exploit.sh - dns.ninja
exploit.sh
sh
| DNSSEC | ๐ Signed (DS record present) | ||||||
| NS | a0.nic.sh โญ | ||||||
| NS | a2.nic.sh | ||||||
| NS | b0.nic.sh | ||||||
| NS | c0.nic.sh | ||||||
| SOA | a0.nic.shhostmaster@donuts.email serial=1780795214 | ||||||
Previously NS for
exploit.sh |
Subdomains
Same first word
Similar names
DNS History
13 records (10 active, 3 former)
โNSexploit.sh2015-06-01 โ 2026-06-07 ยท 4 obs
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โNSns.exploit.sh2015-06-01 โ 2026-06-07 ยท 2 obs
โ 2026-06-07 01:29:02
โNSns.upthere.info2015-06-01 โ 2026-06-07 ยท 5 obs
โ 2016-10-03 00:16:48
โ 2017-08-13 17:56:20
โ 2026-02-17 21:05:56
โ 2026-06-07 01:29:02
โNSns1.exploit.sh2017-08-13 โ 2017-08-13 ยท 4 obs
โ 2017-08-13 17:56:20
โ 2026-02-17 21:05:56
โ 2026-06-07 01:29:02
โNSnsv6.exploit.sh2015-06-01 โ 2017-08-13 ยท 4 obs
โ 2017-08-13 17:56:20
โ 2026-02-17 21:05:56
โ 2026-06-07 01:29:02
โMXalt1.aspmx.l.google.com2015-06-01 โ 2026-06-07 ยท 4 obs
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โMXalt2.aspmx.l.google.com2015-06-01 โ 2026-06-07 ยท 4 obs
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โMXaspmx.l.google.com2015-06-01 โ 2026-06-07 ยท 4 obs
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โMXaspmx2.googlemail.com2015-06-01 โ 2026-06-07 ยท 4 obs
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โMXaspmx3.googlemail.com2015-06-01 โ 2026-06-07 ยท 4 obs
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โA178.79.129.2242017-08-13 โ 2026-06-07 ยท 5 obs
โ 2017-08-13 17:56:20
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โA2600:3c01::f03c:91ff:fe96:92ea2015-06-01 โ 2026-06-07 ยท 4 obs
โ 2026-06-04 22:51:42
โ 2026-06-06 09:21:28
โ 2026-06-07 01:29:02
โA74.207.243.2072015-06-01 โ 2016-10-03 ยท 4 obs
โ 2016-10-03 00:16:48
โ 2017-08-13 17:56:20
โ 2026-06-07 01:29:02
๐ DNS Trace
๐ Delegation Chain
| Zone | Nameservers | Glue |
|---|---|---|
| sh | b0.nic.sh, a0.nic.sh, c0.nic.sh, a2.nic.sh | 8 records |
| exploit.sh | ns.upthere.info, ns.exploit.sh | 1 record |
โ Authoritative Response
Server:178.79.129.224
NS records: ns.upthere.info, ns.exploit.sh
๐ DNSSEC Status
โ ๏ธ Insecure (no DNSSEC)
No DS record for exploit.sh (unsigned zone)
โฑ๏ธ Timing
Total: 573ms | Queries: -
๐ Records
| Type | Count | Sample Data |
|---|---|---|
| A | 1 | 178.79.129.224 |
| AAAA | 1 | 2600:3c01::f03c:91ff:fe96:92ea |
| NS | 2 | ns.exploit.sh, ns.upthere.info |
| MX | 5 | ASPMX2.GOOGLEMAIL.COM (pri: 30), ALT2.ASPMX.L.GOOGLE.COM (pri: 20)... |
| TXT | 1 | v=spf1 a mx a:fr.exploit.sh ip4:212.47.2 |
| SOA | 1 | exploit.sh admin.exploit.sh |
๐ Glue Records Collected
Total: 9
In-bailiwick: 9 (b0.nic.sh, b0.nic.sh, a0.nic.sh...)
Analysis
Hierarchy
nsv6.exploit.sh, mx.exploit.sh and ns1.exploit.sh each fall under the parent domain exploit.sh.
IP Addresses
exploit.sh points to two IP numbers: 178.79.129.224 and 2600:3c01::f03c:91ff:fe96:92ea.
ns.upthere.info and ns.exploit.sh, along with other host names, share IP addresses with exploit.sh.
Name Servers
Three name servers handle the delegation for exploit.sh: exploit.sh, ns.upthere.info and ns.exploit.sh.
At least some of exploit.sh's name servers are also used by other domains, among them upthere.info.
exploit.sh, ns.upthere.info and ns.exploit.sh each resolve to two IP addresses. exploit.sh resolves to 178.79.129.224 and 2600:3c01::f03c:91ff:fe96:92ea. ns.upthere.info resolves to 178.79.129.224 and 2a01:7e00::f03c:91ff:fe96:bc4d. ns.exploit.sh resolves to 178.79.129.224 and 2a01:7e00::f03c:91ff:fe96:bc4d.
exploit.sh, ns.upthere.info and ns.exploit.sh are host names that all point to 178.79.129.224.
Both ns.upthere.info and ns.exploit.sh resolve to 2a01:7e00::f03c:91ff:fe96:bc4d IP addresses each.
Mail Servers
exploit.sh is handled by 5 mail servers: aspmx2.googlemail.com, aspmx3.googlemail.com, aspmx.l.google.com and two others.
exploit.sh shares mail servers โ at least in part โ with other domains, including ns500693.ns500699.ns500734.ns500734.ns500734.ns500734.ns500693.ns500699.ns500588.ns500588.ns500588.ns500683.ns500588.ns500632.dtrkdll.com, ns500765.ns500765.ns500693.ns500734.ns500699.ns500693.ns500693.ns500693.ns500588.ns500693.ns500588.ns500588.ns500588.ns500632.ns500612.ns500602.dtrkdll.com, ns500759.ns500698.ns500759.ns500698.ns500758.ns500698.ns500736.ns500698.ns500698.ns500576.ns500708.ns500698.ns500619.ns500698.ns500576.ns500619.ns500576.trackreceptor.com and two others.
These mail servers are frequently used alongside mail servers alt2.aspmx.l.google.com, alt1.aspmx.l.google.com, alt3.aspmx.l.google.com and three others.
Host names with two IP numbers:
aspmx2.googlemail.com directs traffic to 108.177.123.26 and 2800:3f0:4003:c0f::1b.
aspmx3.googlemail.com directs traffic to 172.253.116.26 and 2a00:1450:400b:c02::1a.
aspmx.l.google.com directs traffic to 142.251.179.27 and 2607:f8b0:4004:c17::1a.
alt1.aspmx.l.google.com directs traffic to 108.177.123.27 and 2800:3f0:4003:c0f::1b.
alt2.aspmx.l.google.com directs traffic to 172.253.116.26 and 2a00:1450:400b:c02::1b.
Both aspmx2.googlemail.com and alt1.aspmx.l.google.com resolve to 2800:3f0:4003:c0f::1b IP addresses each.
Both aspmx3.googlemail.com and alt2.aspmx.l.google.com resolve to 172.253.116.26 IP addresses each.