malwarewatch.org - robtex.com
malwarewatch.org
| DNSSEC | β οΈ Not signed | ||||||
| A | 2606:4700:3034::6815:2eb0πΊπΈ Cloudflare2606:4700:3034::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 2606:4700:3035::ac43:a8cfπΊπΈ Cloudflare2606:4700:3035::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 104.21.46.176Cloudflare104.21.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 172.67.168.207πΊπΈ Cloudflare172.67.160.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| NS | elliott.ns.cloudflare.com β | ||||||
| A | 2606:4700:58::a29f:2ce4πΊπΈ Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | elliott.ns.cloudflare.com | ||||||
| A | 2803:f800:50::6ca2:c3e4π¨π· Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L | ||||||
| PTR | elliott.ns.cloudflare.com | ||||||
| A | 2a06:98c1:50::ac40:23e4πΊπΈ Cloudflare2a06:98c1:50::/45 | ||||||
| PTR | elliott.ns.cloudflare.com | ||||||
| A | 108.162.195.228πΊπΈ Cloudflare108.162.195.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | elliott.ns.cloudflare.com | ||||||
| A | 162.159.44.228Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | elliott.ns.cloudflare.com | ||||||
| A | 172.64.35.228πΊπΈ Cloudflare172.64.35.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | elliott.ns.cloudflare.com | ||||||
| NS | frida.ns.cloudflare.com | ||||||
| A | 2606:4700:50::a29f:2689πΊπΈ Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | frida.ns.cloudflare.com | ||||||
| A | 2803:f800:50::6ca2:c289π¨π· Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L | ||||||
| PTR | frida.ns.cloudflare.com | ||||||
| A | 2a06:98c1:50::ac40:2289πΊπΈ Cloudflare2a06:98c1:50::/45 | ||||||
| PTR | frida.ns.cloudflare.com | ||||||
| A | 108.162.194.137πΊπΈ Cloudflare108.162.194.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | frida.ns.cloudflare.com | ||||||
| A | 162.159.38.137Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | frida.ns.cloudflare.com | ||||||
| A | 172.64.34.137πΊπΈ Cloudflare172.64.34.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US | ||||||
| PTR | frida.ns.cloudflare.com | ||||||
| MX | witcher-relay.mxrouting.net β | ||||||
| A | 45.43.208.43πΊπΈ QUICKPACKET45.43.208.0/24 QuickPacket LLC | ||||||
| PTR | witcher.mxrouting.net | ||||||
| MX | witcher.mxrouting.net(20) | ||||||
| A | 45.43.208.43πΊπΈ QUICKPACKET45.43.208.0/24 QuickPacket LLC | ||||||
| PTR | witcher.mxrouting.net | ||||||
| TXT | google-site-verification=wIwN7OHZfkO1G-eLMhQ_VsfEdlDMFrXXgqLZJWj1PBI | ||||||
| TXT | v=spf1 include:mxlogin.com -all | ||||||
| HTTPS | HTTP/3, HTTP/2 β hints match | ||||||
| IPv4 hints | 104.21.46.176, 172.67.168.207 | ||||||
| IPv6 hints | 2606:4700:3034::6815:2eb0, 2606:4700:3035::ac43:a8cf | ||||||
| ECH | X25519, HKDF-SHA256 + AES-128-GCM draft, id=45, name=cloudflare-ech.com | ||||||
| SOA | elliott.ns.cloudflare.comdns@cloudflare.com serial=2401652103 | ||||||
org
| DNSSEC | π Signed (DS record present) | ||||||
| NS | a0.org.afilias-nst.info β β οΈ Not in parent delegation | ||||||
| NS | a2.org.afilias-nst.info β οΈ Not in parent delegation | ||||||
| NS | b0.org.afilias-nst.org | ||||||
| NS | b2.org.afilias-nst.org | ||||||
| NS | c0.org.afilias-nst.info β οΈ Not in parent delegation | ||||||
| NS | d0.org.afilias-nst.org | ||||||
| SOA | a0.org.afilias-nst.infohostmaster@donuts.email serial=1778828170 | ||||||
Same first word
malwarewatch.org |
DNS History
8 records (8 active, 0 former)
βNSelliott.ns.cloudflare.com2026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
βNSfrida.ns.cloudflare.com2026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
βMXwitcher-relay.mxrouting.net2026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
βMXwitcher.mxrouting.net2026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
βA104.21.46.1762026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
βA172.67.168.2072026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
βA2606:4700:3034::6815:2eb02026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
βA2606:4700:3035::ac43:a8cf2026-05-12 β 2026-05-15 Β· 2 obs
β 2026-05-15 07:07:36
π DNS Trace
π Delegation Chain
| Zone | Nameservers | Glue |
|---|---|---|
| org | b0.org.afilias-nst.org, b2.org.afilias-nst.org, d0.org.afilias-nst.org | - |
| malwarewatch.org | elliott.ns.cloudflare.com, frida.ns.cloudflare.com | - |
β Authoritative Response
Server:108.162.194.137
NS records: elliott.ns.cloudflare.com, frida.ns.cloudflare.com
π DNSSEC Status
β οΈ Insecure (no DNSSEC)
No DS record for malwarewatch.org (unsigned zone)
β±οΈ Timing
Total: 591ms | Queries: -
π Records
| Type | Count | Sample Data |
|---|---|---|
| A | 2 | 172.67.168.207, 104.21.46.176 |
| AAAA | 2 | 2606:4700:3034::6815:2eb0, 2606:4700:3035::ac43:a8cf |
| NS | 2 | elliott.ns.cloudflare.com, frida.ns.cloudflare.com |
| MX | 2 | witcher.mxrouting.net (pri: 10), witcher-relay.mxrouting.net (pri: 20) |
| TXT | 2 | google-site-verification=wIwN7OHZfkO1G-e, v=spf1 include:mxlogin.com -all |
| HTTPS | 1 | {"priority":1,"target":".","alpn":["h3", |
| SOA | 1 | elliott.ns.cloudflare.com dns.cloudflare |
Analysis
IP Addresses
malwarewatch.org maps to four IP numbers: 2606:4700:3034::6815:2eb0, 2606:4700:3035::ac43:a8cf, 104.21.46.176 and 172.67.168.207.
Other host names such as toto-dagim.co.il, infowebworld.com, confirmation-id38247.com, www.pfc.co.za and 3core.net share IPs with malwarewatch.org.
Name Servers
Two name servers elliott.ns.cloudflare.com and frida.ns.cloudflare.com handle the delegation for malwarewatch.org.
malwarewatch.org shares the same name server setup as other domains, for example balloonlane.com, budase.com, skygod.com, camalolo.com and bricomarche.pl.
malwarewatch.org at least partially shares name servers with other domains, for example gachmen.io.vn, fcspartak.tv, paris-tickets.net, gutenberg.gr and realizeparadise.com.
These name servers are commonly used with emma.ns.cloudflare.com and anton.ns.cloudflare.com and evelyn.ns.cloudflare.com.
Host names with six IP numbers:
elliott.ns.cloudflare.com points to 2606:4700:58::a29f:2ce4, 2803:f800:50::6ca2:c3e4, 2a06:98c1:50::ac40:23e4, 108.162.195.228, 162.159.44.228 and 172.64.35.228.
frida.ns.cloudflare.com points to 2606:4700:50::a29f:2689, 2803:f800:50::6ca2:c289, 2a06:98c1:50::ac40:2289, 108.162.194.137, 162.159.38.137 and 172.64.34.137.
Mail Servers
Two mail servers handle malwarewatch.org: witcher-relay.mxrouting.net and witcher.mxrouting.net.
malwarewatch.org shares the same mail server setup as other domains, including breefer.dk, protectkiwi.net, xuyh0120.win, perbenaemas.com.my and salvagestore.com.
malwarewatch.org shares at least partially some mail servers with other domains, for instance thomasdefler.com, hands.poker, cidadewap.mobi, ceprep.mx and jouwvoedingsplan.nl.
Host names with a single IP:
witcher-relay.mxrouting.net points to 45.43.208.43.
witcher.mxrouting.net points to 45.43.208.43.
Host names pointing to 45.43.208.43: witcher-relay.mxrouting.net and witcher.mxrouting.net.