exploit.sh - dns.ninja

`exploit.sh`

DNSSEC	⚠️ Not signed
A	2600:3c01::f03c:91ff:fe96:92ea^{AKAMAI-LINODE-AP2600:3c01::/32}
A	178.79.129.224
NS	`exploit.sh` ⭐
		A	2600:3c01::f03c:91ff:fe96:92ea^{AKAMAI-LINODE-AP2600:3c01::/32}
		A	178.79.129.224
NS	`ns.exploit.sh`
NS	`ns.upthere.info`
MX	`aspmx.l.google.com` ⭐
		A	2607:f8b0:4004:c1b::1a^{🇺🇸 Google2607:f8b0:4004::/48}
			PTR	`wv-in-f26.1e100.net`
		A	172.253.115.26^{🇺🇸 Google172.253.115.0/24}
			PTR	`bg-in-f26.1e100.net`
MX	`alt1.aspmx.l.google.com`⁽²⁰⁾
		A	2800:3f0:4003:c0f::1b^{🇨🇱 Google2800:3f0:4003::/48}
		A	108.177.123.27^{🇺🇸 Google108.177.123.0/24}
			PTR	`lcscld-in-f27.1e100.net`
MX	`alt2.aspmx.l.google.com`⁽²⁰⁾
		A	2a00:1450:400b:c02::1b^{🇮🇪 Google2a00:1450:400b::/48}
			PTR	`dj-in-f27.1e100.net`
		A	172.253.116.26^{🇺🇸 Google172.253.116.0/24}
			PTR	`dj-in-f26.1e100.net`
MX	`aspmx2.googlemail.com`⁽³⁰⁾
		A	2800:3f0:4003:c0f::1b^{🇨🇱 Google2800:3f0:4003::/48}
		A	108.177.123.26^{🇺🇸 Google108.177.123.0/24}
			PTR	`lcscld-in-f26.1e100.net`
MX	`aspmx3.googlemail.com`⁽³⁰⁾
		A	2a00:1450:400b:c02::1b^{🇮🇪 Google2a00:1450:400b::/48}
			PTR	`dj-in-f27.1e100.net`
		A	172.253.116.27^{🇺🇸 Google172.253.116.0/24}
			PTR	`dj-in-f27.1e100.net`
TXT	`v=spf1 a mx a:fr.exploit.sh ip4:212.47.250.127 ip6:2001:bc8:65c:1247::1 inclu...`
SOA	`exploit.sh`admin@exploit.sh 2026-03-03 #31

`sh`

	DNSSEC	🔒 Signed (DS record present)
	NS	`a0.nic.sh` ⭐
	NS	`a2.nic.sh`
	NS	`b0.nic.sh`
	NS	`c0.nic.sh`
	SOA	`a0.nic.sh`hostmaster@donuts.email serial=1780854779

NS for

exploit.sh

DNS History

13 records (10 active, 3 former)

●NSexploit.sh2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

●NSns.exploit.sh2015-06-01 → 2026-06-07 · 2 obs

● 2015-06-01 15:39:50
● 2026-06-07 18:07:58

●NSns.upthere.info2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2016-10-03 00:16:48
○ 2017-08-13 17:56:20
● 2026-02-17 21:05:56
● 2026-06-07 18:07:58

○NSns1.exploit.sh2017-08-13 → 2017-08-13 · 4 obs

○ 2016-10-03 00:16:48
● 2017-08-13 17:56:20
○ 2026-02-17 21:05:56
○ 2026-06-07 18:07:58

○NSnsv6.exploit.sh2015-06-01 → 2017-08-13 · 4 obs

● 2015-06-01 15:39:50
● 2017-08-13 17:56:20
○ 2026-02-17 21:05:56
○ 2026-06-07 18:07:58

●MXalt1.aspmx.l.google.com2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

●MXalt2.aspmx.l.google.com2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

●MXaspmx.l.google.com2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

●MXaspmx2.googlemail.com2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

●MXaspmx3.googlemail.com2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

●A178.79.129.2242017-08-13 → 2026-06-07 · 6 obs

○ 2016-10-03 00:16:48
● 2017-08-13 17:56:20
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

●A2600:3c01::f03c:91ff:fe96:92ea2015-06-01 → 2026-06-07 · 5 obs

● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58

○A74.207.243.2072015-06-01 → 2016-10-03 · 4 obs

● 2015-06-01 15:39:50
● 2016-10-03 00:16:48
○ 2017-08-13 17:56:20
○ 2026-06-07 18:07:58

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
sh	a0.nic.sh, a2.nic.sh, b0.nic.sh, c0.nic.sh	8 records
exploit.sh	ns.upthere.info, ns.exploit.sh	1 record

✅ Authoritative Response

Server:178.79.129.224

NS records: ns.upthere.info, ns.exploit.sh

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for exploit.sh (unsigned zone)

⏱️ Timing

Total: 2368ms | Queries: -

📄 Records

Type	Count	Sample Data
A	1	`178.79.129.224`
AAAA	1	`2600:3c01::f03c:91ff:fe96:92ea`
NS	2	`ns.upthere.info, ns.exploit.sh`
MX	5	`ASPMX.L.GOOGLE.COM (pri: 10), ASPMX2.GOOGLEMAIL.COM (pri: 30)...`
TXT	1	`v=spf1 a mx a:fr.exploit.sh ip4:212.47.2`
SOA	1	`exploit.sh admin.exploit.sh`

📌 Glue Records Collected

Total: 9

In-bailiwick: 9 (a0.nic.sh, a0.nic.sh, a2.nic.sh...)

Analysis

Name Server Role

exploit.sh serves as a name server for itself — exploit.sh is its own authoritative name server.

ns.upthere.info, ns.exploit.sh and exploit.sh regularly act as name servers together.

IP Addresses

exploit.sh points to two IP numbers: 178.79.129.224 and 2600:3c01::f03c:91ff:fe96:92ea.

Name Servers

Three name servers handle the delegation for exploit.sh: exploit.sh, ns.upthere.info and ns.exploit.sh.

Host names with two IP numbers:

exploit.sh directs traffic to 178.79.129.224 and 2600:3c01::f03c:91ff:fe96:92ea.

Mail Servers

exploit.sh is handled by 5 mail servers: aspmx2.googlemail.com, aspmx3.googlemail.com, aspmx.l.google.com and two others.

Host names with two IP numbers:

aspmx2.googlemail.com directs traffic to 108.177.123.26 and 2800:3f0:4003:c0f::1b.

aspmx3.googlemail.com directs traffic to 172.253.116.27 and 2a00:1450:400b:c02::1b.

aspmx.l.google.com directs traffic to 172.253.115.26 and 2607:f8b0:4004:c1b::1a.

alt1.aspmx.l.google.com directs traffic to 108.177.123.27 and 2800:3f0:4003:c0f::1b.

alt2.aspmx.l.google.com directs traffic to 172.253.116.26 and 2a00:1450:400b:c02::1b.

Both aspmx2.googlemail.com and alt1.aspmx.l.google.com resolve to 2800:3f0:4003:c0f::1b IP addresses each.

Both aspmx3.googlemail.com and alt2.aspmx.l.google.com resolve to 2a00:1450:400b:c02::1b IP addresses each.