• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Need Help Figuring Out This Fake eBay Site

Banana

Banana

Diamond Member
I received yet another fake eBay message today. Haven't had one in a long time. This one looked really slick, but the giveaway was how it asked for info such as checking account routing numbers, mother's maiden names, PayPal passwords, etc
rolleye.gif


Anyway, buried in the message source was this web site. I'm an idiot when it comes to figuring these things out, but how do you find out more about the perpetrator? I'm just being nosy. . .

BTW, here is the message header:

Received: from rwcrgxc53.comcast.net ([204.127.198.38])
by rwcrmxc14.comcast.net (rwcrmxc14) with ESMTP
id <20030918214009r1400qi3t8e>; Thu, 18 Sep 2003 21:40:09 +0000
Received: from linux2.cyberworldhost.com ([66.206.21.1])
by comcast.net (rwcrgxc53) with ESMTP
id <20030918214009e5300t7a14e>; Thu, 18 Sep 2003 21:40:09 +0000
Received: from nobody by linux2.cyberworldhost.com with local (Exim 4.20)
id 1A06Q3-0000fu-Ob
for @comcast.net; Thu, 18 Sep 2003 14:34:31 -0700
To: @comcast.net
Subject: eBay User Information Request
From: aw-confirm@ebay.com<aw-confirm@ebay.com>
Content-Type: multipart/related; boundary="----HTML--MAIL----"
Message-Id: <E1A06Q3-0000fu-Ob@linux2.cyberworldhost.com>
Date: Thu, 18 Sep 2003 14:34:31 -0700
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - linux2.cyberworldhost.com
X-AntiAbuse: Original Domain - comcast.net
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
X-AntiAbuse: Sender Address Domain - linux2.cyberworldhost.com
 
nslookup gave me this:

Name: pendent21.com
Address: 66.206.15.34

However, when I ping pendent, I get this:

Pinging pendent21.com [66.221.79.152] with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 66.221.79.152:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

A whois on this site turns this up:

LeMaze Studio Inc
207 Coachway Road SW
Calgary, Alberta T3H 1B2
CA

Domain Name: PENDENT21.COM

Administrative Contact -
Len Canning - candocdx@cqmail.net
LeMaze Studio Inc
240 Douglas Street, Suite 407
Victoria, BC V8V 2P3
CA
Phone - 250-477-8804
Fax - 775-258-3549
Technical Contact -
Len Canning - candocdx@cqmail.net
LeMaze Studio Inc
240 Douglas Street, Suite 407
Victoria, BC V8V 2P3
CA
Phone - 250-477-8804
Fax - 775-258-3549

Record updated date - 2003-06-06 11:36:25
Record created date - 2002-06-12
Record expiring on - 2005-06-12
Database last updated on - 2003-09-18 23:12:17 EST

Domain servers in listed order:

NS.CIHOST.COM 216.221.162.81
NS2.CIHOST.COM 216.221.162.111

 
You must log in or register to reply here.

TRENDING THREADS

Back
Top