cloudsink.net - robtex.com

cloudsink.net

DNSSECπŸ”’ Signed (DS record present)
NSns-460.awsdns-57.com ⭐
A2600:9000:5301:cc00::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5301::/48 - CloudFront
PTRns-460.awsdns-57.com
A205.251.193.204πŸ‡ΊπŸ‡Έ Amazon205.251.193.0/24 prefix
PTRns-460.awsdns-57.com
NSns-1072.awsdns-06.org
A2600:9000:5304:3000::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5304::/48 - CloudFront
PTRns-1072.awsdns-06.org
A205.251.196.48πŸ‡ΊπŸ‡Έ Amazon205.251.196.0/24 prefix
PTRns-1072.awsdns-06.org
NSns-1564.awsdns-03.co.uk
A2600:9000:5306:1c00::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5306::/48 - CloudFront
PTRns-1564.awsdns-03.co.uk
A205.251.198.28πŸ‡ΊπŸ‡Έ Amazon205.251.198.0/24 prefix
PTRns-1564.awsdns-03.co.uk
NSns-587.awsdns-09.net
A2600:9000:5302:4b00::1πŸ‡ΊπŸ‡Έ Amazon2600:9000:5302::/48 - CloudFront
PTRns-587.awsdns-09.net
A205.251.194.75πŸ‡ΊπŸ‡Έ Amazon205.251.194.0/24 prefix
PTRns-587.awsdns-09.net
MXaspmx.l.google.com ⭐
A2607:f8b0:4004:c19::1bπŸ‡ΊπŸ‡Έ Google2607:f8b0:4004::/48
PTRbk-in-f27.1e100.net
A172.253.62.27πŸ‡ΊπŸ‡Έ Google172.253.62.0/24
PTRbc-in-f27.1e100.net
MXalt1.aspmx.l.google.com(5)
A2607:f8b0:4003:c30::1bπŸ‡ΊπŸ‡Έ Google2607:f8b0:4003::/48
PTRyutulis-in-f27.1e100.net
A74.125.27.26πŸ‡ΊπŸ‡Έ Google74.125.27.0/24
PTRyutulis-in-f26.1e100.net
MXalt2.aspmx.l.google.com(5)
A2607:f8b0:4001:c70::1aπŸ‡ΊπŸ‡Έ Google2607:f8b0:4001::/48
PTRyucbful-in-f26.1e100.net
A192.178.209.26πŸ‡ΊπŸ‡Έ Google192.178.209.0/24
PTRyucbful-in-f26.1e100.net
MXaspmx2.googlemail.com(10)
A2607:f8b0:4003:c30::1bπŸ‡ΊπŸ‡Έ Google2607:f8b0:4003::/48
PTRyutulis-in-f27.1e100.net
A74.125.27.27πŸ‡ΊπŸ‡Έ Google74.125.27.0/24
PTRyutulis-in-f27.1e100.net
MXaspmx3.googlemail.com(10)
A2607:f8b0:4001:c70::1aπŸ‡ΊπŸ‡Έ Google2607:f8b0:4001::/48
PTRyucbful-in-f26.1e100.net
A192.178.209.27πŸ‡ΊπŸ‡Έ Google192.178.209.0/24
PTRyucbful-in-f27.1e100.net
TXTPBGBAmN9vG6i0LunP34JQTxRdxXMPJkaxeL3ZVKO174=
TXT_globalsign-domain-verification=hOZe0E77W75uSaxz8j1mJ7AiD-p0a9htr9hFgSp7mo
TXTgoogle-site-verification=XMD7rhgYvHoSgi4xMWyXXWPVWyFYGcOK9cJ8aGCXKEA
TXTpgpg7k2xx5mkw2vjl851b28szptj4sff
TXTpx417y94n59kzt5rrr3z0122lnp5bf9x
TXTt02tc754z2g16dm452r209xly2gl9rv7
TXTt89n8nm8k4rgmbmnjbxtb1xf2q8nkrsf
TXTv=spf1 include:_spf.google.com ~all
TXTyh6nv555v83phdqw1ydqg82p3hbsg0mw
TXTzb2p85k8n6bbz2qg9zl0cf119ljxrk3z
SOAns-460.awsdns-57.comawsdns-hostmaster@amazon.com serial=1

net

DNSSECπŸ”’ Signed (DS record present)
NSa.gtld-servers.net ⭐
NSb.gtld-servers.net
NSc.gtld-servers.net
NSd.gtld-servers.net
NSe.gtld-servers.net
NSf.gtld-servers.net
NSg.gtld-servers.net
NSh.gtld-servers.net
NSi.gtld-servers.net
NSj.gtld-servers.net
NSk.gtld-servers.net
NSl.gtld-servers.net
NSm.gtld-servers.net
SOAa.gtld-servers.netnstld@verisign-grs.com serial=1771291465
πŸ“ˆ Tranco rank: #990
cloudsink.net - Tranco Rank (30d: ↓-261)8589001.0K1.1K1.2K1.2KFeb 1Feb 11Feb 21Mar 3Mar 12Rank#922#1,183

Cloudsink.net - Security Sinkhole Domain

cloudsink.net is a DNS sinkhole domain used for cybersecurity purposes. The domain does not host a public website but serves as infrastructure for redirecting malicious traffic away from command-and-control servers.

Purpose

DNS sinkholes are a defensive security technique where domains previously used by malware or botnets are taken over and redirected to benign servers. This allows security researchers to:

  • Monitor infected systems attempting to contact malicious infrastructure
  • Disrupt botnet communications
  • Gather intelligence on malware campaigns

Technical Infrastructure

  • DNS: AWS Route 53 (ns-460.awsdns-57.com, ns-587.awsdns-09.net, ns-1072.awsdns-06.org, ns-1564.awsdns-03.co.uk)
  • Email: Google Workspace (aspmx.l.google.com and related MX servers)
  • DNSSEC: Signed and validated
  • Registrar: CSC Corporate Domains, Inc. (enterprise-focused registrar)

Registration Details

  • Created: August 10, 2012
  • Registrar: CSC Corporate Domains, Inc.
  • Status: Protected with clientTransferProhibited, serverDeleteProhibited, serverTransferProhibited, serverUpdateProhibited

Traffic & Ranking

  • Tranco Rank: #963 globally, indicating high traffic volume typical of sinkhole infrastructure receiving connections from infected systems worldwide

Subdomains

ts01-b.cloudsink.net
lfodown01-lanner-lion.cloudsink.net
lfodown01-laggar-gcw.cloudsink.net
csa.cloudsink.net
ts01-gyr-maverick.cloudsink.net
lfodown01-gyr-maverick.cloudsink.net
lfoup01-laggar-gcw.cloudsink.net
lfoup01-b.cloudsink.net
lfoup01-lanner-lion.cloudsink.net
eu-1.cloudsink.net
lfodown01-b.cloudsink.net
ts01-us-gov-2.cloudsink.net
ts01-laggar-gcw.cloudsink.net
lfoup01-gyr-maverick.cloudsink.net
ts01-lanner-lion.cloudsink.net

Same first word

cloudsink.com
cloudsink.net.nz
cloudsink.net

Similar names

loudnsick.de
cloudskin.eu
inkclouds.com
kloudsinc.com
cloudskin.net
cloudskin.de
skincloud.net
cloudskin.com
cloudinks.com
indulocks.com
skincloud.com
soundlick.com
usdoclink.com
kinscloud.com
loudnsick.com

DNS History

20 records (9 active, 11 former)

20162017201820192020202120222023202420252026NSns-1072.awsdns-06.orgns-1564.awsdns-03.co.ukns-460.awsdns-57.comns-587.awsdns-09.netns1.p10.dynect.netns13.domaincontrol.comns14.domaincontrol.comns2.p10.dynect.netns3.p10.dynect.netns4.p10.dynect.netpdns07.domaincontrol.compdns08.domaincontrol.comMXalt1.aspmx.l.google.comalt2.aspmx.l.google.comaspmx.l.google.comaspmx2.googlemail.comaspmx3.googlemail.commailstore1.secureserver.netsmtp.secureserver.netA97.74.42.79
●NSns-1072.awsdns-06.org2021-09-12 β†’ 2026-03-14 Β· 3 obs
β—‹ 2021-01-17 23:28:48
● 2021-09-12 02:50:06
● 2026-03-14 10:18:14
●NSns-1564.awsdns-03.co.uk2021-09-12 β†’ 2026-03-14 Β· 3 obs
β—‹ 2021-01-17 23:28:48
● 2021-09-12 02:50:06
● 2026-03-14 10:18:14
●NSns-460.awsdns-57.com2021-09-12 β†’ 2026-03-14 Β· 3 obs
β—‹ 2021-01-17 23:28:48
● 2021-09-12 02:50:06
● 2026-03-14 10:18:14
●NSns-587.awsdns-09.net2021-09-12 β†’ 2026-03-14 Β· 3 obs
β—‹ 2021-01-17 23:28:48
● 2021-09-12 02:50:06
● 2026-03-14 10:18:14
β—‹NSns1.p10.dynect.net2017-02-16 β†’ 2021-01-17 Β· 5 obs
β—‹ 2016-11-02 15:55:38
● 2017-02-16 13:06:32
● 2021-01-17 23:28:48
β—‹ 2021-09-12 02:50:06
β—‹ 2026-03-14 10:18:14
β—‹NSns13.domaincontrol.com2015-07-17 β†’ 2016-10-25 Β· 4 obs
● 2015-07-17 10:02:36
● 2016-10-25 18:12:20
β—‹ 2016-11-02 15:55:38
β—‹ 2026-03-14 10:18:14
β—‹NSns14.domaincontrol.com2015-07-17 β†’ 2016-10-25 Β· 4 obs
● 2015-07-17 10:02:36
● 2016-10-25 18:12:20
β—‹ 2016-11-02 15:55:38
β—‹ 2026-03-14 10:18:14
β—‹NSns2.p10.dynect.net2017-02-16 β†’ 2021-01-17 Β· 5 obs
β—‹ 2016-11-02 15:55:38
● 2017-02-16 13:06:32
● 2021-01-17 23:28:48
β—‹ 2021-09-12 02:50:06
β—‹ 2026-03-14 10:18:14
β—‹NSns3.p10.dynect.net2017-02-16 β†’ 2021-01-17 Β· 5 obs
β—‹ 2016-11-02 15:55:38
● 2017-02-16 13:06:32
● 2021-01-17 23:28:48
β—‹ 2021-09-12 02:50:06
β—‹ 2026-03-14 10:18:14
β—‹NSns4.p10.dynect.net2017-02-16 β†’ 2021-01-17 Β· 5 obs
β—‹ 2016-11-02 15:55:38
● 2017-02-16 13:06:32
● 2021-01-17 23:28:48
β—‹ 2021-09-12 02:50:06
β—‹ 2026-03-14 10:18:14
β—‹NSpdns07.domaincontrol.com2016-11-02 β†’ 2021-01-17 Β· 5 obs
β—‹ 2016-10-25 18:12:20
● 2016-11-02 15:55:38
● 2021-01-17 23:28:48
β—‹ 2021-09-12 02:50:06
β—‹ 2026-03-14 10:18:14
β—‹NSpdns08.domaincontrol.com2016-11-02 β†’ 2021-01-17 Β· 5 obs
β—‹ 2016-10-25 18:12:20
● 2016-11-02 15:55:38
● 2021-01-17 23:28:48
β—‹ 2021-09-12 02:50:06
β—‹ 2026-03-14 10:18:14
●MXalt1.aspmx.l.google.com2016-12-24 β†’ 2026-03-14 Β· 3 obs
β—‹ 2016-12-14 09:19:28
● 2016-12-24 14:37:56
● 2026-03-14 10:18:14
●MXalt2.aspmx.l.google.com2016-12-24 β†’ 2026-03-14 Β· 3 obs
β—‹ 2016-12-14 09:19:28
● 2016-12-24 14:37:56
● 2026-03-14 10:18:14
●MXaspmx.l.google.com2016-12-24 β†’ 2026-03-14 Β· 3 obs
β—‹ 2016-12-14 09:19:28
● 2016-12-24 14:37:56
● 2026-03-14 10:18:14
●MXaspmx2.googlemail.com2016-12-24 β†’ 2026-03-14 Β· 3 obs
β—‹ 2016-12-14 09:19:28
● 2016-12-24 14:37:56
● 2026-03-14 10:18:14
●MXaspmx3.googlemail.com2016-12-24 β†’ 2026-03-14 Β· 3 obs
β—‹ 2016-12-14 09:19:28
● 2016-12-24 14:37:56
● 2026-03-14 10:18:14
β—‹MXmailstore1.secureserver.net2015-07-17 β†’ 2016-12-14 Β· 4 obs
● 2015-07-17 10:02:36
● 2016-12-14 09:19:28
β—‹ 2016-12-24 14:37:56
β—‹ 2026-03-14 10:18:14
β—‹MXsmtp.secureserver.net2015-07-17 β†’ 2016-12-14 Β· 4 obs
● 2015-07-17 10:02:36
● 2016-12-14 09:19:28
β—‹ 2016-12-24 14:37:56
β—‹ 2026-03-14 10:18:14
β—‹A97.74.42.792015-07-17 β†’ 2019-11-05 Β· 4 obs
● 2015-07-17 10:02:36
● 2019-11-05 15:48:00
β—‹ 2020-04-02 23:03:26
β—‹ 2026-03-14 10:18:14

πŸ” DNS Trace

πŸ“‹ Delegation Chain

ZoneNameserversGlue
neta.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net...-
cloudsink.netns-587.awsdns-09.net, ns-460.awsdns-57.com, ns-1564.awsdns-03.co.uk, ns-1072.awsdns-06.org1 record

βœ… Authoritative Response

Server: 205.251.194.75

NS records: ns-587.awsdns-09.net, ns-460.awsdns-57.com, ns-1564.awsdns-03.co.uk, ns-1072.awsdns-06.org

πŸ”’ DNSSEC Status

πŸ” Secure (DNSSEC validated)

Chain of trust verified from root to domain

⏱️ Timing

Total: 523ms | Queries: -

πŸ“„ Records

TypeCountSample Data
NS4ns-1072.awsdns-06.org, ns-1564.awsdns-03.co.uk...
MX5aspmx.l.google.com (pri: 1), aspmx2.googlemail.com (pri: 10)...
TXT10PBGBAmN9vG6i0LunP34JQTxRdxXMPJkaxeL3ZVKO, _globalsign-domain-verification=hOZe0E77...
SOA1ns-460.awsdns-57.com awsdns-hostmaster.a

πŸ“Œ Glue Records Collected

Total: 1

Out-of-bailiwick: 1 (ns-587.awsdns-09.net)

Analysis

Hierarchy

cloudsink.net is the parent of ts01-b.cloudsink.net, lfodown01-lanner-lion.cloudsink.net, lfodown01-laggar-gcw.cloudsink.net, csa.cloudsink.net, ts01-gyr-maverick.cloudsink.net and a few other host names.

Name Servers

cloudsink.net is delegated to four name servers: ns-460.awsdns-57.com, ns-587.awsdns-09.net, ns-1072.awsdns-06.org and ns-1564.awsdns-03.co.uk.

cloudsink.net at least partially shares name servers with other domains, for instance mcmanesautodev.com, pinpoint.ap-southeast-1.amazonaws.com, teamshimano.com, beoexpert.com and online-opmaat.com.

these name servers are commonly used with the name servers ns-1625.awsdns-11.co.uk, ns-969.awsdns-57.net, ns-1291.awsdns-33.org, ns-920.awsdns-51.net, ns1.tukios.net, ns2.tukios.net, ns-1498.awsdns-59.org and ns-1817.awsdns-35.co.uk.

Host names with two IP numbers:

ns-460.awsdns-57.com points to 2600:9000:5301:cc00::1 and 205.251.193.204; ns-587.awsdns-09.net points to 2600:9000:5302:4b00::1 and 205.251.194.75; ns-1072.awsdns-06.org points to 2600:9000:5304:3000::1 and 205.251.196.48; ns-1564.awsdns-03.co.uk points to 2600:9000:5306:1c00::1 and 205.251.198.28.

Mail Servers

cloudsink.net is handled by five mail servers: aspmx2.googlemail.com, aspmx3.googlemail.com, aspmx.l.google.com, alt1.aspmx.l.google.com and alt2.aspmx.l.google.com.

cloudsink.net shares some mail servers with other domains, at least partially, for instance hombrito.com, xsep.net, ns500768.ns500759.ns500758.ns500736.ns500698.ns500735.ns500576.ns500576.ns500698.ns500619.trackreceptor.com, ns500742.ns500754.ns500671.ns500731.ns500754.ns500671.ns500742.ns500671.ns500671.ns500705.ns500678.ns500688.ns500649.ns500688.ns500649.ns500649.ns500666.tenderladiesbz.com and ns500671.ns500754.ns500742.ns500731.ns500742.ns500742.ns500688.ns500705.ns500705.ns500649.ns500666.ns500291.ns500131.lustychickser.com.

these mail servers are often used with alt3.aspmx.l.google.com, alt4.aspmx.l.google.com, aspmx4.googlemail.com and aspmx5.googlemail.com.

Host names with two IP numbers

aspmx2.googlemail.com points to 2607:f8b0:4003:c30::1b and 74.125.27.27

aspmx3.googlemail.com points to 2607:f8b0:4001:c70::1a and 192.178.209.27

aspmx.l.google.com points to 2607:f8b0:4004:c19::1b and 172.253.62.27

alt1.aspmx.l.google.com points to 2607:f8b0:4003:c30::1b and 74.125.27.26

alt2.aspmx.l.google.com points to 2607:f8b0:4001:c70::1a and 192.178.209.26

Host names that point to 2607:f8b0:4003:c30::1b: aspmx2.googlemail.com and alt1.aspmx.l.google.com

Host names that point to 2607:f8b0:4001:c70::1a: aspmx3.googlemail.com and alt2.aspmx.l.google.com