Domain Name: mailpagenotifications.com [Scammer Website] Owner Identified

The best of the Internet. Dedicated to the most funny, interesting, and cool stuff on the Internet today.
User avatar
funnyinterestingcool

Founder
Posts: 483
Joined: Tue Jul 09, 2019 11:54 pm
Contact:

Domain Name: mailpagenotifications.com [Scammer Website] Owner Identified

Post by funnyinterestingcool » Sat Mar 21, 2020 10:55 pm

Be aware of mailpagenotifications.com domain that was registered today (3/21/2020) was created in bad faith. GoDaddy abuse has been made aware and notifications have been sent to FTC, GoDaddy and GOOGLE INC. A take down request has been acknowledged by GoDaddy and the domain purchaser real name will be exposed. Senders email provider [https://www.cleverreach.com/] has also been issued a cease and decist order and to hold any account holder details behind the spam mail.

The domain name holder(s) impersonated FaceBook using email by phishing. Facebook security has been notified about this impersonation attempt and has acknowledged an investigation. Corresponding IP info, header info, and Domain name registrant info (provided by GoDaddy) was forwarded.

More to come.


X-Client: ⁨251509⁩
Feedback-Id: ⁨c251509:m11877286:r25:c251509⁩
X-Mailing: ⁨11877286⁩
List-Unsubscribe: ⁨<https://251509.seu2.cleverreach.com/rmf ... 19&liu=1>⁩
Arc-Seal: ⁨i=1; a=rsa-sha256; t=1584829875; cv=none; d=google.com; s=arc-20160816; b=agabCgEytP/mI+2BsjK++WcSr9S3KH8Gw6kDEOSXWLMkF/GkTVGSDvBIQRNnwDpCkA w/0aghmXIGqqOeSU8Z6IqT7irfeYH72UaHyBb90WtCWuTZrg74JRdfQNn44hUpfUeP5T da+DfloXTIaJpV6nVg1HoyzNpaUr0OALLcQfwTv2EDGw1ee+pJygdgIL8FX1ru55n6Wb OkWZNtR9+KDn+u5FV0oeLKHhaNwD0cDZY3nsQMAa0lU4MjAPsusDxW88K6AXaog+vhkv ANw8UKbS8hsOGF19gPXgLqTJ+fEW60tjU2mb53LUhbDDdH3b/AEFMX6L4Ccr9C/JJpIJ phfw==⁩
List-Unsubscribe-Post: ⁨List-Unsubscribe=One-Click⁩
X-Received: ⁨by 2002:a05:600c:44c:: with SMTP id s12mr9834942wmb.127.1584829875205; Sat, 21 Mar 2020 15:31:15 -0700 (PDT)⁩
Return-Path: ⁨<bounce+251509@bounce-eu2.crsend.com>⁩
Arc-Authentication-Results: ⁨i=1; mx.google.com; dkim=pass header.i=@crsend.com header.s=mail header.b=bumwXU7U; spf=pass (google.com: domain of bounce+251509@bounce-eu2.crsend.com designates 178.77.121.162 as permitted sender) smtp.mailfrom=bounce+251509@bounce-eu2.crsend.com
X-Google-Smtp-Source: ⁨ADFU+vtVhmyoyhBSZZ0rBXL5sVwMy+nOlFNyfX+xERP7S27CaPbsJnLN2P1p5xVdKrF4QFJaUfqA⁩
Mime-Version: ⁨1.0⁩
Authentication-Results: ⁨mx.google.com; dkim=pass header.i=@crsend.com header.s=mail header.b=bumwXU7U; spf=pass (google.com: domain of bounce+251509@bounce-eu2.crsend.com designates 178.77.121.162 as permitted sender) smtp.mailfrom=bounce+251509@bounce-eu2.crsend.com
Arc-Message-Signature: ⁨i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:list-id:list-unsubscribe:list-unsubscribe-post :require-recipient-valid-since:feedback-id:message-id:subject:from :to:date:dkim-signature; bh=JPtq4BfMDydhawSNk5uTgUvg7pba8yidLW7mMpCQbaw=; b=rWt285TShQZQMrbV1Kitt+e4V1SH/2kUDPdZtYc6Jkk75wiGssuFh/L/lfrsenTSFe zvWJRmj7Tl/HeiwFWgs2IB+sf3rw1r4eebT0sylDgEbHHwMqp1TfOC1QzdwXTZuLIxW3 p/Vrb31PelMtVVj+EbOG7pbVtgx0MX1gCH+S6ZydWt29OJXKKCk74DSLsMPsRKlH9Z6a ULLUiNY00aLXwadl0eQ0Qw2GPwf6rvnTgv4MMerSiVO2RhLN1HNHla00IGspE2do/FJK KhwA05ebq+bdfkIrziSNJP3vgXApe0KEqAIRPbhbqe/uoVcVj5WvToM7JTBR/kIbbuID 43LQ==⁩
Dkim-Signature: ⁨v=1; a=rsa-sha256; c=relaxed/relaxed; d=crsend.com; s=mail; t=1584829874; r=y; bh=JPtq4BfMDydhawSNk5uTgUvg7pba8yidLW7mMpCQbaw=; h=Date:To:From:Subject:Message-ID:List-Unsubscribe-Post: List-Unsubscribe:X-CSA-Complaints:Content-Type:From; b=bumwXU7UXNh6ClIO4oYh3uL7w96zYi8usXaEM+OrBMriwmRwHrIZWe3BVVLFB0FM4 QKl5k7e4bSfvF34pbmSic6/LgLK2ffj3T8kfgGHdkK2+CCUhWI+jHaWXNctxA61CO5 I1zgIkhKmweGDeZWWq/7cK+vHE7/CpVLEqoWyu+M=⁩
X-Dkim: ⁨OpenDKIM Filter v2.6.8 002.de-mx.crsend.com 6EF6042033D⁩
⁨<73be12f8c97ba2ead5571723467a2771@cron-eu2.crsend.com>⁩
List-Id: ⁨<11877286.251509.crsend.com>⁩
Content-Type: ⁨multipart/alternative; boundary="b1_73be12f8c97ba2ead5571723467a2771"⁩
Received-Spf: ⁨pass (google.com: domain of bounce+251509@bounce-eu2.crsend.com designates 178.77.121.162 as permitted sender) client-ip=178.77.121.162;⁩
X-Csa-Complaints: ⁨<whitelist-complaints@eco.de>⁩
Received: ⁨by 2002:ab3:5d05:0:0:0:0:0 with SMTP id j5csp2297572ltc; Sat, 21 Mar 2020 15:31:15 -0700 (PDT)⁩
Received: ⁨from 002.de-mx.crsend.com (002.de-mx.crsend.com. [178.77.121.162]) by mx.google.com with ESMTPS id d6si9920155wrc.549.2020.03.21.15.31.14 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 21 Mar 2020 15:31:15 -0700 (PDT)⁩
Received: ⁨from cron-eu2.crsend.com (cron-eu2.crsend.com [178.77.121.135]) by 002.de-mx.crsend.com (Postfix) with ESMTP id 6EF6042033D for ; Sat, 21 Mar 2020 23:31:14 +0100 (CET)⁩
Source: whois.arin.netIP Address: 184.168.221.49Name: GO-DADDY-COM-LLCHandle: NET-184-168-0-0-1Registration Date: 9/21/10Range: 184.168.0.0-184.168.255.255Org: GoDaddy.com, LLCOrg Handle: GODADAddress: 14455 N Hayden Road
Suite 226
City: ScottsdaleState/Province: AZPostal Code: 85260Country: United States
On Social: Facebook, YouTubeInstagram, Twitter For best sellers: here.