exploit.sh - dns.ninja

exploit.sh

sh

DNSSEC🔒 Signed (DS record present)
NSa0.nic.sh
NSa2.nic.sh
NSb0.nic.sh
NSc0.nic.sh
SOAa0.nic.shhostmaster@donuts.email serial=1780854779

NS for

DNS History

13 records (10 active, 3 former)

20162017201820192020202120222023202420252026NSexploit.shns.exploit.shns.upthere.infons1.exploit.shnsv6.exploit.shMXalt1.aspmx.l.google.comalt2.aspmx.l.google.comaspmx.l.google.comaspmx2.googlemail.comaspmx3.googlemail.comA178.79.129.2242600:3c01::f03c:91ff:fe96:92ea74.207.243.207
NSexploit.sh2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
NSns.exploit.sh2015-06-01 → 2026-06-07 · 2 obs
● 2015-06-01 15:39:50
● 2026-06-07 18:07:58
NSns.upthere.info2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2016-10-03 00:16:48
○ 2017-08-13 17:56:20
● 2026-02-17 21:05:56
● 2026-06-07 18:07:58
NSns1.exploit.sh2017-08-13 → 2017-08-13 · 4 obs
○ 2016-10-03 00:16:48
● 2017-08-13 17:56:20
○ 2026-02-17 21:05:56
○ 2026-06-07 18:07:58
NSnsv6.exploit.sh2015-06-01 → 2017-08-13 · 4 obs
● 2015-06-01 15:39:50
● 2017-08-13 17:56:20
○ 2026-02-17 21:05:56
○ 2026-06-07 18:07:58
MXalt1.aspmx.l.google.com2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
MXalt2.aspmx.l.google.com2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
MXaspmx.l.google.com2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
MXaspmx2.googlemail.com2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
MXaspmx3.googlemail.com2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
A178.79.129.2242017-08-13 → 2026-06-07 · 6 obs
○ 2016-10-03 00:16:48
● 2017-08-13 17:56:20
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
A2600:3c01::f03c:91ff:fe96:92ea2015-06-01 → 2026-06-07 · 5 obs
● 2015-06-01 15:39:50
● 2026-06-04 22:51:42
○ 2026-06-06 09:21:28
● 2026-06-07 01:29:02
● 2026-06-07 18:07:58
A74.207.243.2072015-06-01 → 2016-10-03 · 4 obs
● 2015-06-01 15:39:50
● 2016-10-03 00:16:48
○ 2017-08-13 17:56:20
○ 2026-06-07 18:07:58

🔍 DNS Trace

📋 Delegation Chain

ZoneNameserversGlue
sha0.nic.sh, a2.nic.sh, b0.nic.sh, c0.nic.sh8 records
exploit.shns.upthere.info, ns.exploit.sh1 record

✅ Authoritative Response

Server:178.79.129.224

NS records: ns.upthere.info, ns.exploit.sh

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for exploit.sh (unsigned zone)

⏱️ Timing

Total: 2368ms | Queries: -

📄 Records

TypeCountSample Data
A1178.79.129.224
AAAA12600:3c01::f03c:91ff:fe96:92ea
NS2ns.upthere.info, ns.exploit.sh
MX5ASPMX.L.GOOGLE.COM (pri: 10), ASPMX2.GOOGLEMAIL.COM (pri: 30)...
TXT1v=spf1 a mx a:fr.exploit.sh ip4:212.47.2
SOA1exploit.sh admin.exploit.sh

📌 Glue Records Collected

Total: 9

In-bailiwick: 9 (a0.nic.sh, a0.nic.sh, a2.nic.sh...)

Analysis

Name Server Role

exploit.sh serves as a name server for itself — exploit.sh is its own authoritative name server.

ns.upthere.info, ns.exploit.sh and exploit.sh regularly act as name servers together.

IP Addresses

exploit.sh points to two IP numbers: 178.79.129.224 and 2600:3c01::f03c:91ff:fe96:92ea.

Name Servers

Three name servers handle the delegation for exploit.sh: exploit.sh, ns.upthere.info and ns.exploit.sh.

Host names with two IP numbers:

exploit.sh directs traffic to 178.79.129.224 and 2600:3c01::f03c:91ff:fe96:92ea.

Mail Servers

exploit.sh is handled by 5 mail servers: aspmx2.googlemail.com, aspmx3.googlemail.com, aspmx.l.google.com and two others.

Host names with two IP numbers:

aspmx2.googlemail.com directs traffic to 108.177.123.26 and 2800:3f0:4003:c0f::1b.

aspmx3.googlemail.com directs traffic to 172.253.116.27 and 2a00:1450:400b:c02::1b.

aspmx.l.google.com directs traffic to 172.253.115.26 and 2607:f8b0:4004:c1b::1a.

alt1.aspmx.l.google.com directs traffic to 108.177.123.27 and 2800:3f0:4003:c0f::1b.

alt2.aspmx.l.google.com directs traffic to 172.253.116.26 and 2a00:1450:400b:c02::1b.

Both aspmx2.googlemail.com and alt1.aspmx.l.google.com resolve to 2800:3f0:4003:c0f::1b IP addresses each.

Both aspmx3.googlemail.com and alt2.aspmx.l.google.com resolve to 2a00:1450:400b:c02::1b IP addresses each.