ransomleak.com - robtex.com

ransomleak.com

DNSSEC⚠️ Not signed
A3.166.152.64πŸ‡ΊπŸ‡Έ Amazon3.166.152.0/23
PTRserver-3-166-152-64.mia50.r.cloudfront.net
A3.166.152.73πŸ‡ΊπŸ‡Έ Amazon3.166.152.0/23
A3.166.152.87πŸ‡ΊπŸ‡Έ Amazon3.166.152.0/23
A3.166.152.103πŸ‡ΊπŸ‡Έ Amazon3.166.152.0/23
NSns-1230.awsdns-25.org ⭐
A2600:9000:5304:ce00::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5304::/48 - CloudFront
PTRns-1230.awsdns-25.org
A205.251.196.206πŸ‡ΊπŸ‡Έ Amazon205.251.196.0/24 prefix
PTRns-1230.awsdns-25.org
NSns-139.awsdns-17.com
A2600:9000:5300:8b00::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5300::/48 - CloudFront
PTRns-139.awsdns-17.com
A205.251.192.139πŸ‡ΊπŸ‡Έ Amazon205.251.192.0/24 prefix
PTRns-139.awsdns-17.com
NSns-1716.awsdns-22.co.uk
A2600:9000:5306:b400::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5306::/48 - CloudFront
PTRns-1716.awsdns-22.co.uk
A205.251.198.180πŸ‡ΊπŸ‡Έ Amazon205.251.198.0/24 prefix
PTRns-1716.awsdns-22.co.uk
NSns-902.awsdns-48.net
A2600:9000:5303:8600::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5303::/48 - CloudFront
PTRns-902.awsdns-48.net
A205.251.195.134πŸ‡ΊπŸ‡Έ Amazon205.251.195.0/24 prefix
PTRns-902.awsdns-48.net
MXsmtp.google.com ⭐
A2607:f8b0:4004:c23::1aπŸ‡ΊπŸ‡Έ Google2607:f8b0:4004::/48
PTRyuiadrs-in-f26.1e100.net
A2607:f8b0:4004:c23::1bπŸ‡ΊπŸ‡Έ Google2607:f8b0:4004::/48
PTRyuiadrs-in-f27.1e100.net
A2607:f8b0:4004:c27::1aπŸ‡ΊπŸ‡Έ Google2607:f8b0:4004::/48
PTRyuiadsk-in-f26.1e100.net
A2607:f8b0:4004:c27::1bπŸ‡ΊπŸ‡Έ Google2607:f8b0:4004::/48
PTRyuiadsk-in-f27.1e100.net
A142.251.179.26πŸ‡ΊπŸ‡Έ Google142.251.179.0/24
PTRpd-in-f26.1e100.net
A172.253.139.26πŸ‡ΊπŸ‡Έ Google172.253.139.0/24
PTRyuiadsk-in-f26.1e100.net
A172.253.139.27πŸ‡ΊπŸ‡Έ Google172.253.139.0/24
PTRyuiadsk-in-f27.1e100.net
A192.178.155.26πŸ‡ΊπŸ‡Έ Google192.178.155.0/24
PTRyuiadrs-in-f26.1e100.net
A192.178.155.27πŸ‡ΊπŸ‡Έ Google192.178.155.0/24
PTRyuiadrs-in-f27.1e100.net
TXTgoogle-site-verification=cDRwtChUVvaBRE_0fPUwB7I1iHItFIitiioAybjC_jo
TXTv=spf1 include:_spf.google.com include:sendgrid.net -all
SOAns-1230.awsdns-25.orgawsdns-hostmaster@amazon.com serial=1

com

DNSSECπŸ”’ Signed (DS record present)
NSa.gtld-servers.net ⭐
NSb.gtld-servers.net
NSc.gtld-servers.net
NSd.gtld-servers.net
NSe.gtld-servers.net
NSf.gtld-servers.net
NSg.gtld-servers.net
NSh.gtld-servers.net
NSi.gtld-servers.net
NSj.gtld-servers.net
NSk.gtld-servers.net
NSl.gtld-servers.net
NSm.gtld-servers.net
SOAa.gtld-servers.netnstld@verisign-grs.com serial=1776135792
πŸ”’ HSTS Preload (+subdomains)

Same first word

ransomleak.com

Similar names

salonmaker.com
manorlakes.com
loanmakers.co.uk
manorlakes.com.au
keramsalon.ru
lakeonmars.com
kosmalenar.com
losakerman.com.ar
loansmaker.com
loanmakers.com

DNS History

9 records (9 active, 0 former)

NSns-1230.awsdns-25.orgns-139.awsdns-17.comns-1716.awsdns-22.co.ukns-902.awsdns-48.netMXsmtp.google.comA3.166.152.1033.166.152.643.166.152.733.166.152.87
●NSns-1230.awsdns-25.org2026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●NSns-139.awsdns-17.com2026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●NSns-1716.awsdns-22.co.uk2026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●NSns-902.awsdns-48.net2026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●MXsmtp.google.com2026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●A3.166.152.1032026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●A3.166.152.642026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●A3.166.152.732026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12
●A3.166.152.872026-04-13 β†’ 2026-04-14 Β· 2 obs
● 2026-04-13 20:16:00
● 2026-04-14 03:19:12

πŸ” DNS Trace

πŸ“‹ Delegation Chain

ZoneNameserversGlue
coma.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net...-
ransomleak.comns-139.awsdns-17.com, ns-902.awsdns-48.net, ns-1716.awsdns-22.co.uk, ns-1230.awsdns-25.org1 record

βœ… Authoritative Response

Server:205.251.196.206

NS records: ns-139.awsdns-17.com, ns-902.awsdns-48.net, ns-1716.awsdns-22.co.uk, ns-1230.awsdns-25.org

πŸ”’ DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for ransomleak.com (unsigned zone)

⏱️ Timing

Total: 288ms | Queries: -

πŸ“„ Records

TypeCountSample Data
A43.166.152.64, 3.166.152.103...
NS4ns-1230.awsdns-25.org, ns-139.awsdns-17.com...
MX1smtp.google.com (pri: 1)
TXT2google-site-verification=cDRwtChUVvaBRE_, v=spf1 include:_spf.google.com include:s
SOA1ns-1230.awsdns-25.org awsdns-hostmaster.

πŸ“Œ Glue Records Collected

Total: 1

Out-of-bailiwick: 1 (ns-139.awsdns-17.com)

Analysis

IP Addresses

ransomleak.com points to four IP numbers: 3.166.152.64, 3.166.152.73, 3.166.152.87 and 3.166.152.103.

Other host names, for instance atsod.launch.liveramp.com, proofrog.cloud, d2gd5aww7f0uvr.cloudfront.net, vault.zip and gamevox.com share IP numbers with ransomleak.com.

Name Servers

ransomleak.com is delegated to four name servers: ns-139.awsdns-17.com, ns-902.awsdns-48.net, ns-1230.awsdns-25.org and ns-1716.awsdns-22.co.uk.

ransomleak.com at least partially shares its name servers with other domains, for instance zyxel-ls.com, jimmoorecadillac.com, newplanexcel.com, cbtrk73.com and sandbox.timeoutkorea.kr.

These name servers are commonly used together with ns-334.awsdns-41.com, ns-944.awsdns-54.net, ns-1955.awsdns-52.co.uk, ns-1306.awsdns-35.org, ns1.americaneagle.com, ns2.americaneagle.com, ns-204.awsdns-25.com and ns-761.awsdns-31.net.

Host names with two IPs: ns-139.awsdns-17.com points to 2600:9000:5300:8b00::1 and 205.251.192.139; ns-902.awsdns-48.net points to 2600:9000:5303:8600::1 and 205.251.195.134; ns-1230.awsdns-25.org points to 2600:9000:5304:ce00::1 and 205.251.196.206; ns-1716.awsdns-22.co.uk points to 2600:9000:5306:b400::1 and 205.251.198.180.

Mail Servers

ransomleak.com is served by a single mail server, smtp.google.com.

ransomleak.com uses the same mail server setup as other domains such as qaxal.com, apexaerospacecorp.com, trevorras.com, kitsapcreate.org and maestre.eu.

ransomleak.com shares some mail servers with other domains, including crowdspark.com, neeramahajan.com, adamfarris.net, healthmate.co and vitality.com.au.

smtp.google.com points to nine IP numbers: 2607:f8b0:4004:c23::1a, 2607:f8b0:4004:c23::1b, 2607:f8b0:4004:c27::1a, 2607:f8b0:4004:c27::1b, 142.251.179.26, 172.253.139.26, 172.253.139.27, 192.178.155.26 and 192.178.155.27.