malware.stope40.org - robtex.com
malware.stope40.org
| DNSSEC | β οΈ Not signed | ||||||
| A | 2606:4700::6812:e1πΊπΈ Cloudflare2606:4700::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 2606:4700::6812:1e1πΊπΈ Cloudflare2606:4700::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 104.18.0.225Cloudflare104.18.0.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 104.18.1.225Cloudflare104.18.0.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| HTTPS | HTTP/3, HTTP/2 β hints match | ||||||
| IPv4 hints | 104.18.0.225, 104.18.1.225 | ||||||
| IPv6 hints | 2606:4700::6812:e1, 2606:4700::6812:1e1 | ||||||
| ECH | X25519, HKDF-SHA256 + AES-128-GCM draft, id=198, name=cloudflare-ech.com | ||||||
stope40.org
| DNSSEC | β οΈ Not signed | ||||||
| A | 2606:4700::6812:e1πΊπΈ Cloudflare2606:4700::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 2606:4700::6812:1e1πΊπΈ Cloudflare2606:4700::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 104.18.0.225Cloudflare104.18.0.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| A | 104.18.1.225Cloudflare104.18.0.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US β In HTTPS hints | ||||||
| NS | harley.ns.cloudflare.com β | ||||||
| NS | rihana.ns.cloudflare.com | ||||||
| HTTPS | HTTP/3, HTTP/2 β hints match | ||||||
| IPv4 hints | 104.18.0.225, 104.18.1.225 | ||||||
| IPv6 hints | 2606:4700::6812:e1, 2606:4700::6812:1e1 | ||||||
| ECH | X25519, HKDF-SHA256 + AES-128-GCM draft, id=198, name=cloudflare-ech.com | ||||||
| SOA | harley.ns.cloudflare.comdns@cloudflare.com serial=2403563111 | ||||||
β οΈ On DNS blocklist: tif
Same first word
Similar names
reamlaw.com |
meralaw.com |
walmare.com |
marwael.fr |
malwear.wtf |
amlware.com |
elmarwa.com |
malwear.com |
amrelaw.com |
rawmale.com |
lawream.com |
mawlare.net |
wealarm.com |
malwear.co |
malwear.org |
realawm.com |
amerlaw.com |
reamlaw.net |
DNS History
4 records (4 active, 0 former)
βA104.18.0.2252026-03-12 β 2026-05-13 Β· 2 obs
β 2026-03-12 20:50:06
β 2026-05-13 07:50:16
β 2026-05-13 07:50:16
βA104.18.1.2252026-03-12 β 2026-05-13 Β· 2 obs
β 2026-03-12 20:50:06
β 2026-05-13 07:50:16
β 2026-05-13 07:50:16
βA2606:4700::6812:1e12026-03-12 β 2026-05-13 Β· 2 obs
β 2026-03-12 20:50:06
β 2026-05-13 07:50:16
β 2026-05-13 07:50:16
βA2606:4700::6812:e12026-03-12 β 2026-05-13 Β· 2 obs
β 2026-03-12 20:50:06
β 2026-05-13 07:50:16
β 2026-05-13 07:50:16
π DNS Trace
π Delegation Chain
| Zone | Nameservers | Glue |
|---|---|---|
| org | b0.org.afilias-nst.org, b2.org.afilias-nst.org, d0.org.afilias-nst.org | - |
| stope40.org | harley.ns.cloudflare.com, rihana.ns.cloudflare.com | - |
β Authoritative Response
Server:172.64.32.244
NS records: harley.ns.cloudflare.com, rihana.ns.cloudflare.com
π DNSSEC Status
β οΈ Insecure (no DNSSEC)
No DS record for stope40.org (unsigned zone)
β±οΈ Timing
Total: 1152ms | Queries: -
π Records
| Type | Count | Sample Data |
|---|---|---|
| A | 2 | 104.18.0.225, 104.18.1.225 |
| AAAA | 2 | 2606:4700::6812:1e1, 2606:4700::6812:e1 |
| HTTPS | 1 | {"priority":1,"target":".","alpn":["h3", |
Analysis
IP Addresses
malware.stope40.org maps to four IP numbers: 2606:4700::6812:e1, 2606:4700::6812:1e1, 104.18.0.225 and 104.18.1.225.
other host names include grg5f8g7eewf8.com, stope40.org, login.tide.co, www.scp-ks.org and web.tide.co; they share IP numbers with malware.stope40.org.