attackagain.com - robtex.com

attackagain.com

DNSSEC⚠️ Not signed
A2606:4700:3037::6815:4530πŸ‡ΊπŸ‡Έ Cloudflare2606:4700:3037::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
A2606:4700:3037::ac43:cc59πŸ‡ΊπŸ‡Έ Cloudflare2606:4700:3037::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
A104.21.69.48Cloudflare104.21.64.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
A172.67.204.89πŸ‡ΊπŸ‡Έ Cloudflare172.67.192.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
NScash.ns.cloudflare.com ⭐
A2606:4700:58::adf5:3b51πŸ‡ΊπŸ‡Έ Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRcash.ns.cloudflare.com
A2803:f800:50::6ca2:c151πŸ‡¨πŸ‡· Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L
PTRcash.ns.cloudflare.com
A2a06:98c1:50::ac40:2151πŸ‡ΊπŸ‡Έ Cloudflare2a06:98c1:50::/45
PTRcash.ns.cloudflare.com
A108.162.193.81πŸ‡ΊπŸ‡Έ Cloudflare108.162.193.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRcash.ns.cloudflare.com
A172.64.33.81πŸ‡ΊπŸ‡Έ Cloudflare172.64.33.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRcash.ns.cloudflare.com
A173.245.59.81πŸ‡ΊπŸ‡Έ Cloudflare173.245.59.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRcash.ns.cloudflare.com
NSkarina.ns.cloudflare.com
A2606:4700:50::adf5:3ab2πŸ‡ΊπŸ‡Έ Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRkarina.ns.cloudflare.com
A2803:f800:50::6ca2:c0b2πŸ‡¨πŸ‡· Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L
PTRkarina.ns.cloudflare.com
A2a06:98c1:50::ac40:20b2πŸ‡ΊπŸ‡Έ Cloudflare2a06:98c1:50::/45
PTRkarina.ns.cloudflare.com
A108.162.192.178πŸ‡ΊπŸ‡Έ Cloudflare108.162.192.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRkarina.ns.cloudflare.com
A172.64.32.178πŸ‡ΊπŸ‡Έ Cloudflare172.64.32.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRkarina.ns.cloudflare.com
A173.245.58.178πŸ‡ΊπŸ‡Έ Cloudflare173.245.58.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRkarina.ns.cloudflare.com
MXmx2.zoho.com ⭐
A204.141.33.44πŸ‡ΊπŸ‡Έ ZohoAS204.141.32.0/23 PNAP-DAL CASE00103239
PTRmx2.zoho.com
PTRmx3.zoho.com
PTRmx6.zoho.com
PTRmx7.zoho.com
PTRmx8.zoho.com
PTRmx.zoho.com
PTRmx2.zohomail.com
PTRmx3.zohomail.com
PTRmx.zohomail.com
MXmx3.zoho.com(20)
A136.143.191.44πŸ‡ΊπŸ‡Έ ZohoAS136.143.190.0/23 Zoho Corporation
PTRmx2.zoho.com
PTRmx3.zoho.com
PTRmx.zoho.com
PTRmx2.zohomail.com
PTRmx3.zohomail.com
PTRmx.zohomail.com
MXmx.zoho.com(50)
A136.143.191.44πŸ‡ΊπŸ‡Έ ZohoAS136.143.190.0/23 Zoho Corporation
PTRmx2.zoho.com
PTRmx3.zoho.com
PTRmx.zoho.com
PTRmx2.zohomail.com
PTRmx3.zohomail.com
PTRmx.zohomail.com
A204.141.33.44πŸ‡ΊπŸ‡Έ ZohoAS204.141.32.0/23 PNAP-DAL CASE00103239
PTRmx2.zoho.com
PTRmx3.zoho.com
PTRmx6.zoho.com
PTRmx7.zoho.com
PTRmx8.zoho.com
PTRmx.zoho.com
PTRmx2.zohomail.com
PTRmx3.zohomail.com
PTRmx.zohomail.com
TXTv=spf1 include:zoho.com ~all
HTTPSHTTP/3, HTTP/2 βœ“ hints match
IPv4 hints104.21.69.48, 172.67.204.89
IPv6 hints2606:4700:3037::6815:4530, 2606:4700:3037::ac43:cc59
ECHX25519, HKDF-SHA256 + AES-128-GCM draft, id=11, name=cloudflare-ech.com
SOAcash.ns.cloudflare.comdns@cloudflare.com serial=2403756259

com

DNSSECπŸ”’ Signed (DS record present)
NSa.gtld-servers.net ⭐
NSb.gtld-servers.net
NSc.gtld-servers.net
NSd.gtld-servers.net
NSe.gtld-servers.net
NSf.gtld-servers.net
NSg.gtld-servers.net
NSh.gtld-servers.net
NSi.gtld-servers.net
NSj.gtld-servers.net
NSk.gtld-servers.net
NSl.gtld-servers.net
NSm.gtld-servers.net
SOAa.gtld-servers.netnstld@verisign-grs.com serial=1778590481

Same first word

attackagain.com

DNS History

14 records (9 active, 5 former)

20192020202120222023202420252026NScash.ns.cloudflare.comkarina.ns.cloudflare.comdns1.registrar-servers.comdns2.registrar-servers.comMXmx.zoho.commx2.zoho.commx3.zoho.commx1.privateemail.commx2.privateemail.comA104.21.69.48172.67.204.892606:4700:3037::6815:45302606:4700:3037::ac43:cc59192.64.119.3
●NScash.ns.cloudflare.com2026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
β—‹NSdns1.registrar-servers.com2018-08-16 β†’ 2018-08-16 Β· 3 obs
● 2018-08-16 05:52:22
β—‹ 2026-02-15 03:24:10
β—‹ 2026-05-12 13:18:18
β—‹NSdns2.registrar-servers.com2018-08-16 β†’ 2018-08-16 Β· 3 obs
● 2018-08-16 05:52:22
β—‹ 2026-02-15 03:24:10
β—‹ 2026-05-12 13:18:18
●NSkarina.ns.cloudflare.com2026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
●MXmx.zoho.com2026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
β—‹MXmx1.privateemail.com2018-08-16 β†’ 2018-08-16 Β· 3 obs
● 2018-08-16 05:52:22
β—‹ 2026-02-15 03:24:10
β—‹ 2026-05-12 13:18:18
β—‹MXmx2.privateemail.com2018-08-16 β†’ 2018-08-16 Β· 3 obs
● 2018-08-16 05:52:22
β—‹ 2026-02-15 03:24:10
β—‹ 2026-05-12 13:18:18
●MXmx2.zoho.com2026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
●MXmx3.zoho.com2026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
●A104.21.69.482026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
●A172.67.204.892026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
β—‹A192.64.119.32018-08-16 β†’ 2018-08-16 Β· 3 obs
● 2018-08-16 05:52:22
β—‹ 2026-02-15 03:24:10
β—‹ 2026-05-12 13:18:18
●A2606:4700:3037::6815:45302026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18
●A2606:4700:3037::ac43:cc592026-02-15 β†’ 2026-05-12 Β· 3 obs
β—‹ 2018-08-16 05:52:22
● 2026-02-15 03:24:10
● 2026-05-12 13:18:18

πŸ” DNS Trace

πŸ“‹ Delegation Chain

ZoneNameserversGlue
comk.gtld-servers.net, m.gtld-servers.net, b.gtld-servers.net, g.gtld-servers.net...-
attackagain.comcash.ns.cloudflare.com, karina.ns.cloudflare.com12 records

βœ… Authoritative Response

Server:108.162.192.178

NS records: cash.ns.cloudflare.com, karina.ns.cloudflare.com

πŸ”’ DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for attackagain.com (unsigned zone)

⏱️ Timing

Total: 249ms | Queries: -

πŸ“„ Records

TypeCountSample Data
A2172.67.204.89, 104.21.69.48
AAAA22606:4700:3037::ac43:cc59, 2606:4700:3037::6815:4530
NS2cash.ns.cloudflare.com, karina.ns.cloudflare.com
MX3mx.zoho.com (pri: 10), mx2.zoho.com (pri: 20)...
TXT1v=spf1 include:zoho.com ~all
HTTPS1{"priority":1,"target":".","alpn":["h3",
SOA1cash.ns.cloudflare.com dns.cloudflare.co

πŸ“Œ Glue Records Collected

Total: 12

Out-of-bailiwick: 12 (cash.ns.cloudflare.com, cash.ns.cloudflare.com, cash.ns.cloudflare.com...)

Analysis

IP Addresses

Four IP numbers are pointed to by attackagain.com: 2606:4700:3037::6815:4530, 2606:4700:3037::ac43:cc59, 104.21.69.48 and 172.67.204.89.

other host names including klenotyaurum.cz, mcmanu(0x736578)cavating.com, comsil.com.br, www.mp4moviez.pink and joggink.com share IP numbers with attackagain.com.

Name Servers

attackagain.com is delegated to two name servers cash.ns.cloudflare.com and karina.ns.cloudflare.com.

attackagain.com shares the same name server setup as other domains, for instance cutechix.com, random.to, auditionsadda.com, newslord.com and adventurebirding.lk.

attackagain.com at least partially shares name servers with other domains, for instance clouddataservice.co.uk, skwjj.com, culmor.com, y3866.com and satellitecity.nl.

These name servers are commonly used alongside sreeni.ns.cloudflare.com and brit.ns.cloudflare.com.

Host names with six IP numbers:

Host name cash.ns.cloudflare.com points to: 2606:4700:58::adf5:3b51, 2803:f800:50::6ca2:c151, 2a06:98c1:50::ac40:2151, 108.162.193.81, 172.64.33.81 and 173.245.59.81.

Host name karina.ns.cloudflare.com points to: 2606:4700:50::adf5:3ab2, 2803:f800:50::6ca2:c0b2, 2a06:98c1:50::ac40:20b2, 108.162.192.178, 172.64.32.178 and 173.245.58.178.

Mail Servers

attackagain.com is handled by three mail servers: mx2.zoho.com, mx3.zoho.com and mx.zoho.com.

attackagain.com shares some mail servers with other domains, at least partially, for instance mscanvashouse.com, elektrolinks.com, lookingglassyarns.com, bzylist.com and agenciab2.com.

Two IP numbers: mx.zoho.com points to 136.143.191.44 and 204.141.33.44.

One IP number: mx2.zoho.com points to 204.141.33.44.

mx3.zoho.com points to 136.143.191.44.

Hosts pointing to 136.143.191.44: mx.zoho.com and mx3.zoho.com.

Hosts pointing to 204.141.33.44: mx.zoho.com and mx2.zoho.com.