attacker-controlled.com - robtex.com
attacker-controlled.com
| DNSSEC | β οΈ Not signed | ||||||
| A | 13.248.169.48πΊπΈ Amazon13.248.160.0/20 | ||||||
| PTR | a904c694c05102f30.awsglobalaccelerator.com | ||||||
| A | 76.223.54.146πΊπΈ Amazon76.223.48.0/20 | ||||||
| NS | ns1.afternic.com β | ||||||
| A | 2603:5:2126::45πΊπΈ GODADDY-DNS2603:5:2120::/44 | ||||||
| PTR | ns1.afternic.com | ||||||
| A | 97.74.98.69πΊπΈ GODADDY-DNS97.74.98.0/23 | ||||||
| PTR | ns1.afternic.com | ||||||
| NS | ns2.afternic.com | ||||||
| A | 2603:5:2226::45πΊπΈ GODADDY-DNS2603:5:2220::/44 | ||||||
| PTR | ns2.afternic.com | ||||||
| A | 173.201.66.69πΊπΈ GODADDY-DNS173.201.66.0/23 | ||||||
| PTR | ns2.afternic.com | ||||||
| NS | verification-d3jclucsp89ganyqbydeny.ns101.verify.hn β οΈ Not in zone NS records | ||||||
| A | 13.248.169.48πΊπΈ Amazon13.248.160.0/20 | ||||||
| PTR | a904c694c05102f30.awsglobalaccelerator.com | ||||||
| A | 76.223.54.146πΊπΈ Amazon76.223.48.0/20 | ||||||
| PTR | a904c694c05102f30.awsglobalaccelerator.com | ||||||
| TXT | v=spf1 -all | ||||||
| SOA | ns1.afternic.comdns@jomax.net serial=1 | ||||||
com
| DNSSEC | π Signed (DS record present) | ||||||
| NS | a.gtld-servers.net β | ||||||
| NS | b.gtld-servers.net | ||||||
| NS | c.gtld-servers.net | ||||||
| NS | d.gtld-servers.net | ||||||
| NS | e.gtld-servers.net | ||||||
| NS | f.gtld-servers.net | ||||||
| NS | g.gtld-servers.net | ||||||
| NS | h.gtld-servers.net | ||||||
| NS | i.gtld-servers.net | ||||||
| NS | j.gtld-servers.net | ||||||
| NS | k.gtld-servers.net | ||||||
| NS | l.gtld-servers.net | ||||||
| NS | m.gtld-servers.net | ||||||
| SOA | a.gtld-servers.netnstld@verisign-grs.com serial=1778424886 | ||||||
Same first word
attacker-controlled.com |
DNS History
10 records (5 active, 5 former)
βNSdns1.registrar-servers.com2018-08-17 β 2018-08-17 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βNSdns2.registrar-servers.com2018-08-17 β 2018-08-17 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βNSns1.afternic.com2026-04-20 β 2026-05-10 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βNSns2.afternic.com2026-04-20 β 2026-05-10 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βNSverification-d3jclucsp89ganyqbydeny.ns101.verify.hn2026-04-20 β 2026-05-10 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βMXmx1.privateemail.com2018-08-17 β 2018-08-17 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βMXmx2.privateemail.com2018-08-17 β 2018-08-17 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βA13.248.169.482026-04-20 β 2026-05-10 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βA192.64.119.1762018-08-17 β 2018-08-17 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
βA76.223.54.1462026-04-20 β 2026-05-10 Β· 3 obs
β 2026-04-20 15:54:26
β 2026-05-10 15:09:50
π DNS Trace
π Delegation Chain
| Zone | Nameservers | Glue |
|---|---|---|
| com | a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net... | - |
| attacker-controlled.com | ns1.afternic.com, ns2.afternic.com, verification-d3jclucsp89ganyqbydeny.ns101.verify.hn | 4 records |
β Authoritative Response
Server:97.74.98.69
NS records: ns1.afternic.com, ns2.afternic.com, verification-d3jclucsp89ganyqbydeny.ns101.verify.hn
π DNSSEC Status
β οΈ Insecure (no DNSSEC)
No DS record for attacker-controlled.com (unsigned zone)
β±οΈ Timing
Total: 3291ms | Queries: -
π Records
| Type | Count | Sample Data |
|---|---|---|
| A | 2 | 76.223.54.146, 13.248.169.48 |
| NS | 2 | ns1.afternic.com, ns2.afternic.com |
| MX | 1 | . (pri: 0) |
| TXT | 1 | v=spf1 -all |
| SOA | 1 | ns1.afternic.com dns.jomax.net |
π Glue Records Collected
Total: 4
Out-of-bailiwick: 4 (ns1.afternic.com, ns1.afternic.com, ns2.afternic.com...)
Analysis
IP Addresses
attacker-controlled.com points to two IPs: 13.248.169.48 and 76.223.54.146.
Other host names, for instance 7-betsixty.com, tour-ksc.com, elitepiano.com, mass-marketing.com and bithab.com share IP numbers with attacker-controlled.com.
Name Servers
attacker-controlled.com is delegated to name servers ns1.afternic.com, ns2.afternic.com and verification-d3jclucsp89ganyqbydeny.ns101.verify.hn.
attacker-controlled.com at least partially shares name servers with other domains such as wallcoupon.com, weblife.es, 324605225r.cdn30s.com, vlog.company and mainsta.com.
These name servers are commonly used with verification-frb6pqdkkjlns5j4tthxc3.ns101.verify.hn and verification-ilzyovyxkjcylcmj8rbffy.ns101.verify.hn.
Host names with two IP numbers:
ns1.afternic.com points to 2603:5:2126::45 and 97.74.98.69.
ns2.afternic.com points to 2603:5:2226::45 and 173.201.66.69.
verification-d3jclucsp89ganyqbydeny.ns101.verify.hn points to 13.248.169.48 and 76.223.54.146.