I recently have had a significant amount of difficulty setting up a Linux system on my computer. After a while I settled with Ubuntu and ParrotOS on VirtualBox, however while working on writing a bash script that takes a list of domains and does a whois query, then extracts the admin/abuse teams email address, the output on my terminal seems as though the VM is somehow sending the whois query to MarkMonitors whois database. I have on multiple occasions seen unusual IPs and hostnames in netstat -a queries that have a "1e100.com" at the end of them, which is a domain registered to MarkMonitor. One of these was on my girlfriends Macbook Air and it was a "1e100.jabber" domain. I am not sure why a brand protection company would be producing such unusual and clearly malicious network traffic. Did I just piss off the wrong people in some big corporation? I don't understand how that is possible. I have accused Akamai Technologies of being in cahoots with private intelligence firms to establish NSA style networks of mass surveillance with their CDN on my blog, yet I am not a popular blogger and don't understand why anyone would go to the trouble of hiring a company like MarkMonitor to hack me. Is that even possible? Their website makes them seem like a legitmate company but this is just very bizarre. I would appreciate any thoughts or opinions on this. I have attached screenshots of the event described above.
Edited by spenca57, 16 February 2018 - 02:29 AM.