E-bike phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 26 Oct 2025 05:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCynj-0000000081m-0on7

for dave@doctor.nl2k.ab.ca;

Sun, 26 Oct 2025 05:20:43 -0600

Resent-From: The Doctor

Resent-Date: Sun, 26 Oct 2025 05:20:43 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f200.google.com ([209.85.221.200]:50463)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCyYm-000000006M3-3XhK

for doctor@nk.ca;

Sun, 26 Oct 2025 05:05:24 -0600

Received: by mail-vk1-f200.google.com with SMTP id 71dfb90a1353d-557d1d2751cso5702543e0c.1

for ; Sun, 26 Oct 2025 04:04:30 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761476664; x=1762081464; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=lIqWZ84XPIPz15hohDCKBCPSj6vYDz8fELdw4eqKxD8=;

b=WnI5d9lAzVgrSG4aZxOEBKQwZVQWk5qf1c6Ppwsn8s1jvpJWEthoQqUv6do6pEzSMu

Jmzru1x4+iqyW8c8Wc1VBvVj+IzPPxvB9l5dWACNqMyVKnhuiPtT2d+oNhlC31oTqhaJ

LSLIouRzt6zxgaqQMq1+Rd85PHa2Xo4TzbeEDHnJsYqGI1G/xGGH+ieR2xuqvhbPV5SG

964RF6TYvPQmsGsKBmC/gjrYyS+iRdUICNSfonf7+f7YaZWisY2FLQ8x6dmxvRTlyA0p

hJT849O+PYac8JBI0dq+ekXtxNsREGYlC3Qgn+x4Kvmcy1ARKIviMlz7A/DhQFY2h633

XbCQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761476664; x=1762081464;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=lIqWZ84XPIPz15hohDCKBCPSj6vYDz8fELdw4eqKxD8=;

b=mNpQ7OT1F+hbR87ShzspdzzMy9UfH8pH2Q1ZSJzgpacB341Fff9oFfGdhmtk2V3EjI

QANEFMcnsH3HmeDgmzQLKR0Ckl1wdQuSV39GDEMs5NvS2CEsI/hjHU2ma8ajOfoWd1Cl

sKhTC85P2NLwquMO26V2AcwK+pB2iis5o8Fz8mF7fIxwXxfGocIFCvOTXGVL5kukpvFx

lcHxu2JI0ZTDaKY5XO41y1xC8/avjny1wAeOjcHJ8/wGRO1SlM299UKkh59Ynlx4aJN2

OhAQUcFsVjQLtTWFgdie8p9OsQwZowbpSHK/a9ZlCtq7/+MdyOuU8ew115smM1JI4nm9

5CzA==

X-Gm-Message-State: AOJu0YxRLA7laJ2ohbGU56K5P5f0sGp3AM2GDundeNAGmjSIDeXvjFFE

+ginaz32AsENi01qyAqWFzq6AD2F4y5uXdwYvEYg6IKCxT4oWBod0hjpjlqmDxQIOzDIohpH7FM

6Nrswes9EUg==

X-Google-Smtp-Source: AGHT+IE5N3rTBBVkLzryxZ1nz7/CAySFzwtNorGk/hTnWvOskncCmxthOXpkea5hYjNZkVi9Q5VBFlyxhQ/wa3U=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:4695:b0:542:d782:2522 with SMTP id

71dfb90a1353d-5564ef1b76dmr11742534e0c.14.1761476664305; Sun, 26 Oct 2025

04:04:24 -0700 (PDT)

Message-ID: <000000000000db28e406420dbefd@google.com>

Date: Sun, 26 Oct 2025 11:04:24 +0000

Subject: =?UTF-8?B?8J+atOKAjeKZgu+4jyBDb25ncmF0dWxhdGlvbnMsIHlvdXIgSmFzaW9uIEVCNSBSb2FtZQ==?=

=?UTF-8?B?ciBFYmlrZSBpcyB3YWl0aW5nIGZvciB5b3UhIPCfjoE=?=

From: =?UTF-8?Q?Exclusive_Offer_=E2=80=93_Temu?=

To: doctor@nk.ca

Content-Type: multipart/alternative; boundary="000000000000db28d706420dbefa"

X-Spam_score: 10.1

X-Spam_score_int: 101

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: It will take you only a minute to receive this fantastic prize!

TAKE A SURVEY AND WIN A REWARD! Jasion EB5 Roamer Ebike



Content analysis details: (10.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.200 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

[209.85.221.200 listed in dnsbl.ahbl.org]

[209.85.221.200 listed in dnsbl.ahbl.org]

[209.85.221.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: omniwatchsmartwatch26.eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.200 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

Subject: {SPAM?} =?UTF-8?B?8J+atOKAjeKZgu+4jyBDb25ncmF0dWxhdGlvbnMsIHlvdXIgSmFzaW9uIEVCNSBSb2FtZQ==?=

=?UTF-8?B?ciBFYmlrZSBpcyB3YWl0aW5nIGZvciB5b3UhIPCfjoE=?=



--000000000000db28d706420dbefa

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



It will take you only a minute to receive this fantastic prize!





TAKE A SURVEY AND WIN A REWARD!



Jasion EB5 Roamer Ebike







Congratulations!



Share your valuable insights and win big! You've been chosen for a quick

survey about store promotions at Temu. By participating, you could win a

Jasion EB5 Roamer Ebike



To claim, simply take this short survey about your experience with Temu.



GET STARTED NOW







If you no longer wish to receive these emails, you may unsubscribe by

clicking here







--000000000000db28d706420dbefa

Content-Type: text/html; charset="UTF-8"

















03































--000000000000db28d706420dbefa--

E-bike phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 26 Oct 2025 05:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCynq-0000000082N-2Gzu

for dave@doctor.nl2k.ab.ca;

Sun, 26 Oct 2025 05:20:50 -0600

Resent-From: The Doctor

Resent-Date: Sun, 26 Oct 2025 05:20:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f200.google.com ([209.85.221.200]:47507)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCyZN-000000006Qb-3XlE

for sales@nk.ca;

Sun, 26 Oct 2025 05:06:00 -0600

Received: by mail-vk1-f200.google.com with SMTP id 71dfb90a1353d-54a7e0cbb98so8456952e0c.3

for ; Sun, 26 Oct 2025 04:05:08 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761476702; x=1762081502; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=D0FXshFxOKpot8/6qjfgVlHAnOYm2LV1hwYnvBCrLm4=;

b=JarvJAeW8W+htlMDuLaMaGoowIBaQFj3sKIpPZB7QdxhY19MwfSjMo65uzZCm8ZMsr

keeZuQJU7hFV+7ri765DLs94m6x+XtqMEcNZofKKusY49Rnz+gUEkQOidQYIK3EfleO1

sn0srG1Dy+pQT2wdShQmg8dzmkMBUg1shU/BrDmpLdP1Q392aiHUppyrjx36PRsJE/qB

4kcJUatcadAl62W4HI6id9xjD3BEsPyTQmBcEZBQvQQUqm8WUVA8oX/XY+WDYQwKH5hs

3u5o0N2L4xSTgnC72i6xPGtU2RQpCkOU6eT8BPqXFbzEEYppfoAqykK22c+eFGWvJLj+

JTvg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761476702; x=1762081502;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=D0FXshFxOKpot8/6qjfgVlHAnOYm2LV1hwYnvBCrLm4=;

b=qRKcCDQCiNZnUFHSHb1b5P/85JYSrrnB/6hRjLz53WyrAZRts6M/QTXIMI7Cza1U3C

ARQD5OhmzR/1tqdvcBEcKlqLssk1sMMnbiu9Yzlv5wK69ueDxV/sNFOHoYDnMUNIQKq+

ImUDTCRNVB0A2zUzsiDlSvM7Xs5nJRt/wiM/UgN30MVsg7DNmfiA2eeeyyPrvZ+lWLWy

DQmk7rdmiO0khEXgTTjTcIbZBDRsEJt4MrZkKYJ6F0GdgSIzsd7ABLlZchHj/hjrZsox

CeAV85kBMyNXGKVSjUzeJusF9TK1uEsYb90QEkvKCLMYu3ZG0RtU+MG0wMjn4PMV4oXE

qwFg==

X-Gm-Message-State: AOJu0YyBOnBvclcRSN9PkAbrzo8imYqYQ5LwL9/NPqL65RHZo5pMcW2i

ecQwXYQzuOLSuUWYn9Y7eGUfX8qqnxDm0idmRRO5vUm8q2BRgwKhfaF4adv3rxAdOTwSCZwXUJ4

aDqzm/uOnag==

X-Google-Smtp-Source: AGHT+IFp7bC3ar3KQEUrYvmFPaa1R1FMUkIov+hnK4tFIH9un9Isw4pcelhwzx7+81L2+UbeIcPN2R80mf8jfm0=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:1807:b0:556:9cb9:65cd with SMTP id

71dfb90a1353d-557cef9363emr2165834e0c.6.1761476702321; Sun, 26 Oct 2025

04:05:02 -0700 (PDT)

Message-ID: <0000000000001f3b2f06420dc171@google.com>

Date: Sun, 26 Oct 2025 11:05:02 +0000

Subject: =?UTF-8?B?8J+atOKAjeKZgu+4jyBDb25ncmF0dWxhdGlvbnMsIHlvdXIgSmFzaW9uIEVCNSBSb2FtZQ==?=

=?UTF-8?B?ciBFYmlrZSBpcyB3YWl0aW5nIGZvciB5b3UhIPCfjoE=?=

From: =?UTF-8?Q?Exclusive_Offer_=E2=80=93_Temu?=

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="0000000000001f3b0d06420dc16e"

X-Spam_score: 10.1

X-Spam_score_int: 101

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: It will take you only a minute to receive this fantastic prize!

TAKE A SURVEY AND WIN A REWARD! Jasion EB5 Roamer Ebike



Content analysis details: (10.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.200 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

[209.85.221.200 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

[209.85.221.200 listed in dnsbl.ahbl.org]

[209.85.221.200 listed in dnsbl.ahbl.org]

[209.85.221.200 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.200 listed in dnsbl.ahbl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.200 listed in wl.mailspike.net]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: omniwatchsmartwatch26.eblink4.com]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

Subject: {SPAM?} =?UTF-8?B?8J+atOKAjeKZgu+4jyBDb25ncmF0dWxhdGlvbnMsIHlvdXIgSmFzaW9uIEVCNSBSb2FtZQ==?=

=?UTF-8?B?ciBFYmlrZSBpcyB3YWl0aW5nIGZvciB5b3UhIPCfjoE=?=



--0000000000001f3b0d06420dc16e

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



It will take you only a minute to receive this fantastic prize!





TAKE A SURVEY AND WIN A REWARD!



Jasion EB5 Roamer Ebike







Congratulations!



Share your valuable insights and win big! You've been chosen for a quick

survey about store promotions at Temu. By participating, you could win a

Jasion EB5 Roamer Ebike



To claim, simply take this short survey about your experience with Temu.



GET STARTED NOW







If you no longer wish to receive these emails, you may unsubscribe by

clicking here







--0000000000001f3b0d06420dc16e

Content-Type: text/html; charset="UTF-8"

















03































--0000000000001f3b0d06420dc16e--

E-bike phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 26 Oct 2025 05:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCyny-0000000082x-3QtT

for dave@doctor.nl2k.ab.ca;

Sun, 26 Oct 2025 05:20:58 -0600

Resent-From: The Doctor

Resent-Date: Sun, 26 Oct 2025 05:20:58 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f199.google.com ([209.85.221.199]:48209)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCyjq-000000007XU-34wt

for doctor@nl2k.ab.ca;

Sun, 26 Oct 2025 05:16:48 -0600

Received: by mail-vk1-f199.google.com with SMTP id 71dfb90a1353d-54a7c3c3157so1863485e0c.0

for ; Sun, 26 Oct 2025 04:15:56 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761477350; x=1762082150; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=WIJGpk8jWAWn6XQcoIyOQbiLgYdfBSiNwkgNHQOHss4=;

b=HAGaJriMPUSMITWhJ9J/VOgcwMFHV3IB29b6rSeC7wcA+cD7yfVZveGwJvbhCMhVwK

TB3hFZHNlDM7Jg+M4uCinJhQGTxHW34FX6k8uDczW5IDUnK0qwUI7rSL1MMTeh4Q1tRC

jy4VGv4GbEbo4OpRfwJrphSCJyAIpvK1LN2UXgkRgAcvmWbXatO78LTjrkqj0ug3qFNO

aHh+PHEK76KnmvthGs7tAy4HG+awEOg4AXOJoGddAtk55DtKiK1LOIQqD5OMbJrRRkXj

H7hxZSufzjoDKeRvUiZV1JfioemxLZ0mqTuz3Q6e1fVyNT5x0FjUcDWstI4BwsfWZKoj

da2g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761477350; x=1762082150;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=WIJGpk8jWAWn6XQcoIyOQbiLgYdfBSiNwkgNHQOHss4=;

b=Pj0JcCMVGIaEJr1y/g+aUXBg1YssRuk2D8UEPe9XKRmTNlVG7EDVu8xDntWBSPssJn

fLQXHSlbeIFM+mqVo0J4xdXvG6KI032SyYqJ0QJP9UcCtSCmSkj7OmW5fblIDxKaq/3b

qXfQ0EpmDbN+PcZUaQn4cqPPflaaTHjp2+L8nqAXN+/2bogwk81xJgoj3RzcvOngemCv

0iWHmg4gKUjf/+bdK+hDfT7KYB5SoNbCXj+naDhfi+8z4f92dsW8Ey0zFgRZHwphd8bK

1mKV6KVrKUHWfVSen36o5rIvcAnO25Onn4Y4QJeMhaz8dJUxhW6ZEV/oWZsAhz0Rhkwc

uAIA==

X-Gm-Message-State: AOJu0Yzs/1WQ8xrFYHGMlgIF/LxxDm0r6hNKXJVenjXVzkRy2FW/zywk

HhbsltG3Ae9o5LEmXRgRnxvsHEAyr79oRQR4UIlx0bfVFqXe/B8AehX+aNbOO9VpP/3o62xCrDY

a5t34LN6IGw==

X-Google-Smtp-Source: AGHT+IH5IoOq342j3oFxkTd+dXUhjXsds2femU8X/DFpSGsatf4DJoSa47S/K7USr5GVHiJCeuFVSxVY0udgkLo=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:4782:b0:557:a2b1:e2ca with SMTP id

71dfb90a1353d-557ceb1705bmr2250357e0c.15.1761477350151; Sun, 26 Oct 2025

04:15:50 -0700 (PDT)

Message-ID: <000000000000bc57ad06420de7cb@google.com>

Date: Sun, 26 Oct 2025 11:15:50 +0000

Subject: =?UTF-8?B?8J+atOKAjeKZgu+4jyBDb25ncmF0dWxhdGlvbnMsIHlvdXIgSmFzaW9uIEVCNSBSb2FtZQ==?=

=?UTF-8?B?ciBFYmlrZSBpcyB3YWl0aW5nIGZvciB5b3UhIPCfjoE=?=

From: =?UTF-8?Q?Exclusive_Offer_=E2=80=93_Temu?=

To: doctor@nl2k.ab.ca

Content-Type: multipart/alternative; boundary="000000000000bc57a006420de7c8"

X-Spam_score: 10.3

X-Spam_score_int: 103

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: It will take you only a minute to receive this fantastic prize!

TAKE A SURVEY AND WIN A REWARD! Jasion EB5 Roamer Ebike



Content analysis details: (10.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: omniwatchsmartwatch26.eblink4.com]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

Subject: {SPAM?} =?UTF-8?B?8J+atOKAjeKZgu+4jyBDb25ncmF0dWxhdGlvbnMsIHlvdXIgSmFzaW9uIEVCNSBSb2FtZQ==?=

=?UTF-8?B?ciBFYmlrZSBpcyB3YWl0aW5nIGZvciB5b3UhIPCfjoE=?=



--000000000000bc57a006420de7c8

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



It will take you only a minute to receive this fantastic prize!





TAKE A SURVEY AND WIN A REWARD!



Jasion EB5 Roamer Ebike







Congratulations!



Share your valuable insights and win big! You've been chosen for a quick

survey about store promotions at Temu. By participating, you could win a

Jasion EB5 Roamer Ebike



To claim, simply take this short survey about your experience with Temu.



GET STARTED NOW







If you no longer wish to receive these emails, you may unsubscribe by

clicking here







--000000000000bc57a006420de7c8

Content-Type: text/html; charset="UTF-8"

















03































--000000000000bc57a006420de7c8--

DustaClean Phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 26 Oct 2025 05:19:01 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCylZ-000000007oO-3bFG

for dave@doctor.nl2k.ab.ca;

Sun, 26 Oct 2025 05:18:29 -0600

Resent-From: The Doctor

Resent-Date: Sun, 26 Oct 2025 05:18:29 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f197.google.com ([209.85.221.197]:49334)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCqVx-000000003Lp-44j7

for doctor@nk.ca;

Sat, 25 Oct 2025 20:29:57 -0600

Received: by mail-vk1-f197.google.com with SMTP id 71dfb90a1353d-5569a2b4244so2000026e0c.2

for ; Sat, 25 Oct 2025 19:29:03 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761445737; x=1762050537; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=5skPh5tXn8Ee7rIAyhFZoCQnx6dFynLUgmuC9ST5zZk=;

b=eDOPFeJF2m+XRW1ri1iAXnqN7QnEt++WbM03SWzU1A8zOFqsOV/gN2ifmfDrAyKTCO

M74gmCqEpPsWYVGnpo6OoEnCpzPbagNboycQ95P5JGqDyZDqhSG5NxJ5HPgrgm/g0gwx

2RZ1uLclepO2qT82BTctJIGqlJTkF600tPIAbH3fkJfGNn34NIbQBCJWzvBObujJIjbH

uaL2giKJylbm/O+YjcNdVbe/IAKpz4Sau5Ph7YS8T1eJJnVYFHmVN59Kd1BUTPzxOIN5

AD8ZvMvauw6Dz0LoMIcRAewVkbC66lkHQKGOtv6Yki8MvLgm4s4kp2MwhCtW7PKZHSHP

zV5A==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761445737; x=1762050537;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=5skPh5tXn8Ee7rIAyhFZoCQnx6dFynLUgmuC9ST5zZk=;

b=xFcLVytRopPayKvcb3+JEmKZvDT8tCO7O80Va2WPZPHTqOwK0Vv824PmyuhLFgnV4T

Jy1GwZyjz+i8TE9aRyp9gTtVDXjw3JRVzk/kPPm+56NYSPXJf6NZVCtiQmKhzx5eMoxm

arl5AIWHVFLb9mavbBWUoC2jLhZspGRajQAV8bk+tBxYFYAGkjb1ktrGBA/hVod0C9DX

WT1Ob9xASN3JSGGjwKuiIWdA+YtCd6Gw/BOnUAki7AyZCPtD11tamhmpBe6B9omtPvZt

gsAFK70c7FDwPqR9syNd+SqTmBRF3q0mrIhVN/eGr4BXjsRvgQKNZ2V4Ob3+MD1WjUzI

WB0A==

X-Gm-Message-State: AOJu0YwdJjq8qKGpRvofDEMYi7qvxTApzvW5UF+oqBBJgn5RMPf94m7L

uYWSBNvdJMcuyYDa46fQdyxSC6HCkkPnPjl9Ra/X7DeJD1UxKJ1yNGBR1kMR1/PdJPujfhJR5zY

W2FQDi/jyEA==

X-Google-Smtp-Source: AGHT+IGt1biTlbrGl4a1jBmXPBd/O+r/PHmkos0QUxx0zVbBrfSqkvZc9maUdczbAkgpH4MSjsN0urL3UKreZek=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:2a45:b0:557:c3b1:a28a with SMTP id

71dfb90a1353d-557ce91c16dmr2054101e0c.5.1761445737675; Sat, 25 Oct 2025

19:28:57 -0700 (PDT)

Message-ID: <0000000000007c3ae00642068bd0@google.com>

Date: Sun, 26 Oct 2025 02:28:57 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=

From: PureAir Solutions

To: doctor@nk.ca

Content-Type: multipart/alternative; boundary="0000000000007c3ad80642068bcd"

X-Spam_score: 8.1

X-Spam_score_int: 81

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: View in browser View in browser



Content analysis details: (8.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.197 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.197 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=



--0000000000007c3ad80642068bcd

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



View in browser









--0000000000007c3ad80642068bcd

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






ft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:office" lang=3D"en"=

>

=20

=20

=20

=20

=20


/>=20


1" />=20

=20

=20

=20

=20


0,700" rel=3D"stylesheet" type=3D"text/css" />=20

=20

=20

=20

=20

=20

=20

=20

=20


rmal; background-color: #FFFFFF;" class=3D"body eb-drag-and-drop-builder">=

=20

=20


role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20

=20

=20

=20


=3D"0" role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20


;text-align:center;">=20

=20


last-section mjml-section-eb_bda5cd93-a797-4b86-94b7-0277627795c0" style=3D=

"background:#ffffff;background-color:#ffffff;margin:0px auto;max-width:700p=

x;">=20


cing=3D"0" role=3D"presentation" style=3D"background:#ffffff;background-col=

or:#ffffff;width:100%;">=20

=20

=20

=20

=20

=20


10px 10px;text-align:center;">=20

=20


column-b09accf2-56a0-2305-7be0-c87706a08162" style=3D"font-size:0px;text-al=

ign:left;direction:ltr;display:inline-block;vertical-align:middle;width:100=

%;">=20


ole=3D"presentation" width=3D"100%">=20

=20

=20

=20

=20

=20


0px ;">=20


0" role=3D"presentation" style=3D"" width=3D"100%">=20

=20

=20

=20

=20

=20


56-e86b-4cd5-a4b3-5568baf1712e" style=3D"font-size:0px;padding:0;word-break=

:break-word;">=20


l, sans-serif;font-size:13px;font-weight:normal;line-height:1.6;text-align:=

left;color:#000000;">=20

=20


t/html; charset=3Dutf-8" />=20


e-width, initial-scale=3D1.0" />=20

=20

=20

=20

=20

=20


der=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=

=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #FFFFFF=

;">=20

=20

=20

=20

=20

=20

=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; width: 680px; margin: 0 auto;" width=3D"680">=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


:center;">
35504115712&nid=3D5003018272768000&" style=3D"text-decoration:none; color: =

#000000; ">View in browser




.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
naws.com/68e6b2e66b470e1b310d5bda/68fd64c13f1457b51603daf4/9c4c23bc28ffb338=

c3151bb9539325cb.original.png" style=3D"display: block; height: auto; borde=

r: 0; width: 100%;max-width:100%;box-sizing: border-box;" width=3D"680" alt=

=3D"" title=3D"" height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
naws.com/68e6b2e66b470e1b310d5bda/68fd766ba0aca03ba403ed58/9357b50a605ae132=

89410560330a7fe9.original.png" style=3D"display: block; height: auto; borde=

r: 0; width: 100%;max-width:100%;box-sizing: border-box;" width=3D"680" alt=

=3D"" title=3D"" height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
naws.com/68e6b2e66b470e1b310d5bda/68fd64c110ad88052a0705ca/8b014b7dee0b42ba=

0f438ef96788e22d.original.png" style=3D"display: block; height: auto; borde=

r: 0; width: 100%;max-width:100%;box-sizing: border-box;" width=3D"680" alt=

=3D"" title=3D"" height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D4839194078478336&nid=3D5003018272768000&" style=

=3D"color: #0000EE; text-decoration: underline;" data-eblinkid=3D"483919407=

8478336">
6b470e1b310d5bda/68fd64c1e549ff3440017e96/5561c154b858d612dc128d117e6cb09c.=

original.png" style=3D"display: block; height: auto; border: 0; width: 100%=

;max-width:100%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" =

height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; backgroun=

d-color: #ffffff;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; background-color: #ffffff; width: 680px; margin: 0 auto;" width=3D"680"=

>=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; text-ali=

gn: center; line-height: 0;">=20

=20

=20

=20

=20

=20


al-align: middle; color: #1e0e4b; font-family: 'Inter', sans-serif; font-si=

ze: 15px; padding-bottom: 5px; padding-top: 5px; text-align: center;">=20

=20
=20
=20

=20
=20

=20
=20

=20
=20

=20





--0000000000007c3ad80642068bcd--

DustaClean Phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 26 Oct 2025 05:19:01 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCylT-000000007nx-0HX2

for dave@doctor.nl2k.ab.ca;

Sun, 26 Oct 2025 05:18:23 -0600

Resent-From: The Doctor

Resent-Date: Sun, 26 Oct 2025 05:18:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f199.google.com ([209.85.221.199]:60551)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCqQ0-000000002bv-20Dk

for doctor@nl2k.ab.ca;

Sat, 25 Oct 2025 20:23:47 -0600

Received: by mail-vk1-f199.google.com with SMTP id 71dfb90a1353d-54a887b39b2so7117305e0c.0

for ; Sat, 25 Oct 2025 19:22:53 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761445368; x=1762050168; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=yW+lul6+cPx5dQhQoA6HZq0IaSezgLpWQike4nIVb1o=;

b=RzhcU0luyebV2RS7sf4tSAQSi0dsSLh6iNAURF6dpQIpfNK1qDeQBdxlIavni4PQPN

BttY+osTYqboD6UY2KY6GfcxUGitbfaQVtxHPGLiZIqyXNV344q/JGxPaCJ8HGCZGPDp

HSR0YMCq3CMQG6SbElQvK20HtzhEVpgoTC2ur8mXCPaQU3KkKQGny4GDv+xyV9Y9ctgG

Fgyav03dVKNEmb6W8W3pq7wC/gzCPbcedT2LMCxR3sRr+I/lVWdXgHtpGeIX4wHYVl7P

Oky2cO1qVV9lYDL1CzJQBRyMSiEMt+c3dpBtVih8vSdbtSYgwrC27kDikfB1G7hvm8Xt

gm2g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761445368; x=1762050168;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=yW+lul6+cPx5dQhQoA6HZq0IaSezgLpWQike4nIVb1o=;

b=lfrZb8YGN428Eda0GeIINPpnIQJZKERC8KG+A3LlUSvJLC1gXHqc2OxD+lOvasVctp

V3jzg3mbW3E5ayrBGz3R1r/QcMCUwf7D/SQzjKbl9W9PoKA7faoqYxtuOiiKD4O66OXV

1J6gfgdXa00yZ5UuxJA8xbRbvgMqNN9mvMjGYAm7+F8yL9LF5YAeo2L7CaD/Kyk4CLFd

OcK0KPw4PGlXa46Hr9T4Col1Edlf0Y/ki+lj0xmdjgKNFlTfAvtPYdNIjjqKJp6+xV/7

CoBP9WRtkanZJXNhzLkZCvkeY3lsEe8HJ2Eo3vYSh0kCczwH0BMulfHGBwbtr1VAGfVG

SgwA==

X-Gm-Message-State: AOJu0Ywue+xBC7H1DjttFlgwNpfTC8Nzd/376++WmRdUc6f0JPKr4C8y

6xt+b5F5h/4VHEyfM3MrDrpa2c4dwDhBNsPyVHni/LQLb5W7a7I/dcNGxq6IPXLcxs77wRA+BbW

80wWKopsaqg==

X-Google-Smtp-Source: AGHT+IH+N0Hw0KlR0XsSXwkpHPaPQW/9krjI0DJfulwQfHju5xQNtATMCr8cbWoGIGmVYQhRufc5YrPpr9InaHU=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:658b:b0:556:9cb9:65cb with SMTP id

71dfb90a1353d-5569cb9736amr4481896e0c.1.1761445368064; Sat, 25 Oct 2025

19:22:48 -0700 (PDT)

Message-ID: <000000000000746a5c0642067514@google.com>

Date: Sun, 26 Oct 2025 02:22:48 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=

From: PureAir Solutions

To: doctor@nl2k.ab.ca

Content-Type: multipart/alternative; boundary="000000000000746a500642067511"

X-Spam_score: 8.1

X-Spam_score_int: 81

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: View in browser View in browser



Content analysis details: (8.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.199 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=



--000000000000746a500642067511

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



View in browser









--000000000000746a500642067511

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






ft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:office" lang=3D"en"=

>

=20

=20

=20

=20

=20


/>=20


1" />=20

=20

=20

=20

=20


0,700" rel=3D"stylesheet" type=3D"text/css" />=20

=20

=20

=20

=20

=20

=20

=20

=20


rmal; background-color: #FFFFFF;" class=3D"body eb-drag-and-drop-builder">=

=20

=20


role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20

=20

=20

=20


=3D"0" role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20


;text-align:center;">=20

=20


last-section mjml-section-eb_bda5cd93-a797-4b86-94b7-0277627795c0" style=3D=

"background:#ffffff;background-color:#ffffff;margin:0px auto;max-width:700p=

x;">=20


cing=3D"0" role=3D"presentation" style=3D"background:#ffffff;background-col=

or:#ffffff;width:100%;">=20

=20

=20

=20

=20

=20


10px 10px;text-align:center;">=20

=20


column-b09accf2-56a0-2305-7be0-c87706a08162" style=3D"font-size:0px;text-al=

ign:left;direction:ltr;display:inline-block;vertical-align:middle;width:100=

%;">=20


ole=3D"presentation" width=3D"100%">=20

=20

=20

=20

=20

=20


0px ;">=20


0" role=3D"presentation" style=3D"" width=3D"100%">=20

=20

=20

=20

=20

=20


56-e86b-4cd5-a4b3-5568baf1712e" style=3D"font-size:0px;padding:0;word-break=

:break-word;">=20


l, sans-serif;font-size:13px;font-weight:normal;line-height:1.6;text-align:=

left;color:#000000;">=20

=20


t/html; charset=3Dutf-8" />=20


e-width, initial-scale=3D1.0" />=20

=20

=20

=20

=20

=20


der=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=

=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #FFFFFF=

;">=20

=20

=20

=20

=20

=20

=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; width: 680px; margin: 0 auto;" width=3D"680">=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


:center;">
35504115712&nid=3D5003018272768000&" style=3D"text-decoration:none; color: =

#000000; ">View in browser




.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
naws.com/68e6b2e66b470e1b310d5bda/68fd64c13f1457b51603daf4/9c4c23bc28ffb338=

c3151bb9539325cb.original.png" style=3D"display: block; height: auto; borde=

r: 0; width: 100%;max-width:100%;box-sizing: border-box;" width=3D"680" alt=

=3D"" title=3D"" height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
naws.com/68e6b2e66b470e1b310d5bda/68fd766ba0aca03ba403ed58/9357b50a605ae132=

89410560330a7fe9.original.png" style=3D"display: block; height: auto; borde=

r: 0; width: 100%;max-width:100%;box-sizing: border-box;" width=3D"680" alt=

=3D"" title=3D"" height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
naws.com/68e6b2e66b470e1b310d5bda/68fd64c110ad88052a0705ca/8b014b7dee0b42ba=

0f438ef96788e22d.original.png" style=3D"display: block; height: auto; borde=

r: 0; width: 100%;max-width:100%;box-sizing: border-box;" width=3D"680" alt=

=3D"" title=3D"" height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D4839194078478336&nid=3D5003018272768000&" style=

=3D"color: #0000EE; text-decoration: underline;" data-eblinkid=3D"483919407=

8478336">
6b470e1b310d5bda/68fd64c1e549ff3440017e96/5561c154b858d612dc128d117e6cb09c.=

original.png" style=3D"display: block; height: auto; border: 0; width: 100%=

;max-width:100%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" =

height=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; backgroun=

d-color: #ffffff;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; background-color: #ffffff; width: 680px; margin: 0 auto;" width=3D"680"=

>=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; text-ali=

gn: center; line-height: 0;">=20

=20

=20

=20

=20

=20


al-align: middle; color: #1e0e4b; font-family: 'Inter', sans-serif; font-si=

ze: 15px; padding-bottom: 5px; padding-top: 5px; text-align: center;">=20

=20
=20
=20

=20
=20

=20
=20

=20
=20

=20





--000000000000746a500642067511--

DustaClean Phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 19:28:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpXH-00000000Hik-38SK

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 19:27:07 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 19:27:07 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vs1-f72.google.com ([209.85.217.72]:53747)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpHq-00000000G3O-3m2K

for doctor@netknow.ca;

Sat, 25 Oct 2025 19:11:17 -0600

Received: by mail-vs1-f72.google.com with SMTP id ada2fe7eead31-5db1ec1daa9so1910781137.3

for ; Sat, 25 Oct 2025 18:10:23 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761441017; x=1762045817; darn=netknow.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=Kud3gH+pnE2nuSxypcuLr3W3vq1pyY/j7Vo0/NvipVA=;

b=RCWZhY1bYeNjglDkJm1igppOTlyBjvN4/x7sW/4uhjfIIxG66p42Z7LWUApthaNqzR

CBJ/wZmIpIQzd4uszwl4zW2dLluurzs4qBUMfmpRm5D+DFmviA3nKgXjDsYj4QZ0gLsj

C4FpjYxFWCuB9RsJTWmyYJp3jn0rN8W5+jl3+6qEQTbe+a6c/X1rf9y9ABVS+ucjlhGD

cDnu98vPPx9sOZtBGREEYeeHquBW1f/YAk6l+0mM/dEi9ngMNMRqe2d6C8L81lb01UGa

ZemnbXVRNpqbGqk6AOF7/66kAty2uwo7piVgBH1d7Mrn5YrHbGFuwvWZ3j15JigqSxfB

+Ljg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761441017; x=1762045817;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=Kud3gH+pnE2nuSxypcuLr3W3vq1pyY/j7Vo0/NvipVA=;

b=O0+W1WfVoQKRv/n0GJXpXwTyQGfVCcB1qxxh4r4DYVx6xlETfWN2HedHW+GFb8vnuN

pTXfjhGgQRmS59dkOVkchuFnJ0t8/gWt1PyWxIIYWgIbU17vMVAZRMiM2WRwApJoy/Ox

CzCOhoBnspFXOF0XEYhmr+6WonhUu6NFKNkFmO7On/evP46n+mYdEfXlXRZgdf8E3CER

XaB+30lSThWg09rAtBwnKcGOd+rLiA4OvZ6ft3usfzFFQdZb1lcyfYfUknlvO9e/8dHH

ADgvvm9Jnm9Au6C8H+hVIX0hwBDiZR6aVBDVBA4OXk/biTqw2eQPhUvYMuKEHS7Nu1Nt

rS/w==

X-Gm-Message-State: AOJu0Yz4pvcTJ2UjIRopu4vhfH4trUOsXmVad2mivxzLf3eTmolspz51

xibWkLhfzcV4qnA8LFGVelP2uI+idoraSfgENWAHgWYMcfORjhHdV1+BkvoDPY/O0g2X6Edczj4

Ac+/Njs+PDQ==

X-Google-Smtp-Source: AGHT+IGCyoPVq+OJ8jphh5MLZSxJTYdePBeAkakkcu2ml47suKEz7ngykUVgvvZq1A7OHfolEh59LAvsXHkpQ60=

MIME-Version: 1.0

X-Received: by 2002:a05:6102:5a8c:b0:5db:2fb7:9014 with SMTP id

ada2fe7eead31-5db2fb79210mr3530691137.3.1761441017674; Sat, 25 Oct 2025

18:10:17 -0700 (PDT)

Message-ID: <00000000000026bb7d0642057200@google.com>

Date: Sun, 26 Oct 2025 01:10:17 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=

From: PureAir Solutions

To: doctor@netknow.ca

Content-Type: multipart/alternative; boundary="00000000000026bb6f06420572fd"

X-Spam_score: 11.4

X-Spam_score_int: 114

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:



Content analysis details: (11.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

2.3 EMPTY_MESSAGE Message appears to have no textual parts and no

Subject: text

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.217.72 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

[209.85.217.72 listed in dnsbl.ahbl.org]

[209.85.217.72 listed in dnsbl.ahbl.org]

[209.85.217.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.217.72 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=



--00000000000026bb6f06420572fd

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



--00000000000026bb6f06420572fd

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






ft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:office" lang=3D"en"=

>

=20

=20

=20

=20

=20


/>=20


1" />=20

=20

=20

=20

=20


0,700" rel=3D"stylesheet" type=3D"text/css" />=20

=20

=20

=20

=20

=20

=20

=20

=20


rmal; background-color: #FFFFFF;" class=3D"body eb-drag-and-drop-builder">=

=20

=20


role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20

=20

=20

=20


=3D"0" role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20


;text-align:center;">=20

=20


last-section mjml-section-eb_bda5cd93-a797-4b86-94b7-0277627795c0" style=3D=

"background:#ffffff;background-color:#ffffff;margin:0px auto;max-width:700p=

x;">=20


cing=3D"0" role=3D"presentation" style=3D"background:#ffffff;background-col=

or:#ffffff;width:100%;">=20

=20

=20

=20

=20

=20


10px 10px;text-align:center;">=20

=20


column-b09accf2-56a0-2305-7be0-c87706a08162" style=3D"font-size:0px;text-al=

ign:left;direction:ltr;display:inline-block;vertical-align:middle;width:100=

%;">=20


ole=3D"presentation" width=3D"100%">=20

=20

=20

=20

=20

=20


0px ;">=20


0" role=3D"presentation" style=3D"" width=3D"100%">=20

=20

=20

=20

=20

=20


56-e86b-4cd5-a4b3-5568baf1712e" style=3D"font-size:0px;padding:0;word-break=

:break-word;">=20


l, sans-serif;font-size:13px;font-weight:normal;line-height:1.6;text-align:=

left;color:#000000;">=20

=20


t/html; charset=3Dutf-8" />=20


e-width, initial-scale=3D1.0" />=20

=20

=20

=20

=20

=20


der=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=

=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #FFFFFF=

;">=20

=20

=20

=20

=20

=20

=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; width: 680px; margin: 0 auto;" width=3D"680">=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
/users/BeeFree/beefree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Screenshot%2020=

25-10-26%20at%2001-55-22%20DustAClean%20%E2%80%93%20Breathe%20Fresh%20Live%=

20Clean.png" style=3D"display: block; height: auto; border: 0; width: 100%;=

max-width:100%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" h=

eight=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
/users/BeeFree/beefree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Wiwiwwiiw.png" =

style=3D"display: block; height: auto; border: 0; width: 100%;max-width:100=

%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" height=3D"auto=

" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
/users/BeeFree/beefree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Screenshot%2020=

25-10-26%20at%2001-55-49%20DustAClean%20%E2%80%93%20Breathe%20Fresh%20Live%=

20Clean.png" style=3D"display: block; height: auto; border: 0; width: 100%;=

max-width:100%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" h=

eight=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D4839194078478336&nid=3D5003018272768000&" style=

=3D"color: #0000EE; text-decoration: underline;" data-eblinkid=3D"483919407=

8478336">
efree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Screenshot%202025-10-26%20at%200=

1-55-56%20DustAClean%20%E2%80%93%20Breathe%20Fresh%20Live%20Clean.png" styl=

e=3D"display: block; height: auto; border: 0; width: 100%;max-width:100%;bo=

x-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" height=3D"auto" />=

=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; backgroun=

d-color: #ffffff;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; background-color: #ffffff; width: 680px; margin: 0 auto;" width=3D"680"=

>=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; text-ali=

gn: center; line-height: 0;">=20

=20

=20

=20

=20

=20


al-align: middle; color: #1e0e4b; font-family: 'Inter', sans-serif; font-si=

ze: 15px; padding-bottom: 5px; padding-top: 5px; text-align: center;">=20

=20
=20
=20

=20
=20

=20
=20

=20
=20

=20





--00000000000026bb6f06420572fd--

DustaClean Phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 19:11:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpH1-00000000G3X-1eJl

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 19:10:19 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 19:10:19 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vs1-f72.google.com ([209.85.217.72]:45296)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpF4-00000000BgV-1etK

for support@nk.ca;

Sat, 25 Oct 2025 19:08:25 -0600

Received: by mail-vs1-f72.google.com with SMTP id ada2fe7eead31-5db22e9a4baso1797673137.2

for ; Sat, 25 Oct 2025 18:07:32 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761440846; x=1762045646; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=KsEwf5Vt5N9UUYg/qXbSy2M29mnE8aWIT/JRAaQ9JRo=;

b=ilZ+Rltj1MAxxuxUpMFmVkJ77hpVHDbIyGs9SBz5xA8+68cKKGlq5zJVj0JPo+Lvc6

Q8+CTNFC+hdx2Dvxlt4W2i7r8S8SFJvfwQXLb60MGkrsZz3hyLBMhaVsFWtDT83Uv1dR

Dz2VyCRwVndE4/pwfZQW5Fm2OGnOQn49bVJ91ZihxX8NjXwnCtCWPXfrlemNDH5Ir37X

mFwHI5VGLojGQZInCF47DXeLbaaZWq+tYl57IMdhZxlfjcZPvcNgjXa3q84N9dUxQCwN

kRCD111CG0MTjO2wCleFdon84+OB74Kb/JpqZZnY+Q5wWp4pihw7MFAUzlRzguiS84JI

zt+Q==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761440846; x=1762045646;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=KsEwf5Vt5N9UUYg/qXbSy2M29mnE8aWIT/JRAaQ9JRo=;

b=uRcY0L/8swL8xPg+T3WVVx/E1ON2H5Uf8O83j9WlGK5eY+32aKVZWpM/CUf2iAlYFV

89stSd4St84JGYMlOXhsh0FVzZ2eaMMadYbRv8P7Z41Omf0B3RjEfzfZK6WIC3Mog771

W1Y4Jqc7tf8iphFhxnOfIk5ljV1OawHv/GExNf8lGh0GTyVWKKIcXBKhNY2FPukCxVOd

y2+QCgd8+QSsUJCh6XzoL/f9PAO3qRFDV/K1MYvxGcPbiUZtcNlYEDdb0WwTUtI6N7Mj

/Sdj8v96dr8RJJOI0L3aq5i8LFbKeDWN9yxZX1symW3oWxn3fYMsTv4FOco/63uktCgF

J8Zg==

X-Gm-Message-State: AOJu0YxWBe4GoSx631PyIbzDQmyTt6VZx+dda+C7sdTJc8UkAJlMdVir

ka0aZQezzIjOjyGpM0zVgWFMeyVcRFIouB+KOK4MQxdr1b/+cgHbfr2j2e7uG+Gl5Eo8pNlzcQF

GAqYJf+BSIg==

X-Google-Smtp-Source: AGHT+IEoH+j7QiO9YdaZKsayNQok82n15t5Yhyp+LHfVk7Akp6frLY5cE41ghkoJDbAzyN3r+j9RkEu5wzF17YM=

MIME-Version: 1.0

X-Received: by 2002:a05:6102:cce:b0:5db:2217:3b63 with SMTP id

ada2fe7eead31-5db2e5b437bmr3265989137.39.1761440846080; Sat, 25 Oct 2025

18:07:26 -0700 (PDT)

Message-ID: <000000000000ec6ba7064205672c@google.com>

Date: Sun, 26 Oct 2025 01:07:26 +0000

Subject: =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=

From: PureAir Solutions

To: support@nk.ca

Content-Type: multipart/alternative; boundary="000000000000ec6b950642056729"

X-Spam_score: 11.4

X-Spam_score_int: 114

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview:



Content analysis details: (11.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

2.3 EMPTY_MESSAGE Message appears to have no textual parts and no

Subject: text

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.217.72 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

[209.85.217.72 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

[209.85.217.72 listed in dnsbl.ahbl.org]

[209.85.217.72 listed in dnsbl.ahbl.org]

[209.85.217.72 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.217.72 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.217.72 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8C=AC=EF=B8=8F_Breathe_Easier_with_DustaClean_=2D_Make_Every_?=

=?UTF-8?Q?Breath_Cleaner?=



--000000000000ec6b950642056729

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



--000000000000ec6b950642056729

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






ft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:office" lang=3D"en"=

>

=20

=20

=20

=20

=20


/>=20


1" />=20

=20

=20

=20

=20


0,700" rel=3D"stylesheet" type=3D"text/css" />=20

=20

=20

=20

=20

=20

=20

=20

=20


rmal; background-color: #FFFFFF;" class=3D"body eb-drag-and-drop-builder">=

=20

=20


role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20

=20

=20

=20


=3D"0" role=3D"presentation" style=3D"width:100%;">=20

=20

=20

=20

=20

=20


;text-align:center;">=20

=20


last-section mjml-section-eb_bda5cd93-a797-4b86-94b7-0277627795c0" style=3D=

"background:#ffffff;background-color:#ffffff;margin:0px auto;max-width:700p=

x;">=20


cing=3D"0" role=3D"presentation" style=3D"background:#ffffff;background-col=

or:#ffffff;width:100%;">=20

=20

=20

=20

=20

=20


10px 10px;text-align:center;">=20

=20


column-b09accf2-56a0-2305-7be0-c87706a08162" style=3D"font-size:0px;text-al=

ign:left;direction:ltr;display:inline-block;vertical-align:middle;width:100=

%;">=20


ole=3D"presentation" width=3D"100%">=20

=20

=20

=20

=20

=20


0px ;">=20


0" role=3D"presentation" style=3D"" width=3D"100%">=20

=20

=20

=20

=20

=20


56-e86b-4cd5-a4b3-5568baf1712e" style=3D"font-size:0px;padding:0;word-break=

:break-word;">=20


l, sans-serif;font-size:13px;font-weight:normal;line-height:1.6;text-align:=

left;color:#000000;">=20

=20


t/html; charset=3Dutf-8" />=20


e-width, initial-scale=3D1.0" />=20

=20

=20

=20

=20

=20


der=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=

=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #FFFFFF=

;">=20

=20

=20

=20

=20

=20

=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; width: 680px; margin: 0 auto;" width=3D"680">=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
/users/BeeFree/beefree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Screenshot%2020=

25-10-26%20at%2001-55-22%20DustAClean%20%E2%80%93%20Breathe%20Fresh%20Live%=

20Clean.png" style=3D"display: block; height: auto; border: 0; width: 100%;=

max-width:100%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" h=

eight=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
/users/BeeFree/beefree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Wiwiwwiiw.png" =

style=3D"display: block; height: auto; border: 0; width: 100%;max-width:100=

%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" height=3D"auto=

" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D5388635504115712&nid=3D5003018272768000&" target=

=3D"_blank" style=3D"color: #0000EE; text-decoration: underline;" data-ebli=

nkid=3D"5388635504115712">
/users/BeeFree/beefree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Screenshot%2020=

25-10-26%20at%2001-55-49%20DustAClean%20%E2%80%93%20Breathe%20Fresh%20Live%=

20Clean.png" style=3D"display: block; height: auto; border: 0; width: 100%;=

max-width:100%;box-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" h=

eight=3D"auto" />=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt;">=20

=20

=20

=20

=20

=20


100%;padding-right:0px;padding-left:0px;">=20


=3D"center">=20


=3D"max-width: 680px;">=20


.eblink4.com/openurl?lid=3D4839194078478336&nid=3D5003018272768000&" style=

=3D"color: #0000EE; text-decoration: underline;" data-eblinkid=3D"483919407=

8478336">
efree-927d761a-8ef1-4e46-8b23-44d0e4d06fd6/Screenshot%202025-10-26%20at%200=

1-55-56%20DustAClean%20%E2%80%93%20Breathe%20Fresh%20Live%20Clean.png" styl=

e=3D"display: block; height: auto; border: 0; width: 100%;max-width:100%;bo=

x-sizing: border-box;" width=3D"680" alt=3D"" title=3D"" height=3D"auto" />=

=20

=20
=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pre=

sentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; backgroun=

d-color: #ffffff;">=20

=20

=20

=20

=20

=20

=20


=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presen=

tation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; color: #0000=

00; background-color: #ffffff; width: 680px; margin: 0 auto;" width=3D"680"=

>=20

=20

=20

=20

=20

=20


=3D"100%" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; font-weigh=

t: 400; text-align: left; padding-bottom: 5px; padding-top: 5px; vertical-a=

lign: top;">=20


width=3D"100%" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"pr=

esentation" style=3D"mso-table-lspace: 0pt; mso-table-rspace: 0pt; text-ali=

gn: center; line-height: 0;">=20

=20

=20

=20

=20

=20


al-align: middle; color: #1e0e4b; font-family: 'Inter', sans-serif; font-si=

ze: 15px; padding-bottom: 5px; padding-top: 5px; text-align: center;">=20

=20
=20
=20

=20
=20

=20
=20

=20
=20

=20





--000000000000ec6b950642056729--

Free Oral-B Dental Kit phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 19:11:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpGv-00000000G2r-1Y7U

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 19:10:13 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 19:10:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f199.google.com ([209.85.221.199]:57615)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCoyc-000000007PJ-1IpI

for doctor@nk.ca;

Sat, 25 Oct 2025 18:51:25 -0600

Received: by mail-vk1-f199.google.com with SMTP id 71dfb90a1353d-556a28eb409so8026429e0c.3

for ; Sat, 25 Oct 2025 17:50:31 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761439825; x=1762044625; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=SOhlVQ2YAeBKLQ3JOBOgte+MfakYGOT/jiUyMHrXLlU=;

b=YNWIyFtvE6aP4/JcAzIFOtqBH0wX2OhdCPcpIPcoPpqGRYSSxxid4WchkLXXoJyLIP

43OkKxw/1lDihXAYONKwpTgRq/jKxxjYZR/aI+p33j9rhTEouu9VJiFSALI+dxdLCfHb

VKn7KT0jZsr2M+hwsQGNgTm8CMyE0YTZdEszBL3TVAi+AglUKvIVbu3s5WLVbM/N7LjK

8s9fspwsG6lz3FhnrlzSyTn3dCv19I4FSeusuuoSOPZ/GRUBfPWI+oa66XXlqhf7dwhR

8N9Ar4hqQW/swu7SGzgll3KQAuXIiBf4oK+6DItdr7vnbklyw8Yv3EIwToKrDEAIVw3/

k25g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761439825; x=1762044625;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=SOhlVQ2YAeBKLQ3JOBOgte+MfakYGOT/jiUyMHrXLlU=;

b=QHU1c55IGYXWoxk477hBbUybWwjrCimAc7eQ10xEZz3//Q/QZ/n9Ljr9BwlC1q+Mu/

Qlg90uSkohTN81gdBtuh5ValuhCScVHhiADdMd3mW1NDdaghN63Bq9K2KYFtiEuSTBIR

FVeRo4HZMtcPqOA+8Kbfv7CGUaTr0pu3CWKy8TsOuC/JwYC8YMAagsdYqbQ+VjfY5j8D

LucWJv5bWD6KGm1j0gXddmydOyGQ7ytvqH3rFOT2X6YrYhyMhaYIYGLbPuNBYV6m9FYo

+UQ5jukoCVADpFx5N5BVQLYdN8PPdOEYeMiJwvfp5BkfMYXZ/69wEBv51oLv3lNwWuo1

hu6g==

X-Gm-Message-State: AOJu0YykElFMC7cpQfDImWWajIya0PpTsped7wu8oQ0vIjKh+8hmZof/

2R0rQXz4p13wuosjWECyQ6p3FL+TQ5vCmZRbBm5YfWnWbOvvFAYNt9+//r7Tkd3S0v/40JUE3Qh

OwbXUTU/6PA==

X-Google-Smtp-Source: AGHT+IHoTCu8TqAmmUOIRMEhJf7kMeE/BvrEMBnjKubjcNRzA/MmLnMgN3pw2XUcjWhwBG4kVSE/AtUI5L8gu78=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:549:b0:557:d542:6132 with SMTP id

71dfb90a1353d-557d5426638mr1889422e0c.0.1761439825358; Sat, 25 Oct 2025

17:50:25 -0700 (PDT)

Message-ID: <000000000000156e620642052bf3@google.com>

Date: Sun, 26 Oct 2025 00:50:25 +0000

Subject: =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=

From: Costco Rewards Team

To: doctor@nk.ca

Content-Type: multipart/alternative; boundary="000000000000156e570642052bf0"

X-Spam_score: 10.7

X-Spam_score_int: 107

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: View in browser View in browser



Content analysis details: (10.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

[209.85.221.199 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

[209.85.221.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.199 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: unitedstatecustomerservice25.eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.199 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=



--000000000000156e570642052bf0

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



View in browser











--000000000000156e570642052bf0

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






osoft-com:office:office" lang=3D"en">










.0">








: 0; -webkit-text-size-adjust: none; text-size-adjust: none;">


" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table-lspace: 0pt; m=

so-table-rspace: 0pt; background-color: #ffffff;">














" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt;">














ellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table=

-lspace: 0pt; mso-table-rspace: 0pt; color: #000000; width: 735px; margin: =

0 auto;" width=3D"735">












-lspace: 0pt; mso-table-rspace: 0pt; font-weight: 400; text-align: left; pa=

dding-bottom: 5px; padding-top: 5px; vertical-align: top;">


=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" style=3D"=

mso-table-lspace: 0pt; mso-table-rspace: 0pt;">










t-family: Arial, Helvetica, sans-serif; font-size: 17px; font-weight: 700; =

letter-spacing: normal; line-height: 1.2; text-align: center; margin-top: 0=

; margin-bottom: 0; mso-line-height-alt: 20px;">
eholder" style=3D"word-break: break-word;">
stomerservice25.eblink4.com/openurl?lid=3D4570013361766400&nid=3D5145726481=

596416&" target=3D"_blank" style=3D"text-decoration: none; color: #0b4092;"=

rel=3D"noopener">
word-break: break-word; position: relative;" id=3D"6301d4ce-76a3-43b3-8e97-=

5cb653c2fe5e" data-position=3D"10-0-0" data-qa=3D"tinyeditor-root-element">=

View =

in browser



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">








dding-right:0px;padding-left:0px;">




ef=3D"https://unitedstatecustomerservice25.eblink4.com/openurl?lid=3D457001=

3361766400&nid=3D5145726481596416&" target=3D"_blank">
uffer-media-uploads.s3.amazonaws.com/68f9352b8874449c8403a5f2/68fd3225b15ad=

aaef60ca4f2/97f6fa0f9ded2047c0e9466b94b9995c.original.png" style=3D"display=

: block; height: auto; border: 0; width: 100%;" width=3D"735" alt title hei=

ght=3D"auto">



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">







" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt; background-color: #ffffff;">













=09










--000000000000156e570642052bf0--

Free Oral-B Dental Kit phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 19:10:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpGR-00000000Fyo-1AZ8

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 19:09:43 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 19:09:43 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ua1-f72.google.com ([209.85.222.72]:61658)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCnzy-00000000PxA-0hNP

for doctor@netknow.ca;

Sat, 25 Oct 2025 17:48:45 -0600

Received: by mail-ua1-f72.google.com with SMTP id a1e0cc1a2514c-934c1af8bb8so2559116241.2

for ; Sat, 25 Oct 2025 16:47:51 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761436065; x=1762040865; darn=netknow.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=hHSF4xxQ5RKuoIIU3hNkP4zqzqMbMq3JyFfjEWgtfzg=;

b=kI0dkytgnZPRTCi7sYU3sRJsL0syxPhKJyDhhAx2QTrVqKu3RD+dyxHEKxaJ8quG+G

kKAfF3L4Co4z4IA9YuoPoixGuebn1XTZUYLJQctci2Zh1S0Orak2JTju7uYuTgRflWLZ

9BWnrdab3vlrFjBBKuM28XrDEzsDc14SMj0IjSVa5lABRH0qQnIfDtXepN4gRyXKhH2F

dws5W7CjUeCUl5yudxJI0jvQmF9ZLeHg8n4se4lzFjwV874jB03wVh1PNvmctMJObsmM

FjwfVlVtY2l+v7flClq7KvdYNOIPif8poUeK5RbAK5NPTdhwwEZDYnr/ycO9PdTisvDM

PkQA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761436065; x=1762040865;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=hHSF4xxQ5RKuoIIU3hNkP4zqzqMbMq3JyFfjEWgtfzg=;

b=VZFDrsPjhenXijE9xgQq7DgC1kj6+J1V2TRH+spni1hTOe48fv6WAM2P1C5g5wfjD8

1UWI8hjE17tvC9s7VddpZqOVLiXz5OD2M6PxYWDEV79dpcj9V5Hu2Uvlc3X9KNus1InH

T4XQxR9cwfcPFnBHndVr7blOkyK1d4hnPM+91l3y7EGCWMxqDlZulYFaqD2cB/kc2UNj

tC21u1zHbGuK9szI0xKosi0eCbY/JAvjvcNTZV+huLD26gSiOLd9aUPXCMP/UWxGQv5B

gnXNS6kw7QTFEp8MpjafJK6WBMkVH/hfdYCnFATryXhXOz+2GAG8rRY4naoF0Bnl05eW

dagg==

X-Gm-Message-State: AOJu0YxqyCSbOwhOjJSeoCS/V8+PfryuIcYeEP2dQn1Gc51D6V0b5piM

EdIh6i3Gnuc43T4rwEDBGsr23UDv5564XavnxiN66xjPKDpt147bRJ14DS+b/eBxLlXTFxWqQ8p

Cp09SYlFoDA==

X-Google-Smtp-Source: AGHT+IENQ0QzjfI/6c9DRbudB76QiiNi07rK/RHqC8rsv5xkChYREq0mb24+roHzjodSwHb9gjUtRao4tnMKpQM=

MIME-Version: 1.0

X-Received: by 2002:a05:6102:e0a:b0:5db:32dc:f05b with SMTP id

ada2fe7eead31-5db32dcf9a7mr3393481137.42.1761436065121; Sat, 25 Oct 2025

16:47:45 -0700 (PDT)

Message-ID: <000000000000f4c7660642044a00@google.com>

Date: Sat, 25 Oct 2025 23:47:45 +0000

Subject: =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=

From: Costco Rewards Team

To: doctor@netknow.ca

Content-Type: multipart/alternative; boundary="000000000000f4c7580642044afd"

X-Spam_score: 9.7

X-Spam_score_int: 97

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: View in browser View in browser



Content analysis details: (9.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.222.72 listed in will-spam-for-food.eu.org]

[209.85.222.72 listed in will-spam-for-food.eu.org]

[209.85.222.72 listed in will-spam-for-food.eu.org]

[209.85.222.72 listed in will-spam-for-food.eu.org]

[209.85.222.72 listed in will-spam-for-food.eu.org]

[209.85.222.72 listed in will-spam-for-food.eu.org]

[209.85.222.72 listed in will-spam-for-food.eu.org]

[209.85.222.72 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.72 listed in dnsbl.ahbl.org]

[209.85.222.72 listed in dnsbl.ahbl.org]

[209.85.222.72 listed in dnsbl.ahbl.org]

[209.85.222.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.72 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.72 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.72 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.72 listed in list.dnswl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: unitedstatecustomerservice25.eblink4.com]

2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL

[209.85.222.72 listed in psbl.surriel.com]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.222.72 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.222.72 listed in sa-accredit.habeas.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.72 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.222.72 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.222.72 listed in bl.score.senderscore.com]

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=



--000000000000f4c7580642044afd

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



View in browser











--000000000000f4c7580642044afd

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






osoft-com:office:office" lang=3D"en">










.0">








: 0; -webkit-text-size-adjust: none; text-size-adjust: none;">


" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table-lspace: 0pt; m=

so-table-rspace: 0pt; background-color: #ffffff;">














" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt;">














ellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table=

-lspace: 0pt; mso-table-rspace: 0pt; color: #000000; width: 735px; margin: =

0 auto;" width=3D"735">












-lspace: 0pt; mso-table-rspace: 0pt; font-weight: 400; text-align: left; pa=

dding-bottom: 5px; padding-top: 5px; vertical-align: top;">


=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" style=3D"=

mso-table-lspace: 0pt; mso-table-rspace: 0pt;">










t-family: Arial, Helvetica, sans-serif; font-size: 17px; font-weight: 700; =

letter-spacing: normal; line-height: 1.2; text-align: center; margin-top: 0=

; margin-bottom: 0; mso-line-height-alt: 20px;">
eholder" style=3D"word-break: break-word;">
stomerservice25.eblink4.com/openurl?lid=3D4570013361766400&nid=3D5145726481=

596416&" target=3D"_blank" style=3D"text-decoration: none; color: #0b4092;"=

rel=3D"noopener">
word-break: break-word; position: relative;" id=3D"6301d4ce-76a3-43b3-8e97-=

5cb653c2fe5e" data-position=3D"10-0-0" data-qa=3D"tinyeditor-root-element">=

View =

in browser



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">








dding-right:0px;padding-left:0px;">




ef=3D"https://unitedstatecustomerservice25.eblink4.com/openurl?lid=3D457001=

3361766400&nid=3D5145726481596416&" target=3D"_blank">
uffer-media-uploads.s3.amazonaws.com/68f9352b8874449c8403a5f2/68fd3225b15ad=

aaef60ca4f2/97f6fa0f9ded2047c0e9466b94b9995c.original.png" style=3D"display=

: block; height: auto; border: 0; width: 100%;" width=3D"735" alt title hei=

ght=3D"auto">



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">







" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt; background-color: #ffffff;">













=09










--000000000000f4c7580642044afd--

Free Oral-B Dental Kit phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 19:10:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpGc-00000000Fzi-2tHK

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 19:09:54 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 19:09:54 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vs1-f69.google.com ([209.85.217.69]:49428)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCoss-000000006oL-0l4H

for doctor@nl2k.ab.ca;

Sat, 25 Oct 2025 18:45:29 -0600

Received: by mail-vs1-f69.google.com with SMTP id ada2fe7eead31-5db23096e2bso1865193137.3

for ; Sat, 25 Oct 2025 17:44:35 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761439469; x=1762044269; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=aWfedh3MxoOBOHPyv1ooRfoqzNyOJtYkxBfalXQrbs8=;

b=CApV1M7/5e/7J1BA1Kxm8OHf+PgFX3x+blRjJDxB6tszLpX7bZ827QGDOdf7MXSlRc

O+0evTb3PT5hFeks5zKqAtLI/xVY18PC6hqaQv293HtKVypsnNQA7WNzPiet12RFbat+

P57Xti3s9k4+KPLyujS3RMHPwAH331uZeqxiElttGw2/ZQUUkvpEFNvk9Ksj1pQt9P2q

7sx5UvFnaDQsau7CDvAUKJ5RyGnoH1YBZlg1kWFR8vXkgnsyNdeLAbNoF5lQwaBYVSkw

3muFhsRXaugxVZP+6MyVrQFYPPmgYeNVm/oZ7VcYk+6pPVJJucZVgi/5PGA76fWQC8me

0e1g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761439469; x=1762044269;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=aWfedh3MxoOBOHPyv1ooRfoqzNyOJtYkxBfalXQrbs8=;

b=oqqSlH4YBnztLx3CjqTjnYPcfmxo50lZ/v/rLcIZyhbbryHLt81+Uj8I5/bHcYnlHi

TP06mwCSNY5zPc+WPPGioKmAvUQ2xYuA/ipvJ2DDEqBh6lMOrzB5tY2JXf7jvK4VNczD

Y9RDSfOPxDBOIixtqTWaiqx8y/0HU+1igX/tuavcIdD1DFKfknXe/fNy9BFf4/s8DZKZ

9XnbrStd5QXvHoLCKQk+caMLvBXO4jRojqEcfiG33Z7ohy6SLBHMlNEt2R8eDP47CvWg

5WvMt5Oo0TPYJJEjgPSRJQPr4ZU+qmpdg5kkKxgJTf/aA8MQ1b0/UZsEK9O6ULxAVVq7

RnHA==

X-Gm-Message-State: AOJu0YzzUISUzG66DVjAQzpYovfRXw4y6MFszfX12QiPu4PK8pIo1jdp

jsIY3pY8DZctSRE1sWvqPoHfa+3zFl7apS4CYZxSiGzj0iIM0j8DvwrgKX34MmaM8weJTWlAHTG

8fXIO1rmE8w==

X-Google-Smtp-Source: AGHT+IGEhKq9Ulo+M+d4W4s0p0oOwT4YXCW02Wo4TAhls8Uck2BY8VTwZ2C1p0bqxqY3p618I4VMJYTrU3R8Nxg=

MIME-Version: 1.0

X-Received: by 2002:a05:6102:390d:b0:5db:3bbf:8e62 with SMTP id

ada2fe7eead31-5db3f87be85mr2024233137.1.1761439469770; Sat, 25 Oct 2025

17:44:29 -0700 (PDT)

Message-ID: <000000000000e398a40642051556@google.com>

Date: Sun, 26 Oct 2025 00:44:29 +0000

Subject: =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=

From: Costco Rewards Team

To: doctor@nl2k.ab.ca

Content-Type: multipart/alternative; boundary="000000000000e3989a0642051553"

X-Spam_score: 10.7

X-Spam_score_int: 107

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: View in browser View in browser



Content analysis details: (10.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

[209.85.217.69 listed in dnsbl.ahbl.org]

[209.85.217.69 listed in dnsbl.ahbl.org]

[209.85.217.69 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: unitedstatecustomerservice25.eblink4.com]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.217.69 listed in list.dnswl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.217.69 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=



--000000000000e3989a0642051553

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



View in browser











--000000000000e3989a0642051553

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






osoft-com:office:office" lang=3D"en">










.0">








: 0; -webkit-text-size-adjust: none; text-size-adjust: none;">


" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table-lspace: 0pt; m=

so-table-rspace: 0pt; background-color: #ffffff;">














" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt;">














ellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table=

-lspace: 0pt; mso-table-rspace: 0pt; color: #000000; width: 735px; margin: =

0 auto;" width=3D"735">












-lspace: 0pt; mso-table-rspace: 0pt; font-weight: 400; text-align: left; pa=

dding-bottom: 5px; padding-top: 5px; vertical-align: top;">


=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" style=3D"=

mso-table-lspace: 0pt; mso-table-rspace: 0pt;">










t-family: Arial, Helvetica, sans-serif; font-size: 17px; font-weight: 700; =

letter-spacing: normal; line-height: 1.2; text-align: center; margin-top: 0=

; margin-bottom: 0; mso-line-height-alt: 20px;">
eholder" style=3D"word-break: break-word;">
stomerservice25.eblink4.com/openurl?lid=3D4570013361766400&nid=3D5145726481=

596416&" target=3D"_blank" style=3D"text-decoration: none; color: #0b4092;"=

rel=3D"noopener">
word-break: break-word; position: relative;" id=3D"6301d4ce-76a3-43b3-8e97-=

5cb653c2fe5e" data-position=3D"10-0-0" data-qa=3D"tinyeditor-root-element">=

View =

in browser



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">








dding-right:0px;padding-left:0px;">




ef=3D"https://unitedstatecustomerservice25.eblink4.com/openurl?lid=3D457001=

3361766400&nid=3D5145726481596416&" target=3D"_blank">
uffer-media-uploads.s3.amazonaws.com/68f9352b8874449c8403a5f2/68fd3225b15ad=

aaef60ca4f2/97f6fa0f9ded2047c0e9466b94b9995c.original.png" style=3D"display=

: block; height: auto; border: 0; width: 100%;" width=3D"735" alt title hei=

ght=3D"auto">



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">







" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt; background-color: #ffffff;">













=09










--000000000000e3989a0642051553--

Free Oral-B Dental Kit phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 19:10:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCpGN-00000000FyZ-0w1G

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 19:09:39 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 19:09:39 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vk1-f198.google.com ([209.85.221.198]:58505)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCnsw-00000000PJI-3geJ

for support@nk.ca;

Sat, 25 Oct 2025 17:41:29 -0600

Received: by mail-vk1-f198.google.com with SMTP id 71dfb90a1353d-54bcbbc35d1so1339363e0c.0

for ; Sat, 25 Oct 2025 16:40:36 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1761435630; x=1762040430; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=eio3Lr9L4X/vy395J1LMfVKx8RRV7+1eIMMUNdtBwOw=;

b=f8PsqZd+XwlAHO7Zo3CW6v+bvdZ/5im5yH0oV7I4TdufOGV8jRdIL/Mxk7ko86Gkl9

AWSJZChpEth07MMC1Ah5YUn+QOfrbX66w/HkL1oNEn35LOKwOreLn6B7Kb72cbTU8NeJ

l+pLUHRuOS2NpVqK0uHQZ8OArNlGTeM/EKcN+zNEybYxrx10OlIkuxMi36wv3aUJZsCw

m574Obc9S+7Bi5ejz6WQN+saBQqS2nJ7Msoa7d2DShDN4fbzicoURymH9J7I9Lh+dIsX

k5JCZcSUQ5KDVwBigzeLcWRoDiB69Czw/XLSOrZjzpTLIjAioPh8FqoWDPC1jD8VEF0S

9KLA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761435630; x=1762040430;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=eio3Lr9L4X/vy395J1LMfVKx8RRV7+1eIMMUNdtBwOw=;

b=VxkitEgYdZmfuwGMlL99jyuMyqDIvgnf0Y2vvHGXPvfplqwNpF+mugiWgF4VpOZxCj

eUmIP/BgZIwCb0S/AG0OL8e5QBW7NuPi0R2zTqoLKUrB0nS2KXiQJsgg+ibaK8n/Dfu6

uZVLu9FcS+eP1+BzBefbKtKgDCnq/WSANfnmLAnS2mkxaANX/HL6dviiusxvQUVxrsx+

xZJZLv4DT/JrCd8fKSIZXxaauJ7eC9DCtICtu61PjTy/f9K7nVF9QSPZmCkb9WFi0xEL

6bYUsE5DR9yHXJ5CRVI/UWYUdNa+Pky3Fn7m4ymOVLdo4iLUkKbU8VbsZV2MzuqAdHUS

dUdg==

X-Gm-Message-State: AOJu0Ywo+CEu6BN4ucKjyl3MoR3zTBc49mvNwtRts0Y7nwetRFpeAHmW

xGffb7M8ar83walUwwd8VyKXmLodk1RsG1+Uc9xCfOSrgJm/Mekc4J+kqOOJNDVxajUp/l/vJVM

CiXdiNkJFRg==

X-Google-Smtp-Source: AGHT+IE89GqOM+WGwF4ULk+fHIVt4YGhZRXFnpnkKXI5N3RhO+ZN9LVcnmTQijr2jyQrkZq0TNhCqiXJUbOpFq4=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:3221:b0:557:c50d:6a14 with SMTP id

71dfb90a1353d-557c50d74b8mr2937488e0c.9.1761435630179; Sat, 25 Oct 2025

16:40:30 -0700 (PDT)

Message-ID: <00000000000008162e064204314b@google.com>

Date: Sat, 25 Oct 2025 23:40:30 +0000

Subject: =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=

From: Costco Rewards Team

To: support@nk.ca

Content-Type: multipart/alternative; boundary="0000000000000816200642043148"

X-Spam_score: 16.7

X-Spam_score_int: 167

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: View in browser View in browser



Content analysis details: (16.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.198 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

[209.85.221.198 listed in will-spam-for-food.eu.org]

2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL

[209.85.221.198 listed in psbl.surriel.com]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

[209.85.221.198 listed in dnsbl.ahbl.org]

[209.85.221.198 listed in dnsbl.ahbl.org]

[209.85.221.198 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.198 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: eblink4.com]

1.8 URIBL_CT_SURBL Contains an URL listed in the CT SURBL blocklist

[URI: unitedstatecustomerservice25.eblink4.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.198 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

3.3 MIME_BOUND_DIGITS_15 MIME boundary contains all digits

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8E=81_Claim_Your_Free_Oral=2DB_Dental_Kit_=E2=80=93_Exclusive?=

=?UTF-8?Q?_for_You?=



--0000000000000816200642043148

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes



View in browser











--0000000000000816200642043148

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable






osoft-com:office:office" lang=3D"en">










.0">








: 0; -webkit-text-size-adjust: none; text-size-adjust: none;">


" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table-lspace: 0pt; m=

so-table-rspace: 0pt; background-color: #ffffff;">














" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt;">














ellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-table=

-lspace: 0pt; mso-table-rspace: 0pt; color: #000000; width: 735px; margin: =

0 auto;" width=3D"735">












-lspace: 0pt; mso-table-rspace: 0pt; font-weight: 400; text-align: left; pa=

dding-bottom: 5px; padding-top: 5px; vertical-align: top;">


=3D"0" cellpadding=3D"10" cellspacing=3D"0" role=3D"presentation" style=3D"=

mso-table-lspace: 0pt; mso-table-rspace: 0pt;">










t-family: Arial, Helvetica, sans-serif; font-size: 17px; font-weight: 700; =

letter-spacing: normal; line-height: 1.2; text-align: center; margin-top: 0=

; margin-bottom: 0; mso-line-height-alt: 20px;">
eholder" style=3D"word-break: break-word;">
stomerservice25.eblink4.com/openurl?lid=3D4570013361766400&nid=3D5145726481=

596416&" target=3D"_blank" style=3D"text-decoration: none; color: #0b4092;"=

rel=3D"noopener">
word-break: break-word; position: relative;" id=3D"6301d4ce-76a3-43b3-8e97-=

5cb653c2fe5e" data-position=3D"10-0-0" data-qa=3D"tinyeditor-root-element">=

View =

in browser



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">








dding-right:0px;padding-left:0px;">




ef=3D"https://unitedstatecustomerservice25.eblink4.com/openurl?lid=3D457001=

3361766400&nid=3D5145726481596416&" target=3D"_blank">
uffer-media-uploads.s3.amazonaws.com/68f9352b8874449c8403a5f2/68fd3225b15ad=

aaef60ca4f2/97f6fa0f9ded2047c0e9466b94b9995c.original.png" style=3D"display=

: block; height: auto; border: 0; width: 100%;" width=3D"735" alt title hei=

ght=3D"auto">



0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-t=

able-lspace: 0pt; mso-table-rspace: 0pt;">







" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" style=3D"mso-ta=

ble-lspace: 0pt; mso-table-rspace: 0pt; background-color: #ffffff;">













=09










--0000000000000816200642043148--

Web/SEO/App Spam from Microsoft Outlook

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 13:48:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCkEL-00000000OFG-2Szb

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 13:47:13 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 13:47:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-westeuropeazolkn19011032.outbound.protection.outlook.com ([52.103.33.32]:48623 helo=AS8PR04CU009.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCjtk-00000000LOO-2kQP

for sales@nk.ca;

Sat, 25 Oct 2025 13:26:07 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=GuIcJikvSZHgbWBCLxtPil9znyCvMW4rftJDxsXlplEXAkWFd/GpgfmHNEzTHrX7bSJHN36HijpomCGOYFf7bPPPjyL2GoPQCwhcEzneA/Z75OL9kOY9GvPD59+V4VF8xRvBm9ayLkXMIujb/m/YKCP8lk/zSEdLSOPuyxEjCamOfewoZUaJKUXT8a4llpp8S3vfWAow6g+Nio6uY8KaUdYR3o0hLlahQCa2GBGiWxKXS15kf+k00FbhWLP4orb1ByNautmnKkoeaKYtymY9gQkzxK3jsg50go5wlKLa9S5TwMeHI+6zQeQGOI9TeqgoFNQPo0bSRroFNvLnpBwbvQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=R49t3RKcMl5PZC8PQiJ77hsbrrZqgfzI4fVXuZsiUiU=;

b=HJ8h9TSCtrnIV4t5LzihTtjZikFY3V0KHfDzMMNXbxm50AjSwK/pujRQJ9XNeC98ZZ7P5CcF6mU37eFAB3HTsQhYfsu1W8DoCkxGICx9qt65X4WBunylI7bomyx+wceQpFAY67p7t642QsK39e4iFM8GyWZQ7ITfAAw8My9tNN3Dfmh0UzPdwpF/CRGMjLduKxavAxuUXxfQgwEg4d5RgHn/++360chOaKjkRyNIRrPCZ+uQicu+tEW56UQXh/NfFE9N/eB0C9p0/XUvNRlxFTELLVL/yF+7mm16mGJeSbl5F1LEEz58ztJSVoNEt/nzyKYv2aXu1erLY3gIRo4RpA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=R49t3RKcMl5PZC8PQiJ77hsbrrZqgfzI4fVXuZsiUiU=;

b=uHtt8yeOiQgIQte3uUYpAp4hShkFGsckBSTw77wYeTTSVKCOGPiXXkTcoc6Gj/szoaDN++dT/51XUtWz8Pn8WOXxPCysqfS5nvs5GeiXsPWOTk5DncVVEP3mSwv7F8aHWcbe2PaRBKaIKtqJyegJ/jvzDEIlzT0LSZOlOsH+UAL0Gh1sECclcObYjRMc0s0WKlQtz1F6guDQWJ8fB13PCjpLfjEVEReILjFltqNbDwI3/N4WSzcyhLLCsXEFpuWMbPVX3AZtpgNcc27BK7TSPaG0WbxJFI0iF1JLO9WCJaxT0J0Js4QbRYv20/bE2NraxGH4sETlHqUfHClmtWTrvg==

Received: from PAWP192MB2126.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:33a::5)

by GVXP192MB1877.EURP192.PROD.OUTLOOK.COM (2603:10a6:150:1::20) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9253.16; Sat, 25 Oct

2025 19:24:59 +0000

Received: from PAWP192MB2126.EURP192.PROD.OUTLOOK.COM

([fe80::6ad1:4419:e6ad:2dd]) by PAWP192MB2126.EURP192.PROD.OUTLOOK.COM

([fe80::6ad1:4419:e6ad:2dd%2]) with mapi id 15.20.9253.013; Sat, 25 Oct 2025

19:24:59 +0000

From: Marcella Corney

To: "sales@nk.ca"

Subject: Best Price (Increase Your Website Ranking) sales@nk.ca

Thread-Topic: Best Price (Increase Your Website Ranking) sales@nk.ca

Thread-Index: AQHcReUNcgTnT87EJ0GYwD5DHXyR7A==

Date: Sat, 25 Oct 2025 19:24:59 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PAWP192MB2126:EE_|GVXP192MB1877:EE_

x-ms-office365-filtering-correlation-id: a3dcda56-952b-4db1-609f-08de13fc3070

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|19110799012|31061999003|461199028|38102599003|5062599005|8062599012|8060799015|39105399003|40105399003|51005399003|440099028|3412199025|102099032|11031999003;

x-microsoft-antispam-message-info:

=?us-ascii?Q?6/4O0v2PCq9i10qG4ZGBgERyGBllWh0SvT4M1oA+xCqexcOpn+zXUjre506t?=

=?us-ascii?Q?dtF3GCEOxFW4RjM6j2LNAGdSTHfVQCLWsg4heNTYbOmV50W3jBeQC4ZblsqR?=

=?us-ascii?Q?YH+kvcBcEwbbPCW2rD6VbDhLNTirT6zm/xkjSv/LXnyvpMWjzUjX+sSGDqKc?=

=?us-ascii?Q?CY9Cl0GVqj4D9uZSc7sSMroQAaYwq3EGQ4nXNvJc/kFNAZZOaF8Cm/CB4mRl?=

=?us-ascii?Q?Cqa6m9GfL9RTLpQep97EW0NWrwXy78FvO2lTBLDmaGXh1sDMIa12fqt9ZQmu?=

=?us-ascii?Q?DmJghIdciU3o+4WIvJWpsmReUGj7TU8N0p9B6OfWkrEK6acfHzcruEPJt51Z?=

=?us-ascii?Q?G22kZgrMM+EwodQzSn8fEIeGsBxyyJlWifmoNy0DlVhxLPTy93LkvKfY8dyE?=

=?us-ascii?Q?hbDwfHSBWfe5UHieJo1aTwN7qXTrtNVUwdaVuZAasFVIboPUTZQt31iS0IAD?=

=?us-ascii?Q?KIZuaD+uUnyZFddaDx+9xlNyIztNRAwgnc8VDQw4SVjRSnIH3wbDGcMX6+nV?=

=?us-ascii?Q?CO3NylhtuXm6/EH//YTIGdSosX9zODfG0WvUTSDViVtPkZzwUj2itVpVzCGI?=

=?us-ascii?Q?P+NecHaf2S3yF2eJMC1/60NLUzTED/u7TmhqiKYhnIVTlqe+pFEe+z9zl43h?=

=?us-ascii?Q?53wQJlIzn+h0n8y32bVUeMpRlTIt6G3hJaEg5oRkXuGDlcNxMChbspNZhIr0?=

=?us-ascii?Q?qhqIUQTdJIFGiiQJCadbUEft1yOjQroe4zoWoL/dX3XRxQ5EZTn3ag9EaFlB?=

=?us-ascii?Q?GeIn0CUk279nfHPyR3tXl+1OwN2k1/245RUqNZOzcozNovkvcqbfvyh7pi68?=

=?us-ascii?Q?ZXXZq6pt+PdPV/oBFZ1XEuMh2lil3WG5NF1wUsLFvNzI1JPjfrifOpl2gDGR?=

=?us-ascii?Q?pKWkm6z7z1EE98rrvatxG3qoES/ya4C4yI+/Zko6QUjpb/eHjI/Bb1bzbgoM?=

=?us-ascii?Q?st+CJ/fzDSP7Oe0aXnBFROGkhCrLkWUxv3CLQQPO1iSzwAs2MZbzVXi1YEhg?=

=?us-ascii?Q?YAL0PzoWomisGMHhA45mH4vzABFdvquDFM7CeZxhv5NG+I+773jxpOgg9ZzB?=

=?us-ascii?Q?oDQN363AnVgnWi85IMh9nkONOKwmu2P9V7LgO01ojhOTuVx6pT/ZeZmH7WsP?=

=?us-ascii?Q?CyvTMLaRspAVpvH2nIMCzpmrP2HvE7weW2RzomE7rUQjtcEPbM5mBf9wbVi/?=

=?us-ascii?Q?nsPjZrFCtncg+wc16q+vUoPls2tZVgtYP/BDTNVzhjpi3uHAjVM7Bf9yH7qS?=

=?us-ascii?Q?mmF34z6tnrMbsSW1TN3xqTrg6Y4G/bQK9gp4lxIH/GyyGiWhddbGD+smzWND?=

=?us-ascii?Q?XxA34Cq3rmh9fHyjU4R3f4tb?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?us-ascii?Q?RwBkWGk9+ZhAj1Z02T8efPPobpSC9NLT/KpOMt4lR4Gwd5pKRoasQmbZPhLN?=

=?us-ascii?Q?uT2o593iMuxqZn91DAlCAZAiNEDRGWFVYHYf8Zlo9eq7+66+e9qp4yUpR7x+?=

=?us-ascii?Q?bbgrbDXRn1zYvRwx3gAWkL6zeBebh1b5PzezPfg8PH4a5WJCEcwikL4A58rA?=

=?us-ascii?Q?cBLvUoTDpBT+v35Vb1eTOrT880bJYM92huiVfHfbJdd8cB05JmbmVfA+TEAF?=

=?us-ascii?Q?Ps0XSTQnc0XitTGVVSP6q4HMiUlLwBwJrnxGVt0WOBQxeIcfQrp8D4AO8XBa?=

=?us-ascii?Q?RnPTIQhwSiHTfHVpouG032VK0KUpDfFI88YBjoQ7Tih84SjPtYWJ994ZcFHm?=

=?us-ascii?Q?5UBoLUjKATqfA+YHtnNO7dTLNIlfbNsuWsKBeJ9U/1KCEpoPlGHuk6PnLaFM?=

=?us-ascii?Q?Q+tjn+0KbqVDgkcSqNyfkd+DwdaijOi4/wN67/9cyz/Lu5KRcELtQWvYK7CI?=

=?us-ascii?Q?G15O4B8j2oPNdGaRlL8AjpnfKLy39GoyPBxLNyhC2gAP7NtNXo+HwTSYl/YI?=

=?us-ascii?Q?YOCiNkhgOOsQTXK13TcbfLSpUNEZmDgJ4NIvOkw0T0bjPwL2Y5ZhcINuEE1N?=

=?us-ascii?Q?y38bNPVpdxFtDWIQe3WbQoOxoi9evzOXUzP1Q8cTmhButd4fRbf30mPY0CsV?=

=?us-ascii?Q?OftzmU3OSSedwrh0owcO8gNtIJvXOsOKRlo2kcY//X3z8FZG7ONmXpbw8SJm?=

=?us-ascii?Q?jDhWP0sM6Ec8H9xZoj5PntviKe/NDYXNhnJI1AwbcG4mEt/RFIncArXLxXQA?=

=?us-ascii?Q?fbOMJtDvVyoXDOR/6fGNjBmMCQjItyJ6DTBnzLtwZO5RUv5yGLLgYmtoxERD?=

=?us-ascii?Q?uudtwE6AzhacilVpkYZFBK+3E3CEqoPcEOuIK7JiCh+KBxJ7o00oqmIVvwcj?=

=?us-ascii?Q?jybS7gGZ2pxhc2Lz79EoKZ2bVHt8SPphabQwBt+nLmyIOdcMS+XcSCnzdswZ?=

=?us-ascii?Q?yqv6xyhItF0gYuY2R+OqlrCLtuGlNc+ESc9V0QXMtPceX2Mp5sKe1l4+EUdk?=

=?us-ascii?Q?CXbkCOY2mPE7yGoSNp846ChMGhRO13J7lqe891GcyNE5zu+BsETva+aY8MZA?=

=?us-ascii?Q?+obKMQV+Mrdxshul/MuBbiepDjqeuZgIhSEFexIGjmJG+RujGHfqa39wfZZ9?=

=?us-ascii?Q?AHT3b7XFIpNPTvPtr3VBjM9laTG5yA5b63wRBImZPQ2bjdzRplq34MeUo6QN?=

=?us-ascii?Q?5QwdwKOEYCD7hvsgrDvYtzE8JT493gVMJx9F/N5ei00gz2dVhi9S7W9N6Oge?=

=?us-ascii?Q?iJlgI5Bxs5Mz+tkUM9BY?=

Content-Type: multipart/alternative;

boundary="_000_PAWP192MB2126818298C0E6FFE4CC2E2EDEFEAPAWP192MB2126EURP_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-8534-20-msonline-outlook-f44ed.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: PAWP192MB2126.EURP192.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: a3dcda56-952b-4db1-609f-08de13fc3070

X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Oct 2025 19:24:59.4157

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXP192MB1877



--_000_PAWP192MB2126818298C0E6FFE4CC2E2EDEFEAPAWP192MB2126EURP_

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable



Hello sales@nk.ca,



I checked your website, you have an impressive site, but the ranking is not=

good on Google (GMB), Yahoo, and Bing.



Would you like to optimize your site? I will be happy to share with you our=

pricing and proposals.



May I send you a quote? If interested!



Waiting for a quick reply



Thanks,



Marcella



--_000_PAWP192MB2126818298C0E6FFE4CC2E2EDEFEAPAWP192MB2126EURP_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable








>





Hello sales@nk.ca,



I checked your website, you have an impressive site, but the ranking is =

not good on Google (GMB), Yahoo, and Bing.



Would you like to optimize your site? I will be happy to share with you =

our pricing and proposals.



May I send you a quote? If interested!



Waiting for a quick reply



Thanks,



Marcella 









--_000_PAWP192MB2126818298C0E6FFE4CC2E2EDEFEAPAWP192MB2126EURP_--

Legal e-mail phish from Google Gmail

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 25 Oct 2025 13:47:01 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCkDh-00000000O99-0zGX

for dave@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 13:46:33 -0600

Resent-From: The Doctor

Resent-Date: Sat, 25 Oct 2025 13:46:33 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lj1-f170.google.com ([209.85.208.170]:55589)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCgOt-00000000PJ2-3yPK

for doctor@doctor.nl2k.ab.ca;

Sat, 25 Oct 2025 09:42:01 -0600

Received: by mail-lj1-f170.google.com with SMTP id 38308e7fff4ca-3696f1d5102so27246201fa.3

for ; Sat, 25 Oct 2025 08:41:04 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1761406857; x=1762011657; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:in-reply-to:references

:mime-version:from:to:cc:subject:date:message-id:reply-to;

bh=cbXpReMSmQjpFZ/b1xXtIngP+PIQ3TIPQxkEKoTMetc=;

b=Vxzgh+JJ66+gdJFOTMW7QOE5fvRhtJcH6pUgD/EHVH3y9bFhtU/LKqWLANOeWMSRj1

R6zu1gFcFhVYYW/ZlmbsY4ngXuHCtYcRb8u1qJT7ITTMz9e9Hhe1UNK2i/eIxyfdZKIK

VhjtiKHeBPLsSIa88pbXOOjvD7RfP6pU/EoxL1bejTZVbPI9GrejYfa/XHDLZLEo6UsD

sdzrcJHB5m3wV4Th117OvAF1WCSCwppHepSCzUtWZ0X/SRdoKGkMoCFUobM82mHUQm6n

lC1utnEezvUGTNL4VIlNxy0yUTnRqHwiY+TJ56+Ah+EANEVK9ADTZQmn/rxcpoJA7L4U

yIDw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1761406857; x=1762011657;

h=to:subject:message-id:date:from:reply-to:in-reply-to:references

:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=cbXpReMSmQjpFZ/b1xXtIngP+PIQ3TIPQxkEKoTMetc=;

b=Xx14o/hAVO4eA/a5s7g0sLwLgo03kmohlb8CQ3rObeFuCV0fwYp+ESIEnPgQyYeqk3

0+d1e8CNif74WWOYqGoMyZqQbv1WV81z9Nhayhu5XXWqALnOV5Na75Z9nhcGNllG0T/y

lFgOAMtBJDs7DBDRAkfQvJ8nVlgQocpHy1DqKCSCJ643IqcfvShQomr+CDap8SwFZHFc

hclO+8xwnzXyZAvOI+AAVUbX0VhnEjYzPAoFIbyue64PEh25IbtJFvFxGwd6j+iP7hfj

LJXfLFfLrdAeXhqNK+Y0EJ8Jobh6Goq09K5bx7Yz96yHSVfN7G+ma4iCnufGydpQIQoV

Y/hw==

X-Forwarded-Encrypted: i=1; AJvYcCUfCn+fPf3jBnaiWjYhtr1bccRY+X7tuTPKo7QpPcqGRzm5INwaYZL9/yD9YqnuSq/5fJA9FfQ=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0Yy3DeV4JcN6wK5SQEvCytYztkMPVBECoB6yNEmOdbyMdjxd+HaE

v61BBu4qoaGXEjeb+57A/ZFZZ0OYhry9YrADxzf62oTMgz1VKdK0wZD+3qZY4Qzkn/3dqzk1p7C

iBkKwb+dTUS3UgXMAthe4eWtZYmJHXgw=

X-Gm-Gg: ASbGncvDHiR3SFA3Zku+hzmFDv5JluLQRsIoZkPfFQj2sc/IOsPHLJ7ZVwdf9DbMmvx

3j6ynlOmLRGmUqN3Gzk3b6GLyucYFiPlJNt/G3DISbrzkgayhktvXY7sISGkZbFJKfUsy6iAs4j

ylar2P1MIx/FaLRVJnxkdklw1HF7hCPkT7QCpS5v69CtmE2+OUM7t65UJ33NvUJvE+T2cLtWlVD

wNJZlXxzzy5VspMa3HoEIx6zOrvMJFwpQEitwhhHr1P8BGA5YU3gnPd7q+F3wfisPE05IX0GoaW

iZ+mXiI6yYVn1Ej1QotAxyxZNgP0

X-Google-Smtp-Source: AGHT+IGRSbbBxArH6Z/F3B4eLO9radDROYv5jdh56ltCeqw717HQr8HGzgVfgwpYxPplTL456xgF+2WGTnRbwe3QR4A=

X-Received: by 2002:a2e:bea8:0:b0:355:b3ec:11e2 with SMTP id

38308e7fff4ca-3779782d147mr96992671fa.8.1761406856645; Sat, 25 Oct 2025

08:40:56 -0700 (PDT)

MIME-Version: 1.0

References:

In-Reply-To:

Reply-To: info@libertylawfirmua.com

From: LIBERTY INTL LAW FIRM

Date: Sat, 25 Oct 2025 18:40:45 +0300

X-Gm-Features: AWmQ_bkEBD6B2C9Fnhx9FXKabIHjaBEg_i8dYBIQJ7Xl3Cu-64zIhfszfntVfOU

Message-ID:

Subject: :: Urgent Notification

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000fed0f30641fd7d93"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 8.6

X-Spam_score_int: 86

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Urgent Notification I hope my mail finds you in good health.

I once again try to notify you, as my earlier letter was returned undelivered.

Contact me as soon as possible to guide you on how to receive your inheritance

funds from our law firm, which our late cl [...]



Content analysis details: (8.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.170 listed in will-spam-for-food.eu.org]

[209.85.208.170 listed in will-spam-for-food.eu.org]

[209.85.208.170 listed in will-spam-for-food.eu.org]

[209.85.208.170 listed in will-spam-for-food.eu.org]

[209.85.208.170 listed in will-spam-for-food.eu.org]

[209.85.208.170 listed in will-spam-for-food.eu.org]

[209.85.208.170 listed in will-spam-for-food.eu.org]

[209.85.208.170 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.170 listed in dnsbl.ahbl.org]

[209.85.208.170 listed in dnsbl.ahbl.org]

[209.85.208.170 listed in dnsbl.ahbl.org]

[209.85.208.170 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.170 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.170 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.170 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.170 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.170 listed in list.dnswl.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.170 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.170 listed in sa-trusted.bondedsender.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[romanmelnicenko01(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[romanmelnicenko01(at)gmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.170 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.208.170 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.170 listed in bl.score.senderscore.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.9 YOU_INHERIT Discussing your inheritance

3.1 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} :: Urgent Notification



--000000000000fed0f30641fd7d93

Content-Type: text/plain; charset="UTF-8"



Urgent Notification



I hope my mail finds you in good health.



I once again try to notify you, as my earlier letter was returned

undelivered. Contact me as soon as possible to guide you on how to receive

your inheritance funds from our law firm, which our late client made you

a beneficiary of.



Sincerely,

Barrister Luciano Mouran & Thompson

(Liberty International Law Firm Specialist)



--000000000000fed0f30641fd7d93

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




=3D"ltr">Urgent Notification

e=3D"font-size:large">

e:large">I hope my mail finds you in good health.

ize:large">
I =

once again try to notify you, as my earlier letter was returned undelivered=

. Contact me as soon as possible to guide you on how to receive your inheri=

tance funds=C2=A0from our law firm, which our late client made you a=C2=A0b=

eneficiary of.


arge">Sincerely,

ze:large">Barrister Luciano Mouran & Th=

ompson=C2=A0

arge">(Liberty International Law Firm Specialist)






--000000000000fed0f30641fd7d93--

Nigerian spam

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 24 Oct 2025 08:41:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCIy9-00000000FsO-3lA2

for dave@doctor.nl2k.ab.ca;

Fri, 24 Oct 2025 08:40:41 -0600

Resent-From: The Doctor

Resent-Date: Fri, 24 Oct 2025 08:40:41 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from lasevaweb.servidoresdedicados.com ([31.24.155.207]:41834)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCIbR-000000005Hl-0LTX

for doctor@nl2k.ca;

Fri, 24 Oct 2025 08:17:20 -0600

Received: from webmail.lasevaweb.com (localhost [IPv6:::1])

by lasevaweb.servidoresdedicados.com (Postfix) with ESMTPSA id D5318E9CBF2;

Fri, 24 Oct 2025 15:52:49 +0200 (CEST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lasevaweb.com;

s=default; t=1761313990;

bh=rO6Pj7vIoTsNDE1r/mGifWi0k5+sWDDD3c5iBVgOb1c=; h=From:To:Subject;

b=GZY6Iysaa1kcf9qR82vhOxtdQGaXTIKKx7GiJu44PhJ/8F8/AF7YWvGhTEV5nPH9M

1XBsyp34h9urCgR1Ig0ppUO3GAJM860pzFevrrKHhWFyOsRgQpC8tzsktRFdA5vUot

Sa6b8YEoaMJf9NABPr6xTlrNg4ABc1AEV1afzLOc=

Authentication-Results: lasevaweb.servidoresdedicados.com;

spf=pass (sender IP is ::1) smtp.mailfrom=access@lasevaweb.com smtp.helo=webmail.lasevaweb.com

Received-SPF: pass (lasevaweb.servidoresdedicados.com: connection is authenticated)

MIME-Version: 1.0

Date: Fri, 24 Oct 2025 14:52:49 +0100

From: Faisal

To: undisclosed-recipients:;

Subject: Hello

Reply-To: faisalaalhamad55@gmail.com

User-Agent: Roundcube Webmail/1.4.15

Message-ID: <2f22ed4167a86ed74d93d8a1ba469ac8@lasevaweb.com>

X-Sender: access@lasevaweb.com

Content-Type: multipart/alternative;

boundary="=_f045efcecae453c4ade0b09543060cb2"

X-PPP-Message-ID:

<176131397197.24461.2455881798233898765@lasevaweb.servidoresdedicados.com>

X-PPP-Vhost: lasevaweb.com

X-Spam_score: 12.2

X-Spam_score_int: 122

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello It is my pleasure to communicate with you for the first

time and it is for a great cause. As an investment Banker, I have funds in

my bank I wish to direct to you as a foreigner for investment p [...]



Content analysis details: (12.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[31.24.155.207 listed in will-spam-for-food.eu.org]

[31.24.155.207 listed in will-spam-for-food.eu.org]

[31.24.155.207 listed in will-spam-for-food.eu.org]

[31.24.155.207 listed in will-spam-for-food.eu.org]

[31.24.155.207 listed in will-spam-for-food.eu.org]

[31.24.155.207 listed in will-spam-for-food.eu.org]

[31.24.155.207 listed in will-spam-for-food.eu.org]

[31.24.155.207 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[31.24.155.207 listed in dnsbl.ahbl.org]

[31.24.155.207 listed in dnsbl.ahbl.org]

[31.24.155.207 listed in dnsbl.ahbl.org]

[31.24.155.207 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[31.24.155.207 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[31.24.155.207 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[31.24.155.207 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[31.24.155.207 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[faisalaalhamad55(at)gmail.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

3.1 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} Hello



--=_f045efcecae453c4ade0b09543060cb2

Content-Transfer-Encoding: 7bit

Content-Type: text/plain; charset=US-ASCII;

format=flowed



Hello

It is my pleasure to communicate with you for the first time and it is

for a great cause. As an investment Banker, I have funds in my bank I

wish to direct to you as a foreigner for investment purpose. Contact me

now via my private email for more information and modalities. Email:

faisalaalhamad55@gmail.com



Faisal A.Al-Hamad,

CEO Global Wealth Management,

National Bank of Kuwait, Kuwait.

--=_f045efcecae453c4ade0b09543060cb2

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset=UTF-8




=3DUTF-8" />
eva,sans-serif'>






=

Hello
It is my pleasure to communicate with you for the first time and=

it is for a great cause. As an investment Banker, I have funds in my bank =

I wish to direct to you as a foreigner for investment purpose. Contact me n=

ow via my private email for more information and modalities. Email:
=3D"mailto:faisalaalhamad55@gmail.com">faisalaalhamad55@gmail.com
=


Faisal A.Al-Hamad,
CEO Global Wealth Management,
National B=

ank of Kuwait, Kuwait.








--=_f045efcecae453c4ade0b09543060cb2--

Web/SEO/App Spam from Microsoft Outlook

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 24 Oct 2025 14:10:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCO60-00000000FdJ-3Odi

for dave@doctor.nl2k.ab.ca;

Fri, 24 Oct 2025 14:09:08 -0600

Resent-From: The Doctor

Resent-Date: Fri, 24 Oct 2025 14:09:08 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012054.outbound.protection.outlook.com ([52.103.43.54]:7447 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vCJ06-00000000FyW-3ID7

for root@nk.ca;

Fri, 24 Oct 2025 08:42:53 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=cZnwo5f/tqblMCCjF49RpdVDSvWOzDXRBjNKZKMFzxOXqY0x3RaJdKWyp45SPWmXog4mtpZWUfeAN2TzSN8bplghm5nqZvHnZhQUaWUOzC0NhUT8pK2LKR/6YJ0V2x/4PVIsFZlz0Vrca/0uve/KwzSGVwvKBshx0VsNqvpz1CELK+f/qTf55aVT7EcIZKMocxu2u4tRuEP3Sh71ufiTB42fNKuN3W61W+BrszU0+DmNs57PgeqB6f6zUFCF4zQHBQBBNMRKpoIhWOKvD/Ps45r83RGspZU870uiO5lr/he5E0DwoJ+DlD7ybw55SqxVmeVo1cdmbxW/j6eXd0i6JA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=CnQOK1zpQVX9bF9Nz0I/VgenIydHAbtfImlFStlt3hs=;

b=Ou28IxqaJduu9Bc01Iucdca8ycj/6a91ub4u1ncw+lzqRoRjQcHHktAvcTAYDDrYzlYek8BONHquMcdYYIMlgd37rPmzXoURABBFHWsffe+2HsmXo4RinaVwnis70qI7C7fPrj5deEtCtu4JlDw153Xi6Hm3oAfb1Xlf7DkbneJW6bEkCAWpOiXtcMSCO2ErQzKC4D9u4460tco7AvuQ1Cg10YLsG/MgoYYa0+8j4YKrFojN7bhdaUtP9MpaS3+mE8qNCDgVy/yY4836A10GMsab+VNj3KMfH3WN26xHn6HMMgyYeSqMliqJNZu0n/1leJix5lIrw9nr3KtlYgxgbQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=CnQOK1zpQVX9bF9Nz0I/VgenIydHAbtfImlFStlt3hs=;

b=ErAypO8z9OL5/9rv2fpjXq28jh5Pe1J0lQC0VhN5kcfgCMZLGIvL21jZ+vAan2Wt3tG/J8rhkTG3LPz0/dfiUoSjpsBc/cMfdIbBeBirGSPCTQfJKCVG8bC/rRWGwnDHU9FmJ0ElfrxoU/eOXGkvY194snC8/kJNCCs9L6gJ1OyURvuZfQ/bb4+uGA/ZlE5R37f1RRR5/Wt0DuiImmOlPttH6biEVe9cuhKuiSbGVikDLAT9rMvEC778zsmudQ0CdckrctDeBrFP06TIKIWkAOMDVIwaFWkdA5UBecSdc8SRUxElCjCoILHonDZVyeAG4czYJH4B/zfacW36NqqGoA==

Received: from SI2PR06MB5338.apcprd06.prod.outlook.com (2603:1096:4:1ea::11)

by SG2PR06MB5288.apcprd06.prod.outlook.com (2603:1096:4:1dc::9) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9253.13; Fri, 24 Oct

2025 14:40:52 +0000

Received: from SI2PR06MB5338.apcprd06.prod.outlook.com

([fe80::f524:4bc4:ca74:9ea7]) by SI2PR06MB5338.apcprd06.prod.outlook.com

([fe80::f524:4bc4:ca74:9ea7%4]) with mapi id 15.20.9253.011; Fri, 24 Oct 2025

14:40:52 +0000

From: zoe lancaster

Subject: Re: Growing

Thread-Topic: Growing

Thread-Index: AQHcRPQex6hUCNhBzU6gpaLaALzlRQ==

Date: Fri, 24 Oct 2025 14:40:52 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SI2PR06MB5338:EE_|SG2PR06MB5288:EE_

x-ms-office365-filtering-correlation-id: f66dc7d6-223d-4f5f-7ab9-08de130b54c9

x-microsoft-antispam:

BCL:0;ARA:14566002|19110799012|461199028|15080799012|15030799006|5062599005|36102599003|7071999006|31061999003|8062599012|8060799015|3412199025|440099028|41105399003|39145399003|39105399003|40105399003|51005399003|102099032|56899033|2406899039;

x-microsoft-antispam-message-info:

=?utf-8?B?RjNJWXZtaHZiZ3V1MkpiUUgxdTFxMFNKSFZnTEUwOW92NnZtb1BBbU0yK1BU?=

=?utf-8?B?aTZ5UVhrTk10aURXYytKUTVqN0J5MmR5MkZpK2FqaU5SL3NUcDI5Y2xCc2ho?=

=?utf-8?B?TzQ0dDJFL2ltOHVIZHVCMVV0YkF6MVQzYW5rbk9XN1hvMkJMdDZHTWVFZU91?=

=?utf-8?B?NXZsenZ5bVppYmd1UEYvcnlLTFpXT3V4UENubnVFSVpCcjBuTVozUjVBWVpu?=

=?utf-8?B?cmF2NXl5YTBMNDF4RnJTS0tyVVhGMEQ3QXZYR0NNeDJVNHV6VmF5aCtoZVRK?=

=?utf-8?B?dnBuTjQ0U1ZaS28rMlRubWtFRWU2ZURLc1diOUdrcjh4VHBDVWVlWEtxdXd6?=

=?utf-8?B?Vi90OWlLQkg1bEE2dUV4WGYra1M5b2cwdUFlM3lNekMzN21HUkc1WjVvcGJm?=

=?utf-8?B?dVpTS0xITzFEU1Z4c0p4c3h0WmJjTFJRMmdsZ2JqS3ZMMWlrNDZJODRSUmJU?=

=?utf-8?B?WDgyc3ZoRldiMVNqblMxTDIreWZhTnhWQUUwc3NsR1hBSk1CUmp6VFhKYWNF?=

=?utf-8?B?R2NFTStiQ28zTlA2NVhRNUxXbHlCNGdGek9zTit2SG1OdWlkY0szU3MwelFN?=

=?utf-8?B?OVBaZFpOaFUwU2c4YVNia29aL1lyaFIzMm1OMTBIbGdsc0ZNMTNOMlUxclRI?=

=?utf-8?B?VGZEU0dZRFBnNlczTkt0eTc4U3FuRk15VUlTQldrc0UzSXNuR2N1K3lZTllK?=

=?utf-8?B?cmtHNERnMk5vYU9nSDdwdmgwekNxUHFMTzRvR3YrSVZla0FxaU9EV05DVDA1?=

=?utf-8?B?WHoxSHptS040a0R6bXJ2a3ZTeWM1UHBtbTh2bUpZY1ppV05wTGhmUS9Za3BK?=

=?utf-8?B?UGlIeTJmby9kcndSWmxwMjJHTjNkYUdrekl6T2pob00raGdmT2hvMEpmc1pt?=

=?utf-8?B?YW10T0VyNmZBci9MR3c4VEtpZit1ZWhCZlp0dnJRYWpsZ3c4cDUwRE5VM1NZ?=

=?utf-8?B?aS81S0RKZncwOEZtN3JvdmExZDcrUlRaM2N6WmNKenV4WWhPd0Y2WkJQbUEy?=

=?utf-8?B?ZWtjODlUMWUxVVZ4d0l4d0lMOTROS29FUjNBY3hBNFBPQzEwMHI1MkdZVmdj?=

=?utf-8?B?dmVMUWtZcm9IbDdxeEpsU003V0xDT1RUVGxyT09XR3VLVElJdzBKMkNid2xQ?=

=?utf-8?B?RytCVUdPbGdESHVMejYveDFmazM1TTVIRnhOekw1WUFoUW1tNVpPa2p4clBN?=

=?utf-8?B?czVGSUYrczlqaERaYmJZZE9DS0hYbXlMRWVYbFRXMVRJWW8vVUJSTmRVYVFq?=

=?utf-8?B?ZE1LS3g4cTV1ZFJ0WFRhdnFseUdCMmVMK2UzS1JuTTBjL25TUVU5b1Y0NHg5?=

=?utf-8?B?bVpWMnVHcW14YVl6Nm13ZXl4SHY4enQ5TWF6VDJIQk1VYjRIdU1xRzVuTkpj?=

=?utf-8?B?eU50bC9lcnlFQnV6bDFHUloxcFpIaE5jTW1RT0FWODhYRFl3cWxFWXJrZGky?=

=?utf-8?B?czlhY2JnT1NudDZqWTNWNGprRjd4dkZRZEdjMzlSWlNQTnVrRlp2VTd0K3lX?=

=?utf-8?B?OWFFKzI5MDVMRGlqQVZ6Nm03T3hJcWdnRkZLa1IyZ2U5cHQ5OTdTdkxZSURZ?=

=?utf-8?B?WGlLRWZYZEtVcEFPeDI3Wlkwbkg5K3VrYnR0bXAvRk5GSi9vamg4UTdoUFlz?=

=?utf-8?B?VnhWdVc3QXpteG93a2JnTGhSc2ZHdWxvaTd5R1hUbDhEaG9Cck1rc3o5Q2s1?=

=?utf-8?B?L3RKaUoybVBFMzYzUFpFKzVLb0VwZnZTWCtsQ2FZU3ZxQmlkWUVaMjRvY1NQ?=

=?utf-8?B?TDhjZDVVdlpFaTVya3VkZFNoNVdwK2VROUsxK0wzQmZKVmdWSWZQa3pwdEJM?=

=?utf-8?B?d2ZJeWp0NXJiSTYydzdZMFhyQUw0VnFkanlwWE95NzNTWVVodHpoNHhvTFZm?=

=?utf-8?B?d2dMNEdUK2FrbktwT0xJdGEyVXJ5RTY0R3A3djIwdkxLZ2c9PQ==?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?utf-8?B?MjVWSVZ6cUNTSjhNTElNTlFvM0RzWmI2Y1B6bkZvRTJodEN0ODFxUFZlMFBW?=

=?utf-8?B?VFFjS1pic0R0RFNXNjZtZmtaWmlpVkJPN051N0xJU29hVHlZKzM1REhSZE84?=

=?utf-8?B?Nk9POVJBaHJLM1FHdkxqeWxWT1k2Ti95QXFDbmZLc0RtNVB5Z1ZVY3pVUDV3?=

=?utf-8?B?TGRERnBubk01WHFYbHB6M1MxRXJHYkVDVjk5REdUclRKcldmZXV2d3JjU2tM?=

=?utf-8?B?NVpTeHJpekNaWGZEVlhLeTBHTkoxV09IQVpNaEpUWVI0TTJmMkpaRXE4clJ1?=

=?utf-8?B?YXFiYTJ3NU9oOWswSHgzMWw3c2dONmVBSTJNUExOZjgyTG1WcjFPcjBOUnZT?=

=?utf-8?B?SFZBbDIxcTNYdU5mVENFYmUzSEtod21aVWN5S1kvaXpuU21rOCtyNmRKTXhC?=

=?utf-8?B?OWlKZFJYZGF3bTVrTW1OcUR2d2JhRExLTmlnZmcrL1RwOHl4MnFZRk05OXVq?=

=?utf-8?B?S1N3TFZQSDQ0UTFJZkdXWGQydUxXMGkxcUM5S041UVI0SVdxN055RGZKWjJl?=

=?utf-8?B?YXZ0eUZqNThRYzVpcStmbEZXcklwTm54aE5xNFpPM0VnUWpaRjJ5Q2F2YW1M?=

=?utf-8?B?TWpOMUNQQlljdHlYbEFBZUVaQlNCaUdhTVg0NG9oWXh5dDg4bG1ZT2xsTjZM?=

=?utf-8?B?b1d6WVV5aUVxSEFCeGtoMjZ4M1B5YVN5eTFkMkZNVlJKZHBOU2tyK1A3Mk0y?=

=?utf-8?B?bC95a29oZFFMYlpsYWNLUFVmcHgzZC8wZ1F5dlpjeWlQZWx0aUZSRzg4Rmlx?=

=?utf-8?B?Uzg0VndmbzZHVnR6d29mR2Jma0c3SnNMcURRNmtQTUE1MzBjb1FXbCt5Y3Z5?=

=?utf-8?B?VGR2TjN4K3c2NU9CUVpVelpJSzlHNndHUHRNWi9rQTFZWEd3dnp1NURNVmhm?=

=?utf-8?B?Q3JwZG1UUVNoc0pWeDVoWlpEQ2Q4ZnAzelNUSTVZWmp6YU1nU3BaR3FkVjBl?=

=?utf-8?B?OHZEUWYyNTN0VStQU3BSV0xXdXBrYStDWUk1UTc0QTJoQnFwT1BlRENvdGhT?=

=?utf-8?B?WDExOEVwb3VQeTE3cU1tTDU2VWRGR2VUZ3NRRUFuZFh0OE91ek5wbi9GS3pr?=

=?utf-8?B?dUNKai9XNmpoNnFZa0lGWHhEYUZqN3h0Vm5tNGZBZUJTVndDY3VQYnBxQzhK?=

=?utf-8?B?VE9nWlBkMXBzUENzY1BueU9qd3loVWNpYXhJUzVJYjA3a1VxYXVwUmxiNXdS?=

=?utf-8?B?dmt2ZFhqamVQVHVmcFRrMWN4R0ZaQnZRWVdNL1Q3cHdzZHVrZjMzK1JCRTJP?=

=?utf-8?B?Tm9JNkd5bEViVm5aWm50WkpROXZ6NnJBeXJVWUxwUFZucHh6RGhuY1o0aUpS?=

=?utf-8?B?QlMvM3g1aGVmMnV1MmdOQWE1UTNhdXcrWnBSbnZSVjRVdzZzdFllQWMzME1i?=

=?utf-8?B?VnB6Q2NCa1JkU0Q3SnRyR2tuOE1tZ2V2RU5yanhFK1NCMk41M1h0MnUvOVNY?=

=?utf-8?B?dWdNQnlLTGlMSnJJNi9RazBRRk1IT3VULzkvLzlRb3RjOVdtSldVRzVEL1Qr?=

=?utf-8?B?TDFaNHhyZHpGZUR1eERmS0g3SlVKU3dSUmdrUko5OTZzNklIbXd0YVhjZ3hs?=

=?utf-8?B?UGdhd0hNQ2dMOFpqdlNTSjFTUFpROUFsbFVHNGVGWHdMbUdmMUwwc1o2Vzg3?=

=?utf-8?B?NThKVnIwUWU4Ymk3LzVRa3R3cGU5YytubVZ0bHBGM0VKcm5CZWVySzFYOEdC?=

=?utf-8?B?OTVSdC9yb3RMR09Wb3Zzd1pPcVBIempKVSs2a29MUC8xa3BzUFp4c3NzNFl5?=

=?utf-8?B?aWpVcVhsR3owTnk5S2xCTXpCOGplMTVsSnY3NEtjRXE4U2o0Mmt4VGt0Yy82?=

=?utf-8?B?Um4xOW5jemJxcjhrck1Ydz09?=

Content-Type: multipart/alternative;

boundary="_000_SI2PR06MB533808E26E62CDBEFA5A1130B9F1ASI2PR06MB5338apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SI2PR06MB5338.apcprd06.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: f66dc7d6-223d-4f5f-7ab9-08de130b54c9

X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Oct 2025 14:40:52.0475

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SG2PR06MB5288



--_000_SI2PR06MB533808E26E62CDBEFA5A1130B9F1ASI2PR06MB5338apcp_

Content-Type: text/plain; charset="utf-8"

Content-Transfer-Encoding: base64



SGV5LA0KDQpHcm93IHlvdXIgYnVzaW5lc3Mgd2l0aCBoaWdoLXBlcmZvcm1pbmcgRmFjZWJvb2sg

QWRzLg0KDQpXZSBwcm92aWRlIGZ1bGwgU01PIHNlcnZpY2VzIHRvIGJvb3N0IHlvdXIgcmVhY2gu

DQoNCldhbnQgb3VyIGxhdGVzdCBwYWNrYWdlcz8NClpvZSBMYW5jYXN0ZXINCk1hcmtldGluZyBD

b25zdWx0YW50DQrwn5OnIHpvZS5sYW5jYXN0ZXIubWFya2V0aW5nQG91dGxvb2suY29tDQoiSWYg

eW91IGRvbuKAmXQgd2FudCB0byBoZWFyIGZyb20gbWUsIGp1c3QgcmVwbHkgJ3Vuc3Vic2NyaWJl

JyBhbmQgSeKAmWxsIHJlbW92ZSB5b3UuIg0K



--_000_SI2PR06MB533808E26E62CDBEFA5A1130B9F1ASI2PR06MB5338apcp_

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: base64



PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i

dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyIgc3R5bGU9

ImRpc3BsYXk6bm9uZTsiPiBQIHttYXJnaW4tdG9wOjA7bWFyZ2luLWJvdHRvbTowO30gPC9zdHls

ZT4NCjwvaGVhZD4NCjxib2R5IGRpcj0ibHRyIj4NCjxkaXYgc3R5bGU9Im1hcmdpbjogMGluIDBp

biAwLjAwMDFwdDsgZm9udC1mYW1pbHk6IEFwdG9zLCBBcHRvc19FbWJlZGRlZEZvbnQsIEFwdG9z

X01TRm9udFNlcnZpY2UsIENhbGlicmksIEhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXpl

OiAxMnB0OyBjb2xvcjogcmdiKDAsIDAsIDApOyIgY2xhc3M9ImVsZW1lbnRUb1Byb29mIj4NCkhl

eSw8L2Rpdj4NCjxkaXYgc3R5bGU9Im1hcmdpbjogMGluIDBpbiAwLjAwMDFwdDsgZm9udC1mYW1p

bHk6IEFwdG9zLCBBcHRvc19FbWJlZGRlZEZvbnQsIEFwdG9zX01TRm9udFNlcnZpY2UsIENhbGli

cmksIEhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxMnB0OyBjb2xvcjogcmdiKDAs

IDAsIDApOyIgY2xhc3M9ImVsZW1lbnRUb1Byb29mIj4NCiZuYnNwOzwvZGl2Pg0KPGRpdiBzdHls

ZT0ibWFyZ2luOiAwaW4gMGluIDAuMDAwMXB0OyBmb250LWZhbWlseTogQXB0b3MsIEFwdG9zX0Vt

YmVkZGVkRm9udCwgQXB0b3NfTVNGb250U2VydmljZSwgQ2FsaWJyaSwgSGVsdmV0aWNhLCBzYW5z

LXNlcmlmOyBmb250LXNpemU6IDEycHQ7IGNvbG9yOiByZ2IoMCwgMCwgMCk7IiBjbGFzcz0iZWxl

bWVudFRvUHJvb2YiPg0KR3JvdyB5b3VyIGJ1c2luZXNzIHdpdGggaGlnaC1wZXJmb3JtaW5nIEZh

Y2Vib29rIEFkcy48L2Rpdj4NCjxkaXYgc3R5bGU9Im1hcmdpbjogMGluIDBpbiAwLjAwMDFwdDsg

Zm9udC1mYW1pbHk6IEFwdG9zLCBBcHRvc19FbWJlZGRlZEZvbnQsIEFwdG9zX01TRm9udFNlcnZp

Y2UsIENhbGlicmksIEhlbHZldGljYSwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxMnB0OyBjb2xv

cjogcmdiKDAsIDAsIDApOyIgY2xhc3M9ImVsZW1lbnRUb1Byb29mIj4NCjxicj4NCldlIHByb3Zp

ZGUgZnVsbCBTTU8gc2VydmljZXMgdG8gYm9vc3QgeW91ciByZWFjaC48L2Rpdj4NCjxkaXYgc3R5

bGU9Im1hcmdpbjogMGluIDBpbiAwLjAwMDFwdDsgZm9udC1mYW1pbHk6IEFwdG9zLCBBcHRvc19F

bWJlZGRlZEZvbnQsIEFwdG9zX01TRm9udFNlcnZpY2UsIENhbGlicmksIEhlbHZldGljYSwgc2Fu

cy1zZXJpZjsgZm9udC1zaXplOiAxMnB0OyBjb2xvcjogcmdiKDAsIDAsIDApOyIgY2xhc3M9ImVs

ZW1lbnRUb1Byb29mIj4NCjxicj4NCldhbnQgb3VyIGxhdGVzdCBwYWNrYWdlcz88L2Rpdj4NCjxk

aXYgc3R5bGU9ImRpcmVjdGlvbjogbHRyOyB0ZXh0LWFsaWduOiBsZWZ0OyB0ZXh0LWluZGVudDog

MHB4OyBsaW5lLWhlaWdodDogMS4zODsgYmFja2dyb3VuZC1jb2xvcjogd2hpdGU7IG1hcmdpbjog

MHB4OyBmb250LWZhbWlseTogQXB0b3MsIEFwdG9zX0VtYmVkZGVkRm9udCwgQXB0b3NfTVNGb250

U2VydmljZSwgQ2FsaWJyaSwgSGVsdmV0aWNhLCBzYW5zLXNlcmlmLCBzZXJpZiwgRW1vamlGb250

OyBmb250LXNpemU6IDEycHQ7IGNvbG9yOiByZ2IoMzYsIDM2LCAzNik7IiBjbGFzcz0iZWxlbWVu

dFRvUHJvb2YiPg0KPHNwYW4gc3R5bGU9ImJhY2tncm91bmQtY29sb3I6IHllbGxvdzsiPlpvZSBM

YW5jYXN0ZXIgJm5ic3A7PC9zcGFuPjwvZGl2Pg0KPGRpdiBzdHlsZT0iZGlyZWN0aW9uOiBsdHI7

IHRleHQtYWxpZ246IGxlZnQ7IHRleHQtaW5kZW50OiAwcHg7IGJhY2tncm91bmQtY29sb3I6IHdo

aXRlOyBtYXJnaW46IDBweDsgZm9udC1mYW1pbHk6IEFwdG9zLCBBcHRvc19FbWJlZGRlZEZvbnQs

IEFwdG9zX01TRm9udFNlcnZpY2UsIENhbGlicmksIEhlbHZldGljYSwgc2Fucy1zZXJpZiwgc2Vy

aWYsIEVtb2ppRm9udDsgZm9udC1zaXplOiAxMnB0OyBjb2xvcjogcmdiKDM2LCAzNiwgMzYpOyIg

Y2xhc3M9ImVsZW1lbnRUb1Byb29mIj4NCk1hcmtldGluZyBDb25zdWx0YW50ICZuYnNwOzwvZGl2

Pg0KPGRpdiBzdHlsZT0iZGlyZWN0aW9uOiBsdHI7IHRleHQtYWxpZ246IGxlZnQ7IHRleHQtaW5k

ZW50OiAwcHg7IGJhY2tncm91bmQtY29sb3I6IHdoaXRlOyBtYXJnaW46IDBweDsgZm9udC1mYW1p

bHk6IEFwdG9zLCBBcHRvc19FbWJlZGRlZEZvbnQsIEFwdG9zX01TRm9udFNlcnZpY2UsIENhbGli

cmksIEhlbHZldGljYSwgc2Fucy1zZXJpZiwgc2VyaWYsIEVtb2ppRm9udDsgZm9udC1zaXplOiAx

MnB0OyBjb2xvcjogcmdiKDM2LCAzNiwgMzYpOyIgY2xhc3M9ImVsZW1lbnRUb1Byb29mIj4NCvCf

k6cgem9lLmxhbmNhc3Rlci5tYXJrZXRpbmdAb3V0bG9vay5jb208L2Rpdj4NCjxkaXYgc3R5bGU9

InRleHQtYWxpZ246IGxlZnQ7IHRleHQtaW5kZW50OiAwcHg7IGxpbmUtaGVpZ2h0OiAxLjM4OyBi

YWNrZ3JvdW5kLWNvbG9yOiB3aGl0ZTsgbWFyZ2luOiAwcHggMHB4IDEwcHQ7IGZvbnQtZmFtaWx5

OiBBcHRvcywgQXB0b3NfRW1iZWRkZWRGb250LCBBcHRvc19NU0ZvbnRTZXJ2aWNlLCBDYWxpYnJp

LCBIZWx2ZXRpY2EsIHNhbnMtc2VyaWYsIHNlcmlmLCBFbW9qaUZvbnQ7IGZvbnQtc2l6ZTogMTJw

dDsgY29sb3I6IGJsYWNrOyIgY2xhc3M9ImVsZW1lbnRUb1Byb29mIj4NCiZxdW90O0lmIHlvdSBk

b27igJl0IHdhbnQgdG8gaGVhciBmcm9tIG1lLCBqdXN0IHJlcGx5ICd1bnN1YnNjcmliZScgYW5k

IEnigJlsbCByZW1vdmUgeW91LiZxdW90OzwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K



--_000_SI2PR06MB533808E26E62CDBEFA5A1130B9F1ASI2PR06MB5338apcp_--