`candidleaks.com`

DNSSEC	⚠️ Not signed
A	2606:4700:3032::6815:2c39^{🇺🇸 Cloudflare2606:4700:3032::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	2606:4700:3033::ac43:c3dc^{🇺🇸 Cloudflare2606:4700:3033::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	104.21.44.57^{Cloudflare104.21.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	172.67.195.220^{🇺🇸 Cloudflare172.67.192.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
NS	`kianchau.ns.cloudflare.com` ⭐
		A	2606:4700:58::a29f:2cb3^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kianchau.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c3b3^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`kianchau.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:23b3^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`kianchau.ns.cloudflare.com`
		A	108.162.195.179^{🇺🇸 Cloudflare108.162.195.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kianchau.ns.cloudflare.com`
		A	162.159.44.179^{Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kianchau.ns.cloudflare.com`
		A	172.64.35.179^{🇺🇸 Cloudflare172.64.35.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kianchau.ns.cloudflare.com`
NS	`nelly.ns.cloudflare.com`
		A	2606:4700:50::adf5:3ad1^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`nelly.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c0d1^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`nelly.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:20d1^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`nelly.ns.cloudflare.com`
		A	108.162.192.209^{🇺🇸 Cloudflare108.162.192.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`nelly.ns.cloudflare.com`
		A	172.64.32.209^{🇺🇸 Cloudflare172.64.32.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`nelly.ns.cloudflare.com`
		A	173.245.58.209^{🇺🇸 Cloudflare173.245.58.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`nelly.ns.cloudflare.com`
MX	`mail.candidleaks.com` ⭐
		A	5.255.97.57^{🇳🇱 Liteserver5.255.96.0/19 LITESERVER-Route}
			PTR	`web1.candidleaks.com`
TXT	`v=spf1 a mx ip4:5.255.97.57 -all`
HTTPS	HTTP/3, HTTP/2 ✓ hints match
		IPv4 hints	104.21.44.57, 172.67.195.220
		IPv6 hints	2606:4700:3032::6815:2c39, 2606:4700:3033::ac43:c3dc
		ECH	X25519, HKDF-SHA256 + AES-128-GCM draft, id=127, name=cloudflare-ech.com
SOA	`kianchau.ns.cloudflare.com`dns@cloudflare.com serial=2404038969

`com`

	DNSSEC	🔒 Signed (DS record present)
	NS	`a.gtld-servers.net` ⭐
	NS	`b.gtld-servers.net`
	NS	`c.gtld-servers.net`
	NS	`d.gtld-servers.net`
	NS	`e.gtld-servers.net`
	NS	`f.gtld-servers.net`
	NS	`g.gtld-servers.net`
	NS	`h.gtld-servers.net`
	NS	`i.gtld-servers.net`
	NS	`j.gtld-servers.net`
	NS	`k.gtld-servers.net`
	NS	`l.gtld-servers.net`
	NS	`m.gtld-servers.net`
	SOA	`a.gtld-servers.net`nstld@verisign-grs.com serial=1778590481

Subdomains

mail.candidleaks.com

Same first word

candidleaks.com

DNS History

12 records (7 active, 5 former)

●NSkianchau.ns.cloudflare.com2026-04-25 → 2026-05-12 · 3 obs

○ 2018-05-09 12:35:12
● 2026-04-25 10:47:38
● 2026-05-12 13:03:42

●NSnelly.ns.cloudflare.com2026-04-25 → 2026-05-12 · 3 obs

○ 2018-05-09 12:35:12
● 2026-04-25 10:47:38
● 2026-05-12 13:03:42

○NSroot-dns.netcup.net2018-05-09 → 2018-05-09 · 3 obs

● 2018-05-09 12:35:12
○ 2026-04-25 10:47:38
○ 2026-05-12 13:03:42

○NSsecond-dns.netcup.net2018-05-09 → 2018-05-09 · 3 obs

● 2018-05-09 12:35:12
○ 2026-04-25 10:47:38
○ 2026-05-12 13:03:42

○NSthird-dns.netcup.net2018-05-09 → 2018-05-09 · 3 obs

● 2018-05-09 12:35:12
○ 2026-04-25 10:47:38
○ 2026-05-12 13:03:42

●MXmail.candidleaks.com2018-05-09 → 2026-05-12 · 2 obs

● 2018-05-09 12:35:12
● 2026-05-12 13:03:42

○MXmxf932.netcup.net2018-05-09 → 2018-05-09 · 3 obs

● 2018-05-09 12:35:12
○ 2026-04-25 10:47:38
○ 2026-05-12 13:03:42

●A104.21.44.572026-04-25 → 2026-05-12 · 3 obs

○ 2018-05-09 12:35:12
● 2026-04-25 10:47:38
● 2026-05-12 13:03:42

●A172.67.195.2202026-04-25 → 2026-05-12 · 3 obs

○ 2018-05-09 12:35:12
● 2026-04-25 10:47:38
● 2026-05-12 13:03:42

●A2606:4700:3032::6815:2c392026-04-25 → 2026-05-12 · 3 obs

○ 2018-05-09 12:35:12
● 2026-04-25 10:47:38
● 2026-05-12 13:03:42

●A2606:4700:3033::ac43:c3dc2026-04-25 → 2026-05-12 · 3 obs

○ 2018-05-09 12:35:12
● 2026-04-25 10:47:38
● 2026-05-12 13:03:42

○A46.38.249.462018-05-09 → 2018-05-09 · 3 obs

● 2018-05-09 12:35:12
○ 2026-04-25 10:47:38
○ 2026-05-12 13:03:42

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
com	b.gtld-servers.net, h.gtld-servers.net, j.gtld-servers.net, i.gtld-servers.net...	-
candidleaks.com	nelly.ns.cloudflare.com, kianchau.ns.cloudflare.com	12 records

✅ Authoritative Response

Server:108.162.195.179

NS records: nelly.ns.cloudflare.com, kianchau.ns.cloudflare.com

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for candidleaks.com (unsigned zone)

⏱️ Timing

Total: 468ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`104.21.44.57, 172.67.195.220`
AAAA	2	`2606:4700:3032::6815:2c39, 2606:4700:3033::ac43:c3dc`
NS	2	`kianchau.ns.cloudflare.com, nelly.ns.cloudflare.com`
MX	1	`mail.candidleaks.com (pri: 10)`
TXT	1	`v=spf1 a mx ip4:5.255.97.57 -all`
HTTPS	1	`{"priority":1,"target":".","alpn":["h3",`
SOA	1	`kianchau.ns.cloudflare.com dns.cloudflar`

📌 Glue Records Collected

Total: 12

Out-of-bailiwick: 12 (nelly.ns.cloudflare.com, nelly.ns.cloudflare.com, nelly.ns.cloudflare.com...)

Analysis

Hierarchy

The parent of mail.candidleaks.com is candidleaks.com.

IP Addresses

candidleaks.com points to four IP numbers: 2606:4700:3032::6815:2c39, 2606:4700:3033::ac43:c3dc, 104.21.44.57 and 172.67.195.220.

Other host names, for instance alba.al, ultracasinohub.com, mixputaria-cdn.top, divinewebhosting.com and ehonglu.cn share IP numbers with candidleaks.com.

Name Servers

candidleaks.com is delegated to two name servers: kianchau.ns.cloudflare.com and nelly.ns.cloudflare.com.

candidleaks.com uses the same name server setup as other domains, for instance hostedmx.be, nimio.nl, serveo.org, myinfra.nl and serveo.info.

candidleaks.com shares name servers with other domains at least partially, for instance simpatiaje.xyz, ferragamo-shoes.in.net, chinatoma.com, hoki885emas.lol and lingkarkuning.id.

These name servers are often used with alberto.ns.cloudflare.com, aspen.ns.cloudflare.com, diva.ns.cloudflare.com, karsyn.ns.cloudflare.com and mitchell.ns.cloudflare.com.

Host names with six IP numbers: kianchau.ns.cloudflare.com points to 2606:4700:58::a29f:2cb3, 2803:f800:50::6ca2:c3b3, 2a06:98c1:50::ac40:23b3, 108.162.195.179, 162.159.44.179 and 172.64.35.179; nelly.ns.cloudflare.com points to 2606:4700:50::adf5:3ad1, 2803:f800:50::6ca2:c0d1, 2a06:98c1:50::ac40:20d1, 108.162.192.209, 172.64.32.209 and 173.245.58.209.

Mail Servers

The mail server for candidleaks.com is mail.candidleaks.com.

Host name mail.candidleaks.com resolves to IP 5.255.97.57.

candidleaks.com - robtex.com

candidleaks.com

com

Subdomains

Same first word

DNS History

🔍 DNS Trace

📋 Delegation Chain

✅ Authoritative Response

🔒 DNSSEC Status

⏱️ Timing

📄 Records

📌 Glue Records Collected

Analysis

Hierarchy

IP Addresses

Name Servers

Mail Servers

`candidleaks.com`

`com`