7ug5k5PMHv7fVM1dP7VE6pX2tBoXFTRFfebK51kATzbHTYxuFnzNf

vpBvsqe38TPcrIetXdWrJ2.eliwY8tWX48k_LaDXJux_Tf.GFB9tp42_v4px8BVzG5M8uyXXMCcs

KDTvr5dnixnN7Iq5f5YUMclXgm0_8YJCcUbWpXPqPDypm_buALSyO6712F5fSMTqShUz3Qx9O9Js

5OTuBra4BG5Q9jAz67EOkYayV7POE1wvV_83Zym74C4IXVF.lfXokmElcN0wFWa9r93ee00RjjUI

TEzHAojqYRAcpbz4LN0m_ST3KgNnDorzaGNN1h0BIhQozAviO1lq6GmfaL8l0VRVCxrjPjJ.b7uo

Z5bJHDiPVLp0_nzNHile62HbBsf9lJftAHTYyW645hbrywEO0hn9m.ReOQwDiR04r27NUPgMZmZj

ov0BOm.cQM8xdw6A4TzisSBYBw2KBAyZfZx5M2HLZpsOCgPjwA4Xc6A8crk1NvysN5DpWplRJlEQ

L5D8.uNtp4iNjHVIHcxEVGgzSY5A9IQ2tU5qgh9HkGo2f0xtN9_s1cKClnbPWIc5sRCYIo_VuzaW

schiYb_o76VqvN5pZZG.cc9sI6adhhoUs3483c9yV6k1Wq_97e1S5QixhgEIv3Mgu2D1w4bvfRx_

1602rd6fom.AYC7XPLusx4iLsu._T26VBPiKdYgB86MS.FeWDN5TxpuoIMLwrIpnR8GZt4_M9P3H

5dg1oXYs7_d6Ctz4G7AqMVpZ8w4QSE3C.Nty1XwKxSPpvUxCOLD6uznus4sWC5Aihagnzjhzxiuf

85Evuxi1ll71A3c7kjYZR3Tgr0tZU_2UcOa2W2GFdVQ7ns_0HXo2mMqP7u4VJ4ueErKeeh7BeA4y

ojiwYqx1LbuO8RUs63LSgATj4nC7kIboU5esR9tf_tPuDNofOy3HVHJqvfeumyWe6Sx05g5XTygz

ggD2y1dkpe6lfugbuUeE2_c6YbdNU3Xw6_GHbXpbh_bDkN77xIi4btLcfonCekpTj8PLRPS0yysv

wPL9wRadnQ_l8KuZ2co7U86w238mYbRXCrJ0EwFTD.w9KK.XlJSc1Tuha_02lq2RBzVMmYpSbdFe

Y5jvu0BIU5C0ReCAq0hrhiSGAUyEM3FDkMmvnItCZMBIp6g1PP.GSKHYsaakEBeVAakn_fyEOv9F

X.m37eboLg3hC7K_v1lkmlz4.DmhA6pm1W4xOLJj4iLTMpxvLR03Ikim7tkg.VTN7PikvanZNayo

_txcqqFDZQnHQr1uQ7UhCP5GBi9e4MG9_XBevgVJDCQ92uWes45mP2YS1PmLusqYOJ5Ucg..9erN

XC3sBqYWmoL.uxEsnNRwokiKeA9THHPmhXERJ.sdGzGZhUGnPjCHvjvbyEMTd1hyhke1neCjaPNC

OoikUHhUkD_mKTyAmhw.DzxCws2lEDAxNyTsPXsnm4kk9c0zx0gWx9fKcb6btkz9JH8EzqolWgHJ

A7zoytUwelBo5w706BAezLOxivpDtGHGPGUBpEQjQ.AHF7AER.gBxtdoMwDlevGoNnFxUd9fr3qM

T

X-Sonic-MF:

X-Sonic-ID: 157921cb-be3d-4043-8f01-364edceb7a53

Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.bf2.yahoo.com with HTTP; Mon, 20 Jan 2025 23:38:12 +0000

Date: Mon, 20 Jan 2025 23:38:10 +0000 (UTC)

From: ATTIC TRADE

Reply-To: ATTIC TRADE

To: "eric-winton@attictrade.com"

Message-ID: <212653495.1262130.1737416290753@mail.yahoo.com>

Subject: Inquiry

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_Part_1262129_1294697565.1737416290752"

References: <212653495.1262130.1737416290753.ref@mail.yahoo.com>

X-Mailer: WebService/1.1.23187 AolMailNorrin



------=_Part_1262129_1294697565.1737416290752

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable



Season greetings,



Are you guys still in service? All attempts to reach out prove abortive.



Your earliest response would be highly appreciated.

Best=C2=A0 Regards



Eric Winton

Purchasing Manager

ATTIC TRADE=C2=A0 LTD54 Donald street

Winnipeg, MB r3C 1l6, Canada

Tel:=C2=A0604-790-1857



------=_Part_1262129_1294697565.1737416290752

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit









Season greetings,

Are you guys still in service? All attempts to reach out prove abortive.

Your earliest response would be highly appreciated.

Best  Regards

Eric Winton
Purchasing Manager
ATTIC TRADE  LTD

54 Donald street
Winnipeg, MB r3C 1l6, Canada
Tel: 

604-790-1857


















------=_Part_1262129_1294697565.1737416290752--

Desparation spam from Yahoo!

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 20 Jan 2025 18:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta2bu-000000001Wx-15Pw

for dave@doctor.nl2k.ab.ca;

Mon, 20 Jan 2025 17:59:18 -0700

Resent-From: The Doctor

Resent-Date: Mon, 20 Jan 2025 17:59:18 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic313-14.consmr.mail.bf2.yahoo.com ([74.6.133.124]:40362)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta1NL-00000000FNL-3mm7

for sales@nk.ca;

Mon, 20 Jan 2025 16:40:18 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aol.com; s=a2048; t=1737416292; bh=aYIoeAImmWe3Hhjt1i4fMfQSt8ADy8C7GOuKOJlke/Q=; h=Date:From:Reply-To:To:Subject:References:From:Subject:Reply-To; b=CsZIiCLNt7ODkZcO0LZi0n5xWdKr/ZQjbNgp1tkiRbdjrRpCfOm3qpaIa6738sgTficsa5WCJyJtvu6e2S2YnEgfQJG5b26bQccCceiCVX5VtI6GtIQ6b6QXig9m00m12ju+u5vslsG7kY40E68PDS5tLbEALKlFicmYCyofpPRWi/MOzsxIBmyJxX4a70ik8e6N0uyOMOIurmBeTujxe8QsyAEsm7Ph6s/C62T5QZQJjxdMx1raJbHxNkeSvpK3DKSp2+sSBdVTPNfa1ZhA6s1rHj9KETjOPhpofRZ0mmSr2uEMpnLvLymZ35z8J9smngrOBEKkOKtWA7KKsGQqdQ==

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1737416292; bh=oJf6vmsxJmA0gdfJqVWHl8MhAboHghmLk2TS6iDamuw=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=iy43MuFpcV5h7T4fyj1FyVbO0Xvxw+6OngGfq47isCDNPvKbrVLlzH5Z8YMG9IWh8Yov+WWq/KyVIRPAdrN5MzlE9YGztUzwt2LZ2DX4pt2xi2n+hEY9vMXzTOZnnf6vTNaUvNd3FStX63qiWOgOBXBnhFgb98RIMNtBC4xV1lkGgogF5WIb+K7wMZDM5+OTRqS8TJVBG91ED7AF8DAEOctX/y/eXnJvzqFZqwL0nq/vAENIC40wPYZ2O0p7YIcxe/kw1NZpMN6YbU/wcw3n+Y8SDKmuLQJoqV1HU8+nSDYBxm63UCLbc7DADS0KAXQ8+OQhrBco6FVQRPGYit5toA==

X-YMail-OSG: nR.gziEVM1nfBytIRbrfw85d81RjJzKJqZ3hTkPbGLP2KivOQOl8lWbrICz1bAH

GqAOYLTiBclAeVmmy0OlgiBojqQMQQ1RmnYwd9UVAvWjm9KaAhIUh1VBUeFbEw8j_tKUlz7AHJBd

gnTcaLHH77nz8yWtJsPGgbE7ug5k5PMHv7fVM1dP7VE6pX2tBoXFTRFfebK51kATzbHTYxuFnzNf

vpBvsqe38TPcrIetXdWrJ2.eliwY8tWX48k_LaDXJux_Tf.GFB9tp42_v4px8BVzG5M8uyXXMCcs

KDTvr5dnixnN7Iq5f5YUMclXgm0_8YJCcUbWpXPqPDypm_buALSyO6712F5fSMTqShUz3Qx9O9Js

5OTuBra4BG5Q9jAz67EOkYayV7POE1wvV_83Zym74C4IXVF.lfXokmElcN0wFWa9r93ee00RjjUI

TEzHAojqYRAcpbz4LN0m_ST3KgNnDorzaGNN1h0BIhQozAviO1lq6GmfaL8l0VRVCxrjPjJ.b7uo

Z5bJHDiPVLp0_nzNHile62HbBsf9lJftAHTYyW645hbrywEO0hn9m.ReOQwDiR04r27NUPgMZmZj

ov0BOm.cQM8xdw6A4TzisSBYBw2KBAyZfZx5M2HLZpsOCgPjwA4Xc6A8crk1NvysN5DpWplRJlEQ

L5D8.uNtp4iNjHVIHcxEVGgzSY5A9IQ2tU5qgh9HkGo2f0xtN9_s1cKClnbPWIc5sRCYIo_VuzaW

schiYb_o76VqvN5pZZG.cc9sI6adhhoUs3483c9yV6k1Wq_97e1S5QixhgEIv3Mgu2D1w4bvfRx_

1602rd6fom.AYC7XPLusx4iLsu._T26VBPiKdYgB86MS.FeWDN5TxpuoIMLwrIpnR8GZt4_M9P3H

5dg1oXYs7_d6Ctz4G7AqMVpZ8w4QSE3C.Nty1XwKxSPpvUxCOLD6uznus4sWC5Aihagnzjhzxiuf

85Evuxi1ll71A3c7kjYZR3Tgr0tZU_2UcOa2W2GFdVQ7ns_0HXo2mMqP7u4VJ4ueErKeeh7BeA4y

ojiwYqx1LbuO8RUs63LSgATj4nC7kIboU5esR9tf_tPuDNofOy3HVHJqvfeumyWe6Sx05g5XTygz

ggD2y1dkpe6lfugbuUeE2_c6YbdNU3Xw6_GHbXpbh_bDkN77xIi4btLcfonCekpTj8PLRPS0yysv

wPL9wRadnQ_l8KuZ2co7U86w238mYbRXCrJ0EwFTD.w9KK.XlJSc1Tuha_02lq2RBzVMmYpSbdFe

Y5jvu0BIU5C0ReCAq0hrhiSGAUyEM3FDkMmvnItCZMBIp6g1PP.GSKHYsaakEBeVAakn_fyEOv9F

X.m37eboLg3hC7K_v1lkmlz4.DmhA6pm1W4xOLJj4iLTMpxvLR03Ikim7tkg.VTN7PikvanZNayo

_txcqqFDZQnHQr1uQ7UhCP5GBi9e4MG9_XBevgVJDCQ92uWes45mP2YS1PmLusqYOJ5Ucg..9erN

XC3sBqYWmoL.uxEsnNRwokiKeA9THHPmhXERJ.sdGzGZhUGnPjCHvjvbyEMTd1hyhke1neCjaPNC

OoikUHhUkD_mKTyAmhw.DzxCws2lEDAxNyTsPXsnm4kk9c0zx0gWx9fKcb6btkz9JH8EzqolWgHJ

A7zoytUwelBo5w706BAezLOxivpDtGHGPGUBpEQjQ.AHF7AER.gBxtdoMwDlevGoNnFxUd9fr3qM

T

X-Sonic-MF:

X-Sonic-ID: 157921cb-be3d-4043-8f01-364edceb7a53

Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.bf2.yahoo.com with HTTP; Mon, 20 Jan 2025 23:38:12 +0000

Date: Mon, 20 Jan 2025 23:38:10 +0000 (UTC)

From: ATTIC TRADE

Reply-To: ATTIC TRADE

To: "eric-winton@attictrade.com"

Message-ID: <212653495.1262130.1737416290753@mail.yahoo.com>

Subject: Inquiry

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_Part_1262129_1294697565.1737416290752"

References: <212653495.1262130.1737416290753.ref@mail.yahoo.com>

X-Mailer: WebService/1.1.23187 AolMailNorrin



------=_Part_1262129_1294697565.1737416290752

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable



Season greetings,



Are you guys still in service? All attempts to reach out prove abortive.



Your earliest response would be highly appreciated.

Best=C2=A0 Regards



Eric Winton

Purchasing Manager

ATTIC TRADE=C2=A0 LTD54 Donald street

Winnipeg, MB r3C 1l6, Canada

Tel:=C2=A0604-790-1857



------=_Part_1262129_1294697565.1737416290752

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit









Season greetings,

Are you guys still in service? All attempts to reach out prove abortive.

Your earliest response would be highly appreciated.

Best  Regards

Eric Winton
Purchasing Manager
ATTIC TRADE  LTD

54 Donald street
Winnipeg, MB r3C 1l6, Canada
Tel: 

604-790-1857


















------=_Part_1262129_1294697565.1737416290752--

Desparation spam from Yahoo!

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 20 Jan 2025 18:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta2c1-000000001XY-3anq

for dave@doctor.nl2k.ab.ca;

Mon, 20 Jan 2025 17:59:25 -0700

Resent-From: The Doctor

Resent-Date: Mon, 20 Jan 2025 17:59:25 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic313-14.consmr.mail.bf2.yahoo.com ([74.6.133.124]:33726)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta1NL-00000000FNM-3nCs

for doctor@doctor.nl2k.ab.ca;

Mon, 20 Jan 2025 16:40:19 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aol.com; s=a2048; t=1737416292; bh=aYIoeAImmWe3Hhjt1i4fMfQSt8ADy8C7GOuKOJlke/Q=; h=Date:From:Reply-To:To:Subject:References:From:Subject:Reply-To; b=CsZIiCLNt7ODkZcO0LZi0n5xWdKr/ZQjbNgp1tkiRbdjrRpCfOm3qpaIa6738sgTficsa5WCJyJtvu6e2S2YnEgfQJG5b26bQccCceiCVX5VtI6GtIQ6b6QXig9m00m12ju+u5vslsG7kY40E68PDS5tLbEALKlFicmYCyofpPRWi/MOzsxIBmyJxX4a70ik8e6N0uyOMOIurmBeTujxe8QsyAEsm7Ph6s/C62T5QZQJjxdMx1raJbHxNkeSvpK3DKSp2+sSBdVTPNfa1ZhA6s1rHj9KETjOPhpofRZ0mmSr2uEMpnLvLymZ35z8J9smngrOBEKkOKtWA7KKsGQqdQ==

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1737416292; bh=oJf6vmsxJmA0gdfJqVWHl8MhAboHghmLk2TS6iDamuw=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=iy43MuFpcV5h7T4fyj1FyVbO0Xvxw+6OngGfq47isCDNPvKbrVLlzH5Z8YMG9IWh8Yov+WWq/KyVIRPAdrN5MzlE9YGztUzwt2LZ2DX4pt2xi2n+hEY9vMXzTOZnnf6vTNaUvNd3FStX63qiWOgOBXBnhFgb98RIMNtBC4xV1lkGgogF5WIb+K7wMZDM5+OTRqS8TJVBG91ED7AF8DAEOctX/y/eXnJvzqFZqwL0nq/vAENIC40wPYZ2O0p7YIcxe/kw1NZpMN6YbU/wcw3n+Y8SDKmuLQJoqV1HU8+nSDYBxm63UCLbc7DADS0KAXQ8+OQhrBco6FVQRPGYit5toA==

X-YMail-OSG: nR.gziEVM1nfBytIRbrfw85d81RjJzKJqZ3hTkPbGLP2KivOQOl8lWbrICz1bAH

GqAOYLTiBclAeVmmy0OlgiBojqQMQQ1RmnYwd9UVAvWjm9KaAhIUh1VBUeFbEw8j_tKUlz7AHJBd

gnTcaLHH77nz8yWtJsPGgbE7ug5k5PMHv7fVM1dP7VE6pX2tBoXFTRFfebK51kATzbHTYxuFnzNf

vpBvsqe38TPcrIetXdWrJ2.eliwY8tWX48k_LaDXJux_Tf.GFB9tp42_v4px8BVzG5M8uyXXMCcs

KDTvr5dnixnN7Iq5f5YUMclXgm0_8YJCcUbWpXPqPDypm_buALSyO6712F5fSMTqShUz3Qx9O9Js

5OTuBra4BG5Q9jAz67EOkYayV7POE1wvV_83Zym74C4IXVF.lfXokmElcN0wFWa9r93ee00RjjUI

TEzHAojqYRAcpbz4LN0m_ST3KgNnDorzaGNN1h0BIhQozAviO1lq6GmfaL8l0VRVCxrjPjJ.b7uo

Z5bJHDiPVLp0_nzNHile62HbBsf9lJftAHTYyW645hbrywEO0hn9m.ReOQwDiR04r27NUPgMZmZj

ov0BOm.cQM8xdw6A4TzisSBYBw2KBAyZfZx5M2HLZpsOCgPjwA4Xc6A8crk1NvysN5DpWplRJlEQ

L5D8.uNtp4iNjHVIHcxEVGgzSY5A9IQ2tU5qgh9HkGo2f0xtN9_s1cKClnbPWIc5sRCYIo_VuzaW

schiYb_o76VqvN5pZZG.cc9sI6adhhoUs3483c9yV6k1Wq_97e1S5QixhgEIv3Mgu2D1w4bvfRx_

1602rd6fom.AYC7XPLusx4iLsu._T26VBPiKdYgB86MS.FeWDN5TxpuoIMLwrIpnR8GZt4_M9P3H

5dg1oXYs7_d6Ctz4G7AqMVpZ8w4QSE3C.Nty1XwKxSPpvUxCOLD6uznus4sWC5Aihagnzjhzxiuf

85Evuxi1ll71A3c7kjYZR3Tgr0tZU_2UcOa2W2GFdVQ7ns_0HXo2mMqP7u4VJ4ueErKeeh7BeA4y

ojiwYqx1LbuO8RUs63LSgATj4nC7kIboU5esR9tf_tPuDNofOy3HVHJqvfeumyWe6Sx05g5XTygz

ggD2y1dkpe6lfugbuUeE2_c6YbdNU3Xw6_GHbXpbh_bDkN77xIi4btLcfonCekpTj8PLRPS0yysv

wPL9wRadnQ_l8KuZ2co7U86w238mYbRXCrJ0EwFTD.w9KK.XlJSc1Tuha_02lq2RBzVMmYpSbdFe

Y5jvu0BIU5C0ReCAq0hrhiSGAUyEM3FDkMmvnItCZMBIp6g1PP.GSKHYsaakEBeVAakn_fyEOv9F

X.m37eboLg3hC7K_v1lkmlz4.DmhA6pm1W4xOLJj4iLTMpxvLR03Ikim7tkg.VTN7PikvanZNayo

_txcqqFDZQnHQr1uQ7UhCP5GBi9e4MG9_XBevgVJDCQ92uWes45mP2YS1PmLusqYOJ5Ucg..9erN

XC3sBqYWmoL.uxEsnNRwokiKeA9THHPmhXERJ.sdGzGZhUGnPjCHvjvbyEMTd1hyhke1neCjaPNC

OoikUHhUkD_mKTyAmhw.DzxCws2lEDAxNyTsPXsnm4kk9c0zx0gWx9fKcb6btkz9JH8EzqolWgHJ

A7zoytUwelBo5w706BAezLOxivpDtGHGPGUBpEQjQ.AHF7AER.gBxtdoMwDlevGoNnFxUd9fr3qM

T

X-Sonic-MF:

X-Sonic-ID: 157921cb-be3d-4043-8f01-364edceb7a53

Received: from sonic.gate.mail.ne1.yahoo.com by sonic313.consmr.mail.bf2.yahoo.com with HTTP; Mon, 20 Jan 2025 23:38:12 +0000

Date: Mon, 20 Jan 2025 23:38:10 +0000 (UTC)

From: ATTIC TRADE

Reply-To: ATTIC TRADE

To: "eric-winton@attictrade.com"

Message-ID: <212653495.1262130.1737416290753@mail.yahoo.com>

Subject: Inquiry

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_Part_1262129_1294697565.1737416290752"

References: <212653495.1262130.1737416290753.ref@mail.yahoo.com>

X-Mailer: WebService/1.1.23187 AolMailNorrin



------=_Part_1262129_1294697565.1737416290752

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable



Season greetings,



Are you guys still in service? All attempts to reach out prove abortive.



Your earliest response would be highly appreciated.

Best=C2=A0 Regards



Eric Winton

Purchasing Manager

ATTIC TRADE=C2=A0 LTD54 Donald street

Winnipeg, MB r3C 1l6, Canada

Tel:=C2=A0604-790-1857



------=_Part_1262129_1294697565.1737416290752

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit









Season greetings,

Are you guys still in service? All attempts to reach out prove abortive.

Your earliest response would be highly appreciated.

Best  Regards

Eric Winton
Purchasing Manager
ATTIC TRADE  LTD

54 Donald street
Winnipeg, MB r3C 1l6, Canada
Tel: 

604-790-1857


















------=_Part_1262129_1294697565.1737416290752--

Link exchange spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 20 Jan 2025 18:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta2bk-000000001UV-3vwX

for dave@doctor.nl2k.ab.ca;

Mon, 20 Jan 2025 17:59:08 -0700

Resent-From: The Doctor

Resent-Date: Mon, 20 Jan 2025 17:59:08 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yb1-f196.google.com ([209.85.219.196]:54409)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1ta14y-00000000CLs-0eMc

for sales@nk.ca;

Mon, 20 Jan 2025 16:21:38 -0700

Received: by mail-yb1-f196.google.com with SMTP id 3f1490d57ef6-e460717039fso6561447276.0

for ; Mon, 20 Jan 2025 15:19:17 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1737415151; x=1738019951; darn=nk.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=X7Lr0EznFMump690Zh+bdZmht6piMbPt0fDeoxJZYJk=;

b=ULD3kFWliYHHs9NMEtdTZTR7ruPCXfT/qHavo1w4dAD0IHZfJGXI6hRZvBsqLLpdLh

s3bXU8iEf7ufIlYveo/6FWi7HCspNh+EwIS0J47iVNxPeB4Ey41ByuISQr/31eptEWb0

0jKbzvoRNi6gV2US3LYJl0ZNqNd7MvvMzqsp3wOOIyp1KyLjNkfGbgobymuj0iwBuJvu

We0+I2nkLRl1vgZavuIrrOOlh++pD1B1PZeEOOymON1yleCbMX+w+gd16NL33LpxSanm

tE1nqNc+EeKbNPYsQBA9hPe84rAflKqX2ZM2sDzVnlx22dRLQv2PHoeu/Q9ybDZRp9hw

0Icw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1737415151; x=1738019951;

h=to:subject:message-id:date:from:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=X7Lr0EznFMump690Zh+bdZmht6piMbPt0fDeoxJZYJk=;

b=t7WTndTMDsP/MG7fiBWy4aOsdP+faECru2N51qWP/lrQ2fEvmb4dN/t6mx7x5A6FOw

lo0Zp0se/Z2iKc86g+RsucwqojOOYM9h7jp4bU5x36HFJDr+I6JDHSvqujY4PIalSSJu

UmJg7CKln7OlbfBGE3TimcI5JUQlJE6ij4x1ERkcjXzqjJLKFcFYQ6lytaYBeDHrP7a5

eF4OXkIY4TZpz1k7rNrRSIS86W8d5tGOzGxqDgRsEDfv33DzUqkpqjvoOL6zW9jh3uy7

HkCDMn/pYkq+ZW3MiU2MkX8Us8tO8WTC59HmLEPdUNKjRVevHLhOcfhzIjJg3unGam9/

kPxg==

X-Gm-Message-State: AOJu0YwJZMG+bTSbdGGF3EU1nedqIA0CursP4DR0wosnKdKtz209wgps

MESPvJ0cyA+uBHuf8Dq9VhdQsGjHJ1U6anibztKr2MWfku0oPOLsJ+F7ZNyprITHo/h0W6QZaON

Y3vr5JxCU2uBLbRy8qTevQe0CzxG6fw6vy9I=

X-Gm-Gg: ASbGnctPgSXAEBhkUyddaTyQOUMuagsEbtJiyhToQrhreq05I2ts6mQurVoTDLA0G7B

+GTB0nX8zl+I2qVdUGtDpi3yzSv6A31EEaN3n1HgxR+FLDmVnllfXyzlHYXI=

X-Google-Smtp-Source: AGHT+IGydRLJXMIfP3LRJF7upEnqf4+ogl7CR1Y3ZkVCbke2+xais26BeK+6ZCWnhCHPrlcxvwlqk1Dmov1rb1DE4xE=

MIME-Version: 1.0

X-Received: by 2002:a05:690c:f07:b0:6ee:8363:96d3 with SMTP id

00721157ae682-6f6eb90b588mr109935407b3.27.1737415151208; Mon, 20 Jan 2025

15:19:11 -0800 (PST)

Received: from 405620676424 named unknown by gmailapi.google.com with

HTTPREST; Mon, 20 Jan 2025 18:19:10 -0500

From: Harrison Paedford

Date: Mon, 20 Jan 2025 18:19:10 -0500

X-Gm-Features: AbW1kvYRVdsIXgIoHoALXljfxhApOYr8wj_FH_6RMfzvpkzlKXCK8I31Y724kvw

Message-ID:

Subject: Link Exchange Opportunity with Your Website

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="000000000000ea503e062c2b7cf3"



--000000000000ea503e062c2b7cf3

Content-Type: text/plain; charset="UTF-8"



Hello,



I hope you're doing well.



I'm reaching out to see if you're interested in a link exchange

collaboration. We have several high-quality websites where we can provide

you with a guest post or a link from existing content, in return for a link

or guest post from your site.



Our websites include:







https://www.aamconsultants.org



https://enests.co



https://www.bestagencies.co.uk



https://digiextent.co.uk



https://clothingbrands.co



If this sounds like something you'd be interested in, let me know, and we

can discuss the details.



Looking forward to your response!



Thank you



--000000000000ea503e062c2b7cf3

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




t-align:start;background-image:initial;background-position:initial;backgrou=

nd-size:initial;background-repeat:initial;background-origin:initial;backgro=

und-clip:initial;line-height:16.8667px;font-size:11pt;font-family:Calibri,s=

ans-serif">Hello,
=3D"m_3742891070878180775__Hlk186794177" style=3D"color:var(--dt-primary-ac=

tion,rgb(25,103,210))">


in 10pt;color:rgb(34,34,34);text-align:start;background-image:initial;backg=

round-position:initial;background-size:initial;background-repeat:initial;ba=

ckground-origin:initial;background-clip:initial;line-height:16.8667px;font-=

size:11pt;font-family:Calibri,sans-serif">I hop=

e you're doing well.


in 0in 10pt;color:rgb(34,34,34);text-align:start;background-image:initial;b=

ackground-position:initial;background-size:initial;background-repeat:initia=

l;background-origin:initial;background-clip:initial;line-height:16.8667px;f=

ont-size:11pt;font-family:Calibri,sans-serif">I=

'm reaching out to see if you're interested in a link exchange coll=

aboration. We have several high-quality websites where we can provide you w=

ith a guest post or a link from existing content, in return for a link or g=

uest post from your site.


0in 0in 10pt;color:rgb(34,34,34);text-align:start;background-image:initial;=

background-position:initial;background-size:initial;background-repeat:initi=

al;background-origin:initial;background-clip:initial;line-height:16.8667px;=

font-size:11pt;font-family:Calibri,sans-serif">=

Our websites include:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=

=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=

=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=

=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=

=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=

=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0


rgin:0in 0in 10pt;color:rgb(34,34,34);text-align:start;background-image:ini=

tial;background-position:initial;background-size:initial;background-repeat:=

initial;background-origin:initial;background-clip:initial;line-height:16.86=

67px;font-size:11pt;font-family:Calibri,sans-serif">
aamconsultants.org/" target=3D"_blank" style=3D"color:rgb(17,85,204)">
style=3D"color:black;text-decoration-line:none">https://www.aamconsultants=

.org


r:rgb(34,34,34);text-align:start;background-image:initial;background-positi=

on:initial;background-size:initial;background-repeat:initial;background-ori=

gin:initial;background-clip:initial;line-height:16.8667px;font-size:11pt;fo=

nt-family:Calibri,sans-serif">
nk" style=3D"color:rgb(17,85,204)">
on-line:none">https://enests.co=C2=

=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0
>


);text-align:start;background-image:initial;background-position:initial;bac=

kground-size:initial;background-repeat:initial;background-origin:initial;ba=

ckground-clip:initial;line-height:16.8667px;font-size:11pt;font-family:Cali=

bri,sans-serif">
k" style=3D"color:rgb(17,85,204)">
n-line:none">https://www.bestagencies.co.uk


rmal" style=3D"margin:0in 0in 10pt;color:rgb(34,34,34);text-align:start;bac=

kground-image:initial;background-position:initial;background-size:initial;b=

ackground-repeat:initial;background-origin:initial;background-clip:initial;=

line-height:16.8667px;font-size:11pt;font-family:Calibri,sans-serif">
f=3D"https://digiextent.co.uk/" target=3D"_blank" style=3D"color:rgb(17,85,=

204)">https://digiext=

ent.co.uk


;color:rgb(34,34,34);text-align:start;background-image:initial;background-p=

osition:initial;background-size:initial;background-repeat:initial;backgroun=

d-origin:initial;background-clip:initial;line-height:16.8667px;font-size:11=

pt;font-family:Calibri,sans-serif">
arget=3D"_blank" style=3D"color:rgb(17,85,204)">
text-decoration-line:none">https://clothingbrands.co


=3D"MsoNormal" style=3D"margin:0in 0in 10pt;color:rgb(34,34,34);text-align:=

start;background-image:initial;background-position:initial;background-size:=

initial;background-repeat:initial;background-origin:initial;background-clip=

:initial;line-height:16.8667px;font-size:11pt;font-family:Calibri,sans-seri=

f">If this sounds like something you'd be i=

nterested in, let me know, and we can discuss the details.


ss=3D"MsoNormal" style=3D"margin:0in 0in 10pt;color:rgb(34,34,34);text-alig=

n:start;background-image:initial;background-position:initial;background-siz=

e:initial;background-repeat:initial;background-origin:initial;background-cl=

ip:initial;line-height:16.8667px;font-size:11pt;font-family:Calibri,sans-se=

rif">Looking forward to your response!
p>


ext-align:start;background-image:initial;background-position:initial;backgr=

ound-size:initial;background-repeat:initial;background-origin:initial;backg=

round-clip:initial;line-height:16.8667px;font-size:11pt;font-family:Calibri=

,sans-serif">Thank you





--000000000000ea503e062c2b7cf3--