Web/SEO/App spam from Google Gmail Part 2

Posted by Dave Yadallee on
------=_NextPart_000_3920F_01DD0755.3EFBB200

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =

charset=3Dus-ascii">
(filtered medium)">

class=3DWordSection1>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>Hi,
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'> 


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>We would like to discuss for your website
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'> 


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>I make clean, creative designs & Do you want to Revamp or =

redesign your current website at very low cost?
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'> 


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>Let me know if you’d like to know more. I can send you some =

work samples.
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'> 


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>If you are interested, Can I send over a few Samples and =

pricing?
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'> 


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>If you are interested can I breakdown our pricing,
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'> 


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>Best regards,
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>


style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN =

style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#18191=

B'>Anthony
style=3D'font-size:11.5pt;font-family:"Calibri","sans-serif";color:#22222=

2'>



------=_NextPart_000_3920F_01DD0755.3EFBB200--



Web/SEO/App spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 28 Jun 2026 12:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdu7E-00000000I0i-2QXI

for dave@doctor.nl2k.ab.ca;

Sun, 28 Jun 2026 12:20:24 -0600

Resent-From: The Doctor

Resent-Date: Sun, 28 Jun 2026 12:20:24 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f196.google.com ([209.85.214.196]:57788)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdtir-0000000077M-3S0o

for sales@nk.ca;

Sun, 28 Jun 2026 11:55:22 -0600

Received: by mail-pl1-f196.google.com with SMTP id d9443c01a7336-2c7ebfb63c6so15626945ad.3

for ; Sun, 28 Jun 2026 10:54:26 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=thetechnicalpeople.com; s=google; t=1782669260; x=1783274060; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=8XBfc/x1Jtfe5JlbhNAnOPYAqve863MNQkKmx//THWQ=;

b=fwI4YN4Apz5aO6H4zot0AS8IHOP5jO86jLq97azO21d2/+ppiTBUPk4YAFBDuukp9Z

Rl6q0EG+/oLUbst5oHGebNph2gYzvm9gTPvBRoX60u4sjGavgaYivW78gcI4PYobe0rc

ACFTYuiEW1WyUy5xbPXU0u9qdX9Cd8r3JTueM=

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782669260; x=1783274060;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=8XBfc/x1Jtfe5JlbhNAnOPYAqve863MNQkKmx//THWQ=;

b=qFMrHb+Z18KRH8wnVFewy3jOuvLns9HrqO1d000nH23fCkETeJvdSr9/68AJES2Q3C

014jbr864/GGPeP9iswGcsp8QSLtkfxFe5uEG6HbdFt4SNwVjwrL0mFgbJ0z4X6J/YOa

biZ9vq/vlCU06bnHMle9p1fz0ofxBKGrnLOcBpaNmK7rTWM+byihEb9LU6w5Ct4561ei

beF1t/kGpKONKxUVU5QrrKrnhlE+jF5qxFlf9gOC6b0YVk2c1Leu+J8/i2lOe3tyR8rV

b2mI/yItUbzdr431K+SZFtEnk7/vISMcMpG4KVttkTFKeI4bRKfJHoVKCkSFF+5AqVds

dKjw==

X-Gm-Message-State: AOJu0Yxa2ctoW4LjxlhnA7mub2Az/ak2HbjAAyu7ttriRL4K4BpZ1A8p

OnCiVZl/TXbP1piw8xBd9OAH3Wd8KZucjDIVB2FIKLiWGO2EzSQfQMt22ykNgqyA7alLqKJoSMz

JQQA36UM=

X-Gm-Gg: AfdE7clzvz+Ct7YyYl11/o/S1n2JcrnBZhPg/UOvLARC5rXHQPnoCf+qfMU6+Gkk9gR

fKoOjYm4YNBlp5RyCp8nUjb5XcjpXgfJGvifxjQyoTni9juUfcBkvA+PfC0cbBADak9JwlH+fjj

0QOypfdGazNeI3SCUhM2890YP4QIIPFPr0zthpsyXaQU8EjjrNYcNDvJ5xI56aXGUh/zLQdu3K5

+HS4Zz7EPpbSRGXp7hsSe85ceMbAb0fgh7mokfsnZ/zA98EUOOB4LNRhq3vCTKRFDA5qEp8GIme

0j07P2D6v1T7HEZKXgLaUhP917MSD9tWBXE3PCl+q/mUH/zA8ao1nbyakbkyzcXDsyjZNQjH6ld

f2ZTmXx9K1dffSTDx4dh+CEQHz+DsFSFphvZ7ZUz00SUF7JqfbUTWbX/bF6C0ehfuz9qZl1wBy6

VDUgO+fhGalEmxkkoWoIz69hA8Fh7uvikmRtZjb9gFhf/5

X-Received: by 2002:a17:903:110d:b0:2c9:97a8:aff1 with SMTP id d9443c01a7336-2c997a8b1admr57618145ad.42.1782669260488;

Sun, 28 Jun 2026 10:54:20 -0700 (PDT)

Received: from DESKTOPNPADQ8A ([103.192.66.122])

by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c9dbd09695sm16726365ad.81.2026.06.28.10.54.18

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Sun, 28 Jun 2026 10:54:19 -0700 (PDT)

From: Anthony

X-Google-Original-From: "Anthony"

To:

Subject: website Redesign

Date: Sun, 28 Jun 2026 23:11:56 +0530

Message-ID: <3920e01dd0727$25437600$6fca6200$@com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_3920F_01DD0755.3EFBB200"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: Ad0G9VABoLUmV2ODRuWaCGa99JSt+A==

Content-Language: en-us



This is a multi-part message in MIME format.



------=_NextPart_000_3920F_01DD0755.3EFBB200

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hi,







We would like to discuss for your website







I make clean, creative designs & Do you want to Revamp or redesign your

current website at very low cost?







Let me know if you'd like to know more. I can send you some work samples.







If you are interested, Can I send over a few Samples and pricing?







If you are interested can I breakdown our pricing,







Best regards,



Anthony

Nigerian Spam from Google Gmail Part 2

Posted by Dave Yadallee on
Content analysis details: (14.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

[209.85.218.43 listed in dnsbl.ahbl.org]

[209.85.218.43 listed in dnsbl.ahbl.org]

[209.85.218.43 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.218.43 listed in list.dnswl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[donaldtitas(at)gmail.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.218.43 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.218.43 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

1.0 FREEMAIL_REPLY From and body contain different freemails

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 TVD_PH_BODY_META No description available.

1.0 MONEY_BARRISTER Lots of money from a UK lawyer

0.0 MONEY_FRAUD_5 Lots of money and many fraud phrases

2.6 UNDISC_MONEY Undisclosed recipients + money/fraud signs

3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} URGENT INFORMATION



--00000000000049f09c065553db1c

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



URGENT INFORMATION



You have been nominated as the beneficiary to the total sum of

=C2=A319,700,000.00 GBP in the intent of the deceased Client who died on t=

he

1/8/2020. I nominated you by the authority given to me.



In your acceptance, the papers will be processed and fund wire to your

account; forward to me your details to enable me file necessary legal

documents at our high court division for the release of the Fund to you.

I'll explain to you in details about the fund as soon as I get your

response,



REPLY TO MY EMAIL:.bqllssolicitors@outlook.com



Awaiting your response.



Regards

Barrister Donald Titas



--00000000000049f09c065553db1c

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



URGENT INFORMATION

You have been nominated as the b=

eneficiary to the total sum of =C2=A319,700,000.00 GBP in the intent of the=

deceased Client =C2=A0who died on the 1/8/2020. I nominated you by the aut=

hority given to me.

In your acceptance, the papers will be processed=

and fund wire to your account; forward to me your details to enable me fil=

e necessary legal documents at our high court division for the release of t=

he Fund to you. I'll explain to you in details about the fund as soon a=

s I get your response,

REPLY TO MY
olicitors@outlook.com">EMAIL:.bqllssolicitors@outlook.com

Awaiti=

ng your response.

Regards
Barrister Donald Titas




--00000000000049f09c065553db1c--

Nigerian Spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 28 Jun 2026 12:21:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdu7A-00000000I0Q-1hvY

for dave@doctor.nl2k.ab.ca;

Sun, 28 Jun 2026 12:20:20 -0600

Resent-From: The Doctor

Resent-Date: Sun, 28 Jun 2026 12:20:20 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f43.google.com ([209.85.218.43]:59464)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdtWm-000000006nc-2dP2

for root@nk.ca;

Sun, 28 Jun 2026 11:42:54 -0600

Received: by mail-ej1-f43.google.com with SMTP id a640c23a62f3a-c0e124d2a21so276500266b.2

for ; Sun, 28 Jun 2026 10:41:57 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1782668510; cv=none;

d=google.com; s=arc-20260327;

b=m5tv3wgKGQl/Yd6J0zDR+4bEnk3aqrZpTiukHeT9rM5w6wHeVX/8jgbrp6O65ICQxW

7Cq/iqUYt2kusRiJgu0VHtuSqSAK5x8HItdUsHwgCv7ZHQ/kGJCh0l24ikmi7v8OSazb

BkgjPrsGrxC3bcK5HPihE/Ss6b1+gaFkXZzAWBXdEvysK0iPI9ykKWq3WatsKj32CDrw

IKQVo0nJM9clEfu/I8xEDSbOwNLgSxO+yGLHebCHSsD/3gkSBIubBJsM7vNWUXWSqlac

T8lPMYLhrVzqha3Sbtrhqn5COIS2HXbZO0nP9Jz5cD3uNUdz2sAKpPuI5vFM4vyyGD/G

CtWA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20260327;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=vp/2vox3pc3fcYmP8etCmm/6bYIP0wbGk1tuFExFILc=;

fh=YfS2ah6OnEhpnkXQKmzqpDVlzgR1MrTE08kZao3QL+c=;

b=LhIFug6yW6TAGTPN8pDzSRv6RSOYEwFggfMz4GaAwkSkpx/RvLbX4Sh0HPvI3YjQuG

Dolmy9hiqHgYpo/3MzAj56qoC1VLohln+2PUIhXz8cnCVC5evsB1ltRdZZ5E9J9ovLoN

BuxxyJ6Q7wcIL0O4zT5uuKxujVAmw6PWE3YPumNBhXrXQ9kMXC3nAEUKA/L5ODChXQ3R

mISxOw1Y0X94yuTidsWazCEnU6BBUgI0eJxTwifaBIL8thiiea7Hpg/meq6Kx4vY1D14

UyV8p8Vq+TnDT3TzIzFKl24SWVtRbsmib0F2VMUzzC1z/ZmWTGh9wAFIB02KeSfeCfhS

cQpQ==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1782668510; x=1783273310; darn=nk.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=vp/2vox3pc3fcYmP8etCmm/6bYIP0wbGk1tuFExFILc=;

b=r9ZP1UpuskuiKt1QW48PPrJZvhkaI++BFZ2NV19pPQ/YfG+LKJ8R5ohp6mBbjSPNvM

3Z9qvZ7sTf+6UPOZVkJs+xL4MOtf+JdeZfdPtyI0HYTJQhrs1jLjCOntT4Ef4bb/MX+T

3EcKTj9ef2ezv4ohGg3pyAUVXMSNnktNVqfeRFiLFh3O46O2U4d/cr5CklQWH6kit2ax

uw1vlOV9Ju47Mg4//HHFs4EKCOjoXQMX4ZrpBBYV6DT9JSFvaG3AAVMdD3tOe/gyjR01

l8B4Kh9mQWE7A4vnkcv876Nw/PQq6foycT3ODGyiUy3NnhOtxXO+UDxNZIncV1HRzGJj

bILQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782668510; x=1783273310;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=vp/2vox3pc3fcYmP8etCmm/6bYIP0wbGk1tuFExFILc=;

b=WcTx/sECRbMrAbp5t/tYb0G7xUSSNBzT7Hu25/23X3hQhnSjBxL7d5Ba3D9laNj6Zk

xZ4jasSpubCiU25SYtTeH4qRzMAuAasl+A2veoHfdhJo4HVapIWGXGkrhemVxUqpKz//

u9RpI//qq7xNqapx3vhWfuxjsedS/C6gltZbpGxzPH6q855OYAMnII7FGrB/GJjfN8aC

mhFEVLUkQdi3hTQrhdS8ay3e/9CKv6ybidYRBaJbRjUoSPi609NwzwHX6aVlP87i9SHi

2JQHpqrwEqpXYO/4qeuhTrIaKNj15fKtP08a7SI7u2WonPJKRQ/zuX5sMnCo+74T6IT6

8hew==

X-Forwarded-Encrypted: i=1; AHgh+Row1DlaKcRc8Vruo+VxTc0Vn2Jx1IQoNiF18cn8DQK3XBDOsCoIyMTQzZcRZXNdpHR+Ajqu@nk.ca

X-Gm-Message-State: AOJu0YxNDckbZvN3Qt2c7JL2S0RzQ7LMJYiGF96gwxjN+4RzIuD/W3/c

oH4z0wsRjMZ2krOAM6H4jK8cJdbey5OyRUV7ufPBuczVGzW4VKLrU76KEw/MHa10ExXmp0v4lL3

vkcOOGbwhCd72prS36/Yum/ZHYqrv6kw=

X-Gm-Gg: AfdE7cnJUK7zDw8bgm0V6V9dHcfn5rchPHorhyGSaE4T/xVly+sX/KZNjCrCWFtbqt0

7232AOGGE4iSAUYw0SSW4Lah1mAteF/VKiqdmZG5CZ+VnSKU3ufqZHxidYTj2H4nSvyC7IgHh54

Og7jyYGZKAKSDMyYBkvpA3lKptOrv0S9Cp1nWbWuRKUwGw6wh7DaTON8JRreNnTjB+1+n4NQ/zv

B5/zAPlq6cRrKiDaFE3BMIbKfzxSSO2+DA9wQbFkc1Tu85Qk1SYkPQyw2Eb7Epo8r5Co3gS

X-Received: by 2002:a17:907:a08a:b0:bec:2a21:785d with SMTP id

a640c23a62f3a-c1205f09ea5mr754114266b.46.1782668509965; Sun, 28 Jun 2026

10:41:49 -0700 (PDT)

MIME-Version: 1.0

From: Donald Titas

Date: Sun, 28 Jun 2026 10:41:38 -0700

X-Gm-Features: AVVi8CfvH1R9hMePJnj2YrXoCR1xbDN2djA7zlZNKR72Soz3UVCs0AZnyaNB1gU

Message-ID:

Subject: URGENT INFORMATION

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="00000000000049f09c065553db1c"

Bcc: root@nk.ca

X-Spam_score: 14.4

X-Spam_score_int: 144

X-Spam_bar: ++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: URGENT INFORMATION You have been nominated as the beneficiary

to the total sum of £19,700,000.00 GBP in the intent of the deceased Client

who died on the 1/8/2020. I nominated you by the authority given to me.

Web/SEo/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on


> Hi,

>

> Quick follow up - are you getting my emails?

>

> Thanks!

______________________________

From: "Elsa Eve"

Sent: September 1, 2025 5:50 PM

Subject: Re: Ref:-



Hi ,



I really liked your website’s design, but I noticed a few issues affecting its Google ranking.

I can send you screenshots of these errors along with a short ranking report showing exactly how to improve your visibility.



Shall I send it over?

Best regards,

[Elsa Eve]



Web/SEo/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 28 Jun 2026 05:27:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdned-00000000PWU-23Yb

for dave@doctor.nl2k.ab.ca;

Sun, 28 Jun 2026 05:26:27 -0600

Resent-From: The Doctor

Resent-Date: Sun, 28 Jun 2026 05:26:27 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19011030.outbound.protection.outlook.com ([52.103.74.30]:36327 helo=SE2P216CU007.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdnNC-00000000Hct-0scS

for sales@nk.ca;

Sun, 28 Jun 2026 05:08:36 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=yvOwhRkkXGUQ/7Se9NYxc7DwC3ix8+X1lNq1EjkBMash/qiwpl8uORZbvuxPoFFLiXuAxCLnppa47ZgloekwR0rZb2NUH8Ua6Ls+HqydrmofSv5D4WdzJ8msnDePUepEHml9ltN8UmDzGmHu0cW501ut0OXJQ0h4Pl1R1lP1fYxQ7urOFVtFZLKcBoCBTUq4mwRgReXt8Vk571mMklopBRuZDr2rUpHgmu7j9KQndXBCQlT6v0BoYVhfCm95UHd7OuqxwS8qXAp3I8tbk/I+JeVRTGNqhI2grd7ybFfeJtc+8dwTOjONqlQSTGAC1pJZ+o6VBzK3iYaJlcuBKzi/yQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=nVk465qU27CTb021OLZVq4x61WIzNN0kCoq4I8VKRNo=;

b=my1ERl41LVfpEF56vieGHUdYMfS0X+E2yLPQzC2ddRCAJSQ1g+PtqFK8LBRZRJbvQRcHZeXtxCtY4+AQOjKwSWEjWi50rAkOf34vg4PKA2Gk/l9D/y1RbtYHdO7IxA8X4xQWlFAOBALni5Rh8+5ua/gJYUKpcb1jiByk6IcxVdDiHIlEnfRVFyi2E6BN0ioxDL5p0G3TEy7z885fP+aTWBxuY9xnCpNpdVvJI6UK3yP+NVb0E7B78gZ92S7LTOK9pznXWllurnBJGbcC6IFXXmnSXSOr7uWSf0b364kSEvViD5rtyjm0fSb9IAv7/F421ndg8e2RiBJw3ZEr3tmSew==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=nVk465qU27CTb021OLZVq4x61WIzNN0kCoq4I8VKRNo=;

b=iPCcIxXd7wjrGeQyxPpZsF/jaM4MHErv9/UtozPrH6DSjA5HJcqhCGKRtxXAmmFLrAvHNCC4IG7ankYULRprBlEFefzF6Lpv6HD6Tq5DW4sKU/fYfsJJO18ay7NxvdamqoaJl9hk9oeIo1zY8v66SrG/kzDawsAUPvd9fbk9uCvU7Qx9YwZEjHI76uLx+bL9To/2rKUVRufaRPk0X8jEwoPFT1zepopCx+uqWd8AoUo+gxjjHvAvLH8oXuLhIw3z4xVtQJ0XhhzTbGbuR7+uv94/WSWM6HJi8mo2//MFTtYCxFKIe3eyqW75d5KunkJ+1vyTJ4CUtScISNPPnP1mVw==

Received: from SE2P216MB3217.KORP216.PROD.OUTLOOK.COM (2603:1096:101:2f7::20)

by SE1P216MB2234.KORP216.PROD.OUTLOOK.COM (2603:1096:101:15f::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.159.19; Sun, 28 Jun

2026 11:07:15 +0000

Received: from SE2P216MB3217.KORP216.PROD.OUTLOOK.COM

([fe80::afaf:686:ada2:1fc2]) by SE2P216MB3217.KORP216.PROD.OUTLOOK.COM

([fe80::afaf:686:ada2:1fc2%3]) with mapi id 15.21.0159.013; Sun, 28 Jun 2026

11:07:15 +0000

From: Elsa Eve

To: Elsa Eve

Subject: Re: Ref:-

Thread-Topic: Ref:-

Thread-Index: AQHdBu4ECPN5pHpUo0aMrli+H2SiCw==

Date: Sun, 28 Jun 2026 11:07:15 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SE2P216MB3217:EE_|SE1P216MB2234:EE_

x-ms-office365-filtering-correlation-id: dbdf3c87-d478-42fe-b2bd-08ded505693c

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|2604032081799003|2604032031799003|4140399003|15030799006|25010399006|704163111799003|24021099003|55001999006|16051099003|5062599005|39105399006|15001099006|24121999003|37011999003|22091999003|31061999003|6072599003|8062599012|19110799012|8060799015|3412199025|440099028|102099032|51015399003|40105399003|18071099003|1710799026;

x-microsoft-antispam-message-info:

=?utf-8?B?ZkRiR2lMckswSE15cWdBM1RZSEFwUGJTc2w5S05TSUU1cE5ENGpGalhnRWFQ?=

=?utf-8?B?N2ExY041b2kzL29VR2ZKbXpnbTE4c2dPM1dwYVlKd3lhOW5RRDI0TVZHZEhi?=

=?utf-8?B?Z0VxcWwySjQyQ21UbmduNWp6R0FybFJUSFlsbXpyblFQZTJkQ3hGOU9WK3Az?=

=?utf-8?B?dExONHFIaUEySTJBUnAvcXN4WmpweXV0SCtWakNzTzVRMXN5ckdpcE5GQWdN?=

=?utf-8?B?N0o2MlVJeEJIRkc1RjBsN2VUblI5a2htZDhlb3BETzRGdjZTVVh6bjJtTWMy?=

=?utf-8?B?bjAxMFpFU0JDWEJBa0paWGtudjloNHN2VXppcmZ2S0JISmovdjVRVlExME9F?=

=?utf-8?B?S01tZmN0akVxeXJUMkJwa2diN1lsRWc1QjhRdUdka0VMVk1WeTZHcHlOTXNY?=

=?utf-8?B?L2FzcktLUFpnbDVPQUcwRWdndHQ0SEc5M2t3U3ZDNkM0bmROb1FqbXhBYW9r?=

=?utf-8?B?Y2lXbHVJclowOXAvSXFjVjVCOG1WeitaYzNCc0JyL1Mva3R6OXE3K3V6dDRS?=

=?utf-8?B?Tjk0NDFMblAvTlYzN2o1WjQrbGoyaHBJQzd2K0lGenY4UHgwSXc5STdzTnBn?=

=?utf-8?B?dXUyRlA3MmFCQWZmZHZYYlhxMU03QlZjZHVLdEZ4QzdkemNZYTRXWDUyYSt3?=

=?utf-8?B?U3l0UXJ0L1UrZTRxQjNWdTVBWVVjZk1ibHRSbDlpWlBaNDV1RVpuK2c1Nkxn?=

=?utf-8?B?VmxPMU9iVHdqbXVuWXdicWpOblVnOTQ3d0Y5L1NNb1hrNE5SaEhoenhXOEkw?=

=?utf-8?B?bkZBOFFrdmdWY0l6MFNEYXoxL3ZjRTIrYUcrWjFseklXUVJ2V3dDRE1zSXdi?=

=?utf-8?B?bHZlendQekZWUEhHb2FuOWp5S1hRTnFxVXZ0eDdzWXJiSkpORm9rS0lCNi9M?=

=?utf-8?B?aEVjdTgvdk9sRUN4OGRRZmVlOG5yRm9yM00zZTRzSTdEcnZuL3dieFIzN0s0?=

=?utf-8?B?ck5NazlxM0JDSCtYVllQYlRNakdZWUF2R3R2ckg2SExnQWtISWZ6eWsvUVhv?=

=?utf-8?B?MVNSS1Zha3FZZjFRMCtOWDlHM1FsM2dPWm9YTW1PcmF0KzZyS1BndkdFbXNQ?=

=?utf-8?B?bHlnVW5WeUJVZWlRYndYS25wRkhQSHBWeGoxQUh0QWxMOU55Rzd1MlZOUXZ3?=

=?utf-8?B?MWhLTklGV21NbHJTQkhwMnR0OXZScldaY2Y0c09iODA0WEd1WXllYnVZelFM?=

=?utf-8?B?OWNmWE10Z2tOOUpyN3VST0o3WmFWMVZNNHBmZ2p1OG5SM1dhZ25yNUlGd3JK?=

=?utf-8?B?TEVCMmdqckRrSjVYT1dpZkh0UlpCRmZsRnRoL1AvelFvb3VhK29haXpLN2hm?=

=?utf-8?B?MkxodVJ6YzJBaVZhT1gwMW00b0ZaME1RODZKTnZmM1BIdFVTaTRwQ1Q3cnZB?=

=?utf-8?B?dUI1anlrV0F6K2pzTWM4elJabHcyT09YdGIyV1RTRHJEU0h3cTBBNUtBdHR2?=

=?utf-8?B?VjJsYXlRSXkyczliTkYvbmhkRU9CQURXL3QwQXlEOTJIVFRLNTNhbVlXMzRR?=

=?utf-8?B?NDRDeXVKU0N5eTRONzlPODY2T3JTV2JHejdLYmhkN3hMTXJuaGxpU3JZM1hr?=

=?utf-8?B?NERUS1hEYlZURjk1MjluNTBvNFNEWEd6Q005ZktmcVlSNVp6Ty9wQy9mMzdh?=

=?utf-8?B?bU1LREM1ZDdvdVhEQTR1NnNXZGN4VE9LdHlpYXJPYWl2cERTU0Y0OUlrWlRp?=

=?utf-8?B?c1h2RzRmQ2NuWnd4OEFZa0c2WVhzcGowM082a3Ixem9kcFJBNmpmTjNROEdO?=

=?utf-8?B?cDZFZmROSWtWTC9NWFJvOWs5RUtmSGZKOGZJblM3bDhiOEFxbDI4ZDYxSEZN?=

=?utf-8?B?dVZvYitDa3BSVENzYURaU2gxdzZIY1ZWanYyWUZSYU1XZW9GTXFsZUhLSHQy?=

=?utf-8?B?UDZkVUVjQTFKdmpxU1c1eUppTmFSMFZNb3E0KzlQcWpKN2xKTmJCNElSMU9o?=

=?utf-8?Q?oj3Um1pn+O6e0LK+X+jsEok5fPaHysUu?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?utf-8?B?aE5VSllvUlpTek83Qm4rU3F0MHpIQ3diYzVvUTZ5SUY2T0tQRzZlYyt5cEQy?=

=?utf-8?B?SVFWRzR4QnAyL3BGUitzUzZxd2l5MUNxSkF5bFl6QlhmVW9Yb2NZWGNCYm9T?=

=?utf-8?B?VFZjSXJxZW5Vb3hZclFGSS9Sa3NMVlJ6MHVNNDFMeG5laUl6ejE2Tk9SVGs1?=

=?utf-8?B?dW13TlR0cVc5LzY1VUUxc2c0WlRHUklCNmZrVm0wN0RDV1hEV2ZHWlhrMFUz?=

=?utf-8?B?ZUExZW1BR0dpcHdsbkFpd2FkMnJ0bytlejdteHlXKzFTNUtFT25JZmlzdSto?=

=?utf-8?B?TUVZVVRCaTF6NUZuN0h4alRYUnh0OUdRbVZNckxxeE1YdklCaWtUM0hLSDI2?=

=?utf-8?B?WGh5ZXd0N0tHMzdBU1o5NFVyTDZYZTZ1b0lwWjM5YzZBVWZhNDlhMTllSzBF?=

=?utf-8?B?eWM1SVgzRWxLcThTYnhDb2hrK0lqeENFMGkvRW4zWXRIR3hFby9sTTBSeCs5?=

=?utf-8?B?ZzhvYXBrajhXNG1nOGp1Q1hkWWcrQiswZmFuRUVOODJyelBwNHhNRFVEWlk2?=

=?utf-8?B?Wjc4Q1Q5WnVnZktKdnAxbmVSdktNaVZ5Z2tiNExjdVRvYTZ2a09QKzJjTmk0?=

=?utf-8?B?WDc0Z0tLK2hnb21RVUtEdXg2RkxoWG5nM1JrK21FckRCcFArQmZoRjExRHRG?=

=?utf-8?B?QVNjRHMwYjJkTEErTHRrM3pEMlFhcEFTdWpRR2NXN3hkakVuUnc2akVEZ2xh?=

=?utf-8?B?QWdCMnV0NDhKMkxTa3dVaGw5eUU5V09ZeVBnMzRMbjdWajArcVJZNUdBZnlC?=

=?utf-8?B?Z3E0MWRQNTNKeDU5dFh6TW9XTjJnQ2M2WEJCQnFaeUFQL1J3VWxncWYySHFN?=

=?utf-8?B?S2Z4aWE1cHVPbTR4QUQvOU1yZVNVVzFMYnpTS0QxSUVEc0tUeHFsdzBHVFVY?=

=?utf-8?B?aDh4M3N1UHJvUDA0V1FicHFMUUpiYU9vVllyZkRGSDFtdzdPeGpGRnVVazZu?=

=?utf-8?B?ODB1VVI4bGJMYWpBOG8zOWxmeGZvSk12dUV2a21nT1hXRElKZHJvRFdpUGF3?=

=?utf-8?B?cW5rTXpCSFlINmxGelRDUzVpWDllSkV0b1c4RkxUT0VzdTh0UkFoRlJySDlE?=

=?utf-8?B?NFBiOG5PaENPU1BsOXpEWGpMaUUvdzJvcEVUbVhXaXRqVjJPenVldHYrNXFB?=

=?utf-8?B?aGkrendVKzFObTB3cExOV2g5bkIveGt0aE5maTYwNVU2cjhnOFRhRWJIVXJ1?=

=?utf-8?B?dVVYZk05Rk9jT1phN1lhOTF6K0lVOUw4V3ByWVRoVXFiRkFlTjlaMWFJVXlY?=

=?utf-8?B?MGh3RjVtZFdJVEk2MGxuVTlTbE9QNDcyTkRyU2Q5YjM4Wm5yK3FIR1NJN2Q5?=

=?utf-8?B?andKVm15dll5K0NNRk5ybUNjN2VobTdVYUxucnFvWEdQczZkc2VmdFNZYW11?=

=?utf-8?B?RE5EQ0lVc3p6THNpRUJGUENxZHZjKzltaWs5Zm44SXlkcFVDSVk0S2FubFNX?=

=?utf-8?B?YzUyeHlzRUhkbVBtcFptUUdqdTZCYnIwZC9KeGtCdWZCT2g0bHNHcWhvZnVy?=

=?utf-8?B?ODdPb1JEV3Vmb1ZrY3E3SEVvVktBbWJUaXZmb0hLeVVUcHVVZXBZVldtVlJt?=

=?utf-8?B?M09UbHhrWE9FZmdPZ3cvamRsVjczK1dDK3BvWmc3OUNibi9rYUpVbFRTWW03?=

=?utf-8?B?MVlEd3hNVkdLS1dBLzRhYkxuWCtwVjEwelFFb1R0ZlR2QStjZVVRaWh6OEUy?=

=?utf-8?B?d1NXVXFRTUZWSzYvNEJkM0phUXFBV2JrbEQ5YXVxbDI0aXlQdmVQQmhwRjRk?=

=?utf-8?B?WERocTZVbmVaR0hob0t3RUF0M2VQeEpzeTV3ZkFkSmRJUUIvelVrRGVMRVJl?=

=?utf-8?B?dTZEWWp5QkRBTXFzRTRoTGVPNVBTaCtQSU5OT1NhRkljdEdGTUVnNXkrWkF4?=

=?utf-8?B?Y0JRUHBOakNULzZ6L0Q2NEl2Smw0MW9sVUpQOTIrTGlGVHBuTlBqZDRlMTd6?=

=?utf-8?Q?nNCkWbnfSuYqLQGuD8LzKng0/NHoXVBd?=

Content-Type: multipart/alternative;

boundary="_000_SE2P216MB321773D043D5EEFD1E4F3482D8E92SE2P216MB3217KORP_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-94596.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SE2P216MB3217.KORP216.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: dbdf3c87-d478-42fe-b2bd-08ded505693c

X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jun 2026 11:07:15.0315

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SE1P216MB2234

Nigerian spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 28 Jun 2026 05:27:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdneP-00000000Ouo-42hL

for dave@doctor.nl2k.ab.ca;

Sun, 28 Jun 2026 05:26:13 -0600

Resent-From: The Doctor

Resent-Date: Sun, 28 Jun 2026 05:26:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [162.214.64.108] (port=52638 helo=6020963.erictippetts.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdn4g-00000000Gur-3Z8G

for games@nl2k.ab.ca;

Sun, 28 Jun 2026 04:49:27 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=spreadlove.global; s=default; h=Date:From:To:Subject:Content-Description:

Content-Transfer-Encoding:MIME-Version:Content-Type:Sender:Reply-To:

Message-ID:Cc:Content-ID:Resent-Date:Resent-From:Resent-Sender:Resent-To:

Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:

List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;

bh=IRMoZAAUqSWut3LvKe1jxJ8WJoKGh9EYmW7nk9xI8ws=; b=kgfEvn9CXnotiON0z5NmgK85SF

rUWXUcMSNKEQQDOcRy1fbOlKCTwr5avuwScm3sg38qZHcGLYAAnpNJxdG096KXXJ7daKIOPGkco4B

uQpCtRsxOHevAEG4PUAfrzzx/6tVUfYDc70d2VsxD0+47Rs/MUuREoTULgTXN14gKWQgkZ8xNMSbQ

pJDmYzQRePokVE5RdEtgqtEz9e1/pN4MKeRNygxUuJPWrMATZUODtqO/opN2FJOVmHpML5RtwBAVh

6uEGtntLyQsoHrGeZk6njs8IFtmlLFFtFFffzHoWgkrUM97ZbrF56kE4aW+9PQDD69cyeFZQEuaxv

kyup7qag==;

Received: from [197.184.88.5] (port=28695 helo=[192.168.0.143])

by 6020963.erictippetts.com with esmtpa (Exim 4.99.4)

(envelope-from )

id 1wdn3q-000000006ef-22uV;

Sun, 28 Jun 2026 05:48:26 -0500

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: Immediate Action Required

To: Recipients

From: "Sarah Breeden"

Date: Sun, 28 Jun 2026 11:48:08 +0100

X-Antivirus: Avast (VPS 260628-0, 6/28/2026), Outbound message

X-Antivirus-Status: Clean

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - 6020963.erictippetts.com

X-AntiAbuse: Original Domain - nl2k.ab.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - spreadlove.global

X-Get-Message-Sender-Via: 6020963.erictippetts.com: authenticated_id: contact@spreadlove.global

X-Authenticated-Sender: 6020963.erictippetts.com: contact@spreadlove.global

X-Source:

X-Source-Args:

X-Source-Dir:



We're pleased to inform you that you've been named as a beneficiary of an i=

nheritance. To help us move things along quickly, please contact Sarah Bree=

den at sarahbreeden685@gmail.com with your full names at your earliest conv=

enience so we can begin processing your claim.



--

This email has been checked for viruses by Avast antivirus software.

www.avast.com

Domain monetisation spam from Google Gmail Part 3

Posted by Dave Yadallee on


--000000000000693d9906554e0d21

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hi, can we have a quick chat?

I think we can offer you a very strong=

solution and would be happy to discuss a possible integration :)=20


On Friday, June 2=

6, 2026 at 3:09 AM, Niko <nik=

o@wearerollerads.com> wrote:

yle=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

dir=3D"ltr">
Hey, this is Nik from Roller. Could you please clarify whe=

ther you currently monetize your domains?


ss=3D"gmail_signature_prefix">--

_signature" data-smartmail=3D"gmail_signature">


tr" style=3D"color:rgb(34,34,34);line-height:1.8;margin-top:0pt;margin-bott=

om:0pt">
rgb(0,0,0);background-color:transparent;vertical-align:baseline">Teams :=C2=

=A0
,204)" target=3D"_blank">
sans-serif;color:rgb(61,101,255);background-color:transparent;vertical-alig=

n:baseline">nik@rollerads.com


gb(34,34,34);line-height:1.8;margin-top:0pt;margin-bottom:0pt">
=3D"font-size:10pt;font-family:Raleway,sans-serif;color:rgb(0,0,0);backgrou=

nd-color:transparent;vertical-align:baseline">Telegram :=C2=A0
f=3D"https://wearerollerads-com.rmailroute.net/x/d?c=3D51984853&l=3D324=

92627-e514-479b-9c1a-7f23d37ddec8&r=3D44ed6dd5-5b51-4f06-8f4a-be37dfe50=

98a" style=3D"color:rgb(17,85,204)" target=3D"_blank">
ize:10pt;font-family:Raleway,sans-serif;color:rgb(61,101,255);background-co=

lor:transparent;vertical-align:baseline">@nikrollerads


=3D"ltr" style=3D"color:rgb(34,34,34);line-height:1.2;margin-top:6pt;margin=

-bottom:0pt">
1984853&l=3D79e14ed5-e0d0-48be-82d6-2046629a4f22&r=3D44ed6dd5-5b51-=

4f06-8f4a-be37dfe5098a" style=3D"color:rgb(17,85,204)" target=3D"_blank">
pan style=3D"font-size:2.25pt;font-family:Inter,sans-serif;background-color=

:transparent;vertical-align:baseline">
rder-style:none;border-color:currentcolor;display:inline-block;overflow:hid=

den;width:29px;height:29px">
TU2P6eNkI7ODZiH9uTXVdhaDO5LLgqxAo83zMEGnjTwjV84D46Vl9HH0JdvuhoLCCYQZhHcjICV=

2Vh96079A69V1hlkrggTLo1GW_ZdFdsc3L5s6eRaUnrcXsZCLQNUZffPbl83KzNDbiPoNbiWUwQ=

" width=3D"29" height=3D"29" style=3D"margin-left:0px;margin-top:0px">
n>
olor:rgb(51,51,51);background-color:transparent;vertical-align:baseline">=

=C2=A0
1984853&l=3D083d7851-4875-44e2-a705-fd2b7d4c519f&r=3D44ed6dd5-5b51-=

4f06-8f4a-be37dfe5098a" style=3D"color:rgb(17,85,204)" target=3D"_blank">
pan style=3D"font-size:2.25pt;font-family:Inter,sans-serif;background-color=

:transparent;vertical-align:baseline">
rder-style:none;border-color:currentcolor;display:inline-block;overflow:hid=

den;width:29px;height:29px">
_LdgS_iUjSIzAnbYXRSRfLQlCx-PWtEsL6Rt4rC1fVs-neJV3V-Zy2eejwAS3CZqH4KzKWmWxQv=

oAjpo9gTCg0zjwHOMT8hexaOJMPYRs77Ra5ioHCfc0ZUkbSmba5hZHBZjYyTd1YZt638RWcPj14=

" width=3D"29" height=3D"29" style=3D"margin-left:0px;margin-top:0px">
n>
olor:rgb(51,51,51);background-color:transparent;vertical-align:baseline">=

=C2=A0
1984853&l=3D8190a883-1ef5-4752-9b0a-b000ffc7bb1f&r=3D44ed6dd5-5b51-=

4f06-8f4a-be37dfe5098a" style=3D"color:rgb(17,85,204)" target=3D"_blank">
pan style=3D"font-size:2.25pt;font-family:Inter,sans-serif;background-color=

:transparent;vertical-align:baseline">
rder-style:none;border-color:currentcolor;display:inline-block;overflow:hid=

den;width:29px;height:29px">
SM_gt9kYDdaepq-KeOuz5w1ieXIZLGsvEwsjrrjd35ZqPfjywU6MjMv5A1ibZuVsMKb4_wz8G-6=

3TkawvITv6fQ5h9cBMylj1QZgaG6_nzMo1Y0m6YOsCdJ1geNrB7ol6ES0FmqlbcKfO5EFWArWIA=

" width=3D"29" height=3D"29" style=3D"margin-left:0px;margin-top:0px">
n>
olor:rgb(51,51,51);background-color:transparent;vertical-align:baseline">=

=C2=A0=C2=A0
?c=3D51984853&l=3De5884f1b-199d-4272-a0c7-ad873130ee8d&r=3D44ed6dd5=

-5b51-4f06-8f4a-be37dfe5098a" style=3D"color:rgb(17,85,204)" target=3D"_bla=

nk">
-color:transparent;vertical-align:baseline">
ium;border-style:none;border-color:currentcolor;display:inline-block;overfl=

ow:hidden;width:29px;height:29px">
.com/zeF6Fm2lylM2nQM7NRYoFFRlVhZm_ShgaU7PCpBR67bLIj-mzeGy37hAo8FSSlJii63OjH=

06tfKxMxzKlqC9Fk4QUUarHs92cOMMEAyD_LtIH1p52ZboLPDh2V2tGPvhvE6ZCcF2qqpxw10QL=

8Bq-V4" width=3D"29" height=3D"29" style=3D"margin-left:0px;margin-top:0px"=

>
b(0,0,0);background-color:transparent;vertical-align:baseline">=C2=A0 =C2=

=A0 =C2=A0 =C2=A0=C2=A0
ute.net/x/d?c=3D51984853&l=3D32492627-e514-479b-9c1a-7f23d37ddec8&r=

=3D44ed6dd5-5b51-4f06-8f4a-be37dfe5098a" style=3D"color:rgb(17,85,204)" tar=

get=3D"_blank">
background-color:transparent;vertical-align:baseline">
-width:medium;border-style:none;border-color:currentcolor;display:inline-bl=

ock;overflow:hidden;width:108px;height:23px">
usercontent.com/vkTobz8uGezGseujZQGbTzFlavwAqhqnG7I-_JwLchoxxv9hdHnqYMR7rty=

JNK22HsONx6rP0_xDiXbJbH_p_Q2RS-lB4xbycRlDe7xe-ouu8soMibD6nkRtV_GVji3CvGtoFP=

1y9WInoA_fH53yJLc" width=3D"108" height=3D"23" style=3D"margin-left:0px;mar=

gin-top:0px">




-M-Fc68Xr3uGtKDlJcR0ByHNbRyuNtwC_WLzCTjEOCDAnibCsZKuo8bzPkdwOXHYmTNQ4oMxQeY=

AQ_84t4eDnAprg6t7YpqRf-ocLsxO6G2WYUy4iCWMdsRMTs5mQWJWewcIvXjdTrVsAWmwvMaEsM=

ajgmzq4-vcdraV93hYvuyXEi" alt=3D"">


"https://wearerollerads-com.hmailroute.net/AlH_SJcbbUQ_26C7FjIZGFiv3ijacVX0=

_K7x3iz9w6e0HRhrmrnyUEUHG11_j2iOZDkrKVbtQTACS0RmIqRElKzn0zaH5l57GnF7vMmcodi=

2j7LgIrHqmfwBF6lYoH9oydvoJARxDabtrDX7akKKJFFuU98CxMvcFgEVh9JdpqoajgmyAu8ZHI=

lqlr002Wu5V_BtCNMrbJCZzoKqPPOnAw4656nZex2uDUIgTsKneV" alt=3D"">



--000000000000693d9906554e0d21--





Domain monetisation spam from Google Gmail Part 2

Posted by Dave Yadallee on
Content analysis details: (6.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.222.195 listed in will-spam-for-food.eu.org]

[209.85.222.195 listed in will-spam-for-food.eu.org]

[209.85.222.195 listed in will-spam-for-food.eu.org]

[209.85.222.195 listed in will-spam-for-food.eu.org]

[209.85.222.195 listed in will-spam-for-food.eu.org]

[209.85.222.195 listed in will-spam-for-food.eu.org]

[209.85.222.195 listed in will-spam-for-food.eu.org]

[209.85.222.195 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.195 listed in dnsbl.ahbl.org]

[209.85.222.195 listed in dnsbl.ahbl.org]

[209.85.222.195 listed in dnsbl.ahbl.org]

[209.85.222.195 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.195 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.195 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: rmailroute.net]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: rmailroute.net]

[URI: hmailroute.net]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.195 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.195 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.222.195 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.5 SMILEY BODY: Contains one or more Smileys

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

Subject: {SPAM?} Re: Parker Roller Party



--000000000000693d9906554e0d21

Content-Type: text/plain; charset="UTF-8"



Hi, can we have a quick chat?



I think we can offer you a very strong solution and would be happy to

discuss a possible integration :-)



On Friday, June 26, 2026 at 3:09 AM, Niko wrote:



> Hey, this is Nik from Roller. Could you please clarify whether you

> currently monetize your domains?

>

> --

>

> Teams : nik@rollerads.com

>

> Telegram : @nikrollerads

>

>

>

>

>

>

>

>

>

>

>

>

>

Domain monetisation spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 28 Jun 2026 05:27:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdneK-00000000Oe3-0GO4

for dave@doctor.nl2k.ab.ca;

Sun, 28 Jun 2026 05:26:08 -0600

Resent-From: The Doctor

Resent-Date: Sun, 28 Jun 2026 05:26:07 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f195.google.com ([209.85.222.195]:58542)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdn2g-00000000Gp6-2iPk

for root@nl2k.ab.ca;

Sun, 28 Jun 2026 04:47:23 -0600

Received: by mail-qk1-f195.google.com with SMTP id af79cd13be357-92e3705f3d6so33654685a.0

for ; Sun, 28 Jun 2026 03:46:27 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1782643581; cv=none;

d=google.com; s=arc-20260327;

b=b1ADDsW1yxIbE67ah+ykoTyqH1Ex5YjA8o4EVdRIN2v7uvnXZn0lBmZb9boZ8VVZKj

kX7KLjnfDD66GZSz8lB3051JsZ3rpCPr0tRi2C4tmPNCNU3akj1RymQV68xy/BXjxCmR

3yJ9FD197K3LzuZPntDRXpjW0vQTxxHiEp8rSr2JmxqI1pcOCgKr0CVZ1W4QwDr6YvZk

IAH+1LrvUkkdQnveHxKAQFO2dBM54kMt1Gve8Ojo6Ag8qBbpspAVYqKakb3rLd8uokMr

rA/gQgGgNGvty7rvr2olqr7hsdSODgWhiA7QuGPFStQQZ5Mf6u2vAK0BzbCTlb9RBtw8

4J2A==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20260327;

h=to:subject:message-id:date:references:in-reply-to:from:mime-version

:dkim-signature;

bh=HWMo0WdoWbXcqpeblQf/Kont2UUdgH4g3gN71OQzOU8=;

fh=xlaqb4BBoLdJtBZev3L7vUQ7NrRWtYUi797wkNVG1OA=;

b=fdCSPR6UyuUI22grncgd9WsL7dSVAZBxQz3KO1N3Qf+r8zuNhAM50Bg74T4KADL/SF

GmN4+awHjUcSN3ysXlPJzS4UjhadzJQUPeG5Fybu9TybuljfjrQ43nJ0EWXkmaL5rXuN

LZFRploYm3cR5S7dN+iUJvKZYLaaM0uwcWa//muxi9QaCbFRAex48ttq8scPPpqwZCss

5JUjiV8/mtKDul8Dt8EveizgPuAFrAtyizIMOLAn4dluSAkkwY5ZEVpwn9dV2ulXhb/A

0Qimy84QKw2X4NhUu07Er/1EkZe0gD3dWVt75eZQUc5NjvpbNuSS7AE+KrUxXJtFNc+d

t3tw==;

darn=nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=wearerollerads.com; s=google; t=1782643581; x=1783248381; darn=nl2k.ab.ca;

h=to:subject:message-id:date:references:in-reply-to:from:mime-version

:from:to:cc:subject:date:message-id:reply-to;

bh=HWMo0WdoWbXcqpeblQf/Kont2UUdgH4g3gN71OQzOU8=;

b=KStjMqAso5cFmbXdAMqp4xQCnF2ext4yM+0lNyKr1LFbnOEa6q/3H87CTeEPRAY+eW

QvJ5BSmUqCXHwF5qqd6PII5YH0HqmgLCqQhDx0zUWX5vMkfeJqvz99INw9qpsYBhyiZJ

oZIF4oYLzIr3eCWqOQ1b0DhKoTJE7JVZeFTeE=

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782643581; x=1783248381;

h=to:subject:message-id:date:references:in-reply-to:from:mime-version

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=HWMo0WdoWbXcqpeblQf/Kont2UUdgH4g3gN71OQzOU8=;

b=m6NJ8wHGr93Q03w0wG2JTMbXUo90jgJ7/9wwYGUItMkb1MDEm0LirFGNEs/JGgzoTZ

RoxwYUowNtFTBJwa8UOBHTGmvNjEsgHghi65rlPixahmGlvqLgmQDIGnUMf7IaRRrzOW

wGCeEXeTcNsQFe6hFSfBwSoJv/1qCGQIVk3asOfAkpIYK7sdKmz7moDE1sYYuzld91jZ

MWg7Key9a1iTJ6Ic0BkiBXBqA4wCvRDVr1g0CQJwPQ6pt8W/rOvLvSjN/fZ9r2RPS7LE

g7/YUxQj+jzsw4aUMd5cWwE6JMFHSlzjwNZtR4fxVo5pegOoZWGCETVb8OSFDwmoLdKg

QgTw==

X-Gm-Message-State: AOJu0YwDxAqNa37/Ga/ZOKokxuRVDDg4S/ojIUTaQMyTc3qTvo2Eefdb

3lab2qKXxmAJqd7y34xrRG4uIqER3xchFOZ8uaxfUgq0bkCLQUO9QcIXD2eEZfFZ17Jm0ObEKCD

n47H3B+uYh9JKzSQWn8COht54kVczqwv5W5QAdAvBxvnJ2u5xnwgORQ==

X-Gm-Gg: AfdE7cnykI2tSMbw9ySp5GHpL5TV4IhX98nIC71Pb5T1/bJL0A5wpmSayFPg2Jk8vXU

QsYoLphJnchGiGlDjGFSLW1jvqMGTRNSdL/wleH0chEvyvTFyFB1URM81idqvnYAbuUQQtisbBb

6WOjbN6moyv+vX6UjPdhoWmcL1hIH6m6ra6MUkdVOOcfRJwBm1Qr2Pzgle1vfrhPrO4eJEQs4Ns

iW2JyQA2RM5JbngA8kRL/V+kvWYRr8oWiM1eeZB9VzZtVWYTYJJCNtmlcLyVpBUfjOIkpj+B+4B

AXlEmMWDXZX4r7S39vgUIBTQGQ==

X-Received: by 2002:a05:620a:28c6:b0:92e:755:d95d with SMTP id

af79cd13be357-92e0755f7a4mr489091285a.20.1782643581070; Sun, 28 Jun 2026

03:46:21 -0700 (PDT)

Received: from 776393159873 named unknown by gmailapi.google.com with

HTTPREST; Sun, 28 Jun 2026 03:46:20 -0700

Received: from 776393159873 named unknown by gmailapi.google.com with

HTTPREST; Sun, 28 Jun 2026 03:46:20 -0700

MIME-Version: 1.0

From: Niko

In-Reply-To:

References:

Date: Sun, 28 Jun 2026 03:46:20 -0700

X-Gm-Features: AVVi8CdcWNJ8FKbZIBat8tgdls_RqSP6n-hpGkoAK6BWprXzyS8elMBgEDm9wLA

Message-ID:

Subject: Re: Parker Roller Party

To: root@nl2k.ab.ca

Content-Type: multipart/alternative; boundary="000000000000693d9906554e0d21"

X-Spam_score: 6.3

X-Spam_score_int: 63

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, can we have a quick chat? I think we can offer you a very

strong solution and would be happy to discuss a possible integration :-) On

Friday, June 26, 2026 at 3:09 AM, Niko wrote:

Canada Post phish Part 3

Posted by Dave Yadallee on








Canada Post phish Part 2

Posted by Dave Yadallee on














Саnаdа Роѕt – рауmеnt Required for Shipment Release



Canada Post phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 28 Jun 2026 05:25:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdncj-00000000KAY-33qa

for dave@doctor.nl2k.ab.ca;

Sun, 28 Jun 2026 05:24:29 -0600

Resent-From: The Doctor

Resent-Date: Sun, 28 Jun 2026 05:24:29 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from v2202606373977475748.ultrasrv.de ([159.195.138.89]:48900)

by doctor.nl2k.ab.ca with utf8esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdjsp-00000000662-3iKK

for sales@nk.ca;

Sun, 28 Jun 2026 01:24:59 -0600

Received: by v2202606373977475748.ultrasrv.de (Postfix, from userid 33)

id 0BFE713FC33; Sun, 28 Jun 2026 05:18:04 +0200 (CEST)

To: sales@nk.ca

Subject: Shipment held – action needed

MIME-Version: 1.0

Content-type: text/html; charset=UTF-8

From: CA Post

Message-Id: <20260628031947.0BFE713FC33@v2202606373977475748.ultrasrv.de>

Date: Sun, 28 Jun 2026 05:18:04 +0200 (CEST)

X-Spam_score: 7.0

X-Spam_score_int: 70

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Саnаdа Роѕt – рауmеnt Required for Shipment

Release Саnаdа Роѕt • Shipping Department



Content analysis details: (7.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[159.195.138.89 listed in will-spam-for-food.eu.org]

[159.195.138.89 listed in will-spam-for-food.eu.org]

[159.195.138.89 listed in will-spam-for-food.eu.org]

[159.195.138.89 listed in will-spam-for-food.eu.org]

[159.195.138.89 listed in will-spam-for-food.eu.org]

[159.195.138.89 listed in will-spam-for-food.eu.org]

[159.195.138.89 listed in will-spam-for-food.eu.org]

[159.195.138.89 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[159.195.138.89 listed in dnsbl.ahbl.org]

[159.195.138.89 listed in dnsbl.ahbl.org]

[159.195.138.89 listed in dnsbl.ahbl.org]

[159.195.138.89 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[159.195.138.89 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[159.195.138.89 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[159.195.138.89 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[159.195.138.89 listed in dnsbl.ahbl.org]

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[159.195.138.89 listed in bl.score.senderscore.com]

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.5 UNICODE_OBFU_ASC Obfuscating text with unicode

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.3 MIME_8BIT_HEADER Message header contains 8-bit character

Subject: {SPAM?} Shipment held – action needed

Instagram phish from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 27 Jun 2026 19:56:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdekK-000000006fu-1RvH

for dave@doctor.nl2k.ab.ca;

Sat, 27 Jun 2026 19:55:44 -0600

Resent-From: The Doctor

Resent-Date: Sat, 27 Jun 2026 19:55:44 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oi1-f199.google.com ([209.85.167.199]:49592)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wdcfh-000000001T6-1wzs

for sales@nk.ca;

Sat, 27 Jun 2026 17:42:51 -0600

Received: by mail-oi1-f199.google.com with SMTP id 5614622812f47-49001defc4dso3933630b6e.3

for ; Sat, 27 Jun 2026 16:42:02 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1782603716; x=1783208516; darn=nk.ca;

h=content-transfer-encoding:to:from:subject:date:message-id

:mime-version:from:to:cc:subject:date:message-id:reply-to;

bh=5mmIY9C6iV+wDoMq2CapqskW1EQyWTyFgofYDUBIBCs=;

b=CYGZ29WPNFNxLhCs/2Sw8VyViPVc2I5CoVenJlpetJ7HAZ+YQmOPdJUmzDTSq7zZAO

CHs6Op1pq0HaGkOotTSs4e/A43AtHfgLak5eIq3QPyhI9Io3IzxuiwD3O9zDsjdn4wfY

keypGHiY59y0DWrnamEAT+CyRdFWuleEqG0/7JhuZaxCLtT/DEK+PLhLByodoKCDDr8n

FN47M8xebWMOHk+8cGQYO/7YUtusdJsELW5QbBllSPFWG7yi9W3rQHFf4b6NKX10yQl9

TPWn65DY8XsijkrnK2w5Y5bvIj9xDw2t+2iz/+DYPtZXwuge2VbMZP0HWFUMuoTGFufj

Y5Xg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1782603716; x=1783208516;

h=content-transfer-encoding:to:from:subject:date:message-id

:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=5mmIY9C6iV+wDoMq2CapqskW1EQyWTyFgofYDUBIBCs=;

b=Dk3yZ4aoUETFIRq2S+n/KCJOXOhmJrNlO862VdXM+oLOkIxFk9YpOAcRPN4gNaXJVt

bq5pN8hrkcbdJ//Jnz3Ijwddb9bhtiHmICT+QtbtzqN47gHvllovtHaYCRiAzQaxKUC0

Winm4rAdpqyyBFPSNhqmNqdgoFsQ3+JEFuPilVAc+93o0JW8yEqHACJjBIsFy7djRMZP

SV+IZ1Ut/tNiz1jEcmdzbyETQVlSWryYpPvcggBBbMC3VDTh73YsS1V3psisMOWhTnbp

Hb41ff4m3xCYy2CnaIQWsg17OgClLuX+rMOOFKFQyzbuSGnmj3Lx7FQqDDCbMUafw3Q5

LTnw==

X-Gm-Message-State: AOJu0YwahgznPXPqqM+aEX5Ex9NgS+T8yI/GK9YALxGQINbfCn7gsA1F

rTlEYIHWzds22uJqRjcZQ/VnlFSWVs1KQlvLgu2C4xrYjRJeZNJPRuDggQnbUPugQdZGmGxvqxs

e7cPpQw==

MIME-Version: 1.0

X-Received: by 2002:a05:6808:318d:b0:495:b77f:1a74 with SMTP id

5614622812f47-495b77f9273mr399484b6e.3.1782603716507; Sat, 27 Jun 2026

16:41:56 -0700 (PDT)

Message-ID:

Date: Sat, 27 Jun 2026 23:41:56 +0000

Subject: daveyadallee, Get More 100,000 Instagram Followers and 100,000

Facebook Likes here

From: indrigusniain@gmail.com

To: sales@nk.ca

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64

X-Spam_score: 5.6

X-Spam_score_int: 56

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, daveyadallee, Get More 100,000 Instagram Followers and

100,000 Facebook Likes here Sorry to interrupt your time. We offer social

media services, If you're interested, please visit our Website. If you're

not interested, please skip this step.



Content analysis details: (5.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.167.199 listed in will-spam-for-food.eu.org]

[209.85.167.199 listed in will-spam-for-food.eu.org]

[209.85.167.199 listed in will-spam-for-food.eu.org]

[209.85.167.199 listed in will-spam-for-food.eu.org]

[209.85.167.199 listed in will-spam-for-food.eu.org]

[209.85.167.199 listed in will-spam-for-food.eu.org]

[209.85.167.199 listed in will-spam-for-food.eu.org]

[209.85.167.199 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.167.199 listed in dnsbl.ahbl.org]

[209.85.167.199 listed in dnsbl.ahbl.org]

[209.85.167.199 listed in dnsbl.ahbl.org]

[209.85.167.199 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.167.199 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.167.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.167.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.167.199 listed in dnsbl.ahbl.org]

0.0 URIBL_RED Contains an URL listed in the URIBL redlist

[URI: instatool.site]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: instatool.site]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[indrigusniain(at)gmail.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.167.199 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.167.199 listed in bl.score.senderscore.com]

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

Subject: {SPAM?} daveyadallee, Get More 100,000 Instagram Followers and 100,000

Facebook Likes here





Hi, daveyadallee, Get More 100,000 Instagram Followers and 100,000 Facebook Likes here

Sorry to interrupt your time.



We offer social media services,

If you're interested, please visit our Website.

If you're not interested, please skip this step.



We will help you increase your social media presence to another level.

( Threads, Instagram, Twitter, Youtube, Facebook, etc. )



Are you interested in a free trial ?

Special For You Bonus Extra $2 - $5 FREE BALANCE TODAY SIGNUP NOW..!!!

GET 100K Followers Instagram NOW !!!

Order here :



[ https://instatool.site/store/free/?daveyadallee ]





Take free trial service today only...!!

10 -101K Instagram Followers



- Instant Start

- Safest Methods

- Privacy Protection

- Speed 200K Followers/day

- High Quality Followers

- Drop-Back Guarantee

- Trusted Seller testimony

- Starting get 100K Followers Instagram

- Guaranteed to be the cheapest



Thank you,

Regards,



Copyright © 2014 - 2026 instatool.site





Web/SEo/App Spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on






--_000_OSNPR01MB7457B7B350764617DA7B71D8CCEA2OSNPR01MB7457apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Hello,



edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">

 



edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">

May I send you screenshot of the error on your website?



edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">







edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">

Please let me know.



edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">







edFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12p=

t; color: rgb(0, 0, 0);">

Thanks.



color: rgb(0, 0, 0);">







color: rgb(0, 0, 0);">









x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_divRplyFwdMsg">


color: rgb(0, 0, 0);">

From: jhemmy troper <jhemmytroper@outlook.com>


Sent: Monday, March 16, 2026 2:49 PM



color: rgb(0, 0, 0);">

Subject: Quick Technical Screenshot



"> 





: 1.38; background-color: rgb(255, 255, 255); margin: 1em 0cm;">


t; color: rgb(34, 34, 34); background-color: white;">Hi




: normal; background-color: white; margin: 0px 0px 0cm;">


t; color: rgb(34, 34, 34);"> 




: normal; background-color: white; margin: 0px 0px 0cm;">


t; color: rgb(34, 34, 34);">I noticed

some issues on your website that may affect its ranking.=




: normal; background-color: white; margin: 0px 0px 0cm;">


t; color: rgb(34, 34, 34);"> 




: normal; background-color: white; margin: 0px 0px 0cm;">


t; color: rgb(34, 34, 34);">Would you like a

screenshot to highlight the errors?




: normal; background-color: white; margin: 0px 0px 0cm;">


t; color: rgb(34, 34, 34);">





in; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, H=

elvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Best,



in; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, H=

elvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Jhemmy








--_000_OSNPR01MB7457B7B350764617DA7B71D8CCEA2OSNPR01MB7457apcp_--