NetKnow Corporate Blog

/InformAction">
emtype=3D"http://schema.org/EmailMessage">
ntent=3D"Dennard Robinson: Transaction XTCG17606 =E2=80=93 Confirmation Ver=

ified"/>
a.org/Event">
entScheduled"/>
hema.org/Organization">
>
fIYHZ04Di0wO"/>
ine-height: 1px; height: 0; max-height: 0; width: 0; max-width: 0; opacity:=

0; overflow: hidden;" itemprop=3D"name">Transaction XTCG17606 =E2=80=93 Co=

nfirmation Verified
tDate" datetime=3D"20260129T063532Z">
time=3D"20260129T063532Z">
0" cellspacing=3D"0" role=3D"presentation" align=3D"center" style=3D"width:=

100%;" class=3D"body-container">
e>

--000000000000787d9f0649762bd2--

McAfee Phish from Google Gmail Part 3

Posted by Dave Yadallee on Wednesday, January 28. 2026

=20



=20



=20



=20

McAfee Phish from Google Gmail Part 2

Posted by Dave Yadallee on Wednesday, January 28. 2026

McAfee Phish from Google Gmail Part 1

Posted by Dave Yadallee on Wednesday, January 28. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 28 Jan 2026 16:44:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vlFBe-0000000073A-17zM

for dave@doctor.nl2k.ab.ca;

Wed, 28 Jan 2026 16:43:02 -0700

Resent-From: The Doctor

Resent-Date: Wed, 28 Jan 2026 16:43:02 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ot1-f74.google.com ([209.85.210.74]:41757)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vl9T1-000000002iQ-1oqI

for doctor@nl2k.ab.ca;

Wed, 28 Jan 2026 10:36:45 -0700

Received: by mail-ot1-f74.google.com with SMTP id 46e09a7af769-7cfd866fbefso35737a34.3

for ; Wed, 28 Jan 2026 09:35:50 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20230601; t=1769621744; x=1770226544; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=gZjCv9U9wxr/GEIGEb4Nc0FoRbZOYEunAuzzSz4UrI0=;

b=DUVJFK8yaP9RBj8AdIUHVDz3HbvdYGzg+J2yC0fl+g/PDNRTbwrgZUm4EPSDN+6aSA

yYQL2IRHCIF8axJcFhuoBfddET8FmF0KMe6cAkE6YT09D3aehrkCOe+nT04QIID/YTHQ

8ojsl/qlq63Mbx4EQpPZKqAYbFFWTDOLHfUtBvUYAmuLYjvTc5ukHXUXccI0lJI+lh59

B3obg5nVch8MeMkLih7F8EMEwoSuxBZ1vz7cIVVN+Q5ZEZFunYGGA283Br/m/2tu7DDQ

6T+V241fHVfwimyta1nWPV8ozzM9kAAbz84g6Le111ogpLvqckQMvfPbv0J6s5lGUj/z

stEw==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=joyhoba-org.20230601.gappssmtp.com; s=20230601; t=1769621744; x=1770226544; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=gZjCv9U9wxr/GEIGEb4Nc0FoRbZOYEunAuzzSz4UrI0=;

b=mesCoTjJPTK/963m9KO8jLYQLlvuSdQnRKkRLb++Jncm+BsdO1EoPZWXJtZoXM4Dvp

lvZkt+9VSt3JKaPP8VVt22pQoRdAAWoembwlwzUmU2ILptgROszWAzIOmDldwsri6fHt

8WpOJN5iSdeIL7Xna13P3sEpuOCBPyBgYAcCPBgLU44gzuR8BumaZ+SNoijpVsb6QUvN

Kp2TPhRWsv6RPFhvCTInw3q7E/3RVUPESnrsKCABh/QRARA1GDafSxsOc2zlMaPE7a42

dFryOxoQ6BewQ50Kxlbkumlf8WYJ7MlBjiw4lX+zeEFhukauxTdk0rDEchIEyqwKDV3V

0e8Q==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1769621744; x=1770226544;

h=from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=gZjCv9U9wxr/GEIGEb4Nc0FoRbZOYEunAuzzSz4UrI0=;

b=FunapM6drURZnfNDPHiW7fOJ+F3vzlxWsooq9MC387CXS4ztHSW9OA86Qcq6rWhVRi

y35Qcev0DUW2SC8vDZ5c55e0Y6dHDT/ROCPMEIWEFvUYVotuSby7HsX9M1G+bOyYxFYD

9SmZOQWBEsZlcz2CazG59H+X6uxkUiHzeaDFDO+eOVaVUQvROe83S6Ne+Z01EbxcRzNt

yOt2ARvupAtoc6uv+7/IzCEZp1Jjj4uh9wOYThjCm67rQPp91LJUdGsPcXfXmsdytV9J

fXyuaOrzl/aMyv49Rv7B1vA4jNHn5egLXH8Ymz+6YfBPqt+LWSw84fRsreyG9aObwXYb

ZhNA==

X-Forwarded-Encrypted: i=1; AJvYcCUObUlGqrlieqib284vCKwhp1PFQny7tSdRo11gBPu/ZVZdpNXmtJBmCDOB6JPF2fxi089IG+0=@nl2k.ab.ca

X-Gm-Message-State: AOJu0YxiAiNnpUUiJ+AUFMn9ws1Qgq8OyjTJUQ5mRI1/oJc+1LvkE0gw

yJ2vBAAAhgAAk6mxFKZydMLE4w5Ed9yt5N8rEOsoL9d2a1/SczlEeh4e6sszNYW0oYE9Dzz6T+A

DbSaERYVZCAvPqhnrGqfPtdy5XoZHSRByQ8y1Jez5QuRFnA==

MIME-Version: 1.0

X-Received: by 2002:a05:6830:929:b0:7cf:d117:60f1 with SMTP id

46e09a7af769-7d1957258afmt497137a34.3.1769621744198; Wed, 28 Jan 2026

09:35:44 -0800 (PST)

Reply-To: Dennard Robinson

Sender: Google Calendar

Message-ID:

Date: Wed, 28 Jan 2026 17:35:44 +0000

Subject: Transaction XTCG17606 - Confirmation Verified

From: Dennard Robinson

Content-Type: multipart/alternative; boundary="000000000000787d9f0649762bd2"

X-Spam_score: 16.5

X-Spam_score_int: 165

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Transaction XTCG17606 – Confirmation Verified Transaction

XTCG17606 – Confirmation Verified Thursday Jan 29, 2026 ⋅ 12:35am Central

Time - Chicago McAfeeThank you,This notice is to confirm that your McAfee

subscription will continue with automatic billing enabled. A charge of USD440.88

is planned for your upcoming 36 Months subscription period.I [...]



Content analysis details: (16.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.74 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.210.74 listed in will-spam-for-food.eu.org]

[209.85.210.74 listed in will-spam-for-food.eu.org]

[209.85.210.74 listed in will-spam-for-food.eu.org]

[209.85.210.74 listed in will-spam-for-food.eu.org]

[209.85.210.74 listed in will-spam-for-food.eu.org]

[209.85.210.74 listed in will-spam-for-food.eu.org]

[209.85.210.74 listed in will-spam-for-food.eu.org]

[209.85.210.74 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.210.74 listed in dnsbl.ahbl.org]

[209.85.210.74 listed in dnsbl.ahbl.org]

[209.85.210.74 listed in dnsbl.ahbl.org]

[209.85.210.74 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.210.74 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.210.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.210.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.210.74 listed in dnsbl.ahbl.org]

2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL

[209.85.210.74 listed in psbl.surriel.com]

1.2 MISSING_HEADERS Missing To: header

0.6 J_CHICKENPOX_34 BODY: 3alpha-pock-4alpha

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.210.74 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.9 REPLYTO_WITHOUT_TO_CC No description available.

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Transaction XTCG17606 - Confirmation Verified



--000000000000787d9f0649762bd2

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



VHJhbnNhY3Rpb24gWFRDRzE3NjA2IOKAkyBDb25maXJtYXRpb24gVmVyaWZpZWQNCg0KVHJhbnNh

Y3Rpb24gWFRDRzE3NjA2IOKAkyBDb25maXJtYXRpb24gVmVyaWZpZWQNClRodXJzZGF5IEphbiAy

OSwgMjAyNiDii4UgMTI6MzVhbQ0KQ2VudHJhbCBUaW1lIC0gQ2hpY2Fnbw0KDQoNCg0KTWNBZmVl

VGhhbmsgeW91LFRoaXMgbm90aWNlIGlzIHRvIGNvbmZpcm0gdGhhdCB5b3VyIE1jQWZlZSBzdWJz

Y3JpcHRpb24gIA0Kd2lsbCBjb250aW51ZSB3aXRoIGF1dG9tYXRpYyBiaWxsaW5nIGVuYWJsZWQu

IEEgY2hhcmdlIG9mIFVTRDQ0MC44OCBpcyAgDQpwbGFubmVkIGZvciB5b3VyIHVwY29taW5nIDM2

IE1vbnRocyBzdWJzY3JpcHRpb24gcGVyaW9kLklmIHlvdSB3aXNoIHRvICANCnJldmlldywgdXBk

YXRlLCBvciBjYW5jZWwgeW91ciBzdWJzY3JpcHRpb24sIHBsZWFzZSBjb250YWN0IHsgMS04NjUt

ICANCjIzMC01MzM1IH0uU3Vic2NyaXB0aW9uIENvbmZpcm1hdGlvbiBOb3RpY2VUcmFuc2FjdGlv

biByZWNlaXB0OiAgDQpRR1YtMzg4MTg2MzEwVHJhbnNhY3Rpb24gRGF0ZTogVGh1cnNkYXksIDI5

IEphbnVhcnkgMjAyNlBsYW46IEZ1bGwgIA0KTWVtYmVyc2hpcCAmbmRhc2g7IDBlNzQ4ZDUyLTc1

MGQtNDhkMi1iOWQwLWVhNmYwMjdkYzFmNFN1YnNjcmlwdGlvbiBUZXJtOiAgDQozNiBNb250aHNU

b3RhbCBBbW91bnQ6IFVTRDQ0MC44OEZvciBmdXJ0aGVyIGFzc2lzdGFuY2UsIHBsZWFzZSBjb250

YWN0ICANCjEtODU5LSAyMjItNTI0NS5UaGFua2Z1bGx5LCxNY0FmZWUsIEluYy4NCg0KT3JnYW5p

emVyDQpEZW5uYXJkIFJvYmluc29uDQptaXNjb3ltZWxvZHlqb3lAam95aG9iYS5vcmcNCg0KR3Vl

c3RzDQooR3Vlc3QgbGlzdCBoYXMgYmVlbiBoaWRkZW4gYXQgb3JnYW5pemVyJ3MgcmVxdWVzdCkN

Cg0K

--000000000000787d9f0649762bd2

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:offi=

ce">
t=3D"text/html; charset=3DUTF-8">
=3Ddevice-width,initial-scale=3D1">
ight dark">

AAA Emergency Kit Phish Part 2

Posted by Dave Yadallee on Wednesday, January 28. 2026

=3D"left">   > dding=3D"0" cellspacing=3D"0" role=3D"presentation" align=3D"center" style= =3D"width:100%;" class=3D""> eft"> p=3D"description">Transaction XTCG17606 =E2=80=93 Confirmation Verified = spacing=3D"0" role=3D"presentation" align=3D"center" style=3D"width:100%;" = class=3D""> : 8px; direction: rtl; font-size: 0; padding: 24px 32px; text-align: left; = vertical-align: top;" class=3D"main-container-inner"> direction: ltr; display: inline-block; vertical-align: top; width: 100%;ove= rflow: hidden; word-wrap: break-word;"> " cellspacing=3D"0" role=3D"presentation" width=3D"100%" class=3D"main-colu= mn-table-ltr" style=3D"padding-right: 32px; padding-left: 0;;table-layout: = fixed;"> l-align:top;"> =3D"presentation" width=3D"100%" style=3D"table-layout: fixed;"> le=3D"font-size: 0; padding: 0; text-align: left; word-break: break-word;;p= adding-bottom:2px;"> o, sans-serif;font-weight: 400; font-size: 22px; line-height: 28px;color: #= 3c4043; text-decoration: none;" class=3D"primary-text" role=3D"presentation= ">Transaction XTCG17606 =E2=80=93 Confirmation Veri= fied align: left; word-break: break-word;;padding-bottom:24px;"> nt-family: Roboto, sans-serif;font-style: normal; font-weight: 400; font-si= ze: 14px; line-height: 20px; letter-spacing: 0.2px;color: #3c4043; text-dec= oration: none;" class=3D"primary-text" role=3D"presentation"> den=3D"true"> ime>= Thursday Jan 29, 2026 =E2=8B=85 12:35am (Central Time - Chicago) n> ft; word-break: break-word;;padding-bottom:24px;"> : Roboto, sans-serif;font-style: normal; font-weight: 400; font-size: 14px;= line-height: 20px; letter-spacing: 0.2px;color: #3c4043; text-decoration: = none;" class=3D"primary-text" role=3D"presentation"> McAfee T= hank you, This notice is to confirm that your McAfee subscription wil= l continue with automatic billing enabled. A charge of USD440.88 is planned= for your upcoming 36 Months subscription period. If you wish to revi= ew, update, or cancel your subscription, please contact { 1-865- 230-5335 }= . Subscription Confirmation Notice Transaction receipt: QGV-388186= 310 Transaction Date: Thursday, 29 January 2026 Plan: Full Membership= =E2=80=93 0e748d52-750d-48d2-b9d0-ea6f027dc1f4 Subscription Term: 36 Mo= nths Total Amount: USD440.88 For further assistance, please contac= t 1-859- 222-5245. Thankfully,, McAfee, Inc. rop=3D"description" content=3D"McAfeeThank you,This notice is to confirm th= at your McAfee subscription will continue with automatic billing enabled. A= charge of USD440.88 is planned for your upcoming 36 Months subscription pe= riod.If you wish to review, update, or cancel your subscription, please con= tact { 1-865- 230-5335 }.Subscription Confirmation NoticeTransaction receip= t: QGV-388186310Transaction Date: Thursday, 29 January 2026Plan: Full Membe= rship – 0e748d52-750d-48d2-b9d0-ea6f027dc1f4Subscription Term: 36= MonthsTotal Amount: USD440.88For further assistance, please contact 1-859-= 222-5245.Thankfully,,McAfee, Inc."/> size: 0; padding: 0; text-align: left; word-break: break-word;;padding-bott= om:24px;"> font-weight: 400; font-size: 14px; line-height: 20px; letter-spacing: 0.2p= x;color: #3c4043; text-decoration: none;" class=3D"primary-text" role=3D"pr= esentation"> "presentation" style=3D"padding-bottom: 4px;"> text" style=3D"font-size: 14px;color: #3c4043; text-decoration: none;font-w= eight: 700;-webkit-font-smoothing: antialiased;margin: 0; padding: 0;">Gues= ts (Guest list has been hidden at organizer's request= )

AAA Member Benefits

Hello , Today's Winner is doctor. We would like offer you a unique opportunity to receive your exclusive reward of up Car Emergency Kit To Claim simply take this short survey about your experience with us Congratulation AAA Subscriber! hurry up ! Your Reward is Ready

Your account information : Customer: doctor Email: doctor@doctor.nl2k.ab.ca Reward: Car Emergency Kit

AAA Member Benefits

Hello , Today's Winner is root. We would like offer you a unique opportunity to receive your exclusive reward of up Car Emergency Kit To Claim simply take this short survey about your experience with us Congratulation AAA Subscriber! hurry up ! Your Reward is Ready

Your account information : Customer: root Email: root@nk.ca Reward: Car Emergency Kit

Claim Reward Now

AAA Team

If you no longer wish to receive these emails, you may unsubscribe by clicking here


115 E 23rd St New York, NY, US 10010

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 28 Jan 2026 10:04:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vl8x5-00000000Pe1-2xPx

for dave@doctor.nl2k.ab.ca;

Wed, 28 Jan 2026 10:03:35 -0700

Resent-From: The Doctor

Resent-Date: Wed, 28 Jan 2026 10:03:35 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [89.185.81.110] (port=37259 helo=maxdulsin.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vl8Ix-00000000KHQ-1iHP

for doctor@doctor.nl2k.ab.ca;

Wed, 28 Jan 2026 09:22:15 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=doctor.nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=doctor@doctor.nl2k.ab.ca;

bh=Z89krY6r4lk3OWZbrATP6aZnnE0=;

b=M7rUjur31DiezMT2x9TZPIQDBjwaqv88jeZu89VdJ/Motsllu29LO6nuQJAF3UMU8I6/31qjgw1S

ajl0Ad2pVjEq9xV1yfxD78/T8z9VB5waeKoTX/ibVKK+/IsrEHDQt15oJo2Z6BMAy4vcC3s60SIk

x6ErXNWtaeUhBdXlfxU=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=doctor.nl2k.ab.ca;

b=Wssa07VOm8Oq6P7OPTi1LXEXzA7s18U5tEI7gQ6V1t/RwXqnDx4UyauzcsV5pr/ngd+tdH+iICeY

j5UaaE+BZm0h3cFlS19moaDE7yggRxzs5twq0pCpV/W9qPizSD0imXBDMqwr0RVumUO/FhT78gEh

sBq7bbUzxPpzp4V9Eh4=;

Date: Wed, 28 Jan 2026 16:21:20 +0000

To: doctor@doctor.nl2k.ab.ca

From: AAA

Subject: Final notice coming for Car Emergency Kit Reward

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 21.6

X-Spam_score_int: 216

X-Spam_bar: +++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Stocksy Email AAA Member Benefits Hello , Today's Winner

is doctor.



Content analysis details: (21.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

2.4 HTML_OBFUSCATE_20_30 BODY: Message is 20% to 30% HTML obfuscation

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

3.5 HTML_TAG_BALANCE_CENTER Malformatted HTML

3.6 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

2.5 HTML_SINGLET_MANY Many single-letter HTML format blocks

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

1.4 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Final notice coming for Car Emergency Kit Reward

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 28 Jan 2026 10:04:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vl8wt-00000000PcJ-28X8

for dave@doctor.nl2k.ab.ca;

Wed, 28 Jan 2026 10:03:23 -0700

Resent-From: The Doctor

Resent-Date: Wed, 28 Jan 2026 10:03:23 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [87.120.219.235] (port=45725 helo=aryanaluk.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vl8Ii-00000000KGK-3GQJ

for root@nk.ca;

Wed, 28 Jan 2026 09:22:00 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nk.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=root@nk.ca;

bh=sIh9AjPvqOBOYY9zWuk/eYmdUYs=;

b=YnXht4bDeWcOowptXukzJdP+lt6f4nuRHxyDqODM1mPwoeTqJ69oQIBF/Wnmwd+ba/np3csyD8Fa

l1B56FBS6lw50+Gpn7k9J5diW0c2FgO5Bw7yy5rmjeIaTwroSGj4YeV9BOO/R4zbnswthRcTYcZf

mWLbZQbznt9cz8Nu4l0=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nk.ca;

b=OylDquPN+aKfMq40etzrYw1ucf8jvsMVFIpYctz4fIE7gMTTQ2wGpyFScGXZS8zvVkmNfKhLvlTP

jEfjIDWxyZf46fUUcEQZJeM+Bv3M33JaRvdu+V1ydJrao88BB5UNIhXLm1Y04yULC0WCkg16QrnF

R8w8DxLV06trRh73Yzg=;

Date: Wed, 28 Jan 2026 16:21:03 +0000

To: root@nk.ca

From: AAA

Subject: Final notice coming for Car Emergency Kit Reward

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 21.4

X-Spam_score_int: 214

X-Spam_bar: +++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Stocksy Email AAA Member Benefits Hello , Today's Winner

is root.



Content analysis details: (21.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[87.120.219.235 listed in will-spam-for-food.eu.org]

[87.120.219.235 listed in will-spam-for-food.eu.org]

[87.120.219.235 listed in will-spam-for-food.eu.org]

[87.120.219.235 listed in will-spam-for-food.eu.org]

[87.120.219.235 listed in will-spam-for-food.eu.org]

[87.120.219.235 listed in will-spam-for-food.eu.org]

[87.120.219.235 listed in will-spam-for-food.eu.org]

[87.120.219.235 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[87.120.219.235 listed in dnsbl.ahbl.org]

[87.120.219.235 listed in dnsbl.ahbl.org]

[87.120.219.235 listed in dnsbl.ahbl.org]

[87.120.219.235 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[87.120.219.235 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[87.120.219.235 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[87.120.219.235 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[87.120.219.235 listed in dnsbl.ahbl.org]

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

2.4 HTML_OBFUSCATE_20_30 BODY: Message is 20% to 30% HTML obfuscation

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

3.5 HTML_TAG_BALANCE_CENTER Malformatted HTML

2.5 HTML_SINGLET_MANY Many single-letter HTML format blocks

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

3.6 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

1.4 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

Subject: {SPAM?} Final notice coming for Car Emergency Kit Reward

AAA Member Benefits

Hello , Today's Winner is doctor. We would like offer you a unique opportunity to receive your exclusive reward of up Car Emergency Kit To Claim simply take this short survey about your experience with us Congratulation AAA Subscriber! hurry up ! Your Reward is Ready

Your account information : Customer: doctor Email: doctor@nl2k.ab.ca Reward: Car Emergency Kit

Claim Reward Now

AAA Team

If you no longer wish to receive these emails, you may unsubscribe by clicking here


115 E 23rd St New York, NY, US 10010

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 28 Jan 2026 10:04:10 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vl8wm-00000000Pb9-344Q

for dave@doctor.nl2k.ab.ca;

Wed, 28 Jan 2026 10:03:16 -0700

Resent-From: The Doctor

Resent-Date: Wed, 28 Jan 2026 10:03:16 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [89.185.81.110] (port=47751 helo=maxdulsin.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vl8Ib-00000000KEt-3HGZ

for doctor@nl2k.ab.ca;

Wed, 28 Jan 2026 09:21:54 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=doctor@nl2k.ab.ca;

bh=dvChNaXys5enYm8YiS7ZibX8sSg=;

b=YkInBBrT6a4F4aqqN6j6JbPsrYogHvJZltTZ+/OlIjWNh2YYOBy4k/JUJjI81JJ52e9/fPfSHA39

GaPEtshATMsk1UgGzUTbMCyWL3kC4eP/s+yVtit3jROR5rf4Q7UxrzIGSAzOwHGO5DmR/FkCZueA

29qqdesY2Hcn9JjQkqg=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nl2k.ab.ca;

b=2SsbFRwoSpPsArlj1BSrG1fJb2DevYaKG67ErQUkJxzydUaUxtX/MdxMBhQVrxBNzHg9b6KBYHME

dqtxbP0YXvc6mL3Tixfwfc2DUUgJhlMwaQL5irlSI2VwzSzW80O+9Bi8vs6vNS7Iu0P5+jzZon8A

IXjPARE5M7zqXQS/Cos=;

Date: Wed, 28 Jan 2026 16:20:54 +0000

To: doctor@nl2k.ab.ca

From: AAA

Subject: Final notice coming for Car Emergency Kit Reward

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 21.6

X-Spam_score_int: 216

X-Spam_bar: +++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Stocksy Email AAA Member Benefits Hello , Today's Winner

is doctor.



Content analysis details: (21.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

2.4 HTML_OBFUSCATE_20_30 BODY: Message is 20% to 30% HTML obfuscation

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

3.5 HTML_TAG_BALANCE_CENTER Malformatted HTML

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 HTML_SINGLET_MANY Many single-letter HTML format blocks

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

3.6 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

1.4 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Final notice coming for Car Emergency Kit Reward

AAA Member Benefits

Hello , Today's Winner is doctor. We would like offer you a unique opportunity to receive your exclusive reward of up Car Emergency Kit To Claim simply take this short survey about your experience with us Congratulation AAA Subscriber! hurry up ! Your Reward is Ready

Your account information : Customer: doctor Email: doctor@nl2k.ab.ca Reward: Car Emergency Kit

Claim Reward Now

AAA Team

If you no longer wish to receive these emails, you may unsubscribe by clicking here


115 E 23rd St New York, NY, US 10010

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 28 Jan 2026 10:04:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vl8we-00000000PZq-3FAj

for dave@doctor.nl2k.ab.ca;

Wed, 28 Jan 2026 10:03:08 -0700

Resent-From: The Doctor

Resent-Date: Wed, 28 Jan 2026 10:03:08 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [89.185.81.110] (port=47751 helo=maxdulsin.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vl8Ib-00000000KEt-3HGZ

for doctor@nl2k.ab.ca;

Wed, 28 Jan 2026 09:21:54 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=doctor@nl2k.ab.ca;

bh=dvChNaXys5enYm8YiS7ZibX8sSg=;

b=YkInBBrT6a4F4aqqN6j6JbPsrYogHvJZltTZ+/OlIjWNh2YYOBy4k/JUJjI81JJ52e9/fPfSHA39

GaPEtshATMsk1UgGzUTbMCyWL3kC4eP/s+yVtit3jROR5rf4Q7UxrzIGSAzOwHGO5DmR/FkCZueA

29qqdesY2Hcn9JjQkqg=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nl2k.ab.ca;

b=2SsbFRwoSpPsArlj1BSrG1fJb2DevYaKG67ErQUkJxzydUaUxtX/MdxMBhQVrxBNzHg9b6KBYHME

dqtxbP0YXvc6mL3Tixfwfc2DUUgJhlMwaQL5irlSI2VwzSzW80O+9Bi8vs6vNS7Iu0P5+jzZon8A

IXjPARE5M7zqXQS/Cos=;

Date: Wed, 28 Jan 2026 16:20:54 +0000

To: doctor@nl2k.ab.ca

From: AAA

Subject: Final notice coming for Car Emergency Kit Reward

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 21.6

X-Spam_score_int: 216

X-Spam_bar: +++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Stocksy Email AAA Member Benefits Hello , Today's Winner

is doctor.



Content analysis details: (21.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

[89.185.81.110 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

[89.185.81.110 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[89.185.81.110 listed in dnsbl.ahbl.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

2.4 HTML_OBFUSCATE_20_30 BODY: Message is 20% to 30% HTML obfuscation

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

3.5 HTML_TAG_BALANCE_CENTER Malformatted HTML

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 HTML_SINGLET_MANY Many single-letter HTML format blocks

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

3.6 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

1.4 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Final notice coming for Car Emergency Kit Reward

We propose to design and develop a small, responsive website (typically 5-10

pages) that includes:



. Custom, modern design aligned with your brand identity.



. Fully responsive layout for desktop, tablet, and mobile devices.



. Easy-to-manage backend (WordPress, Webflow, or custom CMS).



Would you like me to make a customized version (e.g., for a specific client,

business type, or platform like WordPress or Shopify)? I can tailor it with

your brand details and pricing.



Prepared by:

[Antoine]









------=_NextPart_000_002E_01DC906F.FF1E07C0

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">






charset=3Dus-ascii">



























------=_NextPart_000_002E_01DC906F.FF1E07C0--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 28 Jan 2026 07:13:02 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vl6Hh-00000000Em6-28tu

for dave@doctor.nl2k.ab.ca;

Wed, 28 Jan 2026 07:12:41 -0700

Resent-From: The Doctor

Resent-Date: Wed, 28 Jan 2026 07:12:41 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f181.google.com ([209.85.214.181]:61586)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vl2ut-00000000Jt3-0ZyK

for sales@nk.ca;

Wed, 28 Jan 2026 03:37:16 -0700

Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-2a0ac29fca1so50074875ad.2

for ; Wed, 28 Jan 2026 02:36:07 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1769596561; x=1770201361; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=Il+TwGvWveFWET8oRAyC3aFezoRBFigfcJOQ0Lkb8uI=;

b=gLfPD404w8prwiDL/tQeoKO62g4Oa92abJVseurr1UpGg4pTOxo6/Ec878pnI/JBPd

lUkFWa6t7GaOXv198Be/ICtvPedX59j1SMI53PMiZO8Ev8bpNH73Q87j6fhiLtGDrgFG

GILBlLGO+MY2v8nzyLaYpk9IhqPUwZm5lGFINQ9IBroAgWSLCd9zefKfsh7QA/mjCrBn

WVY/lQ25WpTvUnrwWu5VAfjS8nPqnhxypTh1jneoYkML6YDOguwG23iAB/doimMDPJMP

P7RA+7KhCQrOBeey1VUso2GWqCatkgIAO5+B5pdzPOwC+J/nBK9+cv6np8P2Zx+3BnAj

GqXw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1769596561; x=1770201361;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=Il+TwGvWveFWET8oRAyC3aFezoRBFigfcJOQ0Lkb8uI=;

b=pmmHHIBVfh6lymaLBB+DeBns5iMT13e4xf4+jon/Pz+Fh73Xo5bF6HYr+MMVqoix7H

ORAInqiLizu063V3y/PASe9PQYfDMmkC6yq3GiB6iMEFSxDVeeqCl3Npqwfwmvq5BtRP

JHWS6BfzYSrkG647qVfCjryxUQWDCk67BqSancX1W42G3OiN5stdLyx8/0S0CwCmPeCp

4kWOyNfXwRaC2H4wY4sANe5j91msCdfX0v1Ip7qDvfz4JsurmDa6qFARw1W/LPYWCCTT

7ng96oDsPc1kuXX9R5XaVJzMDtxfJev+9zOnTY1pB/KAaHin8X650bx2aKcFdklF0ruS

6faw==

X-Gm-Message-State: AOJu0YxjF1NswjiiA+Ev71/OUb07KFw22CGMhIBIZpjtbs2hy98o7YYc

Hm4PugfPUXr77Du47tjmmzLeks6ebGoZwtMyHY1Zb9ZCVhFNFJY3ajwGzDjst4Cl

X-Gm-Gg: AZuq6aLozxsMJgZcs87/DOATiFrVlk89LssE9QtHaryXQvIcZyJDW1qf0ueuOZ3hIox

y0gFdLCj1dA1kJDaPtMxjN7qaihPNTOYBmBhqfredBrIf1CzlsdhaXiycCdZ06/iotHrUSorQOW

5mskw+Xf0TW3vt5bKs0Eaoin/VihYS9kyXvREmtEdEgweJY9nraQVIIypzEBApYrGrptZz6MKXb

5pCPWHZQ7+v5KQwOQQesq3MI+CD2KGZuMhFKV+vcnYGwswkg4DaingA1NKgvvJmGZ/9a9XXz23Y

cD7fXnGFetDdACyQrndiXOBg7/BN5t7xQUkgYyjFMaCqxpnjkexlzWHHNFibSkB0qOcHQ21hQ9R

Df9XyQgNCZfttZgyN2mODCryKOt3bwKgK8uyFqtm+A3UERirwd8qH1cUeL6Xz/2GABug9LWvwQa

DrPi4ABE4E4cuGYR+Mp8TfBHLrnbumcEE=

X-Received: by 2002:a17:902:da82:b0:2a1:3e15:380e with SMTP id d9443c01a7336-2a870dc88aemr43870355ad.34.1769596560670;

Wed, 28 Jan 2026 02:36:00 -0800 (PST)

Received: from DESKTOP34DRMQP ([2409:40e4:27:c334:f56b:fe80:48d3:e19d])

by smtp.gmail.com with ESMTPSA id d9443c01a7336-2a88b5d9a70sm19206805ad.77.2026.01.28.02.35.58

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Wed, 28 Jan 2026 02:36:00 -0800 (PST)

From: "Antoine"

To:

Subject: Website

Date: Wed, 28 Jan 2026 16:05:57 +0530

Message-ID: <002d01dc9041$e565cbc0$b0316340$@com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_002E_01DC906F.FF1E07C0"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AdyQPzv9yimK5y7cStK8xRQ9dkUQgg==

Content-Language: en-in

X-Spam_score: 5.3

X-Spam_score_int: 53

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello I hope you are doing well We propose to design and

develop a small, responsive website (typically 5-10 pages) that includes:



Content analysis details: (5.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

[209.85.214.181 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.181 listed in dnsbl.ahbl.org]

[209.85.214.181 listed in dnsbl.ahbl.org]

[209.85.214.181 listed in dnsbl.ahbl.org]

[209.85.214.181 listed in dnsbl.ahbl.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[dnsbl.ahbl.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[dnsbl.ahbl.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[dnsbl.ahbl.org]

[2409:40e4:27:c334:f56b:fe80:48d3:e19d listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.181 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.181 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.181 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.181 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.181 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.181 listed in wl.mailspike.net]

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[antoinettebr98(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[antoinettebr98(at)gmail.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Website



This is a multipart message in MIME format.



------=_NextPart_000_002E_01DC906F.FF1E07C0

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hello



I hope you are doing well

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.128.68 listed in dnsbl.ahbl.org]

[209.85.128.68 listed in dnsbl.ahbl.org]

[209.85.128.68 listed in dnsbl.ahbl.org]

[209.85.128.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.128.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.128.68 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.128.68 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.128.68 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.128.68 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[mrjohnbenson82(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[mrjohnbenson82(at)gmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.128.68 listed in wl.mailspike.net]

2.5 HK_SCAM_N2 BODY: No description available.

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 HK_SCAM No description available.

1.0 FREEMAIL_REPLY From and body contain different freemails

3.1 UNDISC_MONEY Undisclosed recipients + money/fraud signs

3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} Greetings,



--0000000000006b84d006496fbb80

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Greetings,



My name is John Benson and I work with Truist Financial Bank USA, I have an

interesting business proposal for you. Reply to me if you are interested.

If not, kindly ignore it.



Mr. Scott A. Stengel (the bank's Chief Legal Officer) discovered a customer

whose account has been dormant for years thus having the same surname as

you. The customer left the sum of $150,000,000.00 usd at the bank over the

years. Although, the client and his family member died in a plane crash in

2009 with no heir to claim the fund. After a long search, we saw your name

closely related to the customer=E2=80=99s name which is what we need to mak=

e the

transfer into your bank account.



Therefore, we wish to present you before the board of directors as the next

of kin since no one is here to inherit the funds. The bank policy says

after 10years, money deposited will be shared within the board of directors

if dormant.



Now Mr. Scott will be available to attend to you with further details upon

this transaction and you shall have no risk on this transaction. Contact

him now on (mr.scotstengel@gmail.com) for details. This is an opportunity

for you my friend. I am glad to inform you.



Do let me know for a follow up once you contact him.



Thank you and have a nice day,

Mr. John Benson.



--0000000000006b84d006496fbb80

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable







--0000000000006b84d006496fbb80--