I was browsing around last night and some pages that had google ads on them were giving me a certificate error for pagead2.googlesyndication.com. Thinking something odd was afoot I went to whois.org to look up the whois info for googlesyndication and google.com. Googlesyndication was all right but the name server returned this for google.com: GOOGLE.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM GOOGLE.COM.WORDT.DOOR.VEEL.WHTERS.GEBRUIKT.SERVERTJE.NET GOOGLE.COM.VN GOOGLE.COM.UA GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM GOOGLE.COM.SPROSIUYANDEKSA.RU GOOGLE.COM.SA GOOGLE.COM.PLZ.GIVE.A.PR8.TO.AUDIOTRACKER.NET GOOGLE.COM.MX GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM Code (markup): Which I assume isn't the normal result. Has anyone else seen this? Does anyone who knows more about how certificate trusts are disbursed know if there's a link between this and the googlesyndication oddness I witnessed earlier? The info is still live at http://www.whois.org/whois_new.cgi?d=google&tld=com but I don't know how long it's been there like this, or if it's a recent thing.
Either whois.org is a bogus site or they got hacked is my guess ... I do see the same thing you see ... entertaining!
Yeah this one is entertaining, but slightly worrying at the same time that some companies that handle domain names/info are exploitable. Definately hacked, the URL leads to a Russian hacking site.
didn't I see this same thread about a month ago??? http://forums.digitalpoint.com/showthread.php?t=227114&highlight=whois.org+hacked It is just wildcard searching and those other domains happen to have a subdomain with google.com in the sub part