WingNews logo WingNews GitHub [2]
top | item 3871202

Ask HN: MarkMonitor whois server hacked?

1 points| ravichhabra | 14 years ago | reply

Running whois from a console for domains managed by MarkMonitor is showing a lot of spam entries. Checking whois though www.markmonitor.com website itself seems to be fine. Here is what I am getting:

>whois apple.com Server Name: APPLE.COM.ZON.COM IP Address: 17.172.224.47 Registrar: DOMAINREGISTRY.COM, INC. Whois Server: nswhois.domainregistry.com Referral URL: http://www.domainregistry.com

   Server Name: APPLE.COM.WWW.ZON.COM
   IP Address: 17.172.224.47
   Registrar: DOMAINREGISTRY.COM, INC.
   Whois Server: nswhois.domainregistry.com
   Referral URL: http://www.domainregistry.com

   Server Name: APPLE.COM.WWW.BEYONDWHOIS.COM
   IP Address: 203.36.226.2
   Registrar: INSTRA CORPORATION PTY, LTD.
   Whois Server: whois.instra.net
   Referral URL: http://www.instra.com

   Server Name: APPLE.COM.WAS.PWNED.BY.M1CROSOFT.COM
   IP Address: 203.206.208.201
   Registrar: TUCOWS.COM CO.
   Whois Server: whois.tucows.com
   Referral URL: http://domainhelp.opensrs.net

   Server Name: APPLE.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
   IP Address: 203.36.226.2
   Registrar: INSTRA CORPORATION PTY, LTD.
   Whois Server: whois.instra.net
   Referral URL: http://www.instra.com

   Server Name: APPLE.COM.IS.OWN3D.BY.NAKEDJER.COM
   IP Address: 209.236.225.10
   Registrar: TUCOWS.COM CO.
   Whois Server: whois.tucows.com
   Referral URL: http://domainhelp.opensrs.net

   Server Name: APPLE.COM.IS.0WN3D.BY.GULLI.COM
   IP Address: 80.190.192.39
   Registrar: EPAG DOMAINSERVICES GMBH
   Whois Server: whois.enterprice.net
   Referral URL: http://www.enterprice.net

   Server Name: APPLE.COM.BEYONDWHOIS.COM
   IP Address: 203.36.226.2
   Registrar: INSTRA CORPORATION PTY, LTD.
   Whois Server: whois.instra.net
   Referral URL: http://www.instra.com

   Server Name: APPLE.COM.AT.WWW.BEYONDWHOIS.COM
   IP Address: 203.36.226.2
   Registrar: INSTRA CORPORATION PTY, LTD.
   Whois Server: whois.instra.net
   Referral URL: http://www.instra.com

   Domain Name: APPLE.COM
   Registrar: MARKMONITOR INC.
   Whois Server: whois.markmonitor.com
   Referral URL: http://www.markmonitor.com
   Name Server: NSERVER.APPLE.COM
   Name Server: NSERVER.ASIA.APPLE.COM
   Name Server: NSERVER.EURO.APPLE.COM
   Name Server: NSERVER2.APPLE.COM
   Name Server: NSERVER3.APPLE.COM
   Name Server: NSERVER4.APPLE.COM
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 27-apr-2010
   Creation Date: 19-feb-1987
   Expiration Date: 20-feb-2020

1 comment

order
[+] ravichhabra|14 years ago|reply
Can others run whois against various domains runned by MarkMonitor such as apple.com, google.com, microsoft.com and see if the entries are all hacked?