anonPB123 digging

Oct 15th, 2020 (edited)
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.06 KB | None | 0 0
  1. Link back to reddit:
  3. Hi guys!
  4. I have also received a domain copyright notice email from recently and I am also trying to find out if is legit.
  6. After reading your posts, I thought it's a scam, BUT I have found something which I THINK, suggests that could be legitimately part of the real Facebook:
  8. Here are the ICANN Lookup ( results (trimmed for relevancy) for both domains:
  10. Domain:
  11. Registrar Information
  12. Name: RegistrarSafe, LLC
  13. IANA ID: 3237
  14. Abuse contact email:
  15. Registrar Server URL:
  17. Domain:
  18. Registrar Information
  19. Name: RegistrarSEC LLC
  20. IANA ID: 2475
  21. Abuse contact email:
  22. Registrar Server URL:
  24. So, those domains apparently use two different Registrars:
  26. uses: RegistrarSafe, LLC (
  27. uses: RegistrarSEC LLC (
  29. Now, visiting FB's registrar Domain ( in a Browser:
  30. - The nameserver's and webserver's IP's for the domain are owned by Facebook.
  32. HTTP: ( is redirected to: (which is the Registrar Domain of
  33. HTTPS: ( get's a browser warning, because the TLS Certificate domain name does not match, BUT the TLS Certificate provided by the webserver here, is the main, valid TLS Certificate, for and all it's facebook web services.
  34. - If you advance past the Browser warning, you get the same redirect to:
  36. So, as long as nothing is hacked here (ICANN/DNS/Facebook), we can see that Facebook themselves (or at LEAST, their Registrar from ICANN), are redirecting web requests for the domain to
  38. So in a Browser now we visit the Registrar Domain, which is also where Facebook redirects it's Registrar URL to.
  39. - The nameserver's and webserver's IP's for are owned by Amazon Web Services (AWS).
  41. Which shows this (trimmed for relevance):
  43. 'RegistrarSEC, LLC and RegistrarSafe, LLC are ICANN-accredited registrars formed in Delaware and are wholly-owned subsidiaries of Facebook, Inc. We are not accepting retail domain name registrations.'
  45. So, I THINK, if we trust all this chain: ICANN->DNS->>& The content on
  46. Then is legit.
  48. There is more info on with Mailing address/Staff names etc, but my investigation ability ends here.
  50. I am simply going to reply to as I think it may be legit, given the info above.
  52. I will update in reddit thread (same as top link):
Add Comment
Please, Sign In to add comment