I'm trying to find other subdomains that might be still pointing there.
edit: i'm enumerating all the linkedin.com hosts using a dict. 80% of A records are returning the rogue IP 204.11
edit: 96 records still pointing at the rogue server, here is a dump I just uploaded:
short TTL's on a lot of these domains
I just ran it again this time using Google name servers and still a lot of subdomains are pointing to the 214 server. confirmed it running against their NS, which means it hasn't been changed yet.
The 214.-.-.- is some British Virgin Islands allocation?