NetKnow Corporate Blog

Nexcess phish from nxcli part 2

Nexcess phish from nxcli part 1

Computer parts phish from Google Gmail Part 4

Computer parts phish from Google Gmail Part 3

Computer parts phish from Google Gmail Part 2

Computer parts phish from Google Gmail Part 1

Mr.Beast games phish Part 2

What’s included:

Posted by Dave Yadallee on Saturday, January 24. 2026

--=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 7bit

Account Billing Notification

body, table, td, p, a {

background-color: #ffffff !important;

color: #000000 !important;

font-family: Arial, sans-serif !important;

}

a {

color: #1a73e8 !important;

text-decoration: underline !important;

}

Hello,

This is a notification from Nexcess Services regarding

your account billing information.

Our system indicates that some of your billing details are incomplete

or outdated. To ensure uninterrupted service, please review and update

your information.

You can access your account using the link below:

Open Billing Panel

If you need assistance, you may contact our support team at support@Nexcess.net.

Thank you,

Nexcess Services â€“ Billing

Department

--=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 7bit

Account Billing Notification

Hello,

This is a notification from Nexcess Services regarding

your account billing information.

Our system indicates that some of your billing details are incomplete

or outdated. To ensure uninterrupted service, please review and update

your information.

You can access your account using the link below:

Open Billing Panel

If you need assistance, you may contact our support team at support@Nexcess.net.

Thank you,
Nexcess Services â€“ Billing

Department

--=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411--

Posted by Dave Yadallee on Saturday, January 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 24 Jan 2026 06:50:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vje19-00000000A8d-01JT

for dave@doctor.nl2k.ab.ca;

Sat, 24 Jan 2026 06:49:35 -0700

Resent-From: The Doctor

Resent-Date: Sat, 24 Jan 2026 06:49:34 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [207.246.254.157] (port=39434 helo=cloudhost-12287959.us-midwest-2.nxcli.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjXX5-00000000C1p-3Bmm

for sales@nk.ca;

Fri, 23 Jan 2026 23:54:16 -0700

Comment: DomainKeys? See http://domainkeys.sourceforge.net/

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;

s=default; d=98ad8bfd88.nxcli.io;

b=nfWz+kzU9f0UsjkAh/cHm4fBQimDstVMV5q5ZisIjuSx7Bga4nRWtMtlhf5idvVX5QT6NNRJavxx+qyQIsHt7jFGUWqxKPMeQ/F8ZMBIpIrIAND5ugBYrjJFO9VaDa+H22563wdr8E8yHyBhNndLhjFQqJ+bviNp0RBPuRtPuOmNj/3607CdrZ7M8ZXUBX89cqR01CI4gw5086mELLyFPzkNzoQr8piK90e8zlod9Ee1eeijvEUHLqcp2/kq4Z/PIxcVMk+IG1lgJQHMKSvrojWnZaGFO4gfqddmh9O8iJGShB+M+R/4E6/ztY0j9kVh71z5yvec9GnGW4foHb3z3w==;

h=Received:Date:To:Subject:X-PHP-Originating-Script:From:Reply-To:Message-ID:MIME-Version:Content-Type:X-Mailer:X-Priority:List-Unsubscribe:List-Unsubscribe-Post;

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=98ad8bfd88.nxcli.io; h=

date:to:subject:from:reply-to:message-id:mime-version

:content-type:list-unsubscribe; s=default; bh=e81TWzBHM+HRI2mwUz

1cPDQ/Gvhe5gyJTAKFiyQEdHg=; b=zXTNevw93qt3JdqP7S/cyN9GRYeEE2/i4K

sExvJYe5LhsC1i4lxY+W/5VqSyfmHVSwAZPJFCNmRB/i839OrItUY2pIDYcveQZQ

5mhY4RWjSg8RtVip9AlFMrP75FWl3MV45nGB51utgYcBZFM0t/umUnU943Macz3B

5kH4RfNRscfoEHuhDxWvd8cMWXqsQINw4sU631qsMJb8s/m/L1G8BEWUNvieDcVl

dbEIXAIVFh/ODtFx0YUeizZYPsIyVRiO3X7a6mlEztNBtESGdnj4puljBBFU7HAX

k605jLrN27kBp8jP3oTksdR2EuyF1MM+YsuL+ddPuxQKnwr2GBvw==

Received: (qmail 15344 invoked by uid 10074); 24 Jan 2026 06:53:13 +0000

Date: 24 Jan 2026 06:53:13 +0000

To: sales@nk.ca

Subject: Action Required

X-PHP-Originating-Script: 10074:252205928608498499.php

From: "Nexcess"

Reply-To: s5h9b4b8@vms.io

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="=_cbbfc0d6dc20a265d2eddf8527dafe19bdd100e57173a411"

X-Mailer: PHP

X-Priority: 3

List-Unsubscribe:

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-Spam_score: 7.9

X-Spam_score_int: 79

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Account Billing Notification body, table, td, p, a { background-color:

#ffffff !important; color: #000000 !important; font-family: Arial, sans-serif

!important; } a { color: #1a73e8 !important; text-decoration: underline !import

[...]

Content analysis details: (7.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

[207.246.254.157 listed in dnsbl.ahbl.org]

[207.246.254.157 listed in dnsbl.ahbl.org]

[207.246.254.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[207.246.254.157 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

[207.246.254.157 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[207.246.254.157 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[207.246.254.157 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[207.246.254.157 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[207.246.254.157 listed in bl.score.senderscore.com]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_IMAGE_RATIO_06 BODY: HTML has a low ratio of text to image area

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.7 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.5 TVD_PH_BODY_ACCOUNTS_PRE The body matches phrases such as "accounts

suspended", "account credited", "account

verification"

1.0 XPRIO Has X-Priority header

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 ACCT_PHISHING Possible phishing for account information

0.0 VFY_ACCT_NORDNS Verify your account to a poorly-configured MTA -

probable phishing

0.9 URI_PHISH Phishing using web form

Subject: {SPAM?} Action Required

Posted by Dave Yadallee on Saturday, January 24. 2026

height:224px" aria-controls=3D":2qe" aria-expanded=3D"false">

il-:q9" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS=

-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multilin=

e=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-con=

trols=3D":2o0" aria-expanded=3D"false">

-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-=

label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D=

"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":2lm" aria-ex=

panded=3D"false">

editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body"=

role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction=

:ltr;min-height:224px" aria-controls=3D":2iv" aria-expanded=3D"false">

id=3D"gmail-:nx" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf=

gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria=

-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px"=

aria-controls=3D":2g4" aria-expanded=3D"false">

s=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS=

-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" t=

abindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":2d=

d" aria-expanded=3D"false">

L gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Mes=

sage Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D=

"direction:ltr;min-height:224px" aria-controls=3D":2am" aria-expanded=3D"fa=

lse">

mail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"te=

xtbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-he=

ight:224px" aria-controls=3D":288" aria-expanded=3D"false">

-:tj" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-t=

W gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=

=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-cont=

rols=3D":25h" aria-expanded=3D"false">

l editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body=

" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"directio=

n:ltr;min-height:224px" aria-controls=3D":20p" aria-expanded=3D"false">
id=3D"gmail-:10t" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-a=

vf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" ar=

ia-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224p=

x" aria-controls=3D":1xy" aria-expanded=3D"false">

ass=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-=

tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true"=

tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":=

1v7" aria-expanded=3D"false">

-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"=

Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=

=3D"direction:ltr;min-height:224px" aria-controls=3D":1sg" aria-expanded=3D=

"false">

e gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D=

"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min=

-height:224px" aria-controls=3D":1pp" aria-expanded=3D"false">

ail-:10r" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-=

tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multil=

ine=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-c=

ontrols=3D":1ml" aria-expanded=3D"false">

il-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" ari=

a-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=

=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":1k7" aria=

-expanded=3D"false">

l-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message B=

ody" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direc=

tion:ltr;min-height:224px" aria-controls=3D":1hg" aria-expanded=3D"false"><=

div id=3D"gmail-:112" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-L=

W-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox"=

aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:2=

24px" aria-controls=3D":1ec" aria-expanded=3D"false">

class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gma=

il-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"tr=

ue" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=

=3D":1bl" aria-expanded=3D"false">

gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-labe=

l=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" =

style=3D"direction:ltr;min-height:224px" aria-controls=3D":19n" aria-expand=

ed=3D"false">

itable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" ro=

le=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:lt=

r;min-height:224px" aria-controls=3D":188" aria-expanded=3D"false">

=3D"gmail-:114" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf =

gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-=

multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" =

aria-controls=3D":16t" aria-expanded=3D"false">

=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-=

tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" ta=

bindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":15g=

" aria-expanded=3D"false">

gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Mess=

age Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"=

direction:ltr;min-height:224px" aria-controls=3D":141" aria-expanded=3D"fal=

se">

ail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"tex=

tbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-hei=

ght:224px" aria-controls=3D":12h" aria-expanded=3D"false">=C2=A0Hi,

=

For sell

All units are clean pull tested, confirmed to be in good wo=

rking condition, and come with a 3-month warranty.

SK Hynix 128G=

B 2S4RX4 PC4-2666V=3DLB1-11
QTY: 2400
=E2=80=8EPRICE: $85 each

>
Samsung 64GB DDR4 ECC RDIMM =E2=80=93 3200MHz
P/N: M393A8G40AB2-CWE=

QTY 1760 =E2=80=8EPRICE:80 each

Samsung Enterprise-grade Solid S=

tate Drives (SSDs) Condition:
New

PM893 2.5" 3.84TB(SATA6.0G=

bps)
QTY 1.300 =E2=80=8EPRICE:300 each

PM893 2.5"7.68TB =

SSD(SATA6.0Gbps)
QTY 2000 =C2=A0=E2=80=8EPRICE 500 EACH

PM983a 2.=

5"7.68TB SSD(PCle Gen3)
QTY 945 =C2=A0PRICE 500 EACH

Conditi=

on:Used SK hynix 64 4DRX4 PC4-2933Y-LD2-12
=C2=A0HMAA8GL7CPR4N-WM TG AC =

2005
=C2=A0QTY1000 =E2=80=8EPRICE: 120

Condition:Used SK hynix 64=

GB 2RX4 PC5-4800E-RAD-09
HMCG94MEBRA109N AA
QTY2350 =E2=80=8EPRICE:12=

0 each

Condition:Used SAMSUNG
DDR5 EC8 RDIMM
32GB 2RX8 PC5=

-5600B-RE0-1010-XT
M321R4GA3PBO-CWMQH NA1TD200,
QTY.1690 =E2=80=8EPRI=

CE: 60

Regards,
Kelly Combs
COMPUTER WAREHOUSE
4698 Nichols=

on Ave, Kansas City,
MO 64120, USA.
+1 (816) 295-9202

http://www.computerwarehose.com">www.computerwarehose.com

"mailto:sales@computerwarehose.com">sales@computerwarehose.com

iv>

iv>=

iv>=

iv>

--000000000000315991064916a927--

Posted by Dave Yadallee on Saturday, January 24. 2026

r;min-height:224px" aria-controls=3D":4ya" aria-expanded=3D"false">

=3D"gmail-:3aj" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf =

gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-=

multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" =

aria-controls=3D":4v8" aria-expanded=3D"false">

-:3q6" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-=

tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=

=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-cont=

rols=3D":4ke" aria-expanded=3D"false">

l editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body=

" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"directio=

n:ltr;min-height:224px" aria-controls=3D":4et" aria-expanded=3D"false">
id=3D"gmail-:3vq" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-a=

vf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" ar=

ia-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224p=

x" aria-controls=3D":4bo" aria-expanded=3D"false">

ail-:1uw" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-=

tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multil=

ine=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-c=

ontrols=3D":41e" aria-expanded=3D"false">

ail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" ar=

ia-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" tabindex=

=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":3yn" aria=

-expanded=3D"false">

l-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message B=

ody" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direc=

tion:ltr;min-height:224px" aria-controls=3D":3vw" aria-expanded=3D"false"><=

div id=3D"gmail-:3ch" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-L=

W-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox"=

aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:2=

24px" aria-controls=3D":3t5" aria-expanded=3D"false">

=3D"gmail-:wb" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf g=

mail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-m=

ultiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" a=

ria-controls=3D":3i5" aria-expanded=3D"false">

-:1ma" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-=

tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=

=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-cont=

rols=3D":36s" aria-expanded=3D"false">

l editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body=

" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"directio=

n:ltr;min-height:224px" aria-controls=3D":31c" aria-expanded=3D"false">
id=3D"gmail-:10w" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-a=

vf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" ar=

ia-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224p=

x" aria-controls=3D":2yl" aria-expanded=3D"false">

gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"=

textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-=

Posted by Dave Yadallee on Saturday, January 24. 2026

--000000000000315991064916a927

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

l editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body=

" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"directio=

n:ltr;min-height:224px" aria-controls=3D":73i" aria-expanded=3D"false">
id=3D"gmail-:534" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-a=

vf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" ar=

ia-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224p=

x" aria-controls=3D":70r" aria-expanded=3D"false">

ail-:5de" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-=

tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multil=

ine=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-c=

ontrols=3D":6qh" aria-expanded=3D"false">

l-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message B=

ody" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direc=

tion:ltr;min-height:224px" aria-controls=3D":6kz" aria-expanded=3D"false"><=

div id=3D"gmail-:5fw" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-L=

W-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox"=

aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:2=

24px" aria-controls=3D":6i8" aria-expanded=3D"false">

=3D"gmail-:4pt" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf =

gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-=

multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" =

aria-controls=3D":67l" aria-expanded=3D"false">

-:5np" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-=

tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=

=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-cont=

rols=3D":5ww" aria-expanded=3D"false">

id=3D"gmail-:4hc" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-av=

f gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" ari=

a-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px=

" aria-controls=3D":5p2" aria-expanded=3D"false">

ss=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-t=

S-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multiline=3D"true" =

tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-controls=3D":5=

ll" aria-expanded=3D"false">

aiL gmail-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"M=

essage Body" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=

=3D"direction:ltr;min-height:224px" aria-controls=3D":5iu" aria-expanded=3D=

"false">

ail-:4bd" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-LW-avf gmail-=

tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox" aria-multil=

ine=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:224px" aria-c=

ontrols=3D":5dp" aria-expanded=3D"false">

l-Al editable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message B=

ody" role=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direc=

tion:ltr;min-height:224px" aria-controls=3D":587" aria-expanded=3D"false"><=

div id=3D"gmail-:4wx" class=3D"gmail-Am gmail-aiL gmail-Al editable gmail-L=

W-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" role=3D"textbox"=

aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:ltr;min-height:2=

24px" aria-controls=3D":55t" aria-expanded=3D"false">

itable gmail-LW-avf gmail-tS-tW gmail-tS-tY" aria-label=3D"Message Body" ro=

le=3D"textbox" aria-multiline=3D"true" tabindex=3D"1" style=3D"direction:lt=

Posted by Dave Yadallee on Saturday, January 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 23 Jan 2026 21:20:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjV7k-0000000046f-0WCL

for dave@doctor.nl2k.ab.ca;

Fri, 23 Jan 2026 21:19:48 -0700

Resent-From: The Doctor

Resent-Date: Fri, 23 Jan 2026 21:19:48 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-dl1-f52.google.com ([74.125.82.52]:58519)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjQki-00000000GqF-2rsp

for sales@nk.ca;

Fri, 23 Jan 2026 16:39:53 -0700

Received: by mail-dl1-f52.google.com with SMTP id a92af1059eb24-121a0bcd376so8739273c88.0

for ; Fri, 23 Jan 2026 15:39:03 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1769211537; cv=none;

d=google.com; s=arc-20240605;

b=ckSWyzykyD2ALE2ct2SJcldUqYvR/Zs5va5qBE0KiguLY6Nqon3IvXBPU2NfsG6S0D

DQFYJYv+H4C1/rDo0d7kvJGSx4Ad931MX/T+AP5bKIK/S7QfeZGOUonUUIm82ZLyZYzn

NQGcm/gVw0tHfDzvtgW997f/sVoMTetOFdJjm4pwkJ6fKr/sPnFkoSNlwvU6d3JRwafO

/ZImFiW8aeTWybQ7BoxJmV/gUH8LaO7axrq3rChO5JMd7fJSoRMZd4Ac1A7yFYeSfRB5

dRcCYh5TtgjliBPPWlPrZWwLxS6PFyq/doTx2ABIBddCbLAoNt8TeZvRwTlrz1y0ugsG

dyag==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=FX0p9v6ZNDAUj8e3BAMUWaWzVetnFL/b4w/7yxLxcJQ=;

fh=iLxZwJKvXy/8kJM+k1WC7dws1jRP8ojI37K3hj+/MZE=;

b=J16dD1XQXhTiIBCdniKylQ5OfWJsG7cR93sNUB2wTh8tslY8x49J2SgaCuVjX4xJZB

bHIENI8sA4wjZppP4i2JxPKgkUN83D18gyla9MDshcsMJNC1Qv94PMMWK3zgaGwoUdeL

VArEvI234rk1pFWHeSt4NYJYD4tL5wpx6/Zt+WgtCd0dYrCsdl2jlZkrQqHX5DnFVgYq

+HQXDyh1cfMLQsaQLFoWjW6Yrri7cbHNMP0Vmv/qwEVjJ0fC2d1QamkkWEe/rIy9eoqP

+1fecu+5S0RaUFPeeZeT5QkZjMNxMGuXNEjMxbtOSlmKYCp3wDfrY7k/TW/iOD1v1PIg

/yoA==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1769211537; x=1769816337; darn=nk.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=FX0p9v6ZNDAUj8e3BAMUWaWzVetnFL/b4w/7yxLxcJQ=;

b=TokXoJgsB/EsiMR8qZGao94pSY4Q/dwx1YI1CB/8SRRth3R/usHU9oFWA8R4qgf82X

5O6jBFGoC5wfweavJMn/YCsx85+q/dDE9PNjLZqaePfBUjfKBi2coD9D4bPWKEfEhL9Q

tj5fgLEY5Z7pFtBpAG95ES+cKsAdYTm5OskZ4vKpT0DGh2Xp/sGIaulVq7S+/aib/pzF

CrQV7RP94JDQqBQOny5kN9qo3caxcBjz8ia/GhPfc4f3ircu/zduHUXhe2JSzvyQQrTl

fszQqo88Cw12EJ2tZvXgzk6z4bAY6OmnKxNmtV6VWQb7sC2o1JPJEHWrhVdaetcowKn/

JNLA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1769211537; x=1769816337;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=FX0p9v6ZNDAUj8e3BAMUWaWzVetnFL/b4w/7yxLxcJQ=;

b=hXZxMZa3TagKnmEhnSOBCE9IW0WbPUnYby7fBMzDwlBYiQF9D+lSM0IPpLMWyZSCZ2

pzcJ1BG30UriNDegVLTjZrPm4RXBL9a7wPZ2JjF0OjR0zQ1/2bmSZdH2Vk5n723NOjwZ

IXGIC7SlPwmrZEFDSun7WABplcnAYN4pZfdwYworg0Ebh5FBm1NuQzBswbsktReQFZSg

WQduRf8XjKXi0nOBoD03iGb07E0mp0joNkYkb0flSFkuI4i/SRnvAE3YDLjj+ZX1H8Lt

irtLvWb2QojcyPawrcjc3feevX5TrP+dh9aT7ZMB51fVRXkWZJ5L0Bua0O3Y76wcjESS

RCxA==

X-Forwarded-Encrypted: i=1; AJvYcCUDIJORfkhs2XWTC8fXjOQ3gg8ZgtXWZAj7bKz5QUvGP86JY6d6Eo8vq4UoN8KWQvlyge2PRw==@nk.ca

X-Gm-Message-State: AOJu0YyGPfCsWWO9rlqTBbM3SeWPzNhcR6QQhYFa5ThWpx6HR+Ay6n3S

RL2ifzuWeGPt5qrGsV1wSBPDYrDjMPe0CinKbnhb/2Ew8/5dkBcQX1B04wJ6zNDllfXe3QkakVa

NtXkvNLSfwvQlcz63nQ9h5pTre83GeD4=

X-Gm-Gg: AZuq6aIpOWpa/ixE4hbtN3pBoEIcDzueRkFwFgdKgXn2gYTRTzan2rw6XR7Wc8O/fvt

vAtQpF5TTPKpD81M0fMzxzKfWLOjsM/fwIPAQv8ph5cvg9jge/QGlbv0K/e0FSx3fHgXJZzro8v

mxw6ykXWhU6q6uEKnFGA2tClUp6jMXJ/aDbmIyNXjTnivTMaASDMV/KWTIDpC/i22/tHVA+unb0

zidnzip2rxOgniEG+gkxcbrKTERBsmc9PuC6DKqOHgwdA+Bo06wrOp7XfE2zVSUi/44bvVNtbHu

jJzM/itiOwIYA04CP5gfWtxjDHLSxaGCug3T4bGjrcsF94uyh+FsxR+ePpLDDQgU

X-Received: by 2002:a05:7022:660c:b0:11d:f462:78ac with SMTP id

a92af1059eb24-1247dbf8d22mr2188032c88.28.1769211536954; Fri, 23 Jan 2026

15:38:56 -0800 (PST)

MIME-Version: 1.0

Reply-To: sales@computerwarehose.com

From: Kelly Combs

Date: Fri, 23 Jan 2026 20:38:45 -0300

X-Gm-Features: AZwV_QjaWmf4kTj6nm0Wa6YFkh9OtKG_TgVYUAD0m5FdvJT3HNYWtSUOsRo2F_4

Message-ID:

Subject: WTS

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000315991064916a927"

Bcc: sales@nk.ca

--000000000000315991064916a927

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hi,

For sell

All units are clean pull tested, confirmed to be in good working condition,

and come with a 3-month warranty.

SK Hynix 128GB 2S4RX4 PC4-2666V=3DLB1-11

QTY: 2400

=E2=80=8EPRICE: $85 each

Samsung 64GB DDR4 ECC RDIMM =E2=80=93 3200MHz

P/N: M393A8G40AB2-CWE

QTY 1760 =E2=80=8EPRICE:80 each

Samsung Enterprise-grade Solid State Drives (SSDs) Condition:

New

PM893 2.5" 3.84TB(SATA6.0Gbps)

QTY 1.300 =E2=80=8EPRICE:300 each

PM893 2.5"7.68TB SSD(SATA6.0Gbps)

QTY 2000 =E2=80=8EPRICE 500 EACH

PM983a 2.5"7.68TB SSD(PCle Gen3)

QTY 945 PRICE 500 EACH

Condition:Used SK hynix 64 4DRX4 PC4-2933Y-LD2-12

HMAA8GL7CPR4N-WM TG AC 2005

QTY1000 =E2=80=8EPRICE: 120

Condition:Used SK hynix 64GB 2RX4 PC5-4800E-RAD-09

HMCG94MEBRA109N AA

QTY2350 =E2=80=8EPRICE:120 each

Condition:Used SAMSUNG

DDR5 EC8 RDIMM

32GB 2RX8 PC5-5600B-RE0-1010-XT

M321R4GA3PBO-CWMQH NA1TD200,

QTY.1690 =E2=80=8EPRICE: 60

Regards,

Kelly Combs

COMPUTER WAREHOUSE

4698 Nicholson Ave, Kansas City,

MO 64120, USA.

+1 (816) 295-9202

www.computerwarehose.com

sales@computerwarehose.com

Posted by Dave Yadallee on Saturday, January 24. 2026

.header {

text-align: center;

font-size: 24px;

font-weight: bold;

color: #007bff;

}

.content {

font-size: 16px;

line-height: 1.6;

margin-top: 20px;

}

.content ul {

list-style: none;

padding-left: 0;

}

.content li {

margin-bottom: 10px;

}

.footer {

margin-top: 20px;

font-size: 14px;

text-align: center;

}

.button {

display: block;

width: 200px;

margin: 20px auto;

padding: 12px;

background-color: #28a745;

color: white;

text-align: center;

border-radius: 5px;

text-decoration: none;

font-weight: bold;

}

.button:hover {

background-color: #218838;

}

color: #333;

background-color: #f9f9f9;

margin: 0;

padding: 0">

max-width: 600px;

margin: 0 auto;

padding: 20px;

background-color: #fff;

border-radius: 10px;

box-shadow: 0 4px 8px rgba(0,0,0,0.1)" class=3D"container">

font-size: 24px;

font-weight: bold;

color: #007bff" class=3D"header">

Hello Sir/Madam,

line-height: 1.6;

margin-top: 20px" class=3D"content">

Congratulations! You’ve been selected to join MrBeast&=

#8217;s 2026 Global Games Challenge, an all-expenses-paid 30-day competitio=

n taking place on MrBeast Island!

This once-in-a-lifetime event will bring together 250 contes=

tants from around the world to take part in a massive, mystery-filled compe=

tition filled with surprises, teamwork, for a life-changing grand prize and=

the kind of epic moments only MrBeast can create.

January '26

✈️ Round-trip international flights

🏨 Full accommodation and meals

🚗 Local transportation and logistics

💵 Allowance throughout the 30-day challenge
>

Each participant is also entitled to bring one person only (=

a friend, family member, or spouse), whose travel and accommodation will be=

fully covered for the duration of the event.

📅 Event Duration: 30 days in 2026
p>

📍 Location: MrBeast Island<=

/strong> (exact details to be revealed soon)

To confirm your participation, please reply to this email wi=

th:

padding-left: 0">

Your full name (as on your passport)

Country of residence

Contact number

A simple message: “I accept and confirm my partic=

ipation in MrBeast’s 2026 Global Games Challenge.”

Once confirmed, our team will send you all the details and n=

ext steps to prepare for the journey.

We can’t wait to see you take part in what’s set=

to be MrBeast’s biggest global challenge yet!

width: 200px;

margin: 20px auto;

padding: 12px;

background-color: #28a745;

color: white;

text-align: center;

border-radius: 5px;

text-decoration: none;

font-weight: bold" href=3D"mailto:team.mrbeast@outlook.com?subj=

ect=3DConfirm%20Participation%20in%20MrBeast's%202026%20Global%20Games%20Ch=

allenge&body=3DI%20accept%20and%20confirm%20my%20participation%20in%20MrBea=

st’s%202026%20Global%20Games%20Challenge." class=3D"button">Confirm P=

articipation

font-size: 14px;

text-align: center" class=3D"footer">

Best regards,

MrBeast Global Games Challenge Team

Beast Games Productions | 2026 Global Challenge Division

Categories: Phish

0 Comments

Mr.Beast games phish Part 1
Posted by Dave Yadallee on Saturday, January 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 23 Jan 2026 21:20:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjV7M-0000000045o-2CnL

for dave@doctor.nl2k.ab.ca;

Fri, 23 Jan 2026 21:19:24 -0700

Resent-From: The Doctor

Resent-Date: Fri, 23 Jan 2026 21:19:24 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.219.220.140] (port=35494 helo=mail.kevinchenrotypack.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjQ2s-00000000Ekh-1diw

for doctor@doctor.nl2k.ab.ca;

Fri, 23 Jan 2026 15:55:32 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;

d=kevinchenrotypack.com; s=202600; t=1769208677;

bh=qECqKgiAGAi5qAC/VViFiX9WGv5nN9VZwooG+VmGhY0=;

h=Reply-To:From:To:Subject:Date:From;

b=gIyv0MQCWmfqEYD0AkJId/BBY174gZEfOOnHsyGoK1FFyTSfAFaL7tiTfC+68+PQ5

4sCqvU3KI7MaB2+IGYEopZulsNbqJo2hctEjGpp2GK+gEychtTPh/vEQ7FN84lP256

4o12YyPqNdhhgx9XlzTtOOiqrL7FCBhiRnR/DsCqm3IUq90gnUAoOpXQf61AZbejKt

8s1YylJcHLDNIHz5pk76pS48XNHB0+PMJU2KfyIxUrr0ym7ruQkNKY1pv6LfJ1lFkn

01bwNziC6QHeTc4DZPScSFVugEtNZih3ixkwZeGp1xi5d9YOzBdjVCEzJdu7q4JCVc

eu+ofOqu1A6WQ==

Received: from [23.146.241.156] (unknown [23.146.241.156])

by mail.kevinchenrotypack.com (Postfix) with ESMTPSA id 4C9F744447

for ; Fri, 23 Jan 2026 22:51:16 +0000 (UTC)

Reply-To: team.mrbeast@outlook.com

From: "MR BEAST GAMES"

To: doctor@doctor.nl2k.ab.ca

Subject: Mr Beast Game Challenge

Date: 23 Jan 2026 16:50:50 -0600

Message-ID: <20260123164325.88111C958D43ED85@kevinchenrotypack.com>

MIME-Version: 1.0

Content-Type: text/html;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 15.3

X-Spam_score_int: 153

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: MrBeast 2026 Global Games Challenge Invitation Hello Sir/Madam,

Content analysis details: (15.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.219.220.140 listed in dnsbl.ahbl.org]

[185.219.220.140 listed in dnsbl.ahbl.org]

[185.219.220.140 listed in dnsbl.ahbl.org]

[185.219.220.140 listed in dnsbl.ahbl.org]

[23.146.241.156 listed in dnsbl.ahbl.org]

[23.146.241.156 listed in dnsbl.ahbl.org]

[23.146.241.156 listed in dnsbl.ahbl.org]

[23.146.241.156 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.219.220.140 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.219.220.140 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.219.220.140 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.219.220.140 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[23.146.241.156 listed in will-spam-for-food.eu.org]

[23.146.241.156 listed in will-spam-for-food.eu.org]

[23.146.241.156 listed in will-spam-for-food.eu.org]

[23.146.241.156 listed in will-spam-for-food.eu.org]

[23.146.241.156 listed in will-spam-for-food.eu.org]

[23.146.241.156 listed in will-spam-for-food.eu.org]

[23.146.241.156 listed in will-spam-for-food.eu.org]

[23.146.241.156 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

[185.219.220.140 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[23.146.241.156 listed in sbl-xbl.spamhaus.org]

[23.146.241.156 listed in sbl-xbl.spamhaus.org]

2.6 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL

[23.146.241.156 listed in zen.spamhaus.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_HK_NAME_MR_MRS No description available.

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 HK_NAME_MR_MRS No description available.

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

Subject: {SPAM?} Mr Beast Game Challenge

=3D1.0">

MrBeast 2026 Global Games Challenge Invitation

Payment Action Required

Your antivirus protection plan expired on Jan 20, 2026.

Why this happened: Your payment method on file was declined. Update now to secure your

device.

Threats Blocked

0

System Status

At Risk

Reactivate now for 80% OFF

RENEW-2026-SAVE

Update Payment & Secure Device

Secured by 256-bit SSL Encryption.

You are receiving this operational email regarding account #8821.

Manage Email Preferences or Unsubscribe.

Categories: Phish

0 Comments

McAfee Phish Part 1
Posted by Dave Yadallee on Friday, January 23. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 23 Jan 2026 12:35:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjMvL-0000000034y-1jql

for dave@doctor.nl2k.ab.ca;

Fri, 23 Jan 2026 12:34:27 -0700

Resent-From: The Doctor

Resent-Date: Fri, 23 Jan 2026 12:34:27 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [145.249.115.215] (port=48167 helo=stonehaven.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vjMXk-000000001pO-3FqJ

for doctor@doctor.nl2k.ab.ca;

Fri, 23 Jan 2026 12:10:12 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=doctor.nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=doctor@doctor.nl2k.ab.ca;

bh=57BTHUixZPk6/DznsWlC2DZMhlo=;

b=XSm9sEl1JStoCjWuiF2KttbfcUTJUmaLci7jVzqSBdVpSu1DEQ8rnu/AcA4ugDeWOkLSpJtX3PQC

x74s5TwRP1DlhOV1ykhel01bXE3rh6a7aoR2MvMegaMoWrN15Mt/ATcaguBQJwQ153AroPESQboq

EplSPpJ4LiojItIqHr4=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=doctor.nl2k.ab.ca;

b=HRSMkI8R4JcYUJM8aJXTx0gH2a3nIsTyMxdx+p6IREURcaNVwyICaVgBeG/I/96UTHV+HXQhztvC

5asdJf9uO9UeDy/nftm/WtqDoudjKnmPFIaKvULAD0ciQBmaTyKdMorBPwYZzBwn7P6fEmQ+Am1M

zLRD+riKtPpvtBTP97I=;

Date: Fri, 23 Jan 2026 19:09:17 +0000

To: doctor@doctor.nl2k.ab.ca

From: McAfee

Subject: McAfee Protection Plan Ended on Jan 20, 2026

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 16.2

X-Spam_score_int: 162

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Subscription Renewal Payment Action Required

Content analysis details: (16.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

[145.249.115.215 listed in dnsbl.ahbl.org]

[145.249.115.215 listed in dnsbl.ahbl.org]

[145.249.115.215 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: support-uk.online]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: support-uk.online]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs

[URI: support-uk.online (online)]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

1.8 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

0.0 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

Subject: {SPAM?} McAfee Protection Plan Ended on Jan 20, 2026

Subscription Renewal

Payment Action Required

Your antivirus protection plan expired on Jan 20, 2026.

Why this happened: Your payment method on file was declined. Update now to secure your

device.

Threats Blocked

0

System Status

At Risk

Reactivate now for 80% OFF

RENEW-2026-SAVE

Update Payment & Secure Device

Secured by 256-bit SSL Encryption.

You are receiving this operational email regarding account #8821.

Manage Email Preferences or Unsubscribe.

Categories: Phish

0 Comments

McAfee Phish PArt 1
Posted by Dave Yadallee on Friday, January 23. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 23 Jan 2026 12:35:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjMvG-0000000034k-0TzV

for dave@doctor.nl2k.ab.ca;

Fri, 23 Jan 2026 12:34:22 -0700

Resent-From: The Doctor

Resent-Date: Fri, 23 Jan 2026 12:34:22 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [145.249.115.215] (port=55537 helo=stonehaven.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vjMXF-000000001nN-0MxR

for doctor@nl2k.ab.ca;

Fri, 23 Jan 2026 12:09:41 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nl2k.ab.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=doctor@nl2k.ab.ca;

bh=dQEeNjBBeHxANs4squIpOllqazA=;

b=L5f/fsdNlx1L4pXdOh04h3fWWuk1OG1cErj3KGZp33EBmJVzRzqxlEY2+QPr+hwPSWmyxcYfWpzq

9eNUP0caTfOJRqVURItBCEftBjZI0gxuzwaIhVUv3POtA1sAy1o2INwROXcQmBb4bg40vSX0pqHw

/t/vVUwjHIdnQmN9uqg=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nl2k.ab.ca;

b=zGhud1+46ySd2n5P4ax+jtgeMobIdOFHq/JYVfResGlBJU6QTkPATzEvDgPiW8vkWoQByF613E8x

/glVcK71QfIwLM0tFdkbwG597zYJivHWeH25lvXDM+S+KrY6tK58qzVHCo9j3ImlGJPrDAFRFTQy

5wvTqfS3ZpzS4XKFXOE=;

Date: Fri, 23 Jan 2026 19:08:43 +0000

To: doctor@nl2k.ab.ca

From: McAfee

Subject: McAfee Protection Plan Ended on Jan 20, 2026

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 16.2

X-Spam_score_int: 162

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Subscription Renewal Payment Action Required

Content analysis details: (16.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

[145.249.115.215 listed in dnsbl.ahbl.org]

[145.249.115.215 listed in dnsbl.ahbl.org]

[145.249.115.215 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[145.249.115.215 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

[145.249.115.215 listed in will-spam-for-food.eu.org]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: support-uk.online]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: support-uk.online]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs

[URI: support-uk.online (online)]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.8 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

Subject: {SPAM?} McAfee Protection Plan Ended on Jan 20, 2026

Subscription Renewal

=0D=0A=0D=0A
=3D"MSHTML=2011.00.10570.1001">=0D=0A=0D=0A
Dear=20dave@do=

ctor.nl2k.ab.ca,
=0D=0A

=0D=0A
My=20Name=20is=20Mr=

s.=20Cecilia=20Charlotte,=20From=20United=20Kingdom=20London,=20The=20Wife=20=

of=20Late=20Mr.=20Charlotte=20Tobacco=20Global=20European=20Plc,=20To=20be=20=

honest=20and=20truthful=20to=20you,=20I=20am=20looking=20for=20a=20good=20a=

nd=20honest=20person=20,=20who=20will=20assist=20me=20with=20the=20Charity&=

nbsp;=20Project=20in=20your=20country=20,=20I=20and=20my=20late=20husband,=20=

have=20a=20will=20of=20$,=203,700,000=20United=20State=20Dollars=20,=20to=20=

Will=20to=20you=20for=20orphanage=20people=20and=20homeless=20people =20=

in=20country=20
=0D=0A
Your=20feedback=20is=20welcome!
=0D=

=0A
Thank=20you.
=0D=0A

=0D=0A
=0D=0A
=0D=0A=0D=

=0A
=0D=0A
Best=20Regards!
01/23/2026
=0D=0A

=0D=0A=

--07390708854E4B279D87ABD800D2CBF4--

Categories: Google Gmail Spam

0 Comments

Charity spam from Google Gmail Part 1
Posted by Dave Yadallee on Friday, January 23. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 23 Jan 2026 09:40:00 -0700

Received: from mail-ed1-f66.google.com ([209.85.208.66]:46158)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vjKBx-00000000G5A-0cbJ

for dave@doctor.nl2k.ab.ca;

Fri, 23 Jan 2026 09:39:35 -0700

Received: by mail-ed1-f66.google.com with SMTP id 4fb4d7f45d1cf-64d1ef53cf3so3103669a12.0

for ; Fri, 23 Jan 2026 08:38:39 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=diamondindia-net.20230601.gappssmtp.com; s=20230601; t=1769186313; x=1769791113; darn=doctor.nl2k.ab.ca;

h=mime-version:message-id:list-unsubscribe:subject:to:reply-to:from

:date:from:to:cc:subject:date:message-id:reply-to;

bh=qwne1i0V7Ip0nNmGaBfPfnPeLAcBpf4MfHVkvc4O0gM=;

b=VahwTK6LqOgBDypyggO1+3bRqS9YbXf9N2f8fyQvH0QLlAi14fMdSMCMBq8YtWQk7Z

HLCFlO5r40SFdE3mCOJ6UMcNPD85qlbIwkWw5in+UIZ6lyXzsGMO4jh+c725UG+AZHKz

1r9MUP6M+HjrhElmtNyfnr5xC1GOqgECB2ryeqiyPdOxM10ZRoy4YATHQs6nfBhZrFKy

jAqaMLVrSTs+8a75bev7uGXlmbGOJj/TZJxSlQHJAVM8fmOqrFPwSXXOcX+bTesHIPmJ

k3e+M3E4YP1KsXRLmxIpdmtGhEOwcAhOnotlCMTQfHFHzIBlkupdczbum8ghb2pShEhe

k35A==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1769186313; x=1769791113;

h=mime-version:message-id:list-unsubscribe:subject:to:reply-to:from

:date:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=qwne1i0V7Ip0nNmGaBfPfnPeLAcBpf4MfHVkvc4O0gM=;

b=BL23/g9R5gVN6Ea92LoaYLQm+dCEHO0inhFYwSU1ut6aZxJhZge7Dzx/GaIMjCeFL5

MknOm6WzcIHZriU29nAItAlOPLwpw8oGR2+d7YOzDTwII1O+o3xci4s3bF2c2sRqmGC7

LsMwDWgK9jlVEmXXgUrtpXHbjp6WnIl+vqjKUyydMC4BI+wqu8ILINarG6ss+sEwqVsN

AQ/hlQ9FolA4b9ylbjRWGCLrM+8tFn12F8TGivlRVBKtPKLBAiv66aWd1HtTco/hbVls

L/qWD3fUEUmrZ8ZP88qrXMWwSf8+NwpTU5ItVaei4N/HeVU2qmdm7USME13lm3yZBWgH

d5kw==

X-Gm-Message-State: AOJu0YxP7cyBJcmWtDkvB0RGA8WA517Z3+TtxetVdmMXqy27Z5EiE9Yl

SJNbhgzFsYBVZD7iVzapc60Tu3hRkJOpc0iqirWVlhrQPm6SOmQRD30AhamvDlBI3r0nsUis5PV

xkZdqWioEqkm0MdY=

X-Gm-Gg: AZuq6aIlIW+eE6WG/DXpVJlqXN0rC7ceQZyqyUyt7BdzGu+mv0EoQRN1nohxHF0LYK7

bw1vZkGKq01ZUrtzaT5wHluyiJkShu45PQMouTl+ALZ1P+NitywNuZRxLSCffJHtrWCCRz/bqGE

027JoXw3+aXIF8j9y3YuOwPNpgdENm8sZaiD/n+7L6FQb1XzYCF33U554x7t727ViQ8Gzd3C6MX

F007dw5y4NyQZxLfdePU1sSLFVn8GmUUKq6NNY9XEvKoVT/80gfjMYRAjfU+iV9lhIVyztApI2l

Mtr5Quio6Fdmyi60rsl2sBS4aLUjwNKd1e0ue+TICrIJPcfztNsqwS6xwlLKpUHYwg8KBBTLZ+7

udYI5bZckMj0ZRkFL2tbvA6jlUrmTu2tpmEE9tYSmd5fRYl1zwjOEVTAixczVFJu6YPeIhNT1JI

86SM6E4SGXgB0cvZsh2OIkBp79jJ+i9/k=

X-Received: by 2002:a17:906:2099:b0:b88:646b:ae32 with SMTP id a640c23a62f3a-b88646be0bcmr130709966b.22.1769186312388;

Fri, 23 Jan 2026 08:38:32 -0800 (PST)

Received: from DESKTOP-TFCM5OQ ([105.112.217.80])

by smtp.gmail.com with ESMTPSA id a640c23a62f3a-b886048e808sm105452566b.9.2026.01.23.08.38.30

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 23 Jan 2026 08:38:31 -0800 (PST)

Date: Fri, 23 Jan 2026 08:38:31 -0800 (PST)

X-Google-Original-Date: Fri, 23 Jan 2026 08:38:26 -800

From: =?utf-8?B?TXJzLiBDZWNpbGlhIENoYXJsb3R0ZQ==?=

Reply-To: mrscecilian@hotmail.com

To: dave@doctor.nl2k.ab.ca

Subject: =?utf-8?B?R3JlZXRpbmdzIG15IGZyaWVuZCAtIE1ycy4gQ2VjaWxpYSBDaGFybG90dGU=?=

List-Unsubscribe:

X-Priority: 3

Message-ID: <887ABCC22B19459A93AD6B2F8DC4DF98@diamondindia.net>

Mime-Version: 1.0

Content-Type: multipart/alternative; boundary="07390708854E4B279D87ABD800D2CBF4"

X-Antivirus: AVG (VPS 260123-2, 1/22/2026), Outbound message

X-Antivirus-Status: Clean

X-Spam_score: 16.2

X-Spam_score_int: 162

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Dear dave@doctor.nl2k.ab.ca, My Name is Mrs. Cecilia Charlotte,

From United Kingdom London, The Wife of Late Mr. Charlotte Tobacco Global

European Plc, To be honest and truthful to you, I am looking for a good and

honest person , [...]

Content analysis details: (16.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.66 listed in dnsbl.ahbl.org]

[209.85.208.66 listed in dnsbl.ahbl.org]

[209.85.208.66 listed in dnsbl.ahbl.org]

[209.85.208.66 listed in dnsbl.ahbl.org]

[105.112.217.80 listed in dnsbl.ahbl.org]

[105.112.217.80 listed in dnsbl.ahbl.org]

[105.112.217.80 listed in dnsbl.ahbl.org]

[105.112.217.80 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.66 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.66 listed in dnsbl.ahbl.org]

Categories: Google Gmail Spam

0 Comments

Ukrainian ladies spam from Microsoft Outlook Part 2
Posted by Dave Yadallee on Friday, January 23. 2026

X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?cHhwNkZleXJrWHU0a1BHL1JDNnJ5WWVwOXROQ1RMMVFVUU0vdmxRV1VqUlhV?=

=?utf-8?B?RDViMzFCZWxIRERibityQWg5b3BRcy9SUENvOEVrbFJEUzRmbzVGZVZueXpq?=

=?utf-8?B?SytSL244UGw3ZDIvUm1qWjRZcWJORVh1VWxxUWF4UzRoLys3QllkdGZnNFgv?=

=?utf-8?B?NmVub3pYSFB3QXBiaE1UbHRoR1kxaFZNNEJ6b3Q5cHZBRVEyQ3FKa1dYTW9m?=

=?utf-8?B?R0tuTlhsUlZmTGtFZUpsQXdhd1lyNHd2Y2VhV3FVYmpDNmRlMmhpUnpMaEpS?=

=?utf-8?B?dy90blBCNnM0N0JoMXJMVndKSXR6eTJNRUJzTkVITEl6VnB1WklaWXVKdmNw?=

=?utf-8?B?azZDSEVENzdMR1RENWtYMHdvSGpETmpoMFRkNHkySUNxZC8xM09PaDE0elF2?=

=?utf-8?B?VWJIcSt1ZURpOVZBb29Xc1NZWDRxZ2FocnplM2N3d1lVcHpNVUFTUjdiMXRm?=

=?utf-8?B?aFMvQUlPWWN3UkwyMU5TRnVwMm1LbHNYMDVXblN3WHZYcDAvalJZVitvZTdI?=

=?utf-8?B?OXhONXhBR0cyT3FkZnduWFluWTVQU2JUNjVvRFErck5GbjdvRE1leGJoeVdr?=

=?utf-8?B?Tzd4UzJMZVgrZ05JYXA2aGYvc0h1QUNmUmlmYU50NE1KSFo5eFdVZFhvYmVx?=

=?utf-8?B?OXRtWUE4TTRtRlRRQUVEajBIOHJmZ1oyTUxkVnUzRFU4N2RsQVNMOG83TVZB?=

=?utf-8?B?bXJqc3dsTkdiRXJtaitVNXV1c0lTSlJ4cVk2OE00d2EyTVYwSnUwbkF3SHZn?=

=?utf-8?B?MXljM3VpVmo1WERBaGVsQkhOZ1V5M2JQRWUxMTI2T2N6UnN5NlBsM2dPdDgy?=

=?utf-8?B?aDJDUVFCWW5pbUVqMmxVVU1wU2k1aU0rL1BLdCtoVWNKUVQyNlRoS0xUcHdL?=

=?utf-8?B?ZzFLOGhvQWhvMW9INGpTZEhBVmsvMTF5VDdITjZNRGRZamNiOEtBdy91cmdw?=

=?utf-8?B?WDVUbUg4K1lzODQ3NUo0SWFTQ0RkSDVoblByaGNGWHowQ0RsZFNYRlhuMmNT?=

=?utf-8?B?WlVQclFTVHc3ZnczeVFLblVjcmVEN1Q0NExGL0tNd1lhNzE2RVo2bkgzc0NG?=

=?utf-8?B?NlpZY0NWUXJVUHhnUmZjcmxmdTVXTWdvV0tOTTZFelA0NkVuK280bnZCMGpS?=

=?utf-8?B?cjdraEl1TUc2Mk9TR2VtbnNreWNGZkw1RWNTVU00Vnp0anJVQkViWmhOaStP?=

=?utf-8?B?byt6TWpPb2JZaDRyL3RtMUpCcDNjQUFpQ0lRTU5OSFpSSVBuMlV5U2p4NHY2?=

=?utf-8?B?dWlMZW90a0xDS2hHVTZCdWtQd29OazZ0dWljWlhCQk5xYUJDZTRuWGpnUHlF?=

=?utf-8?B?Q0I5ZGZSVzA0R2daOE51ZERxdjFJencrUUlkVEt5SGFjTDh2S3dxZkVsUjhD?=

=?utf-8?B?dUhObjV3dHZhaC9EMjBQYk4yR0N6RXdKRkkwTUovZ2ZTcGczTFMyK3JzemE4?=

=?utf-8?B?elMvVFRkZU9tMjNaTnVQN2Q1RTFZVC9UWUNKeml6UlN6OFhsdS9TQm85REZR?=

=?utf-8?B?SG1OUVF3RFJXN1Q0ZkIyUkRSUUVmL2dCWDBRZlFraVBaK1F4THlJbmZzWGF6?=

=?utf-8?B?eFdMVGg3OTNFK2RSRkI4M0F3YnhWMWR6QTZtVkd0aTBLWTVlL1RySEZZWlM3?=

=?utf-8?B?dE94bGJTNHdFd0QxaU02emlnQXZHZ1lSOFlQa1h3cXNWQkJ3UVB6S1l3c3c4?=

=?utf-8?B?VXdHVlNzTDhWRFFITDVSeUdHbnIwZjZxYXVGMVp2bVIwTGdvc2MwaWVjQW0x?=

=?utf-8?B?UlFEbG9OTjlmUHpWRXVFOS9IYWNQTUlRQUhhNWp2cUZmdGthYkY5RVFFZk5T?=

=?utf-8?B?R0tzRmxjUnBha2VBVzk2UUFIQjBCMGFRSlViR3ZaZFA1cDRQTndyK1owVDFt?=

=?utf-8?B?aWlIeUZhOFlpV3ArVkpKOG96QnJTSEpjUTR3UkNBeFlxV0E9PQ==?=

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-debff.templateTenant

X-MS-Exchange-CrossTenant-Network-Message-Id: a2c382f9-e045-4931-bf07-08de5a851d09

X-MS-Exchange-CrossTenant-AuthSource: MA3P292MB0573.ESPP292.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2026 13:41:30.0201

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: MA3P292MB0218

X-Spam_score: 6.1

X-Spam_score_int: 61

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: You Might Enjoy This A small space built for people who prefer

depth over noise. Nothing flashy. Just real exchange. Have a look: Check

It Out

Content analysis details: (6.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.36.1 listed in dnsbl.ahbl.org]

[52.103.36.1 listed in dnsbl.ahbl.org]

[52.103.36.1 listed in dnsbl.ahbl.org]

[52.103.36.1 listed in dnsbl.ahbl.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.36.1 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.36.1 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.36.1 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.36.1 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:250:22:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

[52.103.36.1 listed in will-spam-for-food.eu.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[joni3tx3casio(at)hotmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.36.1 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} Your next connection is active now

------=_NextPart_000_DD89_1456F66A.F46A5954

Content-Type: text/plain;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

You Might Enjoy This

A small space built for people who prefer depth over noise.

Nothing flashy. Just real exchange.

Have a look: Check It Out

If you prefer not to receive messages, unsubscribe

=

------=_NextPart_000_DD89_1456F66A.F46A5954

Content-Type: text/html;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

iv align=3D"center">=0A=

You Might Enjoy This
an>
=0A=

=0A=

=0A=

=0A=

A small space built for=

people who prefer depth over noise.
=0A=

Nothing flashy. Just real exchange. =0A=

=0A=

=0A=

Have a look:
href=3D"https://rb.gy/rjowde">
16px;">Check It Out =0A=

=0A=

=0A=

If you prefer not to re=

ceive messages,
t-family:Arial;font-size:12px;">unsubscribe =0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=

------=_NextPart_000_DD89_1456F66A.F46A5954--

Categories: Microsoft Outlook Hotmail Spam, Phish

0 Comments

Page 1023 of 1023, totaling 15344 entries

previous page

No entries to print