`vulnerable.org`

DNSSEC	⚠️ Not signed
A	2606:4700:3035::6815:583d^{🇺🇸 Cloudflare2606:4700:3035::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	2606:4700:3037::ac43:ad51^{🇺🇸 Cloudflare2606:4700:3037::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	104.21.88.61^{Cloudflare104.21.80.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	172.67.173.81^{🇺🇸 Cloudflare172.67.160.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
NS	`craig.ns.cloudflare.com` ⭐
		A	2606:4700:58::a29f:2cc0^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`craig.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c3c0^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`craig.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:23c0^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`craig.ns.cloudflare.com`
		A	108.162.195.192^{🇺🇸 Cloudflare108.162.195.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`craig.ns.cloudflare.com`
		A	162.159.44.192^{Cloudflare162.159.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`craig.ns.cloudflare.com`
		A	172.64.35.192^{🇺🇸 Cloudflare172.64.35.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`craig.ns.cloudflare.com`
NS	`mia.ns.cloudflare.com`
		A	2606:4700:50::adf5:3ac8^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`mia.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c0c8^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`mia.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:20c8^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`mia.ns.cloudflare.com`
		A	108.162.192.200^{🇺🇸 Cloudflare108.162.192.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`mia.ns.cloudflare.com`
		A	172.64.32.200^{🇺🇸 Cloudflare172.64.32.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`mia.ns.cloudflare.com`
		A	173.245.58.200^{🇺🇸 Cloudflare173.245.58.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`mia.ns.cloudflare.com`
MX	`smtp.google.com` ⭐
		A	2607:f8b0:4023:c06::1b^{🇺🇸 Google2607:f8b0::/32}
			PTR	`dz-in-f27.1e100.net`
		A	2607:f8b0:4023:c0b::1a^{🇺🇸 Google2607:f8b0::/32}
			PTR	`dd-in-f26.1e100.net`
		A	2607:f8b0:4023:c0b::1b^{🇺🇸 Google2607:f8b0::/32}
			PTR	`dd-in-f27.1e100.net`
		A	2607:f8b0:4023:c0d::1a^{🇺🇸 Google2607:f8b0::/32}
			PTR	`dl-in-f26.1e100.net`
		A	142.250.101.26^{🇺🇸 Google142.250.101.0/24}
			PTR	`dz-in-f26.1e100.net`
		A	142.250.141.26^{🇺🇸 Google142.250.141.0/24}
			PTR	`dd-in-f26.1e100.net`
		A	142.250.141.27^{🇺🇸 Google142.250.141.0/24}
			PTR	`dd-in-f27.1e100.net`
		A	142.251.2.26^{🇺🇸 Google142.251.2.0/24}
			PTR	`dl-in-f26.1e100.net`
		A	142.251.2.27^{🇺🇸 Google142.251.2.0/24}
			PTR	`dl-in-f27.1e100.net`
MX	`i7kfwqfm7fjipejf6ltwbiwfxplh4hcjaurn4bbz6eyesqzqktgq.mx-verification.google.com`⁽¹⁵⁾
TXT	`google-site-verification=ut9EOGuCYbblakkEiWTVOZUAHfrXIU9QHXdNO5N27kE`
TXT	`v=spf1 include:servers.mcsv.net include:_spf.google.com -all`
HTTPS	HTTP/3, HTTP/2 ✓ hints match
		IPv4 hints	104.21.88.61, 172.67.173.81
		IPv6 hints	2606:4700:3035::6815:583d, 2606:4700:3037::ac43:ad51
		ECH	X25519, HKDF-SHA256 + AES-128-GCM draft, id=175, name=cloudflare-ech.com
SOA	`craig.ns.cloudflare.com`dns@cloudflare.com serial=2400131841

`org`

	DNSSEC	🔒 Signed (DS record present)
	NS	`a0.org.afilias-nst.info` ⭐ ⚠️ Not in parent delegation
	NS	`a2.org.afilias-nst.info` ⚠️ Not in parent delegation
	NS	`b0.org.afilias-nst.org`
	NS	`b2.org.afilias-nst.org`
	NS	`c0.org.afilias-nst.info` ⚠️ Not in parent delegation
	NS	`d0.org.afilias-nst.org`
	SOA	`a0.org.afilias-nst.info`hostmaster@donuts.email serial=1776114082

Same first word

vulnerable.co.uk

vulnerable.nl

vulnerable.ru

vulnerable.company

vulnerable.com.au

vulnerable.fr

vulnerable.ca

vulnerable.se

vulnerable.org

vulnerable.be

Similar names

vulnerabel.de

DNS History

13 records (8 active, 5 former)

●NScraig.ns.cloudflare.com2026-03-29 → 2026-04-13 · 3 obs

○ 2015-06-21 23:21:40
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

●NSmia.ns.cloudflare.com2026-03-29 → 2026-04-13 · 3 obs

○ 2015-06-21 23:21:40
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

○NSns1.56k-modem.com2009-01-19 → 2009-01-19 · 3 obs

● 2009-01-19 20:14:06
○ 2015-06-21 23:21:40
○ 2026-04-13 21:21:38

○NSns2.56k-modem.com2009-01-19 → 2009-01-19 · 3 obs

● 2009-01-19 20:14:06
○ 2015-06-21 23:21:40
○ 2026-04-13 21:21:38

○MXbritersen.co.uk2009-01-19 → 2009-01-19 · 3 obs

● 2009-01-19 20:14:06
○ 2015-06-21 23:21:40
○ 2026-04-13 21:21:38

●MXi7kfwqfm7fjipejf6ltwbiwfxplh4hcjaurn4bbz6eyesqzqktgq.mx-verification.google.com2026-03-29 → 2026-04-13 · 3 obs

○ 2015-06-21 23:21:40
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

●MXsmtp.google.com2026-03-29 → 2026-04-13 · 3 obs

○ 2015-06-21 23:21:40
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

●A104.21.88.612026-03-29 → 2026-04-13 · 3 obs

○ 2017-05-26 18:06:00
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

●A172.67.173.812026-03-29 → 2026-04-13 · 3 obs

○ 2017-05-26 18:06:00
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

○A216.107.207.1942009-01-19 → 2009-01-19 · 3 obs

● 2009-01-19 20:14:06
○ 2015-06-21 23:21:40
○ 2026-04-13 21:21:38

●A2606:4700:3035::6815:583d2026-03-29 → 2026-04-13 · 3 obs

○ 2017-05-26 18:06:00
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

●A2606:4700:3037::ac43:ad512026-03-29 → 2026-04-13 · 3 obs

○ 2017-05-26 18:06:00
● 2026-03-29 19:53:02
● 2026-04-13 21:21:38

○A50.116.1.2252015-06-21 → 2017-05-26 · 5 obs

○ 2009-01-19 20:14:06
● 2015-06-21 23:21:40
● 2017-05-26 18:06:00
○ 2026-03-29 19:53:02
○ 2026-04-13 21:21:38

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
org	b0.org.afilias-nst.org, b2.org.afilias-nst.org, d0.org.afilias-nst.org	-
vulnerable.org	mia.ns.cloudflare.com, craig.ns.cloudflare.com	-

✅ Authoritative Response

Server:172.64.35.192

NS records: mia.ns.cloudflare.com, craig.ns.cloudflare.com

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for vulnerable.org (unsigned zone)

⏱️ Timing

Total: 509ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`172.67.173.81, 104.21.88.61`
AAAA	2	`2606:4700:3035::6815:583d, 2606:4700:3037::ac43:ad51`
NS	2	`craig.ns.cloudflare.com, mia.ns.cloudflare.com`
MX	2	`SMTP.GOOGLE.COM (pri: 1), i7kfwqfm7fjipejf6ltwbiwfxplh4hcjaurn4bbz`
TXT	2	`google-site-verification=ut9EOGuCYbblakk, v=spf1 include:servers.mcsv.net include:`
HTTPS	1	`{"priority":1,"target":".","alpn":["h3",`
SOA	1	`craig.ns.cloudflare.com dns.cloudflare.c`

Analysis

IP Addresses

vulnerable.org resolves to four IPs: 2606:4700:3035::6815:583d, 2606:4700:3037::ac43:ad51, 104.21.88.61 and 172.67.173.81.

Other host names, for instance ffc333.com, opensuperfiliate.com, ezoterik.info, www.adcost.io and tesd-947333.marketshoptez.ru share IP numbers with vulnerable.org.

Name Servers

vulnerable.org has two name servers: craig.ns.cloudflare.com and mia.ns.cloudflare.com.

vulnerable.org shares the same name server setup as other domains, for example flibustier.fr, fha-terrain.fr, agence-northern.com, archymed.com and safelife.az.

vulnerable.org shares some name servers with other domains, for example heimatt.de, tante777menang.com, j200m2025.monster, usicamm.gob.mx and adaw.pl.

These name servers are often used together with jessica.ns.cloudflare.com, kim.ns.cloudflare.com and ricardo.ns.cloudflare.com.

Host names with six IP numbers: craig.ns.cloudflare.com points to: 2606:4700:58::a29f:2cc0, 2803:f800:50::6ca2:c3c0, 2a06:98c1:50::ac40:23c0, 108.162.195.192, 162.159.44.192 and 172.64.35.192; mia.ns.cloudflare.com points to: 2606:4700:50::adf5:3ac8, 2803:f800:50::6ca2:c0c8, 2a06:98c1:50::ac40:20c8, 108.162.192.200, 172.64.32.200 and 173.245.58.200.

Mail Servers

vulnerable.org is served by two mail servers: smtp.google.com and i7kfwqfm7fjipejf6ltwbiwfxplh4hcjaurn4bbz6eyesqzqktgq.mx-verification.google.com.

vulnerable.org shares some mail servers with other domains, at least partially; for instance gentosha.jp, rankinrealty.net, drarten.com, oftrans.com and buenavistaguimaras.gov.ph.

these mail servers are commonly used alongside aspmx.l.google.com, alt1.aspmx.l.google.com and alt2.aspmx.l.google.com.

Host names with nine IP numbers: The host name smtp.google.com points to 2607:f8b0:4023:c06::1b, 2607:f8b0:4023:c0b::1a, 2607:f8b0:4023:c0b::1b, 2607:f8b0:4023:c0d::1a, 142.250.101.26, 142.250.141.26, 142.250.141.27, 142.251.2.26 and 142.251.2.27.

vulnerable.org - robtex.com

vulnerable.org

org

Same first word

Similar names

DNS History

🔍 DNS Trace

📋 Delegation Chain

✅ Authoritative Response

🔒 DNSSEC Status

⏱️ Timing

📄 Records

Analysis

IP Addresses

Name Servers

Mail Servers

`vulnerable.org`

`org`