`cryptomalware.com`

DNSSEC	⚠️ Not signed
A	13.248.169.48^{🇺🇸 Amazon13.248.160.0/20}
		PTR	`a904c694c05102f30.awsglobalaccelerator.com`
A	76.223.54.146^{🇺🇸 Amazon76.223.48.0/20}
NS	`ns1.afternic.com` ⭐
		A	2603:5:2126::45^{🇺🇸 GODADDY-DNS2603:5:2120::/44}
			PTR	`ns1.afternic.com`
		A	97.74.98.69^{🇺🇸 GODADDY-DNS97.74.98.0/23}
			PTR	`ns1.afternic.com`
NS	`ns2.afternic.com`
		A	2603:5:2226::45^{🇺🇸 GODADDY-DNS2603:5:2220::/44}
			PTR	`ns2.afternic.com`
		A	173.201.66.69^{🇺🇸 GODADDY-DNS173.201.66.0/23}
			PTR	`ns2.afternic.com`
NS	`verification-jncwal45hvxccyan6n2epz.ns101.verify.hn` ⚠️ Not in zone NS records
		A	13.248.169.48^{🇺🇸 Amazon13.248.160.0/20}
			PTR	`a904c694c05102f30.awsglobalaccelerator.com`
		A	76.223.54.146^{🇺🇸 Amazon76.223.48.0/20}
			PTR	`a904c694c05102f30.awsglobalaccelerator.com`
TXT	`v=spf1 -all`
SOA	`ns1.afternic.com`dns@jomax.net serial=1

`com`

	DNSSEC	🔒 Signed (DS record present)
	NS	`a.gtld-servers.net` ⭐
	NS	`b.gtld-servers.net`
	NS	`c.gtld-servers.net`
	NS	`d.gtld-servers.net`
	NS	`e.gtld-servers.net`
	NS	`f.gtld-servers.net`
	NS	`g.gtld-servers.net`
	NS	`h.gtld-servers.net`
	NS	`i.gtld-servers.net`
	NS	`j.gtld-servers.net`
	NS	`k.gtld-servers.net`
	NS	`l.gtld-servers.net`
	NS	`m.gtld-servers.net`
	SOA	`a.gtld-servers.net`nstld@verisign-grs.com serial=1771291435

Same first word

cryptomalware.com

DNS History

12 records (5 active, 7 former)

●NSns1.afternic.com2026-02-15 → 2026-03-13 · 3 obs

○ 2017-12-09 06:11:38
● 2026-02-15 21:15:32
● 2026-03-13 21:09:36

●NSns2.afternic.com2026-02-15 → 2026-03-13 · 3 obs

○ 2017-12-09 06:11:38
● 2026-02-15 21:15:32
● 2026-03-13 21:09:36

○NSns39.domaincontrol.com2016-12-18 → 2017-12-09 · 4 obs

● 2016-12-18 18:49:38
● 2017-12-09 06:11:38
○ 2026-02-15 21:15:32
○ 2026-03-13 21:09:36

○NSns40.domaincontrol.com2016-12-18 → 2017-12-09 · 4 obs

● 2016-12-18 18:49:38
● 2017-12-09 06:11:38
○ 2026-02-15 21:15:32
○ 2026-03-13 21:09:36

●NSverification-jncwal45hvxccyan6n2epz.ns101.verify.hn2026-02-15 → 2026-03-13 · 3 obs

○ 2017-12-09 06:11:38
● 2026-02-15 21:15:32
● 2026-03-13 21:09:36

○MX.2026-02-15 → 2026-02-15 · 4 obs

○ 2016-12-18 18:49:38
● 2026-02-15 21:15:32
○ 2026-03-13 21:09:34
○ 2026-03-13 21:09:36

○MXmailstore1.secureserver.net2016-12-18 → 2026-02-15 · 4 obs

● 2016-12-18 18:49:38
● 2026-02-15 21:15:32
○ 2026-03-13 21:09:34
○ 2026-03-13 21:09:36

○MXsmtp.secureserver.net2016-12-18 → 2026-02-15 · 4 obs

● 2016-12-18 18:49:38
● 2026-02-15 21:15:32
○ 2026-03-13 21:09:34
○ 2026-03-13 21:09:36

●A13.248.169.482026-02-15 → 2026-03-13 · 3 obs

○ 2017-12-09 06:11:38
● 2026-02-15 21:15:32
● 2026-03-13 21:09:36

○A184.168.221.582016-12-18 → 2016-12-18 · 3 obs

● 2016-12-18 18:49:38
○ 2017-12-09 06:11:38
○ 2026-03-13 21:09:36

○A217.194.186.2502017-12-09 → 2017-12-09 · 4 obs

○ 2016-12-18 18:49:38
● 2017-12-09 06:11:38
○ 2026-02-15 21:15:32
○ 2026-03-13 21:09:36

●A76.223.54.1462026-02-15 → 2026-03-13 · 3 obs

○ 2017-12-09 06:11:38
● 2026-02-15 21:15:32
● 2026-03-13 21:09:36

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
com	a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net...	-
cryptomalware.com	ns1.afternic.com, ns2.afternic.com, verification-jncwal45hvxccyan6n2epz.ns101.verify.hn	4 records

✅ Authoritative Response

Server: 97.74.98.69

NS records: ns1.afternic.com, ns2.afternic.com, verification-jncwal45hvxccyan6n2epz.ns101.verify.hn

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for cryptomalware.com (unsigned zone)

⏱️ Timing

Total: 4308ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`76.223.54.146, 13.248.169.48`
NS	2	`ns1.afternic.com, ns2.afternic.com`
MX	1	`. (pri: 0)`
TXT	1	`v=spf1 -all`
SOA	1	`ns1.afternic.com dns.jomax.net`

📌 Glue Records Collected

Total: 4

Out-of-bailiwick: 4 (ns1.afternic.com, ns1.afternic.com, ns2.afternic.com...)

Analysis

IP Addresses

cryptomalware.com resolves to two IPs: 13.248.169.48 and 76.223.54.146.

other host names for instance songd.com, www.sporeo.com, lee.ltd, app-i.com and latexart.com share IP numbers with cryptomalware.com.

Name Servers

cryptomalware.com is delegated to three name servers: ns1.afternic.com, ns2.afternic.com and verification-jncwal45hvxccyan6n2epz.ns101.verify.hn.

cryptomalware.com at least partially shares name servers with other domains, for instance raingro.com, africatunes.com, nicheflow.com, www.jardigital.com and fogdo.com.

These name servers are often used with verification-urj2ap2akmgcchkhharttb.ns101.verify.hn and verification-stk7bnbwvtufs4tupru3mn.ns101.verify.hn.

Host names with two IP numbers:

Host ns1.afternic.com points to 2603:5:2126::45 and 97.74.98.69.

Host ns2.afternic.com points to 2603:5:2226::45 and 173.201.66.69.

Host verification-jncwal45hvxccyan6n2epz.ns101.verify.hn points to 13.248.169.48 and 76.223.54.146.

cryptomalware.com - robtex.com