`suspiciousdevice.com`

DNSSEC	⚠️ Not signed
A	2606:4700:3030::6815:2c68^{🇺🇸 Cloudflare2606:4700:3030::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	2606:4700:3033::ac43:c6b9^{🇺🇸 Cloudflare2606:4700:3033::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	104.21.44.104^{Cloudflare104.21.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	172.67.198.185^{🇺🇸 Cloudflare172.67.192.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
NS	`ignacio.ns.cloudflare.com` ⭐
		A	2606:4700:58::a29f:2c52^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`ignacio.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c352^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`ignacio.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:2352^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`ignacio.ns.cloudflare.com`
		A	108.162.195.82^{🇺🇸 Cloudflare108.162.195.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`ignacio.ns.cloudflare.com`
		A	162.159.44.82^{Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`ignacio.ns.cloudflare.com`
		A	172.64.35.82^{🇺🇸 Cloudflare172.64.35.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`ignacio.ns.cloudflare.com`
NS	`kira.ns.cloudflare.com`
		A	2606:4700:50::a29f:26c5^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kira.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c2c5^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`kira.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:22c5^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`kira.ns.cloudflare.com`
		A	108.162.194.197^{🇺🇸 Cloudflare108.162.194.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kira.ns.cloudflare.com`
		A	162.159.38.197^{Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kira.ns.cloudflare.com`
		A	172.64.34.197^{🇺🇸 Cloudflare172.64.34.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kira.ns.cloudflare.com`
MX	`fwd1.porkbun.com` ⭐
		A	44.226.226.6^{🇺🇸 Amazon44.224.0.0/11 EC2 PDX prefix}
			PTR	`fwd1.porkbun.com`
MX	`fwd2.porkbun.com`⁽²⁰⁾
		A	52.10.201.111^{🇺🇸 Amazon52.10.0.0/15 EC2 PDX Prefix}
			PTR	`fwd2.porkbun.com`
TXT	`v=spf1 include:_spf.porkbun.com ~all`
HTTPS	HTTP/3, HTTP/2 ✓ hints match
		IPv4	104.21.44.104, 172.67.198.185
		IPv6	2606:4700:3030::6815:2c68, 2606:4700:3033::ac43:c6b9
SOA	`ignacio.ns.cloudflare.com`dns@cloudflare.com serial=2399645882

`com`

	DNSSEC	🔒 Signed (DS record present)
	NS	`a.gtld-servers.net` ⭐
	NS	`b.gtld-servers.net`
	NS	`c.gtld-servers.net`
	NS	`d.gtld-servers.net`
	NS	`e.gtld-servers.net`
	NS	`f.gtld-servers.net`
	NS	`g.gtld-servers.net`
	NS	`h.gtld-servers.net`
	NS	`i.gtld-servers.net`
	NS	`j.gtld-servers.net`
	NS	`k.gtld-servers.net`
	NS	`l.gtld-servers.net`
	NS	`m.gtld-servers.net`
	SOA	`a.gtld-servers.net`nstld@verisign-grs.com serial=1774458657

Same first word

suspiciousdevice.com

DNS History

12 records (8 active, 4 former)

●NSignacio.ns.cloudflare.com2026-02-25 → 2026-03-25 · 2 obs

● 2026-02-25 01:13:14
● 2026-03-25 17:40:12

●NSkira.ns.cloudflare.com2026-02-25 → 2026-03-25 · 2 obs

● 2026-02-25 01:13:14
● 2026-03-25 17:40:12

●MXfwd1.porkbun.com2026-02-25 → 2026-03-25 · 2 obs

● 2026-02-25 01:13:14
● 2026-03-25 17:40:12

●MXfwd2.porkbun.com2026-02-25 → 2026-03-25 · 2 obs

● 2026-02-25 01:13:14
● 2026-03-25 17:40:12

●A104.21.44.1042026-03-25 → 2026-03-25 · 3 obs

○ 2026-02-25 01:13:14
● 2026-03-25 17:40:10
● 2026-03-25 17:40:12

●A172.67.198.1852026-03-25 → 2026-03-25 · 3 obs

○ 2026-02-25 01:13:14
● 2026-03-25 17:40:10
● 2026-03-25 17:40:12

○A188.114.96.02026-02-25 → 2026-02-25 · 3 obs

● 2026-02-25 01:13:14
○ 2026-03-25 17:40:10
○ 2026-03-25 17:40:12

○A188.114.97.02026-02-25 → 2026-02-25 · 3 obs

● 2026-02-25 01:13:14
○ 2026-03-25 17:40:10
○ 2026-03-25 17:40:12

●A2606:4700:3030::6815:2c682026-03-25 → 2026-03-25 · 3 obs

○ 2026-02-25 01:13:14
● 2026-03-25 17:40:10
● 2026-03-25 17:40:12

●A2606:4700:3033::ac43:c6b92026-03-25 → 2026-03-25 · 3 obs

○ 2026-02-25 01:13:14
● 2026-03-25 17:40:10
● 2026-03-25 17:40:12

○A2a06:98c1:3120::2026-02-25 → 2026-02-25 · 3 obs

● 2026-02-25 01:13:14
○ 2026-03-25 17:40:10
○ 2026-03-25 17:40:12

○A2a06:98c1:3121::2026-02-25 → 2026-02-25 · 3 obs

● 2026-02-25 01:13:14
○ 2026-03-25 17:40:10
○ 2026-03-25 17:40:12

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
com	e.gtld-servers.net, b.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net...	-
suspiciousdevice.com	kira.ns.cloudflare.com, ignacio.ns.cloudflare.com	12 records

✅ Authoritative Response

Server:108.162.195.82

NS records: kira.ns.cloudflare.com, ignacio.ns.cloudflare.com

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for suspiciousdevice.com (unsigned zone)

⏱️ Timing

Total: 112ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`172.67.198.185, 104.21.44.104`
AAAA	2	`2606:4700:3033::ac43:c6b9, 2606:4700:3030::6815:2c68`
NS	2	`ignacio.ns.cloudflare.com, kira.ns.cloudflare.com`
MX	2	`fwd1.porkbun.com (pri: 10), fwd2.porkbun.com (pri: 20)`
TXT	1	`v=spf1 include:_spf.porkbun.com ~all`
HTTPS	1	`{"priority":1,"target":".","alpn":["h3",`
SOA	1	`ignacio.ns.cloudflare.com dns.cloudflare`

📌 Glue Records Collected

Total: 12

Out-of-bailiwick: 12 (kira.ns.cloudflare.com, kira.ns.cloudflare.com, kira.ns.cloudflare.com...)

Analysis

IP Addresses

Four IP numbers are pointed to by suspiciousdevice.com: 2606:4700:3030::6815:2c68, 2606:4700:3033::ac43:c6b9, 104.21.44.104 and 172.67.198.185.

other host names including www.sip.vn, amateras0.biz, www.tunisiapromo.com, saivu.com and unerror.network share IP numbers with suspiciousdevice.com.

Name Servers

suspiciousdevice.com is delegated to two name servers ignacio.ns.cloudflare.com and kira.ns.cloudflare.com.

suspiciousdevice.com shares the same name server setup as other domains, for instance isitwhite.com, ai-simon.com, mayeski.com, order721011s.com and politicsandethics.com.

suspiciousdevice.com at least partially shares name servers with other domains, for instance hyperinbox.app, dnsrevolve.com, xuezhoujiaoyu.com, meyerre.co and inacta.com.

These name servers are commonly used alongside aleena.ns.cloudflare.com and rohin.ns.cloudflare.com.

Host names with six IP numbers:

Host name ignacio.ns.cloudflare.com points to: 2606:4700:58::a29f:2c52, 2803:f800:50::6ca2:c352, 2a06:98c1:50::ac40:2352, 108.162.195.82, 162.159.44.82 and 172.64.35.82.

Host name kira.ns.cloudflare.com points to: 2606:4700:50::a29f:26c5, 2803:f800:50::6ca2:c2c5, 2a06:98c1:50::ac40:22c5, 108.162.194.197, 162.159.38.197 and 172.64.34.197.

Mail Servers

Two mail servers handle suspiciousdevice.com: fwd1.porkbun.com and fwd2.porkbun.com.

suspiciousdevice.com shares the same mail server setup as other domains, for instance greenlight.la, owniro.com, wapcreate.com, gumgoblin.com and probuilds.org.

suspiciousdevice.com shares some mail servers with other domains, at least partially, for instance butterfliez.app, eaglemartialartsschool.com, insightsavxstrategy.com, jplan.com and thecristen.net.

Host names with one IP number:

fwd1.porkbun.com points to 44.226.226.6

fwd2.porkbun.com points to 52.10.201.111

suspiciousdevice.com - robtex.com