attacker.so - dns.ninja

attacker.so

DNSSEC⚠️ Not signed
A2606:4700:3031::6815:4f51🇺🇸 Cloudflare2606:4700:3031::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US ✓ In HTTPS hints
A2606:4700:3033::ac43:a95d🇺🇸 Cloudflare2606:4700:3033::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US ✓ In HTTPS hints
A104.21.79.81Cloudflare104.21.64.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US ✓ In HTTPS hints
A172.67.169.93🇺🇸 Cloudflare172.67.160.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US ✓ In HTTPS hints
NSerin.ns.cloudflare.com
A2606:4700:50::adf5:3a71🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRerin.ns.cloudflare.com
A2803:f800:50::6ca2:c071🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L
PTRerin.ns.cloudflare.com
A2a06:98c1:50::ac40:2071🇺🇸 Cloudflare2a06:98c1:50::/45
PTRerin.ns.cloudflare.com
A108.162.192.113🇺🇸 Cloudflare108.162.192.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRerin.ns.cloudflare.com
A172.64.32.113🇺🇸 Cloudflare172.64.32.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRerin.ns.cloudflare.com
A173.245.58.113🇺🇸 Cloudflare173.245.58.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRerin.ns.cloudflare.com
NSlex.ns.cloudflare.com
A2606:4700:58::adf5:3bc4🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRlex.ns.cloudflare.com
A2803:f800:50::6ca2:c1c4🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L
PTRlex.ns.cloudflare.com
A2a06:98c1:50::ac40:21c4🇺🇸 Cloudflare2a06:98c1:50::/45
PTRlex.ns.cloudflare.com
A108.162.193.196🇺🇸 Cloudflare108.162.193.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRlex.ns.cloudflare.com
A172.64.33.196🇺🇸 Cloudflare172.64.33.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRlex.ns.cloudflare.com
A173.245.59.196🇺🇸 Cloudflare173.245.59.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US
PTRlex.ns.cloudflare.com
HTTPSHTTP/3, HTTP/2 ✓ hints match
IPv4 hints104.21.79.81, 172.67.169.93
IPv6 hints2606:4700:3031::6815:4f51, 2606:4700:3033::ac43:a95d
ECHX25519, HKDF-SHA256 + AES-128-GCM draft, id=155, name=cloudflare-ech.com
SOAerin.ns.cloudflare.comdns@cloudflare.com serial=2405196643

so

DNSSEC⚠️ Not signed
NSd.nic.so
NSe.nic.so
TXTGeneration Time ISO 8601: 2026-06-27 10:00:17
TXTGeneration Time: 1782554417
SOAd.nic.sohostmaster@nic.so 2026-06-27 #10

Same first word

attacker.host
attacker.cc
attacker.ru
attacker.net
attacker.ws
attacker.me
attacker.site
attacker.org
attacker.fit
attacker.tv
attacker.co
attacker.us
attacker.com
attacker.website
attacker.so
attacker.network
attacker.de

Similar names

teratack.com
arkatect.com
reattack.com
racketat.com
tacktera.com
creattak.com
teatrack.com
tracktea.com
tackaert.net
tarateck.de
takecart.com
catratek.com
karatect.com
arttacke.de
etatrack.com
caketart.com
eattrack.com
racketta.com

DNS History

12 records (6 active, 6 former)

NSerin.ns.cloudflare.comlex.ns.cloudflare.com170.ns1.abovedomains.com170.ns2.abovedomains.comns1.abovedomains.comns2.abovedomains.comMXpark-mx.above.comA104.21.79.81172.67.169.932606:4700:3031::6815:4f512606:4700:3033::ac43:a95d103.224.182.210
NS170.ns1.abovedomains.com2026-04-12 → 2026-04-22 · 4 obs
● 2026-04-12 21:06:54
● 2026-04-22 00:35:32
○ 2026-06-27 02:02:34
○ 2026-06-27 11:08:20
NS170.ns2.abovedomains.com2026-04-12 → 2026-04-22 · 4 obs
● 2026-04-12 21:06:54
● 2026-04-22 00:35:32
○ 2026-06-27 02:02:34
○ 2026-06-27 11:08:20
NSerin.ns.cloudflare.com2026-06-27 → 2026-06-27 · 3 obs
○ 2026-04-22 00:35:32
● 2026-06-27 02:02:34
● 2026-06-27 11:08:20
NSlex.ns.cloudflare.com2026-06-27 → 2026-06-27 · 3 obs
○ 2026-04-22 00:35:32
● 2026-06-27 02:02:34
● 2026-06-27 11:08:20
NSns1.abovedomains.com2026-04-12 → 2026-04-22 · 4 obs
● 2026-04-12 21:06:54
● 2026-04-22 00:35:32
○ 2026-06-27 02:02:34
○ 2026-06-27 11:08:20
NSns2.abovedomains.com2026-04-12 → 2026-04-22 · 4 obs
● 2026-04-12 21:06:54
● 2026-04-22 00:35:32
○ 2026-06-27 02:02:34
○ 2026-06-27 11:08:20
MXpark-mx.above.com2026-04-12 → 2026-04-22 · 4 obs
● 2026-04-12 21:06:54
● 2026-04-22 00:35:32
○ 2026-06-27 02:02:34
○ 2026-06-27 11:08:20
A103.224.182.2102026-04-12 → 2026-04-22 · 4 obs
● 2026-04-12 21:06:54
● 2026-04-22 00:35:32
○ 2026-06-27 02:02:34
○ 2026-06-27 11:08:20
A104.21.79.812026-06-27 → 2026-06-27 · 3 obs
○ 2026-04-22 00:35:32
● 2026-06-27 02:02:34
● 2026-06-27 11:08:20
A172.67.169.932026-06-27 → 2026-06-27 · 3 obs
○ 2026-04-22 00:35:32
● 2026-06-27 02:02:34
● 2026-06-27 11:08:20
A2606:4700:3031::6815:4f512026-06-27 → 2026-06-27 · 3 obs
○ 2026-04-22 00:35:32
● 2026-06-27 02:02:34
● 2026-06-27 11:08:20
A2606:4700:3033::ac43:a95d2026-06-27 → 2026-06-27 · 3 obs
○ 2026-04-22 00:35:32
● 2026-06-27 02:02:34
● 2026-06-27 11:08:20

🔍 DNS Trace

📋 Delegation Chain

ZoneNameserversGlue
sod.nic.so, e.nic.so4 records
attacker.soerin.ns.cloudflare.com, lex.ns.cloudflare.com-

✅ Authoritative Response

Server:108.162.193.196

NS records: erin.ns.cloudflare.com, lex.ns.cloudflare.com

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for so (unsigned zone)

⏱️ Timing

Total: 1283ms | Queries: -

📄 Records

TypeCountSample Data
A2172.67.169.93, 104.21.79.81
AAAA22606:4700:3031::6815:4f51, 2606:4700:3033::ac43:a95d
NS2erin.ns.cloudflare.com, lex.ns.cloudflare.com
HTTPS1{"priority":1,"target":".","alpn":["h3",
SOA1erin.ns.cloudflare.com dns.cloudflare.co

📌 Glue Records Collected

Total: 4

In-bailiwick: 4 (d.nic.so, e.nic.so, d.nic.so...)

Analysis

IP Addresses

attacker.so resolves to four IP addresses: 104.21.79.81, 172.67.169.93, 2606:4700:3031::6815:4f51 and 2606:4700:3033::ac43:a95d.

Additional host names — labsorbitbright.digital, www.jhcom.cn, www.reichardcalaflaw.com.cdn.cloudflare.net and two others — share IP numbers with attacker.so.

Name Servers

attacker.so is served by two delegated name servers, erin.ns.cloudflare.com and lex.ns.cloudflare.com.

attacker.so shares its name server setup with other domains, including makelikepro.lol, ivip9th.info, dea.monster and two others.

attacker.so partially shares its NS delegation with several other domains, including ylio.net, urge844330.pro, aeromar.mx and two others.

These name servers often co-occur with the name servers ivan.ns.cloudflare.com.

Host names with 6 IP numbers:

erin.ns.cloudflare.com carries IP addresses 108.162.192.113, 172.64.32.113 and 173.245.58.113, with 3 other addresses beyond those.

lex.ns.cloudflare.com carries IP addresses 108.162.193.196, 172.64.33.196 and 173.245.59.196, with 3 other addresses beyond those.