`threat-surface.com`

DNSSEC	⚠️ Not signed
A	2606:4700:3033::6815:6077^{🇺🇸 Cloudflare2606:4700:3033::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	2606:4700:3037::ac43:b40c^{🇺🇸 Cloudflare2606:4700:3037::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	104.21.96.119^{Cloudflare104.21.96.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	172.67.180.12^{🇺🇸 Cloudflare172.67.176.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
NS	`aarav.ns.cloudflare.com` ⭐
		A	2606:4700:58::a29f:2c3c^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`aarav.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c33c^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`aarav.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:233c^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`aarav.ns.cloudflare.com`
		A	108.162.195.60^{🇺🇸 Cloudflare108.162.195.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`aarav.ns.cloudflare.com`
		A	162.159.44.60^{Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`aarav.ns.cloudflare.com`
		A	172.64.35.60^{🇺🇸 Cloudflare172.64.35.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`aarav.ns.cloudflare.com`
NS	`cora.ns.cloudflare.com`
		A	2606:4700:50::a29f:26c3^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`cora.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c2c3^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`cora.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:22c3^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`cora.ns.cloudflare.com`
		A	108.162.194.195^{🇺🇸 Cloudflare108.162.194.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`cora.ns.cloudflare.com`
		A	162.159.38.195^{Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`cora.ns.cloudflare.com`
		A	172.64.34.195^{🇺🇸 Cloudflare172.64.34.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`cora.ns.cloudflare.com`
MX	`threatsurface-com01e.mail.protection.outlook.com` ⭐
		A	2a01:111:f403:ca04::10^{🇮🇪 Microsoft2a01:111:f000::/36}
			PTR	`mail-dbapr03cu00100.inbound.protection.outlook.com`
		A	2a01:111:f403:ca09::6^{🇳🇱 Microsoft2a01:111:f000::/36}
			PTR	`mail-am4pr0401cu00106.inbound.protection.outlook.com`
		A	2a01:111:f403:ca09::8^{🇳🇱 Microsoft2a01:111:f000::/36}
			PTR	`mail-as2pr05cu00100.inbound.protection.outlook.com`
		A	2a01:111:f403:ca09::b^{🇳🇱 Microsoft2a01:111:f000::/36}
			PTR	`mail-am7pr05cu00103.inbound.protection.outlook.com`
		A	52.101.68.0^{🇮🇪 Microsoft52.96.0.0/12 MICROSOFT}
			PTR	`mail-db3pr0202cu00100.inbound.protection.outlook.com`
		A	52.101.68.18^{🇮🇪 Microsoft52.96.0.0/12 MICROSOFT}
			PTR	`mail-db4pr02cu00302.inbound.protection.outlook.com`
		A	52.101.73.2^{🇳🇱 Microsoft52.96.0.0/12 MICROSOFT}
			PTR	`mail-as9pr07cu00302.inbound.protection.outlook.com`
		A	52.101.73.11^{🇳🇱 Microsoft52.96.0.0/12 MICROSOFT}
			PTR	`mail-am1pr04cu00103.inbound.protection.outlook.com`
TXT	`MS=ms35683708`
TXT	`google-site-verification=4mbEHsvSf7W1MCnSNXx0HC9j3GTBASefcdk4Y6cq3KU`
TXT	`v=spf1 include:spf.protection.outlook.com -all`
HTTPS	HTTP/3, HTTP/2 ✓ hints match
		IPv4 hints	104.21.96.119, 172.67.180.12
		IPv6 hints	2606:4700:3033::6815:6077, 2606:4700:3037::ac43:b40c
		ECH	X25519, HKDF-SHA256 + AES-128-GCM draft, id=166, name=cloudflare-ech.com
SOA	`aarav.ns.cloudflare.com`dns@cloudflare.com serial=2404210099

`com`

	DNSSEC	🔒 Signed (DS record present)
	NS	`a.gtld-servers.net` ⭐
	NS	`b.gtld-servers.net`
	NS	`c.gtld-servers.net`
	NS	`d.gtld-servers.net`
	NS	`e.gtld-servers.net`
	NS	`f.gtld-servers.net`
	NS	`g.gtld-servers.net`
	NS	`h.gtld-servers.net`
	NS	`i.gtld-servers.net`
	NS	`j.gtld-servers.net`
	NS	`k.gtld-servers.net`
	NS	`l.gtld-servers.net`
	NS	`m.gtld-servers.net`
	SOA	`a.gtld-servers.net`nstld@verisign-grs.com serial=1778795356

🔒 HSTS Preload (+subdomains)

Same first word

threat-surface.com

DNS History

7 records (7 active, 0 former)

●NSaarav.ns.cloudflare.com2026-05-07 → 2026-05-14 · 2 obs

● 2026-05-07 20:01:06
● 2026-05-14 21:54:56

●NScora.ns.cloudflare.com2026-05-07 → 2026-05-14 · 2 obs

● 2026-05-07 20:01:06
● 2026-05-14 21:54:56

●MXthreatsurface-com01e.mail.protection.outlook.com2026-05-07 → 2026-05-14 · 2 obs

● 2026-05-07 20:01:06
● 2026-05-14 21:54:56

●A104.21.96.1192026-05-07 → 2026-05-14 · 2 obs

● 2026-05-07 20:01:06
● 2026-05-14 21:54:56

●A172.67.180.122026-05-07 → 2026-05-14 · 2 obs

● 2026-05-07 20:01:06
● 2026-05-14 21:54:56

●A2606:4700:3033::6815:60772026-05-07 → 2026-05-14 · 2 obs

● 2026-05-07 20:01:06
● 2026-05-14 21:54:56

●A2606:4700:3037::ac43:b40c2026-05-07 → 2026-05-14 · 2 obs

● 2026-05-07 20:01:06
● 2026-05-14 21:54:56

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
com	a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net...	-
threat-surface.com	cora.ns.cloudflare.com, aarav.ns.cloudflare.com	12 records

✅ Authoritative Response

Server:108.162.195.60

NS records: cora.ns.cloudflare.com, aarav.ns.cloudflare.com

🔒 DNSSEC Status

🔐 Secure (DNSSEC validated)

Chain of trust verified from root to domain

⏱️ Timing

Total: 145ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`104.21.96.119, 172.67.180.12`
AAAA	2	`2606:4700:3037::ac43:b40c, 2606:4700:3033::6815:6077`
NS	2	`aarav.ns.cloudflare.com, cora.ns.cloudflare.com`
MX	1	`threatsurface-com01e.mail.protection.out`
TXT	3	`MS=ms35683708, google-site-verification=4mbEHsvSf7W1MCn...`
HTTPS	1	`{"priority":1,"target":".","alpn":["h3",`
SOA	1	`aarav.ns.cloudflare.com dns.cloudflare.c`

📌 Glue Records Collected

Total: 12

Out-of-bailiwick: 12 (cora.ns.cloudflare.com, cora.ns.cloudflare.com, cora.ns.cloudflare.com...)

Analysis

IP Addresses

threat-surface.com resolves to four IP numbers: 2606:4700:3033::6815:6077, 2606:4700:3037::ac43:b40c, 104.21.96.119 and 172.67.180.12.

Other host names such as key3.net, tesd-74949.supersauto.ru, pruebas.juventudesgente.gob.mx, mail2.grannybet.com and tesd-35876.ntksteel.ru share IPs with threat-surface.com.

Name Servers

threat-surface.com is delegated to two name servers: aarav.ns.cloudflare.com and cora.ns.cloudflare.com.

threat-surface.com shares the same name server setup as uvm.cl, mengqiqi.org, apgsaas.com, mnunitedtickets.com and flyingpeas.com.

threat-surface.com at least partially shares name servers with other domains, for instance gulit.win, jodo.net, oldmangay(0x706f726e).com, xn-----8kcagdjjtibd4cwcwaa.xn--p1ai and thejumpyplacekyle.com.

These name servers are commonly used with ines.ns.cloudflare.com and tia.ns.cloudflare.com.

Host names with six IP numbers:

aarav.ns.cloudflare.com points to 2606:4700:58::a29f:2c3c, 2803:f800:50::6ca2:c33c, 2a06:98c1:50::ac40:233c, 108.162.195.60, 162.159.44.60 and 172.64.35.60.

cora.ns.cloudflare.com points to 2606:4700:50::a29f:26c3, 2803:f800:50::6ca2:c2c3, 2a06:98c1:50::ac40:22c3, 108.162.194.195, 162.159.38.195 and 172.64.34.195.

Mail Servers

threat-surface.com is handled by a single mail server, threatsurface-com01e.mail.protection.outlook.com.

Host name threatsurface-com01e.mail.protection.outlook.com points to eight IP numbers: 2a01:111:f403:ca04::10, 2a01:111:f403:ca09::6, 2a01:111:f403:ca09::8, 2a01:111:f403:ca09::b, 52.101.68.0, 52.101.68.18, 52.101.73.2 and 52.101.73.11.

threat-surface.com - robtex.com