Social Media followers spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 04 Mar 2026 06:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vxlp6-000000004ZH-0LfP

for dave@doctor.nl2k.ab.ca;

Wed, 04 Mar 2026 05:59:32 -0700

Resent-From: The Doctor

Resent-Date: Wed, 4 Mar 2026 05:59:31 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oo1-f72.google.com ([209.85.161.72]:52735)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from <3CQ-oaQ0JBRwOAKLGF2DAF8828E2AD.4GEK2D6KFC.42@maestro.bounces.google.com>)

id 1vxjzN-00000000KDm-0YSd

for sales@nk.ca;

Wed, 04 Mar 2026 04:02:08 -0700

Received: by mail-oo1-f72.google.com with SMTP id 006d021491bc7-6798921eff4so91835895eaf.1

for ; Wed, 04 Mar 2026 03:01:14 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1772622068; x=1773226868; darn=nk.ca;

h=content-transfer-encoding:to:from:subject:date:message-id

:mime-version:from:to:cc:subject:date:message-id:reply-to;

bh=BK38UMYM8auvQhXhvGqWhScg5IQLdcYyq1XbaMWxVfk=;

b=IcOKgsQiozq6UYTv1jqnK0B9hjBXaBXZfYHW/PqVLzqpMs3xB8OGuCCPQWKpzGhj6X

79K4JsYq085lbttjXDSn4hOLplro++FQGziVtTbOxWRTbNqeuK8tt+WhvoB/9w+rZX6k

vP87SeilsMjFenJkiWaNnX2hzexxZZv2LKsoZNlYJRZXnW1pce2huOY/4TIof0XF+aLt

skKgY9jPBaW2z5TM7UYs2kfGgs1+kroDM7Q8DOyPAlgFvGwwZwxoje76CveIO8m3L31D

lHpg4jTDPS2Zj796PsWalEfvf5058QCqyJzXjQ+vICg37RO5jDOb8nQvmK2uQr7GWTEn

JJyg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1772622068; x=1773226868;

h=content-transfer-encoding:to:from:subject:date:message-id

:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=BK38UMYM8auvQhXhvGqWhScg5IQLdcYyq1XbaMWxVfk=;

b=JL1YJ/VEd594z2WIE4QWhd7pAT5lep2KjE1BnnKRR0WngvZHPLXHNFp2tOSULYClfz

XD74s4EhRrhwUOKY0bzI0niTLp0KlPqaRGAXchs0RL9Mg5qP5BE1CgHugu2TMvdmUzGl

Nin8sgXZ15QUdsaFXIHMaNtJCTGC/jYf+qIA/Z4vgSNt4cyBqb1YvZb4s9kFV+tdUB27

ngoo7WpHi4N88ItpBq4YZmVCwcoDFuufeuqMSkHD1tRGHntiw90NIAyuEyJpj+Bu2iLe

Tfaj8PFFFDrNKvQvGWI2Zq9SrWbKPMHtTEyNSWWlvWUr6DwSoJZrTDj0cdtkI8DDjb8z

qt8g==

X-Gm-Message-State: AOJu0Yye0u/iLdBB4AaOsOYBGNCqr4axYqHNX4Qs85WJJsw1wsSvobmw

HA1G2ELlTA343OTiRszcwJwRAeEFwByk849/rt8Qt0Pd3gVLF03VXbqwuLXFZhfK/YTd7a6Es0W

5MpK4

MIME-Version: 1.0

X-Received: by 2002:a05:690e:1909:b0:64c:f929:7495 with SMTP id

956f58d0204a3-64cf9b2ef3amr890926d50.1.1772621577461; Wed, 04 Mar 2026

02:52:57 -0800 (PST)

Message-ID:

Date: Wed, 04 Mar 2026 10:52:57 +0000

Subject: netknowyeg, Get More 1,000 Instagram Followers and 1,000 Facebook

Likes here

From: wistonalingga@gmail.com

To: sales@nk.ca

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64

X-Spam_score: 9.7

X-Spam_score_int: 97

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, netknowyeg, Get More 1,000 Instagram Followers and 1,000

Facebook Likes here Sorry to interrupt your time. We offer social media services,

If you're interested, please visit our Website. If you're not interested,

please skip this step.



Content analysis details: (9.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

[209.85.161.72 listed in dnsbl.ahbl.org]

[209.85.161.72 listed in dnsbl.ahbl.org]

[209.85.161.72 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: instatool.site]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[wistonalingga(at)gmail.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.161.72 listed in wl.mailspike.net]

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

Subject: {SPAM?} netknowyeg, Get More 1,000 Instagram Followers and 1,000 Facebook

Likes here



Hi, netknowyeg, Get More 1,000 Instagram Followers and 1,000 Facebook Likes here

Sorry to interrupt your time.



We offer social media services,

If you're interested, please visit our Website.

If you're not interested, please skip this step.



We will help you increase your social media presence to another level.

( Threads, Instagram, Twitter, Youtube, Facebook, etc. )



Are you interested in a free trial ?

Special For You Bonus Extra $2 FREE SIGNUP NOW..!!!

GET 100K Followers Instagram NOW !!!

Order here :



[ https://instatool.site/services/?Netknow Internet Service ]





Take free trial service today only...!!

10 -101K Instagram Followers



- Instant Start

- Safest Methods

- Privacy Protection

- Speed 200K Followers/day

- High Quality Followers

- Drop-Back Guarantee

- Trusted Seller testimony

- Starting get 100K Followers Instagram

- Guaranteed to be the cheapest



Thank you,

Regards,



Copyright © 2014 - 2026 instatool.site

Money invest spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 04 Mar 2026 06:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vxloz-000000004H7-46FU

for dave@doctor.nl2k.ab.ca;

Wed, 04 Mar 2026 05:59:25 -0700

Resent-From: The Doctor

Resent-Date: Wed, 4 Mar 2026 05:59:25 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lj1-f174.google.com ([209.85.208.174]:55744)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vxjoQ-00000000JYP-3h2T

for doctor@doctor.nl2k.ab.ca;

Wed, 04 Mar 2026 03:50:52 -0700

Received: by mail-lj1-f174.google.com with SMTP id 38308e7fff4ca-38700168abaso46663321fa.3

for ; Wed, 04 Mar 2026 02:49:55 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1772621388; cv=none;

d=google.com; s=arc-20240605;

b=L/O+4kmWGaIDcp+62uc7NG9w1MDlFNt79l4uDHGADmhsOTz0CGbrpDI1qTqtpafsku

uS7Mmr3IAZ7PEfc8vzbUtBTId4qlHFPpvLnrw3djXQW1kZOasUAqD6sUkqHh7fOvzkkM

d5e07TUEuXwDtHV5tes7Mv9W/Z1ahlA5kmWh4z2NlGaZU0R7PH/oVSpks9R97u7JQ6M8

axWMXOlCMZXt42P7Xi+vFHfgMJBBqA6OzoUJJALeTckhWYSKeXHb9rBMSjrn1tSmIZ80

bmXsuRAVaB0Q42V/3ZzaGjJNuVbv5PRiupmldSmXLwfC6FWZGAqUN51OKy520igmtGip

ImGg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=okG4tUL+e9o1d14/ic0IdZR7QJb8OCknBRHnUppO5rY=;

fh=yfKFvR2C+u68ygu1DA94eYUvg5TKR1LwzY9KWupTSzI=;

b=dnbpkf4cND2w91ezyz1eGqpzhajorRZcB9fyaKMmFAxf94Ct3UrSp+ZAiVeVuIER2R

4JHoxU4PMtFEZz0XB4ZVsaeRY8KbRSIKMpBqb+q97xOCNgv5LrAbNZX6dnvS0DVAGOgi

cxH+RnmoiZQdsgta7iFKlxqrrbZaLWuEIipEPGBXtQhpUS8yGISAiX6BzI+Cuj4dMURs

wxMUsWMIU475Q6ZJbKAPt9V9pmKgyrkeJUgOS6JAmf9koZ706+/vKlFKiS0KsxVBlx/d

jfuWJTT+a3iexB/aPo58rJcLCFnPEnFNNAP6sx+h3EzBt0pXcbcQKx/c0Ez7SOhzqd/0

H9KA==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1772621388; x=1773226188; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=okG4tUL+e9o1d14/ic0IdZR7QJb8OCknBRHnUppO5rY=;

b=he6B5PFTMYp7p0q6q3nEwQSuiE0vNv8NkTSpx07DG/3F/xzeneqapMitGylojo45SZ

H8RmXFFHEQhjYTHEeHvGHOLttc1eyrad9cFKRMCEdUn1K/mpo/EUOzUAOocXEgC8VR5z

PFWRE8bi90RPLPu4+kBF8pveC7g7wU7R5zisQCiNR4q9o/i02CTTEv9WIzt6haxzyZ1m

PBr5vC+hd2DiN3PwAMx9sXF3MVxR1McQPqZuOZm9UadMxkBmddpfIG31lNb1XaoNTmkK

SY3Kd2fU7AyvSDp1ZWF9v4GCvpyk8UAg3HjkB28KdqAtu0uj+Kth0pIvYjcLEA6vxOVn

kbsg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1772621388; x=1773226188;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=okG4tUL+e9o1d14/ic0IdZR7QJb8OCknBRHnUppO5rY=;

b=hsTsUsC58yotr3RLbC2OhK33+i/2kBiVzURV8kXPqNDbjLj7asnYODP0QyIT/3RySw

RpFQq+B1ZVq0oHsHkwnhtlRDNSs9lah3UUTf9sYFu6O0pHmnfLrAOdEbNog32VQ16Cf5

phhIgy+pfL2MnOBbpGbQNBLeyUSuNRxTcSaiy0PkBVwiMBUp0rpgJgdffHCo2cn1Wj7+

/JVby6APHADlUTpOjwE31U9bkeGIsDlX81puXHlZJ6X5myVNfAERlMAQ3PR0ZJAfWpNI

HpewMWsnvQHzFz0LFq10majJiFbJi1TfzPsQicrR27qoe4sWBx4F77K2/ihtc0LzhDjT

V3rQ==

X-Forwarded-Encrypted: i=1; AJvYcCVr4mFG57ZeVGhEwvC285vKJa3hM/zCBTQfrQeVMz2Ddkdz3bTkpz5K33qTKxbxAzCHNirLsA4=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YwgMbpExxgA+ry7wLj98VeZZ7fa5/ykY2orNddsshiIsT9iI4bn

c+8+bVkoSIeJV5hXhsZ+zKdZOil2AOGfm0lgzOI05z2yvrug+29H5BB0buhXBUdYZ4mdpNS+fqd

xsrgm64YZqdCHKvGnIOhiBAQSmAjaBgg=

X-Gm-Gg: ATEYQzz/HdOXUvjQBWrmwYIiIeFyS3Z21DljW/X7UvxCFeWuuIVBDxo1SNjZzgLkGpn

lYxRic/PgaG298CNZj4QXFZtG3e3qrnZ+Ys8affR8gBAMuBb90+cTMbdSlJYzNHxQqMzXft/3pm

WHNatdtZjL/S/3naJ0l0jCyKWa5ONYKvkqJDrO/xAucVZ24stCsguCmfiYGOu8VyxZ4vfpc0Gqh

plIUhIz7QCHUecUhFeSjeZB5l6NjAnYQT9p5QIUxX+c2UhOe9mHsfpPbAn/2lGHF4HCwZP4Q2b3

yk6XSC9VEDsv

X-Received: by 2002:a2e:bc24:0:b0:38a:2def:5a39 with SMTP id

38308e7fff4ca-38a2def5b80mr9970871fa.14.1772621388316; Wed, 04 Mar 2026

02:49:48 -0800 (PST)

MIME-Version: 1.0

Reply-To: davidnelson7702626@gmail.com

From: yenso mark

Date: Wed, 4 Mar 2026 11:49:41 +0100

X-Gm-Features: AaiRm52E5dbHp6a7Kxm7AlwTafmfzygdQsKrs3PHPU4s9ElSZlu4TJbmqlB6COA

Message-ID:

Subject:

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000002c042e064c30941e"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 11.5

X-Spam_score_int: 115

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello friend, I want to send money to you to enable me to

invest in your country and get back to me if you are interested. Hello friend,

I want to send money to you to enable me to invest in your country and get

back to me if you are interested.



Content analysis details: (11.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

[209.85.208.174 listed in dnsbl.ahbl.org]

[209.85.208.174 listed in dnsbl.ahbl.org]

[209.85.208.174 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.174 listed in list.dnswl.org]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[davidnelson7702626(at)gmail.com]

1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received' headers

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[yenso4422(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[yenso4422(at)gmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.174 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.7 UNDISC_FREEM Undisclosed recipients + freemail reply-to

Subject: {SPAM?}



--0000000000002c042e064c30941e

Content-Type: text/plain; charset="UTF-8"



Hello friend, I want to send money to you to enable me to invest in your

country and get back to me if you are interested.



--0000000000002c042e064c30941e

Content-Type: text/html; charset="UTF-8"





Hello

friend, I want to send money to you to enable me to invest in your country and

get back to me if you are interested.









--0000000000002c042e064c30941e--

German language phish from Google Gmail Part 3

Posted by Dave Yadallee on


argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">GEWINNZAHL: (8-27-37-4=

0-41-43)




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Datum: Mittwoch, 8. Ok=

tober 2025




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Betrag: 3 Millionen US=

-Dollar




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">G=C3=BCltig bis: Ende =

2026




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Wir m=C3=B6chten Sie d=

ar=C3=BCber informieren, dass wir die =C3=9Cberweisung Ihres

Gewinns auf Ihr lokales Bankkonto veranlasst haben. Die Gutschrift und

Aktivierung erfolgt durch unsere Rechtsabteilung (Telex).
p>


argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Bitte kontaktieren Sie=

Ihre Bank:




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">E-Mail:

onlinecitibankuk@gmail.com<=

/a>




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Name: Jane Fraser




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">CEO




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Citibank of London
an>




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Wir garantieren Ihnen =

besten Service.




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Mit freundlichen Gr=C3=

=BC=C3=9Fen,




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Unterschrift: David Kn=

ott, CEO




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">National Lottery Fund<=

/span>
nt-style:italic">




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">=C2=A0
mail-MsoSubtleEmphasis" style=3D"color:gray;font-style:italic">
=3D"EN-US" style=3D"font-size:12pt">



;font-style:italic">=C2=A0=C2=A0
an>




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">=C2=A0




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">=C2=A0




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">=C2=A0




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">=C2=A0=C2=A0
=3D"gmail-MsoSubtleEmphasis" style=3D"color:gray;font-style:italic">
ang=3D"EN-US" style=3D"font-size:12pt">




e:11pt;font-family:Calibri,"sans-serif"">
SubtleEmphasis" style=3D"color:gray;font-style:italic">
size:12pt">=C2=A0




l;font-size:11pt;font-family:Calibri,"sans-serif"">
"gmail-MsoSubtleEmphasis" style=3D"color:gray;font-style:italic">
=3D"EN-US" style=3D"font-size:12pt">=C2=A0











--000000000000403c03064c2f4828--

German language phish from Google Gmail Part 2

Posted by Dave Yadallee on
--000000000000403c03064c2f4828

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Achtung: E-Mail-Inhaber



Herzlichen Gl=C3=BCckwunsch zum Gewinn unserer k=C3=BCrzlich abgeschlossene=

n

nationalen Gratis-Lotterie 2025!



Wir sind =C3=BCberzeugt, dass Sie Google und seine Dienste auch weiterhin m=

it

Ihrem Gewinn nutzen werden. Google ist die weltweit gr=C3=B6=C3=9Fte Suchma=

schine,

und um dies zu gew=C3=A4hrleisten, haben wir ein webbasiertes E-Mail-Gewinn=

spiel

veranstaltet. Ihre E-Mail-Adresse hat drei Millionen US-Dollar (3.000.000

USD) gewonnen.



Hiermit best=C3=A4tigen wir offiziell, dass Sie alle Anforderungen, rechtli=

chen

Verpflichtungen, =C3=9Cberpr=C3=BCfungen und die erforderlichen Meldungen e=

rfolgreich

abgeschlossen haben. Der Test wurde allen Online-Gewinnern unterzogen.



Sie k=C3=B6nnen Ihre Gewinnzahl auf dieser Website einsehen:

https://www.lotteryusa.com/missouri/lotto/year



Weitere Details finden Sie unten.



GEWINNZAHL: (8-27-37-40-41-43)



Datum: Mittwoch, 8. Oktober 2025



Betrag: 3 Millionen US-Dollar



G=C3=BCltig bis: Ende 2026



Wir m=C3=B6chten Sie dar=C3=BCber informieren, dass wir die =C3=9Cberweisun=

g Ihres Gewinns

auf Ihr lokales Bankkonto veranlasst haben. Die Gutschrift und Aktivierung

erfolgt durch unsere Rechtsabteilung (Telex).



Bitte kontaktieren Sie Ihre Bank:



E-Mail: onlinecitibankuk@gmail.com



Name: Jane Fraser



CEO



Citibank of London



Wir garantieren Ihnen besten Service.



Mit freundlichen Gr=C3=BC=C3=9Fen,



Unterschrift: David Knott, CEO



National Lottery Fund



--000000000000403c03064c2f4828

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




cing=3D"0" cellpadding=3D"0" align=3D"left" width=3D"674" style=3D"width:50=

5.4pt;margin-left:4.8pt;margin-right:4.8pt">




















argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">=C2=A0=C2=A0




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">=C2=A0
mail-MsoSubtleEmphasis" style=3D"color:gray;font-style:italic">
=3D"EN-US" style=3D"font-size:12pt">Achtung: E-Mail-Inhaber
p>


argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Herzlichen Gl=C3=BCckw=

unsch zum Gewinn unserer k=C3=BCrzlich abgeschlossenen nationalen

Gratis-Lotterie 2025!




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Wir sind =C3=BCberzeug=

t, dass Sie Google und seine Dienste auch weiterhin mit

Ihrem Gewinn nutzen werden. Google ist die weltweit gr=C3=B6=C3=9Fte Such=

maschine, und

um dies zu gew=C3=A4hrleisten, haben wir ein webbasiertes E-Mail-Gewinnsp=

iel

veranstaltet. Ihre E-Mail-Adresse hat drei Millionen US-Dollar (3.000.000

USD) gewonnen.




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Hiermit best=C3=A4tige=

n wir offiziell, dass Sie alle Anforderungen,

rechtlichen Verpflichtungen, =C3=9Cberpr=C3=BCfungen und die erforderlich=

en Meldungen

erfolgreich abgeschlossen haben. Der Test wurde allen Online-Gewinnern

unterzogen.




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Sie k=C3=B6nnen Ihre G=

ewinnzahl auf dieser Website einsehen:

https://www.lo=

tteryusa.com/missouri/lotto/year




argin:0in 0in 10pt;font-size:11pt;font-family:Calibri,"sans-serif"=

;">
talic">Weitere Details finden=

Sie unten.

German language phish from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 04 Mar 2026 06:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vxloc-0000000039t-1bb4

for dave@doctor.nl2k.ab.ca;

Wed, 04 Mar 2026 05:59:02 -0700

Resent-From: The Doctor

Resent-Date: Wed, 4 Mar 2026 05:59:02 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qv1-f43.google.com ([209.85.219.43]:54501)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vxiMb-00000000FBR-29Gt

for doctor@doctor.nl2k.ab.ca;

Wed, 04 Mar 2026 02:18:01 -0700

Received: by mail-qv1-f43.google.com with SMTP id 6a1803df08f44-899fa9610bbso48728656d6.0

for ; Wed, 04 Mar 2026 01:17:06 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1772615820; cv=none;

d=google.com; s=arc-20240605;

b=dVYOXaXOqlcdKh0fOwDYOwrVYtaLnk0IQIwgoQ6cXyGFM7XQwOC8QTLPoPC354MxCR

eTIhf5jZxMBTtPKF26/xur16ohFKsQqowPG6qlqdCQhRmYYxpvnz+rgfJsgP/yJLdHWA

kl3JNqtJy7wCUWCjo+N7AkdKbRKdZz9ZlsHQaiStDMMCem/kY2IZaGCKrE9YAUjC7cIS

hmDSSaQZIlHGVYWtcdbp5ZiNpqeUfr+vOekN0bNnPD1XoUzY/BMnlU3O6jvuP6Vuu3hP

kAfnT7ljEPCJIIheh6FL5Hj8a0TYTJ4ycwOH3+eb8eIxGWsAC24g0e9MTuoOZtbj9CjT

GXqg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=Rk+y+wOXCjKZw30YTcVlpB0L//4Wh+jBvDx0ZYZGiRY=;

fh=Y5HxevmmOqaf2YrPzrDnrLNPMqoYNVVli/VQgg1NzHg=;

b=YoSc9MHctksXbDOavwp2yMDB9Rc6cywq0CD0gLibINKsVNtaF2YLyNGBsUHEP2qW8W

nyyMdKJLRjS1KMfjrgLworwwGYl16NFW6ycEw0eg5sLBmPsJFQhWYbVQ6tPDLWRH0UYz

eUcxBW9tQ25whaP8AJRsGj4WpIMvyMAOC2RlWrXK7DgtNt8OoSgDQJvN+f3mkrIzFU8r

ErU+rRZco61rY7oovfXx1L8DSuDZE+/nx/EIXZke5XVTqjDuKINeairszSNn3f/bTVIX

3j5UnT49ABnfLbWhrV8q9d/EzRefDWU7BGaTSESTxBnVKJaucIkcaMUoGjkWY9ZUZy4W

Kk3g==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1772615820; x=1773220620; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=Rk+y+wOXCjKZw30YTcVlpB0L//4Wh+jBvDx0ZYZGiRY=;

b=W5NSYNecOSjozLtawucgr1RUJTwJL2uS2KtE1MhKPXlfTk6F0+Tg5XabTVMgH4r6Vp

VDCNreOeSp5eJE4s9cn7EE3uUXMJEjs6yQ4P1p780U8DLvTdFC/ewwWEr+pkYZEvs4ev

TgvxTa3lKFHjq4+oa7A+xzSvu82M0M4SAxVSPSlCCpl6noNhATf97yAeJLhUM1Zxz5qB

RrzUs+mUjOBSd/DJ7p542gvsGjogzABu3J2G6BFJqvZn6+5UqcLOBx57/vi/GF/MeCMB

69b9spCB9CjpTMaB64LskjkzWnxBv968YXT8w6SijkT5IXZD42QeSHhwnhtai6SX3YH/

eGMw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1772615820; x=1773220620;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=Rk+y+wOXCjKZw30YTcVlpB0L//4Wh+jBvDx0ZYZGiRY=;

b=gWgnhilNmhLWMiBGjW2Hv6AeQA6OYJNB7pkyZLZ0WMjr2UASxH+AIyd9Eohpv4tEgr

v5s8IgX/VXRQiznL4cZCvGmoCCyK78nSlNh1B58uQTbltXKOTYPW8VIqovnhBg4Weyt8

rllk9IufJoTJg7u1T2YqDwqUnduNiCkzs7ab/X46c/S/I8vCe1lnkMldISYdlsg9fmKt

8xQS1x0frkPkD0JX2SXOFuhFEy3Gx1a7nttdltewnLAzczAkC553cEOfBz+noSoigpwm

6yJHgRYrhj/kQ1ADHKHFOiWLg01NXhWYeLmoyRFJ7PlBu8hLpepBM2uBMvLZOQVbBkRq

8YRQ==

X-Forwarded-Encrypted: i=1; AJvYcCU7KGN2RRPelYmwxyQhxc9YMdBd4CLqp40Vk2MUnAwFc5nkYcObSYAoA8BqlwvF3zkw0rBnf9s=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YynL8CgPoHUaKno8GwG58cYFah9QOBG+VxwOcjJvkDplikN7Aw2

WNzk4V4XnB2CIDoO3kE/DeqekZSRpQEbrSVE4NieIpqEPylYU0YCqItAC4pRdZF79rKf+IiaL5C

r09++fAFW0csQgdFjj4rWlD+8ltM5cOU=

X-Gm-Gg: ATEYQzzHMSkcj3MPfDNE5RWh1uvTYJNIvFZE38Z5xHSfLljv3AnsBeHiYItifqE5Kf+

q0MpaKzON0S73eW5rip1Knw6huniUTqPGy0SDjMT2s33wE2hGZAzm4uXsQxJ3NKk6g0rH2uuX6T

py1CB16UC+UjeR5q9GTztX4qUok2pBMD0dwP03zr+gf0M9tjdNsS/6hKYZPIPHO37sy+Xy27dK+

mSiQ6u5cwPbutt8u6jcmxa66OTDOoioCU2S2TVv/Yq9m8EyPhLgaWkST/75kt1g73vM3p2V8Csm

AFHeN784m7rU

X-Received: by 2002:a05:6214:252f:b0:894:6c73:7e79 with SMTP id

6a1803df08f44-89a199a89e7mr14378716d6.18.1772615819605; Wed, 04 Mar 2026

01:16:59 -0800 (PST)

MIME-Version: 1.0

Reply-To: onlinecitibankuk@gmail.com

From: Alexandru olivers

Date: Wed, 4 Mar 2026 10:16:49 +0100

X-Gm-Features: AaiRm525oqlpJR-sdTDgRCW0d6mDC2qb8q1Hxj8kGSlN9P39RKG0_C7f2MbPR-E

Message-ID:

Subject: Guten Morgen

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000403c03064c2f4828"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 15.3

X-Spam_score_int: 153

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Achtung: E-Mail-Inhaber Herzlichen Glückwunsch zum Gewinn

unserer kürzlich abgeschlossenen nationalen Gratis-Lotterie 2025! Wir sind

überzeugt, dass Sie Google und seine Dienste auch weiterhin mit Ihrem Gewinn

nutzen werden. Google ist die weltweit größte Suchmaschine, und um dies

zu gewährleisten, haben wir ein webbas [...]



Content analysis details: (15.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.219.43 listed in will-spam-for-food.eu.org]

[209.85.219.43 listed in will-spam-for-food.eu.org]

[209.85.219.43 listed in will-spam-for-food.eu.org]

[209.85.219.43 listed in will-spam-for-food.eu.org]

[209.85.219.43 listed in will-spam-for-food.eu.org]

[209.85.219.43 listed in will-spam-for-food.eu.org]

[209.85.219.43 listed in will-spam-for-food.eu.org]

[209.85.219.43 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.219.43 listed in dnsbl.ahbl.org]

[209.85.219.43 listed in dnsbl.ahbl.org]

[209.85.219.43 listed in dnsbl.ahbl.org]

[209.85.219.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.219.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.219.43 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.219.43 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.219.43 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.219.43 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.219.43 listed in wl.mailspike.net]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[barrsteverobert(at)gmail.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.8 HK_LOTTO No description available.

2.7 UNDISC_FREEM Undisclosed recipients + freemail reply-to

1.5 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

3.0 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} Guten Morgen

Did you get my e-mail spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 04 Mar 2026 05:59:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vxlnz-000000001IQ-03ww

for dave@doctor.nl2k.ab.ca;

Wed, 04 Mar 2026 05:58:23 -0700

Resent-From: The Doctor

Resent-Date: Wed, 4 Mar 2026 05:58:22 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [200.192.64.24] (port=49720 helo=lnpmf-zimbra.pmf.sc.gov.br)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vxjDC-00000000I8U-009d

for sales@nk.ca;

Wed, 04 Mar 2026 03:12:23 -0700

Received: from localhost (localhost.localdomain [127.0.0.1])

by lnpmf-zimbra.pmf.sc.gov.br (Postfix) with ESMTP id DDE65198EEA5;

Wed, 4 Mar 2026 01:58:54 -0300 (-03)

Received: from lnpmf-zimbra.pmf.sc.gov.br ([127.0.0.1])

by localhost (lnpmf-zimbra.pmf.sc.gov.br [127.0.0.1]) (amavisd-new, port 10032)

with ESMTP id kqJ9KoPhxcFU; Wed, 4 Mar 2026 01:58:54 -0300 (-03)

Received: from localhost (localhost.localdomain [127.0.0.1])

by lnpmf-zimbra.pmf.sc.gov.br (Postfix) with ESMTP id 7A1A2198EEAB;

Wed, 4 Mar 2026 01:58:54 -0300 (-03)

DKIM-Filter: OpenDKIM Filter v2.10.3 lnpmf-zimbra.pmf.sc.gov.br 7A1A2198EEAB

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pmf.sc.gov.br;

s=C9FDC13E-AA56-11EA-95E9-DD25EFAE2574; t=1772600334;

bh=++DvU/F28ZbpZ5g0iTjzsqfva6XT0UTd7Q/ihFq9aqY=;

h=Date:From:Message-ID:MIME-Version;

b=XZzIG3S5KD72ZDmXOKEq8ad5baUpwTtAoeJSnafbJ9BbsunO9hp0Aq1D0KY1NH1Cp

+TJKCwydSGYeNDxP620qZtmk0O5oZYM8i6QtsMgPJvhXTgqrc74Jbjwcr/BL6l1Z9u

1fYf0ouFLgdNna7kf789ULbPZFHBkbS83oy66rizHUI+Q0m0FSA07Mz9sGpTgIFxar

FDbXphmveqFBIve9Fy0+LuC39My7/JYlPxiXrEKfuvgGPr9KzmGyIipJaX2RI1PrEh

FnShsDN6qv43wuUq4d762DOOfr8zqaQvzYiYKWaK3zTmJ3yw+qjm2ufURIKZmgSUvg

j1rxcUsA/VE9Q==

X-Virus-Scanned: amavisd-new at pmf.sc.gov.br

Received: from lnpmf-zimbra.pmf.sc.gov.br ([127.0.0.1])

by localhost (lnpmf-zimbra.pmf.sc.gov.br [127.0.0.1]) (amavisd-new, port 10026)

with ESMTP id ZihFQYsS_ehx; Wed, 4 Mar 2026 01:58:54 -0300 (-03)

Received: from lnpmf-zimbra.pmf.sc.gov.br (lnpmf-zimbra.pmf.sc.gov.br [200.192.64.24])

by lnpmf-zimbra.pmf.sc.gov.br (Postfix) with ESMTP id 57D27198EE7C;

Wed, 4 Mar 2026 01:58:49 -0300 (-03)

Date: Wed, 4 Mar 2026 01:58:49 -0300 (BRT)

From: Rowell

Reply-To: rowellhambrick695@gmail.com

Message-ID: <768707153.32512311.1772600329315.JavaMail.zimbra@pmf.sc.gov.br>

Subject:

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable

X-Originating-IP: [140.174.187.15]

X-Mailer: Zimbra 8.8.15_GA_4508 (zclient/8.8.15_GA_4508)

Thread-Index: BYaCnMFDIUE4dXIGZHk277CzB0WzbQ==

Thread-Topic:

X-Spam_score: 12.2

X-Spam_score_int: 122

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Do you get my mail



Content analysis details: (12.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[140.174.187.15 listed in will-spam-for-food.eu.org]

[140.174.187.15 listed in will-spam-for-food.eu.org]

[140.174.187.15 listed in will-spam-for-food.eu.org]

[140.174.187.15 listed in will-spam-for-food.eu.org]

[140.174.187.15 listed in will-spam-for-food.eu.org]

[140.174.187.15 listed in will-spam-for-food.eu.org]

[140.174.187.15 listed in will-spam-for-food.eu.org]

[140.174.187.15 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

[200.192.64.24 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[200.192.64.24 listed in dnsbl.ahbl.org]

[200.192.64.24 listed in dnsbl.ahbl.org]

[200.192.64.24 listed in dnsbl.ahbl.org]

[200.192.64.24 listed in dnsbl.ahbl.org]

[140.174.187.15 listed in dnsbl.ahbl.org]

[140.174.187.15 listed in dnsbl.ahbl.org]

[140.174.187.15 listed in dnsbl.ahbl.org]

[140.174.187.15 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[200.192.64.24 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[200.192.64.24 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[200.192.64.24 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[200.192.64.24 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[200.192.64.24 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[rowellhambrick695(at)gmail.com]

1.2 MISSING_HEADERS Missing To: header

0.0 NO_RDNS2 Sending MTA has no reverse DNS

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.9 REPLYTO_WITHOUT_TO_CC No description available.

Subject: {SPAM?}







Do you get my mail=C2=A0
















































3D"Logo"


Copyright (C) 2014-2026. All right reserved.
Want to change how you receive these emails?
You can unsubscribe from this list.
























































--__=_Part_Boundary_004_029839.006959--



Social Media spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on




Only services for high-value users =E2=9C=A8 Try now!



























































Social Media spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
@media only screen and (max-width: 640px) {

.mceClusterLayout td {

padding: 4px !important;

}

}



div[contenteditable=3D"true"] {

outline: 0;

}



.ProseMirror .empty-node, .ProseMirror:empty {

position: relative;

}



.ProseMirror .empty-node::before, .ProseMirror:empty::before {

position: absolute;

left: 0;

right: 0;

color: rgba(0,0,0,0.2);

cursor: text;

}



.ProseMirror .empty-node:hover::before, .ProseMirror:empty:hover::before {

color: rgba(0,0,0,0.3);

}



.ProseMirror h1.empty-node:only-child::before,

.ProseMirror h2.empty-node:only-child::before,

.ProseMirror h3.empty-node:only-child::before,

.ProseMirror h4.empty-node:only-child::before {

content: 'Heading';

}



.ProseMirror p.empty-node:only-child::before, .ProseMirror:empty::before {

content: 'Start typing...';

}



a .ProseMirror p.empty-node::before, a .ProseMirror:empty::before {

content: '';

}



.mceText, .ProseMirror {

white-space: pre-wrap;

}



body, #bodyTable {

background-color: rgb(234, 236, 226);

}



.mceText, .mceLabel {

font-family: Arial, "Helvetica Neue", Helvetica, sans-serif;

}



.mceText, .mceLabel {

color: rgb(0, 0, 0);

}



.mceText h1 {

margin-bottom: 0px;

}



.mceText p {

margin-bottom: 0px;

}



.mceText label {

margin-bottom: 0px;

}



.mceText input {

margin-bottom: 0px;

}



.mceSpacing-12 .mceInput + .mceErrorMessage {

margin-top: -6px;

}



.mceText h1 {

margin-bottom: 0px;

}



.mceText p {

margin-bottom: 0px;

}



.mceText label {

margin-bottom: 0px;

}



.mceText input {

margin-bottom: 0px;

}



.mceSpacing-24 .mceInput + .mceErrorMessage {

margin-top: -12px;

}



.mceInput {

background-color: transparent;

border: 2px solid rgb(208, 208, 208);

width: 60%;

color: rgb(77, 77, 77);

display: block;

}



.mceInput[type=3D"radio"], .mceInput[type=3D"checkbox"] {

float: left;

margin-right: 12px;

display: inline;

width: auto !important;

}



.mceLabel > .mceInput {

margin-bottom: 0px;

margin-top: 2px;

}



.mceLabel {

display: block;

}



.mceText p {

color: rgb(0, 0, 0);

font-family: Arial, "Helvetica Neue", Helvetica, sans-serif;

font-size: 16px;

font-weight: normal;

line-height: 1.5;

text-align: center;

letter-spacing: 0px;

direction: ltr;

}



.mceText h1 {

color: rgb(0, 0, 0);

font-family: "Playfair Display", Georgia, "Times New Roman", serif;

font-size: 31px;

font-weight: bold;

line-height: 1.5;

text-align: center;

letter-spacing: 0px;

direction: ltr;

}



.mceText a {

color: rgb(0, 108, 115);

font-style: normal;

font-weight: normal;

text-decoration: underline;

direction: ltr;

}



@media only screen and (max-width: 480px) {

.mceText p {

font-size: 16px !important;

line-height: 1.5 !important;

}

}



@media only screen and (max-width: 480px) {

.mceText h1 {

font-size: 31px !important;

line-height: 1.5 !important;

}

}



@media only screen and (max-width: 480px) {

.mceBlockContainer {

padding-left: 16px !important;

padding-right: 16px !important;

}

}



#dataBlockId-10 p, #dataBlockId-10 h1, #dataBlockId-10 h2, #dataBlockId-10 h3, #dataBlockId-10 h4, #dataBlockId-10 ul {

text-align: center;

}



Social Media spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
--__=_Part_Boundary_004_029839.006959

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



















Increase your instagram followers



3D"Logo"

Instagram Growth Solutions

Looking for a gradual, natural-looking increase in Instagram followers?
Try vip-followers: premium-quality growth for an exclusive audience. =E2=9C=A8
High quality, consistent delivery, and tailored pacing for premium profiles.

















Try Now