Tuesday, May 27, 2008

Riddle us this, Batman

Hi folks,

Normally, we provide answers here, but today we have a question.

If you whois xpantivirus2008.com, it shows that the registrar is ESTDOMAINS (the actual owner is hidden, as usual).

If you look up the IP address of xpantivirus2008.com, it shows as

If you whois, _that_ shows as GOOGLE!

The question is .... why? All we can think of is that they have a sense of humor.




At 2:54 PM, Anonymous Chris said...

It's very common actually.

They try to:

1)fool automated blacklists

2)Use alternate hostnames for services that work on any hostname pointed at an IP

3)They have polluted caches of vistims with long TTL's and want to throw researchers off the scent.

4)the domain has served it's use and they no longer want the traffic.

You have hit reason #4 I think the IP you needed was from a month or two ago.

related sites:
advancedonlinescanner .com
onlinescannerxp .com
onlinexpscanner .com
securityscannersite .com
xpantivirus-scanner .com
xpantivirus .com
xpantiviruspro .com
xpantivirussecurity .com
xpantivirussite .com
xponlinescanner .com
(limited list)

Plenty of comments on:
http://www.siteadvisor.com/sites/xpantivirus2008.com too.


At 9:47 PM, Anonymous Tyler said...

These are always fun to plug into the Reverse IP Lookup tool from CRUSH that I blogged about a while back.

On page two you'll find google.com but you'll also find quite a few others.

At 1:50 PM, Blogger Indiana Jones said...

Your website is awsome!!!


Post a Comment

<< Home