Twitter.com's weird WHOIS: what is going on?
I've tried googling this, but I can't get anywhere near an answer, and this is the only place I can imagine getting one.
If I do whois twitter.com, then I get a really odd response. If it's advertising, then it's the oddest place I've ever seen for an advert.
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Server Name: TWITTER.COM.ZEN.THE.BEST.WEBHOSTING.AT.WWW.FATUCH.COM
IP Address: 209.126.190.70
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Server Name: TWITTER.COM.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
IP Address: 209.126.190.71
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Does anyone have a clue what is going on here, and why on earth unimundi.com and fatuch.com are running adverts in twitter's whois?
Solution 1:
This is just a trick employed by some registrants leveraging the fact that whois defaults to include both host and domain entries. The extra matches are from host (nameserver) entries. You can explicitly ask for a domain entry to avoid the host matches:
$ whois domain twitter.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: TWITTER.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS1.P34.DYNECT.NET
Name Server: NS2.P34.DYNECT.NET
Name Server: NS3.P34.DYNECT.NET
Name Server: NS4.P34.DYNECT.NET
Status: clientTransferProhibited
Updated Date: 10-mar-2011
Creation Date: 21-jan-2000
Expiration Date: 21-jan-2018
>>> Last update of whois database: Tue, 03 May 2011 09:47:54 UTC <<<
...etc...
EDIT: BTW, you can also force a partial match using three dots (...) at the end of the query. This confuses the linux whois client because it can't determine the domain automatically, so you have to explicitly tell it which whois server to use:
$ whois -h whois.verisign-grs.com "nameserver twitter.com..."
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
TWITTER.COM.ZEN.THE.BEST.WEBHOSTING.AT.WWW.FATUCH.COM
TWITTER.COM.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
To single out one record, look it up with "xxx", where xxx is one of the
of the records displayed above. If the records are the same, look them up
with "=xxx" to receive a full display for each record.
>>> Last update of whois database: Tue, 03 May 2011 10:20:07 UTC <<<