Content analysis details: (6.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.68.0 listed in dnsbl.ahbl.org]

[52.103.68.0 listed in dnsbl.ahbl.org]

[52.103.68.0 listed in dnsbl.ahbl.org]

[52.103.68.0 listed in dnsbl.ahbl.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.68.0 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.68.0 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.68.0 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.68.0 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:c01:1e6:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

[52.103.68.0 listed in will-spam-for-food.eu.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[maddoxexpert(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 MR_DIFF_MID No description available.

Subject: {SPAM?} Re: Portfolio & Pricing



--_000_PN3PR01MB10273D1D034C9A4A3A8B8E22FC96AAPN3PR01MB10273IN_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,



I personally visited your website when I was browsing it.



In order to significantly improve these search results for you, I would lik=

e to send you an audit report of your website.



Can I Send you Quote=94 and Cost/=94?



Best regards



--_000_PN3PR01MB10273D1D034C9A4A3A8B8E22FC96AAPN3PR01MB10273IN_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">































--_000_PN3PR01MB10273D1D034C9A4A3A8B8E22FC96AAPN3PR01MB10273IN_--

In-Reply-To:



Accept-Language: en-IN, en-US

Content-Language: en-IN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-exchange-messagesentrepresentingtype: 1

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PN3PR01MB10273:EE_|PN2PR01MB8814:EE_

x-ms-office365-filtering-correlation-id: 382d4a02-b526-47c3-13d7-08de6f1c7d8f

x-ms-exchange-slblob-mailprops:

JdQcnb18bc4BHB3F1hQh20leSl6i83VE8ETBUy0j7eAOw6msrdjSToBJsBKv5iEMv88qTJQSm9w7+xD/zlqDosd9NwQuzm1oM1IOY94qaJQCS7bnB/cuOu02MxsLnFTJF0sEZ6SzgO4Bi/Y1O/1X1a05a7AimFTsTnLPPGgONE/thOYSqnRevVnjtXyEqUhzqXsjMtQuYQPM7VytqIF8QBHIM/uPRb7D54p70zHOi1p3gwZoprEqbhael9szupmTfgtqrVUy7eAw5ZS5CSvk/rEbOIZVO1OC4qipylZSpAWuo5nS391jH0v6HkuXe5IAkhOKO4RfdnRHH8Mo2UvDlm3wEPQoCUk76YcnItAJECmZu9U/zWBI4Z1hGSKGiZTK5fvGd0NBqzkfkz0chNRw+v+7NiFM2X4YrefazgN2vI+u4/9UWuB03pgb2mqzbetXPh9ARmRF9A8FFRIwcvufGB8j7F3nMmB7kYxAJCRgtEfUt/EiGe4laSckJ74QJRFr1tVhYnTwMxexP0qOUpKm136bp8j0n1jrkeaYyABuA9NzTzqkRH5XlhFbY6bjuxKJ1uCW1Zao944fy51Ok+ygU45rEAzIhib7i/qhrxvoYf6V9URSr8TQJyeOtWR0tUvisVtRVfvx9mY=

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|15030799006|31061999003|37102599003|7071999006|39105399006|20031999003|461199028|8062599012|8060799015|19110799012|440099028|3412199025|102099032|35041999009|40105399003|41105399003|39145399003|1710799026;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?lMdFQbMHPMtNdc7O8Ii0mtsBRabCe6I7NKm74JHz7zZQ87eJwbnvgS/r?=

=?Windows-1252?Q?3+mmaL1M0x1yd0u6mV9xUb7IwICjltBt33GjRi36nKWw9nIQ73S4teVE?=

=?Windows-1252?Q?Csg29SD9+burAgJ3KbAtQ3k0OIHawAPf7lZRBcShQiUVAICE+y4o1D7x?=

=?Windows-1252?Q?1h45XOzCnP2Iq7qqd11bbxSHphpFM9Tg+gTKfn8PQRNKsc+Ew23A5I2D?=

=?Windows-1252?Q?bc8BYKXTHZlU5ym5L2B8cQPU+/Z2LTX177CTAEnZBX6BIkZBgqoGktRS?=

=?Windows-1252?Q?UY/nyY9LegySlrB9e4PxqMDV+2GlnIK8DHyuVPPeuqis3U7hZMsQB00f?=

=?Windows-1252?Q?38ICkvOlFxbNUd30DTwFS57RSpojp5UD1lFustlY3IrrEGtcEOfgZSR+?=

=?Windows-1252?Q?3Z2WzqVSOmJZHkMyja/ki63TK6tlpMi8IhszKwijxh6ZlPvPhVM9uONI?=

=?Windows-1252?Q?I0xJMn2mKmNVhAYpbegdr1gzXV1z1HS33vAmkqWjlibWwzItH88JcDf3?=

=?Windows-1252?Q?TdPGo0o/Bcd2JeavMRo1mXKdDO75coqWm8RXMBJg+nHn0k4NR+3J6Af+?=

=?Windows-1252?Q?g68YsgrNSAtyiiZi+RTlPRm6Jy71TOMyiB0h6o80PKu9Xh5fFDFTjGiF?=

=?Windows-1252?Q?SE2nEq/i9dq+m35B0PthJayNSYUG8vw9T3znBXHiaaYpJLwbL1xJ3/2Z?=

=?Windows-1252?Q?cKkU49bGP4cVJpcq8VVZbAIg1ni9O7PhYQPygZfefbie0ih8xSav8SXg?=

=?Windows-1252?Q?P1XiinPnfaRFJVJXvAQVTEb1x/Mx6vNLNroYIROBhO2wEgZ722h0ApV8?=

=?Windows-1252?Q?rFCeGf4RaQ1XnTgVoheYKmmvm+2TYIhAsNB/PCWmjZ7SMmlWGocgHI3c?=

=?Windows-1252?Q?+UShs/axOR1XYKc4i3LhfsXyit6afj8SweWmJFlb8yjdlxwSfGU6+27m?=

=?Windows-1252?Q?IngbWm8nXULwOQfkuQyc5T8JEQdYtMx31shl69U9Oz6b+PRR61/UoBnj?=

=?Windows-1252?Q?sId0Fa2D7Aebwli/d/eq/r4IGAUcp7CxBD2agrAvSlzq+vkOJ2VmA5xW?=

=?Windows-1252?Q?EDgUAuzDlrQirE+tZLiKyAmuWv1HrvuegEAx4OmIhmXxRPKu+6IdKQqE?=

=?Windows-1252?Q?PyW6kEm1j/vUf3JvoT637/DUHR26BxycfGFBbv4mdaXlvjD6dSDWTKXm?=

=?Windows-1252?Q?WtwPttbo6vOS23z879Qgri/QpWop1NkIPTtM/CN7t0prEPuzaQkSOYcd?=

=?Windows-1252?Q?/xPNBZjTAdm2KEsu1jnjkdzAAMZ4JmKlxRbvYJlAjgBDUBJyrM/7k597?=

=?Windows-1252?Q?DzIHwo+1RtPAsHYLrkD4zaUQaULfm4j88dVinEEp6/9BmoSebDGuc+Cc?=

=?Windows-1252?Q?gkrNjMumV9N4WnxXP1qbsC/jlkG0vyDDpHWk7EmVAipWPShL92znWpKP?=

=?Windows-1252?Q?8MOB1CccP9gUNUH9upQ9lO+RNWHkpxjBxVcDWqOpO2888MNK4NbKlYAC?=

=?Windows-1252?Q?AVoPnh/Lq5eFuGwd8+ecU75bk7Gg2a4UYnhzExs4h8tE6VyUAkw=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?NSCoNVqmB2YMe43BZ2dlMA1pRRY8GhUvzuXZyIW3KI8qWU+cq2y5HHCA?=

=?Windows-1252?Q?KlU2edjxn24LE1vgECOEFjHIt0ZyR210Wr/Woo4i4/F+5cU/v/PdexpE?=

=?Windows-1252?Q?wjbhTxw9PW/QS50HGJXN1+sEzwaelsYyeJ5Uzdd3RQtohp/qW3PXUaVm?=

=?Windows-1252?Q?zzgmO2BEiP7Sg8nX+4VRWjhDqDGuQzFVlT5iWQ3oFNcTgEXhEaxCtGVr?=

=?Windows-1252?Q?d3U3uEPnwMyQ84Kcwn8jkI6YmVKnNn3N8CerPIPp7BbJrAzDVZvCL3oZ?=

=?Windows-1252?Q?k9E04xYp7+EFMoZwyL29E3HLJd+OQTpWdgzQ74qPWcD97/h/hyo+QMWo?=

=?Windows-1252?Q?PXwQF7+PJ1z7IavZs31NTnaZEZ/PZEVhQIS8cCHTljCSITcJNL/clTUr?=

=?Windows-1252?Q?Rs32kou2dSWQLwrYLouvdVkxsaiQSS0m5g5zznUQ5E1OXktIjne2kQ6p?=

=?Windows-1252?Q?9NZVkG1kYimcgXZNZdM0qfoJtFEo7leakzoJ/nBlye7/dLBnTPZwQ091?=

=?Windows-1252?Q?ZX7pzxGtDA77htDuxZfAb30cgnKvcFV+p8S3H1tew6CxNCWCBWkfiaCM?=

=?Windows-1252?Q?tuPMPd1oX8UogdriqlZrJrOCR15Buuiqof4/hkIXrb8LappzkiQr6ttK?=

=?Windows-1252?Q?BgAN2scyqG0XPcwAeLsIsmn4aZG/R7cZE//hPFtw0PGHzaNH3q5zEaS1?=

=?Windows-1252?Q?PjYfdBp105uSWEc2FGPz8eT3A7hwvWd/q25fVqK50C4C/26LolXETdBt?=

=?Windows-1252?Q?/GSgdvODiArsJT7yKUQRkfJe+GVO0OxpzCyG90FPWHJaPaSNmLezpwqh?=

=?Windows-1252?Q?XpNOQmpoupMy3P1WwGB2BmxpE2TouiQJT1/VkPzSlIWC8gQYLhdj5MBk?=

=?Windows-1252?Q?WGzYtQ1yNox7nyQfNnTbCaJfcUtc+NSujk4iIzcPX8P/C/14C0H9iKg2?=

=?Windows-1252?Q?H7adUA6hCJHP2g9Qu3mGwdqvtHGDCrY63EqedIH91beOtagE6F4NDIjF?=

=?Windows-1252?Q?HpYH8+ekttU1Qxjrjtgv7Y7g09PW5y5cKCidqzTbg8F0LMIMFvSkoEr+?=

=?Windows-1252?Q?Eru7yaacN9c1zHv52VoeA4fxu2RMbSexlecQrpQYVLQm+2fW+CqpUyvG?=

=?Windows-1252?Q?MvXt6X4ufvaQzUGSr7F+IMpfqT7fhQ3/7k7bDXYyLxH8+I0EHS3GAPfp?=

=?Windows-1252?Q?YEO+QeOuHGvmf5a/S7Vic48UuTyt6Va45SY0YAk0xZHER8JH/OxTA+ie?=

=?Windows-1252?Q?6C2UpZfC4Lr/21IsM7/UZalnuce8wajfKa8O1r4zbRiD9vDzcQctO1aF?=

=?Windows-1252?Q?o5DpB+VMeZBkoCRk1GXjUgGc0sad6hcJRwb9PLjs7XnHyLUNueMXL0IO?=

=?Windows-1252?Q?p8mVzNOCtym2An4S649cNUqg7pqHpYp5qY7hdaL7/amQbnvPXVikJ51I?=

=?Windows-1252?Q?4BClIIoHcWBy5B1EvqThhFLha2oDNqpaM6/1yOr+poypkzcXgWQ0zb4V?=

=?Windows-1252?Q?GZpAeWljKpMhv+poKMqWJArhPaxj4UTgatCxAwkOQCMZxj1cHY3AO6fs?=

=?Windows-1252?Q?DwldIdi/GreQGCNj?=

Content-Type: multipart/alternative;

boundary="_000_PN3PR01MB10273D1D034C9A4A3A8B8E22FC96AAPN3PR01MB10273IN_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: PN3PR01MB10273.INDPRD01.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 382d4a02-b526-47c3-13d7-08de6f1c7d8f

X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2026 18:35:28.9324

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PN2PR01MB8814

X-Spam_score: 6.0

X-Spam_score_int: 60

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, I personally visited your website when I was browsing

it. In order to significantly improve these search results for you, I would

like to send you an audit report of your website.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr3E-00000000PNz-1dqG

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:33:48 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:33:48 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-centralindiaazolkn19010000.outbound.protection.outlook.com ([52.103.68.0]:55772 helo=PNYPR01CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsmPx-00000000PHl-1VKT

for root@nk.ca;

Wed, 18 Feb 2026 11:37:09 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=FLd60lhqyI3XjqXDRBfa8+K0D+aIMRkRG488+XjV0EqAdlS++SrktXFtMH+U9+WqYui+ohKvLCVjJGAheGGQEiKcoJLq4MLWwKsrVUVaksJrpR+XfkpTyH8wl8wyJc7lpwQyDOj34LkUiCt98cnat9spkOAszOufmlNurLvIGDeUse3lAbZokcNs8wmavEYZ7cjjwEtXndFEby3YaWroh8MgNi504rzCaOGVfAiiGZIo7XkyvBtu4+QU/Fj8z4HHlJQ9uu9GyiDcc2hhsGz8tpkg2rDoFZyxcVnoxXmsZSzp6inTJqPlHhCTCEPcHvD5pcWwVl0szIeFRDXhU8kjTQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=X/KKg8M1CrmRkWn9rfcZC4n1Ml/jVz8AGVu6GgnE29I=;

b=TJoqqKyOElNeaAf4RHzJ5a6Aw6eiFgwLt7LTrffd4vONjuC6KbTcccKAKg+03jHtYik3ExUtmflLNWUk7naB/K7wgbZFhg4otZLYnBW+uv8j41IQiS4IOb2oV77yS7fo8nzzB0yeVixFqaxX8TSRJ64zlu+7R46y34uykFB/mZ1DhCyDSfvdlKoBnUJ/0qYdzo9z0FB7EZggBjNrbxcFLj670EiEVX8JBEwBcM1xlkbIVoarVIlcUscsMk71oxzbnCAEjtY6a9CnSYt6zjCqcJhsegXsEXWB4EavPUDKrGV7u8mOU6VCfzpWjS/HvaZoG0gsycx3A6nlRbTHWDsi9A==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=X/KKg8M1CrmRkWn9rfcZC4n1Ml/jVz8AGVu6GgnE29I=;

b=oZWJWUI3D2RNw8qfkNFwv9Rdzre9ENsq6QOixTs8EvuaBT/WvTd+RqCyqpTSdWNkKXbwCMZ/JWMUOFv1r6FAHdc0u5QVH7KEQYDZpGMCoThjnGQNfbPCEh46tDPu4G7ZsXUaEuMjbDUezlc0mySHmoYK3VkIB2GJAlTWKxJKOcTAFEMT2cQ4EQSPEGf5v4skqCozaUUTc+Aps8GoT9WcPlWIBeHrH77sziuDnvx6HdAwlIa4nEMMUTiKVPD9BOe86cCZoQCfwo0skCvRnDB9Bg6eJp/nWP3pXBzNPVpGQIHj8OCcCYYK0CzFjRt+5zK3jUvgGyaquSKZthdGDuR9EA==

Received: from PN3PR01MB10273.INDPRD01.PROD.OUTLOOK.COM

(2603:1096:c01:1e6::12) by PN2PR01MB8814.INDPRD01.PROD.OUTLOOK.COM

(2603:1096:c01:118::8) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.14; Wed, 18 Feb

2026 18:35:29 +0000

Received: from PN3PR01MB10273.INDPRD01.PROD.OUTLOOK.COM

([fe80::6c0f:1642:b541:5dfe]) by PN3PR01MB10273.INDPRD01.PROD.OUTLOOK.COM

([fe80::6c0f:1642:b541:5dfe%4]) with mapi id 15.20.9632.010; Wed, 18 Feb 2026

18:35:29 +0000

From: Maddox Expert

To: Maddox Expert

Subject: Re: Portfolio & Pricing

Thread-Topic: Portfolio & Pricing

Thread-Index: AQHcn3S7nL5P6eLo2kyz+/yip+kN3bWHV/PXgAFzhEGAAAAmcYAAACTe

Date: Wed, 18 Feb 2026 18:35:28 +0000

Message-ID:



References:

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr2x-00000000OTP-0nzQ

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:33:31 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:33:30 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.39.207.121] (port=52783 helo=fondlogic.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vsmBG-00000000O6p-23EW

for root@mail.nl2k.ab.ca;

Wed, 18 Feb 2026 11:21:51 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=mail.nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=root@mail.nl2k.ab.ca;

bh=TiH76+EmonURrTNc+i2u7bDpH/Y=;

b=Z5BCcwFFop/asok7WnHHfgDJTsbrQ2Wutfnjm9mFm7x8FQYOSU9pHSKgxZ+cRn60uUO1PGDN9498

5lvYtwFWOZej8D8Ah8+UyHWxPDb8qvrpZ+jr0N1rHO+kPZTe+OSkYlNsowevB6x7em0oWDg5XnMd

Ff/Bn4FzXRzjTGopjw4=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=mail.nl2k.ab.ca;

b=QkorqmFEkrWs3gwGix+9uS/a1D3OKx1ldVU2pm6OIPG+zMwgVmESWAifFZnZBkRftFMVLwLKxr+o

N1sVwYhtxIx7zbJPt3rRmnsLLJbd43C/9yyqcHbnjMNFZXCdZo5qzqxtKrWWvKbRjG93heNUwREb

IawU8OAxI2h9XHbXKEk=;

Date: Wed, 18 Feb 2026 18:21:13 +0000

To: root@mail.nl2k.ab.ca

From: Amazon

Subject: Amazon's Best Deals on Gift Gadgets Under 60%

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 12.4

X-Spam_score_int: 124

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Our 10 Favorite Deals That Just Went Live on Amazon Since

the New Year, Amazon has already launched thousands of new 2026 deals! Know

what that means? Deal Watchdogs got to sniff out our 10 favorite deals for

you to shop on Amazon, plus shop our own ex [...]



Content analysis details: (12.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

0.6 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image area

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 ADMITS_SPAM Admits this is an ad

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

1.5 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

Subject: {SPAM?} Amazon's Best Deals on Gift Gadgets Under 60%

Our 10 Favorite Deals That Just Went Live on Amazon Since the New Year, Amazon has already launched thousands of new 2026 deals! Know what that means? Deal Watchdogs got to sniff out our 10 favorite deals for you to shop on Amazon, plus shop our own exclusive deals at up to 70% off! Amazon can only dreams of having these finds on sale! Shop Our 10 Favorite 2026 Deals on Amazon Now style="font-family: Arial, sans-serif; font-size: 12px; color: #a3a9b5; line-height: 16px; padding: 20px 40px 40px 40px;"> This is an advertisement. To discontinue receipt of notifications from this advertiser, please style="font-family: Arial, sans-serif; font-size: 11px; color: #a3a3a3; line-height: 16px;">click here. or write us directly at: 1968 S Coast Highway #739, Laguna Beach, CA 92651.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr31-00000000ObL-356v

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:33:35 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:33:35 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.39.207.121] (port=47643 helo=fondlogic.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vsmBb-00000000O8W-2SEh

for games@nl2k.ab.ca;

Wed, 18 Feb 2026 11:22:12 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=games@nl2k.ab.ca;

bh=Dk/QrGHENMeLENG8xDEpwVZ21mw=;

b=kLfa6PTljtokix/mxoN18mBhiRFELv9lldLuEERzAn4Vym82rWuwXvlmO/QwQSgII7dpgKVNyrG3

AWLfsk8/W4F31HTLqYHKfw8l8zLXjw7dMBKI1H0wLhXTq+mGAd6Hlop4K7lsQzFirvT/wFSlbdUu

cyH/aMfy8rd4qWHC4uk=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nl2k.ab.ca;

b=Nrj895TG3RYM3lA+lHy8xooKzWRXTBwtQgz/pL7s71Xk9ERFqKuoIve79WA0eUvYxfHQxOtZFyud

svB0iUbdOR1Mzimni+FRErCA/HdOoe6z0dsAqDXkiOSCQimhhU93li3b6ER9Wee8RjhHZ7eJsJUE

eoxjeB4fxbufH6UlOUM=;

Date: Wed, 18 Feb 2026 18:21:26 +0000

To: games@nl2k.ab.ca

From: Amazon

Subject: Amazon's Best Deals on Gift Gadgets Under 60%

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 12.4

X-Spam_score_int: 124

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Our 10 Favorite Deals That Just Went Live on Amazon Since

the New Year, Amazon has already launched thousands of new 2026 deals! Know

what that means? Deal Watchdogs got to sniff out our 10 favorite deals for

you to shop on Amazon, plus shop our own ex [...]



Content analysis details: (12.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

0.6 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image area

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 ADMITS_SPAM Admits this is an ad

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_REMOTE_IMAGE Message contains an external image

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

1.5 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Amazon's Best Deals on Gift Gadgets Under 60%

Our 10 Favorite Deals That Just Went Live on Amazon Since the New Year, Amazon has already launched thousands of new 2026 deals! Know what that means? Deal Watchdogs got to sniff out our 10 favorite deals for you to shop on Amazon, plus shop our own exclusive deals at up to 70% off! Amazon can only dreams of having these finds on sale! Shop Our 10 Favorite 2026 Deals on Amazon Now style="font-family: Arial, sans-serif; font-size: 12px; color: #a3a9b5; line-height: 16px; padding: 20px 40px 40px 40px;"> This is an advertisement. To discontinue receipt of notifications from this advertiser, please style="font-family: Arial, sans-serif; font-size: 11px; color: #a3a3a3; line-height: 16px;">click here. or write us directly at: 1968 S Coast Highway #739, Laguna Beach, CA 92651.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr2p-00000000O7N-0Tsq

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:33:23 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:33:22 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.39.207.121] (port=47643 helo=fondlogic.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vsmBT-00000000O8W-2txe

for root@nl2k.ab.ca;

Wed, 18 Feb 2026 11:22:07 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=root@nl2k.ab.ca;

bh=6O7/hSTRgxwF4AV2G7hZU0RNRU4=;

b=Rst9i/iXzdMoUwF/2leLUWmobOip0VVVPCnSwZSE6HAyk2FM+yppFOdZW6YqPwZDpz0orj2/SK+g

l7TXtKTnvgNB8EjAZeHMLknX42E45svdNhnX0t/Ezrz7aleyTD2cSHy7z1JbM1ibldje7PpdbNM4

RNElz8llPwgHKnSid5o=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nl2k.ab.ca;

b=An+1w224eGIJXMvMbjRwgENOM36YpGFwDK1/870WIqBecBIpHSy77Qfu4mCE2eL0tAm9TtlmyCje

uwyZE/7pMbMoECfgCHmc0ujLVp5VJnisx5ea7Oyuei5H5KoaX7Oj6a4XXkfzbP46DlV037u6oO4q

IHIWrsahxib+HqJ7wkE=;

Date: Wed, 18 Feb 2026 18:21:12 +0000

To: root@nl2k.ab.ca

From: Amazon

Subject: Amazon's Best Deals on Gift Gadgets Under 60%

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 12.4

X-Spam_score_int: 124

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Our 10 Favorite Deals That Just Went Live on Amazon Since

the New Year, Amazon has already launched thousands of new 2026 deals! Know

what that means? Deal Watchdogs got to sniff out our 10 favorite deals for

you to shop on Amazon, plus shop our own ex [...]



Content analysis details: (12.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

0.6 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image area

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 ADMITS_SPAM Admits this is an ad

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

1.5 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Amazon's Best Deals on Gift Gadgets Under 60%

Our 10 Favorite Deals That Just Went Live on Amazon Since the New Year, Amazon has already launched thousands of new 2026 deals! Know what that means? Deal Watchdogs got to sniff out our 10 favorite deals for you to shop on Amazon, plus shop our own exclusive deals at up to 70% off! Amazon can only dreams of having these finds on sale! Shop Our 10 Favorite 2026 Deals on Amazon Now style="font-family: Arial, sans-serif; font-size: 12px; color: #a3a9b5; line-height: 16px; padding: 20px 40px 40px 40px;"> This is an advertisement. To discontinue receipt of notifications from this advertiser, please style="font-family: Arial, sans-serif; font-size: 11px; color: #a3a3a3; line-height: 16px;">click here. or write us directly at: 1968 S Coast Highway #739, Laguna Beach, CA 92651.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr2l-00000000NvX-2ZeM

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:33:19 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:33:19 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.39.207.121] (port=56647 helo=fondlogic.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vsmA0-00000000O0l-0abS

for support@nk.ca;

Wed, 18 Feb 2026 11:20:37 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nk.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=support@nk.ca;

bh=w097ONpxXc3cs9sBPfbo+4MTgZM=;

b=c6fsQdcfzpWsWGO4zBvdWEA5n/1LEXzeDY7CksEuJJ9mywrmdJL1gnjUHrL8KjcUPpOSVWCNXLKC

OysC84adx7fRTq+mzRnYy20TojibI6MhOgWc4D1pVbUgo8WAfVH4zBVqxhWawysjZas0iPezRkaj

Oil6B8zV10txlp88Wic=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nk.ca;

b=YGM5qA8HPqO7CpotkCHyUVL+JVg9xNCNKe8s/H4m/8wu62Zmip0PgvYDZsyoWhLtZls7fo1cGG2p

o4KRxQr7+EBUizNIUmeopRlfWrNEjHf7gfHAoZurk4ZgU0oKqB2Fy9EFJ5+SJV9B0p38OQssKd4V

hRI5bd5RB4pbqbUUEFg=;

Date: Wed, 18 Feb 2026 18:19:38 +0000

To: support@nk.ca

From: Amazon

Subject: Amazon's Best Deals on Gift Gadgets Under 60%

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 12.4

X-Spam_score_int: 124

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Our 10 Favorite Deals That Just Went Live on Amazon Since

the New Year, Amazon has already launched thousands of new 2026 deals! Know

what that means? Deal Watchdogs got to sniff out our 10 favorite deals for

you to shop on Amazon, plus shop our own ex [...]



Content analysis details: (12.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

0.6 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image area

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 ADMITS_SPAM Admits this is an ad

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

1.5 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

0.0 T_REMOTE_IMAGE Message contains an external image

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

Subject: {SPAM?} Amazon's Best Deals on Gift Gadgets Under 60%

Our 10 Favorite Deals That Just Went Live on Amazon Since the New Year, Amazon has already launched thousands of new 2026 deals! Know what that means? Deal Watchdogs got to sniff out our 10 favorite deals for you to shop on Amazon, plus shop our own exclusive deals at up to 70% off! Amazon can only dreams of having these finds on sale! Shop Our 10 Favorite 2026 Deals on Amazon Now style="font-family: Arial, sans-serif; font-size: 12px; color: #a3a9b5; line-height: 16px; padding: 20px 40px 40px 40px;"> This is an advertisement. To discontinue receipt of notifications from this advertiser, please style="font-family: Arial, sans-serif; font-size: 11px; color: #a3a3a3; line-height: 16px;">click here. or write us directly at: 1968 S Coast Highway #739, Laguna Beach, CA 92651.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr2p-00000000O7N-0Tsq

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:33:23 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:33:22 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.39.207.121] (port=47643 helo=fondlogic.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vsmBT-00000000O8W-2txe

for root@nl2k.ab.ca;

Wed, 18 Feb 2026 11:22:07 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=root@nl2k.ab.ca;

bh=6O7/hSTRgxwF4AV2G7hZU0RNRU4=;

b=Rst9i/iXzdMoUwF/2leLUWmobOip0VVVPCnSwZSE6HAyk2FM+yppFOdZW6YqPwZDpz0orj2/SK+g

l7TXtKTnvgNB8EjAZeHMLknX42E45svdNhnX0t/Ezrz7aleyTD2cSHy7z1JbM1ibldje7PpdbNM4

RNElz8llPwgHKnSid5o=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nl2k.ab.ca;

b=An+1w224eGIJXMvMbjRwgENOM36YpGFwDK1/870WIqBecBIpHSy77Qfu4mCE2eL0tAm9TtlmyCje

uwyZE/7pMbMoECfgCHmc0ujLVp5VJnisx5ea7Oyuei5H5KoaX7Oj6a4XXkfzbP46DlV037u6oO4q

IHIWrsahxib+HqJ7wkE=;

Date: Wed, 18 Feb 2026 18:21:12 +0000

To: root@nl2k.ab.ca

From: Amazon

Subject: Amazon's Best Deals on Gift Gadgets Under 60%

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 12.4

X-Spam_score_int: 124

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Our 10 Favorite Deals That Just Went Live on Amazon Since

the New Year, Amazon has already launched thousands of new 2026 deals! Know

what that means? Deal Watchdogs got to sniff out our 10 favorite deals for

you to shop on Amazon, plus shop our own ex [...]



Content analysis details: (12.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

0.6 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image area

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 ADMITS_SPAM Admits this is an ad

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

1.5 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Amazon's Best Deals on Gift Gadgets Under 60%

Our 10 Favorite Deals That Just Went Live on Amazon Since the New Year, Amazon has already launched thousands of new 2026 deals! Know what that means? Deal Watchdogs got to sniff out our 10 favorite deals for you to shop on Amazon, plus shop our own exclusive deals at up to 70% off! Amazon can only dreams of having these finds on sale! Shop Our 10 Favorite 2026 Deals on Amazon Now style="font-family: Arial, sans-serif; font-size: 12px; color: #a3a9b5; line-height: 16px; padding: 20px 40px 40px 40px;"> This is an advertisement. To discontinue receipt of notifications from this advertiser, please style="font-family: Arial, sans-serif; font-size: 11px; color: #a3a3a3; line-height: 16px;">click here. or write us directly at: 1968 S Coast Highway #739, Laguna Beach, CA 92651.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path: <>

Envelope-to: dave@nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 11:21:00 -0700

Received: from [185.39.207.121] (port=55943 helo=fondlogic.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vsmA0-00000000O0k-0aeI

for dave@nl2k.ab.ca;

Wed, 18 Feb 2026 11:20:37 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=dave@nl2k.ab.ca;

bh=EWG/ZfjnHj7HhkP4Acn6EQmmi5U=;

b=SI8wMPlBF1GV0OeQRevo5S7+PutIGX2io9MV3TKFwRBJUIwjLKFjVKOlr0bH32WTfSPelfBo3j+9

7KTloH44w51y7R032DfZQQRMfockefeE+mBf5MM+rnPvOTFO9AES/W44n8uVV/nI2RyUJHxAv7Ln

Pxq42vdnRDqNsLZxNCY=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nl2k.ab.ca;

b=d+ZbH6YY4UBtbCAyZRGDK43yW9WL/ysr2Duw+YgTRraSRuIc8o5DgJQV+TtC42tdWoVExtewD+Hb

MAiZsHufxdzYicn+Smsxy4r1z9K3ZlQmYXnFFZaOSeQYO+UnmRx4lTH/ZUxVxptNhucub1TcOYRX

m/M1AvI7ZZms6BcbcpE=;

Date: Wed, 18 Feb 2026 18:19:38 +0000

To: dave@nl2k.ab.ca

From: Amazon

Subject: Amazon's Best Deals on Gift Gadgets Under 60%

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 12.4

X-Spam_score_int: 124

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Our 10 Favorite Deals That Just Went Live on Amazon Since

the New Year, Amazon has already launched thousands of new 2026 deals! Know

what that means? Deal Watchdogs got to sniff out our 10 favorite deals for

you to shop on Amazon, plus shop our own ex [...]



Content analysis details: (12.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

[185.39.207.121 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.39.207.121 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

[185.39.207.121 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_MESSAGE BODY: HTML included in message

0.6 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image area

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.7 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 ADMITS_SPAM Admits this is an ad

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

1.5 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

0.0 T_REMOTE_IMAGE Message contains an external image

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

Subject: {SPAM?} Amazon's Best Deals on Gift Gadgets Under 60%

Our 10 Favorite Deals That Just Went Live on Amazon Since the New Year, Amazon has already launched thousands of new 2026 deals! Know what that means? Deal Watchdogs got to sniff out our 10 favorite deals for you to shop on Amazon, plus shop our own exclusive deals at up to 70% off! Amazon can only dreams of having these finds on sale! Shop Our 10 Favorite 2026 Deals on Amazon Now style="font-family: Arial, sans-serif; font-size: 12px; color: #a3a9b5; line-height: 16px; padding: 20px 40px 40px 40px;"> This is an advertisement. To discontinue receipt of notifications from this advertiser, please style="font-family: Arial, sans-serif; font-size: 11px; color: #a3a3a3; line-height: 16px;">click here. or write us directly at: 1968 S Coast Highway #739, Laguna Beach, CA 92651.

/InformAction">
emtype=3D"http://schema.org/EmailMessage">
ntent=3D"Shelly Cruz: Dear, Order record audit completed"/>
mprop=3D"object" itemscope itemtype=3D"http://schema.org/Event">
rop=3D"eventStatus" content=3D"http://schema.org/EventScheduled"/>
mprop=3D"publisher" itemscope itemtype=3D"http://schema.org/Organization"><=

meta itemprop=3D"name" content=3D"Google Calendar"/>
=3D"eventId/googleCalendar" content=3D"kHdSBSeevcPcyDlhiHU2yHlBXW"/>
tyle=3D"display: none; font-size: 1px; color: #fff; line-height: 1px; heigh=

t: 0; max-height: 0; width: 0; max-width: 0; opacity: 0; overflow: hidden;"=

itemprop=3D"name">Dear, Order record audit completed
en=3D"true">
me><=

table border=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation=

" align=3D"center" style=3D"width:100%;" class=3D"body-container">
r>

aria-hidden=3D"true">  

sentation" align=3D"center" style=3D"width:100%;" class=3D"">
style=3D"" class=3D"" align=3D"left">
hema.org/EmailMessage">

Dear, Order record audit=

completed

ing=3D"0" cellspacing=3D"0" role=3D"presentation" align=3D"center" style=3D=

"width:100%;" class=3D"">

border-radius: 8px; direction: rtl; font-size: 0; padding: 24px 32px; text= -align: left; vertical-align: top;" class=3D"main-container-inner"> -align: left; direction: ltr; display: inline-block; vertical-align: top; w= idth: 100%;overflow: hidden; word-wrap: break-word;"> llpadding=3D"0" cellspacing=3D"0" role=3D"presentation" width=3D"100%" clas= s=3D"main-column-table-ltr" style=3D"padding-right: 32px; padding-left: 0;;= table-layout: fixed;"> ing:0; vertical-align:top;"> ng=3D"0" role=3D"presentation" width=3D"100%" style=3D"table-layout: fixed;= "> break-word;;padding-bottom:2px;"> s', Roboto, sans-serif;font-weight: 400; font-size: 22px; line-height: = 28px;color: #3c4043; text-decoration: none;" class=3D"primary-text" role=3D= "presentation">Dear, Order record audit completed span> left; word-break: break-word;;padding-bottom:24px;"> ily: Roboto, sans-serif;font-style: normal; font-weight: 400; font-size: 14= px; line-height: 20px; letter-spacing: 0.2px;color: #3c4043; text-decoratio= n: none;" class=3D"primary-text" role=3D"presentation"> "true"> ime itemprop=3D"endDate" datetime=3D"20260219T051939Z">= Wednesday Feb 18, 2026 =E2=8B=85 9:19pm (Pacific Time - Los Angeles)= ; word-break: break-word;;padding-bottom:24px;"> Roboto, sans-serif;font-style: normal; font-weight: 400; font-size: 14px; l= ine-height: 20px; letter-spacing: 0.2px;color: #3c4043; text-decoration: no= ne;" class=3D"primary-text" role=3D"presentation"> Dea= r, We appreciate you choosing Geek Squad. This email acts as= confirmation of your recent Order. Thank you for completing your 4-Y= ears. Our records show we attempted to reach you for verification. trong>Receipt Records Dashboard Order receipt- 4384136-CET r>Product Name- Core Care Membership Plan Duration- 4-Years Subscription= Charged Amount- $300.33 Should you have questions about this Orde= r, our Support Team is available at 863 338 3421 (Toll Fre= e). You may request a refund within 24 hours of the transaction. Kind= ly allow processing time. Sincerely yours,, Davin Coldiron The = Billing Team 863 338 3421 (Toll Free) =C2=A9 2026= Geek Squad llc All rights reserved. 15749Donnington Marietta Ga 30064-3= 163 United States "Dear,We appreciate you choosing Geek Squad. This email acts as confirmatio= n of your recent Order.Thank you for completing your 4-Years. Our records s= how we attempted to reach you for verification.Receipt Records DashboardOrd= er receipt- 4384136-CETProduct Name- Core Care MembershipPlan Duration- 4-Y= ears SubscriptionCharged Amount- $300.33Should you have questions about thi= s Order, our Support Team is available at 863 338 3421 (Toll Free).You may = request a refund within 24 hours of the transaction. Kindly allow processin= g time.Sincerely yours,,Davin ColdironThe Billing Team863 338 3421 (Toll Fr= ee)=C2=A9 2026 Geek Squad llc All rights reserved.15749Donnington Marietta = Ga 30064-3163 United States"/> ; padding: 0; text-align: left; word-break: break-word;;padding-bottom:24px= ;"> eight: 400; font-size: 14px; line-height: 20px; letter-spacing: 0.2px;color= : #3c4043; text-decoration: none;" class=3D"primary-text" role=3D"presentat= ion"> tation" style=3D"padding-bottom: 4px;"> tyle=3D"font-size: 14px;color: #3c4043; text-decoration: none;font-weight: = 700;-webkit-font-smoothing: antialiased;margin: 0; padding: 0;">Guests = (Guest list has been hidden at organizer's request) =

n>

--0000000000009274df064b1b8e2b--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:33:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr1a-00000000NKG-49P8

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:32:06 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:32:06 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mailout05.vtserver.de ([195.244.248.35]:47217)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vskel-00000000FIX-19cv

for doctor@nl2k.ab.ca;

Wed, 18 Feb 2026 09:44:17 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sairakis.de; s=s01;

t=1771432912; bh=hzwiLHq0p+8/yVCbuqFi5lCR2Wn0GVk29rYDmByspJ8=;

h=Message-Id:To:From:Date:From;

b=VqcMwe/JPP/qagGRtoyrI+/RqH1dUUuqgGETXMWryhyrVWHeETu7xwOITlfvW6Yur

0fXyjn+OFZ4Y7mRv0rMFrRxurRGUEBp6neP2mEkomzqlNqjnVI7FUvclzyURdf36a5

BFsJbwr4npFu33pcSI0imAQpmWRomGmatZnYAzSEymF2PrKwpcKEnRs66r484LI1oC

BN7SA31fp9fwGZRMAIFHx/fsHxjfLeUPxoJVEzNuQAOk6S7kDSfQbD6OyzZ5dJVhtH

ZrzY3NmhKfIWLhv7u3BjjhswODsItckz88A2+pPA2b+D2HdW4LYo9b2rrNyu91vYPp

nGSVRzuVltIxA==

Received: from mail01.vtserver.de (mail01a.vtserver.de [195.244.248.6])

by mailout05.vtserver.de (8.15.2/8.15.2/Debian-10) with ESMTPS id 61IGfpxH317058

(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK);

Wed, 18 Feb 2026 17:41:51 +0100

Received: from [77.83.39.236] ([77.83.39.236])

(authenticated bits=0)

by mail01.vtserver.de (8.18.1/8.18.1/Debian-2) with ESMTPA id 61IGfoel3106372;

Wed, 18 Feb 2026 17:41:50 +0100

Message-Id: <202602181641.61IGfoel3106372@mail01.vtserver.de>

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: U.S.DEPARTMENT OF HOMELAND SECURITY

To: Recipients

From: "Mrs. Kristi Noem"

Date: Wed, 18 Feb 2026 08:41:59 -0800

Reply-To: homlandsecdept@hotmail.com

X-Spam_score: 30.6

X-Spam_score_int: 306

X-Spam_bar: ++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: SECRET SERVICE, DEPARTMENT OF HOMELAND SECURITY U.S.DEPARTMENT

OF HOMELAND SECURITY WASHINGTON, DC 20528, USA. Good day, This is the Department

of Homeland Security. We have a vital mission: to secure the nation from

the many threats we face, including internet fraud. This requires the dedication

of more than 230,000 em [...]



Content analysis details: (30.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[195.244.248.35 listed in dnsbl.ahbl.org]

[195.244.248.35 listed in dnsbl.ahbl.org]

[195.244.248.35 listed in dnsbl.ahbl.org]

[195.244.248.35 listed in dnsbl.ahbl.org]

[195.244.248.6 listed in dnsbl.ahbl.org]

[195.244.248.6 listed in dnsbl.ahbl.org]

[195.244.248.6 listed in dnsbl.ahbl.org]

[195.244.248.6 listed in dnsbl.ahbl.org]

[77.83.39.236 listed in dnsbl.ahbl.org]

[77.83.39.236 listed in dnsbl.ahbl.org]

[77.83.39.236 listed in dnsbl.ahbl.org]

[77.83.39.236 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[195.244.248.35 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[195.244.248.35 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[195.244.248.35 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[195.244.248.35 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[77.83.39.236 listed in will-spam-for-food.eu.org]

[77.83.39.236 listed in will-spam-for-food.eu.org]

[77.83.39.236 listed in will-spam-for-food.eu.org]

[77.83.39.236 listed in will-spam-for-food.eu.org]

[77.83.39.236 listed in will-spam-for-food.eu.org]

[77.83.39.236 listed in will-spam-for-food.eu.org]

[77.83.39.236 listed in will-spam-for-food.eu.org]

[77.83.39.236 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.6 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

[195.244.248.35 listed in will-spam-for-food.eu.org]

-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low

trust

[195.244.248.35 listed in list.dnswl.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[77.83.39.236 listed in sbl-xbl.spamhaus.org]

[77.83.39.236 listed in sbl-xbl.spamhaus.org]

[77.83.39.236 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

-0.0 SPF_PASS SPF: sender matches SPF record

1.0 REPTO_419_FRAUD_HM Reply-To is known advance fee fraud collector

mailbox

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.6 SUBJ_ALL_CAPS Subject is all capitals

2.6 MILLION_HUNDRED BODY: Million "One to Nine" Hundred

1.5 HK_SCAM_N8 BODY: No description available.

2.5 MILLION_USD BODY: Talks about millions of dollars

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 HK_SCAM No description available.

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.0 HK_NAME_MR_MRS No description available.

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

1.5 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

1.5 MONEY_ATM_CARD Lots of money on an ATM card

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form

0.0 FORM_FRAUD_5 Fill a form and many fraud phrases

0.0 MONEY_FRAUD_5 Lots of money and many fraud phrases

2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money

2.6 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL

[77.83.39.236 listed in zen.spamhaus.org]

Subject: {SPAM?} U.S.DEPARTMENT OF HOMELAND SECURITY



SECRET SERVICE, DEPARTMENT OF HOMELAND SECURITY

U.S.DEPARTMENT OF HOMELAND SECURITY

WASHINGTON, DC 20528, USA.



Good day,



This is the Department of Homeland Security. We have a vital mission: to se=

cure the nation from the many threats we face, including internet fraud. Th=

is requires the dedication of more than 230,000 employees in jobs that rang=

e from aviation and border security to emergency response, from cybersecuri=

ty analysts to chemical facility inspectors. Our duties are wide-ranging, b=

ut our goal is clear: keeping America safe.



We are pleased to inform you that your funds valued at US$2,750,000.00 (Two=

Million Seven Hundred and Fifty Thousand United States Dollars) have been =

approved by the Treasury Department of the United States. Your email addres=

s appeared on the payment list of beneficiaries who will receive their comp=

ensation payment this month. Your email ID was noted by our security intell=

igence monitoring database of Homeland Security and is recognized as one of=

the victims of online scams, as recorded from Yahoo, Microsoft, AOL, and G=

oogle.

You will receive your compensation payment via bank direct wire deposit to =

your nominated bank account or through a debit card.



Note: We wish to inform you that our management, in collaboration with the =

FBI Financial Monitoring Department and the United States Department of the=

Treasury (Internal Revenue Service), has issued a clean money certificatio=

n regarding this payment.

Kindly get back to us for further directives.



You are to adhere strictly to the directives from Homeland Security, and we=

advise you to stop any further correspondence you may currently have regar=

ding the release of trap compensation funds.



Thank you and have a good day.



Signed:

Ms. Kristi Noem

Secretary,

U.S. Department of Homeland Security.

=20

=20



=20



=20

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 18 Feb 2026 16:32:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vsr18-00000000NGo-01qA

for dave@doctor.nl2k.ab.ca;

Wed, 18 Feb 2026 16:31:38 -0700

Resent-From: The Doctor

Resent-Date: Wed, 18 Feb 2026 16:31:37 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oo1-f74.google.com ([209.85.161.74]:43425)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vskI5-00000000572-0xJN

for root@nk.ca;

Wed, 18 Feb 2026 09:20:50 -0700

Received: by mail-oo1-f74.google.com with SMTP id 006d021491bc7-677d92bb88dso12192545eaf.1

for ; Wed, 18 Feb 2026 08:19:54 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20230601; t=1771431588; x=1772036388; darn=nk.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=a5NsGUpSAcze0iGRtb5sowbufazI3awwpJC8IV90uJA=;

b=eu77FK+Qm5cNNh98V/TowIWL3pWlcpyimQdW3wwwy2YzYngWBEiGnAV69qDHI+rATO

G6TJqRbZJtNbdP6Ce3GzJgZkcjxmJ4+F7olpit8tgNEzpVYUgnRx1tAvfVAfJrvEQ20O

BG+5G17OX3CenLZ830tUnSDW85fdDl82nw3GoojGYQXDptpwyQ2aj7fDDj+EvAjPvP2w

tIN97ra5yOQ0mklCS/66xKbEXyUX+FjAFKO0Yb6h3nWnwEzqWOW/QVRVZnKTdAhZT5vd

mUeYlEFtdQOkqDNvna9WUns+xCTKWYTsmaZr61BpsbFGUSkahrhKRzz+IFZ73Wfvk8Ee

BcpQ==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=thermark-org.20230601.gappssmtp.com; s=20230601; t=1771431588; x=1772036388; darn=nk.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=a5NsGUpSAcze0iGRtb5sowbufazI3awwpJC8IV90uJA=;

b=zAdw1AmS81fX8iDH9Jl7xeMkgMh4VrMQ/kLffbfeQtCQQ7n/IJ/erVDQzWWVuuBXVY

p6p8UH+uGrgkxNxePFLIUw3mprA7O8lCJL29ycZkT24hnjgGHrLrSOjNvDz2VZV2RLz/

Sec2VLFRD48GrbOGe3ig5yNSxHAUwYjTIkCoZWnf3lgeDwCRxVlePY88/lPuo9TM/TSS

ii3DvxmeO3wXrZm5x2zspl3r1JnMhX9ZyJm5vIjbqCWmy+n78GFWMj6ZqnNHYKu+lECn

T9uPIlgloup+5m8cFrKPPC854CseYDsrUmxFX2jxaLJNUj0lwGxzGCcS3BXk8ztXQojT

15kg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1771431588; x=1772036388;

h=from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=a5NsGUpSAcze0iGRtb5sowbufazI3awwpJC8IV90uJA=;

b=HjOYgUJ3RxkD8ksvLY6udazwjnfIzwSTyi7VYv6TckvuJxt3vupW9qLnRfUF++150P

PuuBQOB2auTbJhfzi3RP/g3hcCqIYc97HBE4O9PqAIzk9gqvy91FcTcY//TBrVRdWTtj

PsVBknNQ1Jj1Dr7V9/ECvWgM4KPSZuJgpnMuW/0T94AH3mbVqXdR8Xa746FBv5mDj7ul

QVNWNxNpwl5qoippbRMjnxbd6H1I9Zxe0j/UJsAPaJcTAxBRDIHOYHJWgtwT/iobYDnW

s4rMDZS0R1yhtYqv/Y8+CGf0uh2HVbBg+iwOZoSEW5naOmEGcwcpgmeq6tBwxlrL6dxv

9DDA==

X-Forwarded-Encrypted: i=1; AJvYcCUod1xlad7XORL58NXOlsNBYcZmEm5QZwVN7aNer3ufXIRE6qPjjhPoFyvaxgffoA9D9IbY@nk.ca

X-Gm-Message-State: AOJu0Yy7Q2d9/xZlLFL4O3MXO87iTluqpy6dl2y8ooNkGW4YHnwatszv

V/lvnK3WGpjVjC0F/HTUDO58j+F3emGBQ6+uznV1wepAwmIYGZboZsmDjrzUq34Rlv40wthdSnq

ZdR8PaG8J/n+iwoCo6nZuHFV1eu2XvVjJU/YU8IHqxCkDFg==

MIME-Version: 1.0

X-Received: by 2002:a05:6820:828:b0:674:5797:1238 with SMTP id

006d021491bc7-679a748b518mt2430279eaf.2.1771431588137; Wed, 18 Feb 2026

08:19:48 -0800 (PST)

Reply-To: Shelly Cruz

Sender: Google Calendar

Message-ID:

Date: Wed, 18 Feb 2026 16:19:48 +0000

Subject: Dear, Order record audit completed

From: Shelly Cruz

Content-Type: multipart/alternative; boundary="0000000000009274df064b1b8e2b"

X-Spam_score: 13.2

X-Spam_score_int: 132

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear, Order record audit completed Dear, Order record audit

completed Wednesday Feb 18, 2026 â‹… 9:19pm Pacific Time - Los Angeles Dear,We

appreciate you choosing Geek Squad. This email acts as confirmation of your

recent Order.Thank you for completing your 4-Years. Our records show we attempted

to reach you for verification.Rece [...]



Content analysis details: (13.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.161.74 listed in dnsbl.ahbl.org]

[209.85.161.74 listed in dnsbl.ahbl.org]

[209.85.161.74 listed in dnsbl.ahbl.org]

[209.85.161.74 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.161.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.161.74 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.161.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.161.74 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.161.74 listed in list.dnswl.org]

1.2 MISSING_HEADERS Missing To: header

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.161.74 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

1.9 REPLYTO_WITHOUT_TO_CC No description available.

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Dear, Order record audit completed



--0000000000009274df064b1b8e2b

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



RGVhciwgT3JkZXIgcmVjb3JkIGF1ZGl0IGNvbXBsZXRlZA0KDQpEZWFyLCBPcmRlciByZWNvcmQg

YXVkaXQgY29tcGxldGVkDQpXZWRuZXNkYXkgRmViIDE4LCAyMDI2IOKLhSA5OjE5cG0NClBhY2lm

aWMgVGltZSAtIExvcyBBbmdlbGVzDQoNCg0KDQpEZWFyLFdlIGFwcHJlY2lhdGUgeW91IGNob29z

aW5nIEdlZWsgU3F1YWQuIFRoaXMgZW1haWwgYWN0cyBhcyBjb25maXJtYXRpb24gIA0Kb2YgeW91

ciByZWNlbnQgT3JkZXIuVGhhbmsgeW91IGZvciBjb21wbGV0aW5nIHlvdXIgNC1ZZWFycy4gT3Vy

IHJlY29yZHMgIA0Kc2hvdyB3ZSBhdHRlbXB0ZWQgdG8gcmVhY2ggeW91IGZvciB2ZXJpZmljYXRp

b24uUmVjZWlwdCBSZWNvcmRzICANCkRhc2hib2FyZE9yZGVyIHJlY2VpcHQtIDQzODQxMzYtQ0VU

UHJvZHVjdCBOYW1lLSBDb3JlIENhcmUgTWVtYmVyc2hpcFBsYW4gIA0KRHVyYXRpb24tIDQtWWVh

cnMgU3Vic2NyaXB0aW9uQ2hhcmdlZCBBbW91bnQtICQzMDAuMzNTaG91bGQgeW91IGhhdmUgIA0K

cXVlc3Rpb25zIGFib3V0IHRoaXMgT3JkZXIsIG91ciBTdXBwb3J0IFRlYW0gaXMgYXZhaWxhYmxl

IGF0IDg2MyAzMzggMzQyMSAgDQooVG9sbCBGcmVlKS5Zb3UgbWF5IHJlcXVlc3QgYSByZWZ1bmQg

d2l0aGluIDI0IGhvdXJzIG9mIHRoZSB0cmFuc2FjdGlvbi4gIA0KS2luZGx5IGFsbG93IHByb2Nl

c3NpbmcgdGltZS5TaW5jZXJlbHkgeW91cnMsLERhdmluIENvbGRpcm9uVGhlIEJpbGxpbmcgIA0K

VGVhbTg2MyAzMzggMzQyMSAoVG9sbCBGcmVlKcKpIDIwMjYgR2VlayBTcXVhZCBsbGMgQWxsIHJp

Z2h0cyAgDQpyZXNlcnZlZC4xNTc0OURvbm5pbmd0b24gTWFyaWV0dGEgR2EgMzAwNjQtMzE2MyBV

bml0ZWQgU3RhdGVzDQoNCk9yZ2FuaXplcg0KU2hlbGx5IENydXoNCmxzMDc5MTY2M0B0aGVybWFy

ay5vcmcNCg0KR3Vlc3RzDQooR3Vlc3QgbGlzdCBoYXMgYmVlbiBoaWRkZW4gYXQgb3JnYW5pemVy

J3MgcmVxdWVzdCkNCg0K

--0000000000009274df064b1b8e2b

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:offi=

ce">
t=3D"text/html; charset=3DUTF-8">
=3Ddevice-width,initial-scale=3D1">
ight dark">

=20