c2-server.evil.com - robtex.com
c2-server.evil.com
| DNSSEC | β οΈ Not signed | ||||||
| A | 66.96.146.129πΊπΈ EIG-2987366.96.128.0/18 Endurance International Group, Inc | ||||||
| PTR | 129.146.96.66.static.eigbox.net | ||||||
| MX | mx.evil.com β | ||||||
| A | 66.96.140.158πΊπΈ EIG-2987366.96.128.0/18 Endurance International Group, Inc | ||||||
| PTR | 158.140.96.66.static.eigbox.net | ||||||
| A | 66.96.140.159πΊπΈ EIG-2987366.96.128.0/18 Endurance International Group, Inc | ||||||
| PTR | 159.140.96.66.static.eigbox.net | ||||||
evil.com
| DNSSEC | β οΈ Not signed | ||||||
| A | 66.96.146.129πΊπΈ EIG-2987366.96.128.0/18 Endurance International Group, Inc | ||||||
| NS | ns1.verio.com β | ||||||
| NS | ns2.verio.com | ||||||
| MX | mx.evil.com β | ||||||
| TXT | v=spf1 ip4:66.96.128.0/18 include:websitewelcome.com ?all | ||||||
| SOA | ns1.verio.comdnsadmin@verio.com 2016-11-17 #29 | ||||||
rank #232640 globally
rank #96354 in the tld
β οΈ On DNS blocklist: pro.plus, tif, ultimate
WOT: SAFE (67/100)
π Tranco rank: #496,384
DNS History
2 records (2 active, 0 former)
βA66.96.146.1292026-03-26 β 2026-04-24 Β· 2 obs
β 2026-03-26 22:16:44
β 2026-04-24 10:05:28
β 2026-04-24 10:05:28
π DNS Trace
π Delegation Chain
| Zone | Nameservers | Glue |
|---|---|---|
| com | h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, m.gtld-servers.net... | - |
| evil.com | ns1.verio.com, ns2.verio.com | 2 records |
β Authoritative Response
Server:66.96.142.149
NS records: ns1.verio.com, ns2.verio.com
π DNSSEC Status
β οΈ Insecure (no DNSSEC)
No DS record for evil.com (unsigned zone)
β±οΈ Timing
Total: 178ms | Queries: -
π Records
| Type | Count | Sample Data |
|---|---|---|
| A | 1 | 66.96.146.129 |
| MX | 1 | mx.evil.com (pri: 30) |
π Glue Records Collected
Total: 2
Out-of-bailiwick: 2 (ns1.verio.com, ns2.verio.com)
Analysis
IP Addresses
c2-server.evil.com points to IP number: 66.96.146.129.
Other host names such as yachtsilvercloud.com, www.3dwarehouse.com, diamondscan.com, mad-dog.com and bsmcon9.verio.com share IPs with c2-server.evil.com.
Mail Servers
c2-server.evil.com is handled by a single mail server, mx.evil.com.
c2-server.evil.com shares the same mail server setup as other domains, for instance www.evil.com, relay.evil.com and evil.com.
mx.evil.com points to two IPs: 66.96.140.158 and 66.96.140.159.