https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/

this paper describes how the .mobi whoisserver-domain was purchased and MITM attack to gather data about bad actors. this nameserver which is part of that url is also in your servers.json file. Please update it.