malwareanalysis.net - dns.ninja

malwareanalysis.net

DNSSEC⚠️ Not signed
A2606:4700:3033::6815:1eeπŸ‡ΊπŸ‡Έ Cloudflare2606:4700:3033::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
A2606:4700:3037::ac43:9896πŸ‡ΊπŸ‡Έ Cloudflare2606:4700:3037::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
A104.21.1.238Cloudflare104.21.0.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
A172.67.152.150πŸ‡ΊπŸ‡Έ Cloudflare172.67.144.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US βœ“ In HTTPS hints
NSmona.ns.cloudflare.com ⭐
A2606:4700:50::adf5:3aceπŸ‡ΊπŸ‡Έ Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRmona.ns.cloudflare.com
A2803:f800:50::6ca2:c0ceπŸ‡¨πŸ‡· Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L
PTRmona.ns.cloudflare.com
A2a06:98c1:50::ac40:20ceπŸ‡ΊπŸ‡Έ Cloudflare2a06:98c1:50::/45
PTRmona.ns.cloudflare.com
A108.162.192.206πŸ‡ΊπŸ‡Έ Cloudflare108.162.192.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRmona.ns.cloudflare.com
A172.64.32.206πŸ‡ΊπŸ‡Έ Cloudflare172.64.32.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRmona.ns.cloudflare.com
A173.245.58.206πŸ‡ΊπŸ‡Έ Cloudflare173.245.58.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRmona.ns.cloudflare.com
NStoby.ns.cloudflare.com
A2606:4700:58::adf5:3befπŸ‡ΊπŸ‡Έ Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRtoby.ns.cloudflare.com
A2803:f800:50::6ca2:c1efπŸ‡¨πŸ‡· Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L
PTRtoby.ns.cloudflare.com
A2a06:98c1:50::ac40:21efπŸ‡ΊπŸ‡Έ Cloudflare2a06:98c1:50::/45
PTRtoby.ns.cloudflare.com
A108.162.193.239πŸ‡ΊπŸ‡Έ Cloudflare108.162.193.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRtoby.ns.cloudflare.com
A172.64.33.239πŸ‡ΊπŸ‡Έ Cloudflare172.64.33.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRtoby.ns.cloudflare.com
A173.245.59.239πŸ‡ΊπŸ‡Έ Cloudflare173.245.59.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRtoby.ns.cloudflare.com
MXsmtp.secureserver.net ⭐
A216.69.141.71πŸ‡ΊπŸ‡Έ AS398101216.69.140.0/22
PTRosplibsmtp01-v01.prod.phx3.secureserver.net
A216.69.141.84πŸ‡ΊπŸ‡Έ AS398101216.69.140.0/22
PTRosplibsmtp02-v01.prod.phx3.secureserver.net
A216.69.141.113πŸ‡ΊπŸ‡Έ AS398101216.69.140.0/22
PTRosplibsmtp03-v01.prod.phx3.secureserver.net
MXmailstore1.secureserver.net(10)
A216.69.141.78πŸ‡ΊπŸ‡Έ AS398101216.69.140.0/22
PTRosplibsmtp01-v02.prod.phx3.secureserver.net
A216.69.141.114πŸ‡ΊπŸ‡Έ AS398101216.69.140.0/22
PTRosplibsmtp03-v02.prod.phx3.secureserver.net
A216.69.141.162πŸ‡ΊπŸ‡Έ AS398101216.69.140.0/22
PTRosplibsmtp02-v02.prod.phx3.secureserver.net
HTTPSHTTP/3, HTTP/2 βœ“ hints match
IPv4 hints104.21.1.238, 172.67.152.150
IPv6 hints2606:4700:3033::6815:1ee, 2606:4700:3037::ac43:9896
ECHX25519, HKDF-SHA256 + AES-128-GCM draft, id=86, name=cloudflare-ech.com
SOAmona.ns.cloudflare.comdns@cloudflare.com serial=2408450005

net

Same first word

DNS History

11 records (8 active, 3 former)

20162017201820192020202120222023202420252026NSmona.ns.cloudflare.comtoby.ns.cloudflare.comns31.domaincontrol.comns32.domaincontrol.comMXmailstore1.secureserver.netsmtp.secureserver.netA104.21.1.238172.67.152.1502606:4700:3033::6815:1ee2606:4700:3037::ac43:989650.63.202.55
●NSmona.ns.cloudflare.com2026-02-16 β†’ 2026-07-04 Β· 3 obs
β—‹ 2017-01-31 18:00:08
● 2026-02-16 00:37:26
● 2026-07-04 07:50:52
β—‹NSns31.domaincontrol.com2015-08-15 β†’ 2017-01-31 Β· 4 obs
● 2015-08-15 12:40:04
● 2017-01-31 18:00:08
β—‹ 2026-02-16 00:37:26
β—‹ 2026-07-04 07:50:52
β—‹NSns32.domaincontrol.com2015-08-15 β†’ 2017-01-31 Β· 4 obs
● 2015-08-15 12:40:04
● 2017-01-31 18:00:08
β—‹ 2026-02-16 00:37:26
β—‹ 2026-07-04 07:50:52
●NStoby.ns.cloudflare.com2026-02-16 β†’ 2026-07-04 Β· 3 obs
β—‹ 2017-01-31 18:00:08
● 2026-02-16 00:37:26
● 2026-07-04 07:50:52
●MXmailstore1.secureserver.net2015-08-15 β†’ 2026-07-04 Β· 2 obs
● 2015-08-15 12:40:04
● 2026-07-04 07:50:52
●MXsmtp.secureserver.net2015-08-15 β†’ 2026-07-04 Β· 2 obs
● 2015-08-15 12:40:04
● 2026-07-04 07:50:52
●A104.21.1.2382026-02-16 β†’ 2026-07-04 Β· 3 obs
β—‹ 2017-01-31 18:00:08
● 2026-02-16 00:37:26
● 2026-07-04 07:50:52
●A172.67.152.1502026-02-16 β†’ 2026-07-04 Β· 3 obs
β—‹ 2017-01-31 18:00:08
● 2026-02-16 00:37:26
● 2026-07-04 07:50:52
●A2606:4700:3033::6815:1ee2026-02-16 β†’ 2026-07-04 Β· 3 obs
β—‹ 2017-01-31 18:00:08
● 2026-02-16 00:37:26
● 2026-07-04 07:50:52
●A2606:4700:3037::ac43:98962026-02-16 β†’ 2026-07-04 Β· 3 obs
β—‹ 2017-01-31 18:00:08
● 2026-02-16 00:37:26
● 2026-07-04 07:50:52
β—‹A50.63.202.552015-08-15 β†’ 2017-01-31 Β· 4 obs
● 2015-08-15 12:40:04
● 2017-01-31 18:00:08
β—‹ 2026-02-16 00:37:26
β—‹ 2026-07-04 07:50:52

πŸ” DNS Trace

πŸ“‹ Delegation Chain

ZoneNameserversGlue
nete.gtld-servers.net, l.gtld-servers.net, f.gtld-servers.net, d.gtld-servers.net...-
malwareanalysis.nettoby.ns.cloudflare.com, mona.ns.cloudflare.com-

βœ… Authoritative Response

Server:108.162.192.206

NS records: toby.ns.cloudflare.com, mona.ns.cloudflare.com

πŸ”’ DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for malwareanalysis.net (unsigned zone)

⏱️ Timing

Total: 502ms | Queries: -

πŸ“„ Records

TypeCountSample Data
A2104.21.1.238, 172.67.152.150
AAAA22606:4700:3033::6815:1ee, 2606:4700:3037::ac43:9896
NS2mona.ns.cloudflare.com, toby.ns.cloudflare.com
MX2smtp.secureserver.net (pri: 0), mailstore1.secureserver.net (pri: 10)
HTTPS1{"priority":1,"target":".","alpn":["h3",
SOA1mona.ns.cloudflare.com dns.cloudflare.co

Analysis

IP Addresses

malwareanalysis.net points to the four IP addresses 104.21.1.238, 172.67.152.150, 2606:4700:3033::6815:1ee and 2606:4700:3037::ac43:9896.

madisonwm.com, zbeshop.com, bestkebabkatowice.pl plus two other host names have IP numbers in common with malwareanalysis.net.

Name Servers

DNS delegation for malwareanalysis.net points to two name servers: mona.ns.cloudflare.com and toby.ns.cloudflare.com.

The name server configuration of malwareanalysis.net is shared with other domains, for instance unionps.org, feelb-infra.ovh, marosgroup.com and two others.

There is at least partial name server overlap between malwareanalysis.net and other domains β€” malucelli.net, hwj280.com, soundpollution.se and two more among them.

The name servers ollie.ns.cloudflare.com, ridge.ns.cloudflare.com and ruben.ns.cloudflare.com are often found in combination with these name servers.

Hosts with 6 IP addresses each:

mona.ns.cloudflare.com has IP addresses 108.162.192.206, 172.64.32.206 and 173.245.58.206, plus 3 other.

toby.ns.cloudflare.com has IP addresses 108.162.193.239, 172.64.33.239 and 173.245.59.239, plus 3 other.

Mail Servers

malwareanalysis.net uses two mail servers, mailstore1.secureserver.net and smtp.secureserver.net.

The mail server setup of malwareanalysis.net matches that of other domains such as inviertecomopro.com, dhc4.com, pvwine.com and two others.

mailstore1.secureserver.net points to 216.69.141.78, 216.69.141.114 and 216.69.141.162. smtp.secureserver.net points to 216.69.141.71, 216.69.141.84 and 216.69.141.113. Both hosts resolve to three IP numbers.