attacker-site.com - robtex.com

attacker-site.com

DNSSECโš ๏ธ Not signed
A172.107.163.55๐Ÿ‡บ๐Ÿ‡ธ UNSPECIFIED160.0.0.0/3
NSns67.domaincontrol.com โญ
A2603:5:2174::2c๐Ÿ‡บ๐Ÿ‡ธ GODADDY-DNS2603:5:2170::/44
PTRns67.domaincontrol.com
A97.74.103.44๐Ÿ‡บ๐Ÿ‡ธ GODADDY-DNS97.74.102.0/23
PTRns67.domaincontrol.com
NSns68.domaincontrol.com
A2603:5:2274::2c๐Ÿ‡บ๐Ÿ‡ธ GODADDY-DNS2603:5:2270::/44
PTRns68.domaincontrol.com
A173.201.71.44๐Ÿ‡บ๐Ÿ‡ธ GODADDY-DNS173.201.70.0/23
PTRns68.domaincontrol.com
MXaspmx.l.google.com โญ
A2607:f8b0:4023:c0b::1a๐Ÿ‡บ๐Ÿ‡ธ Google2607:f8b0::/32
PTRdd-in-f26.1e100.net
A142.250.141.26๐Ÿ‡บ๐Ÿ‡ธ Google142.250.141.0/24
PTRdd-in-f26.1e100.net
MXalt2.aspmx.l.google.com(20)
A2607:f8b0:4023:3003::1b๐Ÿ‡บ๐Ÿ‡ธ Google2607:f8b0::/32
PTRyulnkjt-in-f27.1e100.net
A172.253.145.26๐Ÿ‡บ๐Ÿ‡ธ Google172.253.145.0/24
PTRyulnkjt-in-f26.1e100.net
MXalt1.aspmx.l.google.com(30)
A2800:3f0:4003:c0f::1a๐Ÿ‡จ๐Ÿ‡ฑ Google2800:3f0:4003::/48
A108.177.123.27๐Ÿ‡บ๐Ÿ‡ธ Google108.177.123.0/24
PTRlcscld-in-f27.1e100.net
MXaspmx2.googlemail.com(40)
A2607:f8b0:4023:2801::1a๐Ÿ‡บ๐Ÿ‡ธ Google2607:f8b0::/32
PTRlcausi-in-f26.1e100.net
A192.178.128.26๐Ÿ‡บ๐Ÿ‡ธ Google192.178.128.0/24
PTRlcausi-in-f26.1e100.net
MXaspmx3.googlemail.com(50)
A2a00:1450:400b:c02::1a๐Ÿ‡ฎ๐Ÿ‡ช Google2a00:1450:400b::/48
PTRdj-in-f26.1e100.net
A172.253.116.27๐Ÿ‡บ๐Ÿ‡ธ Google172.253.116.0/24
PTRdj-in-f27.1e100.net
SOAns67.domaincontrol.comdns@jomax.net 2021-12-27 #1

com

DNSSEC๐Ÿ”’ Signed (DS record present)
NSa.gtld-servers.net โญ
NSb.gtld-servers.net
NSc.gtld-servers.net
NSd.gtld-servers.net
NSe.gtld-servers.net
NSf.gtld-servers.net
NSg.gtld-servers.net
NSh.gtld-servers.net
NSi.gtld-servers.net
NSj.gtld-servers.net
NSk.gtld-servers.net
NSl.gtld-servers.net
NSm.gtld-servers.net
SOAa.gtld-servers.netnstld@verisign-grs.com serial=1778802721

Same first word

attacker-site.com

DNS History

9 records (8 active, 1 former)

20162017201820192020202120222023202420252026NSns67.domaincontrol.comns68.domaincontrol.comMXalt1.aspmx.l.google.comalt2.aspmx.l.google.comaspmx.l.google.comaspmx2.googlemail.comaspmx3.googlemail.comA172.107.163.55209.148.88.183
โ—NSns67.domaincontrol.com2015-08-11 โ†’ 2026-05-15 ยท 2 obs
โ— 2015-08-11 11:39:12
โ— 2026-05-15 00:14:42
โ—NSns68.domaincontrol.com2015-08-11 โ†’ 2026-05-15 ยท 2 obs
โ— 2015-08-11 11:39:12
โ— 2026-05-15 00:14:42
โ—MXalt1.aspmx.l.google.com2015-08-11 โ†’ 2026-05-15 ยท 2 obs
โ— 2015-08-11 11:39:12
โ— 2026-05-15 00:14:42
โ—MXalt2.aspmx.l.google.com2015-08-11 โ†’ 2026-05-15 ยท 2 obs
โ— 2015-08-11 11:39:12
โ— 2026-05-15 00:14:42
โ—MXaspmx.l.google.com2015-08-11 โ†’ 2026-05-15 ยท 2 obs
โ— 2015-08-11 11:39:12
โ— 2026-05-15 00:14:42
โ—MXaspmx2.googlemail.com2015-08-11 โ†’ 2026-05-15 ยท 2 obs
โ— 2015-08-11 11:39:12
โ— 2026-05-15 00:14:42
โ—MXaspmx3.googlemail.com2015-08-11 โ†’ 2026-05-15 ยท 2 obs
โ— 2015-08-11 11:39:12
โ— 2026-05-15 00:14:42
โ—A172.107.163.552026-04-14 โ†’ 2026-05-15 ยท 3 obs
โ—‹ 2016-09-20 04:48:46
โ— 2026-04-14 06:13:42
โ— 2026-05-15 00:14:42
โ—‹A209.148.88.1832015-08-11 โ†’ 2016-09-20 ยท 4 obs
โ— 2015-08-11 11:39:12
โ— 2016-09-20 04:48:46
โ—‹ 2026-04-14 06:13:42
โ—‹ 2026-05-15 00:14:42

๐Ÿ” DNS Trace

๐Ÿ“‹ Delegation Chain

ZoneNameserversGlue
comj.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, a.gtld-servers.net...-
attacker-site.comns67.domaincontrol.com, ns68.domaincontrol.com4 records

โœ… Authoritative Response

Server:97.74.103.44

NS records: ns67.domaincontrol.com, ns68.domaincontrol.com

๐Ÿ”’ DNSSEC Status

โš ๏ธ Insecure (no DNSSEC)

No DS record for attacker-site.com (unsigned zone)

โฑ๏ธ Timing

Total: 204ms | Queries: -

๐Ÿ“„ Records

TypeCountSample Data
A1172.107.163.55
NS2ns67.domaincontrol.com, ns68.domaincontrol.com
MX5alt1.aspmx.l.google.com (pri: 30), alt2.aspmx.l.google.com (pri: 20)...
SOA1ns67.domaincontrol.com dns.jomax.net

๐Ÿ“Œ Glue Records Collected

Total: 4

Out-of-bailiwick: 4 (ns67.domaincontrol.com, ns67.domaincontrol.com, ns68.domaincontrol.com...)

Analysis

IP Addresses

attacker-site.com resolves to one IP number: 172.107.163.55.

Name Servers

attacker-site.com's delegation uses two name servers: ns67.domaincontrol.com and ns68.domaincontrol.com.

attacker-site.com uses the same name server setup as other domains, such as peakviewroofing.net, entryon.com, melismatics.com, maikaakde.com and bdigitalhifi.com.

attacker-site.com at least partially shares name servers with other domains, for example club1hotels.com.

Host names with two IPs:

ns67.domaincontrol.com points to 2603:5:2174::2c and 97.74.103.44

ns68.domaincontrol.com points to 2603:5:2274::2c and 173.201.71.44

Mail Servers

attacker-site.com is handled by five mail servers: aspmx2.googlemail.com, aspmx3.googlemail.com, aspmx.l.google.com, alt1.aspmx.l.google.com and alt2.aspmx.l.google.com.

attacker-site.com shares at least some mail servers with other domains, for example fergusonhs.org, ns500742.ns500731.ns500731.ns500671.ns500731.ns500704.ns500742.ns500704.ns500705.ns500704.ns500688.ns500291.ns500671.ns500666.ns500153.tenderladiesbz.com, ns500754.ns500742.ns500731.ns500731.ns500688.ns500291.ns500291.ns500666.ns500649.ns500153.tenderladiesbz.com, labocine.com and mmt.org.

these mail servers are often used with alt3.aspmx.l.google.com, alt4.aspmx.l.google.com, aspmx4.googlemail.com and aspmx5.googlemail.com.

Host names with two IP numbers:

aspmx2.googlemail.com points to: 2607:f8b0:4023:2801::1a and 192.178.128.26.

aspmx3.googlemail.com points to: 2a00:1450:400b:c02::1a and 172.253.116.27.

aspmx.l.google.com points to: 2607:f8b0:4023:c0b::1a and 142.250.141.26.

alt1.aspmx.l.google.com points to: 2800:3f0:4003:c0f::1a and 108.177.123.27.

alt2.aspmx.l.google.com points to: 2607:f8b0:4023:3003::1b and 172.253.145.26.