0

Really weird results with shareasale.com

My wife had trouble with a site at shareasale.com so I did a little troubleshooting. When I resolve that hostname anywhere else I get A records at 104.16.99.120 and 104.16.100.120. But when I resolve it using my NextDNS servers (e.g. 'host shareasale.com 45.90.30.148') I instead get A records at 45.90.28.4 and 45.90.30.4.

Those IP addresses look suspiciously like the IP of the NextDNS server itself, and indeed they belong to NextDNS - their RDNS is relay.nextdns.io. Why is this happening? It's worth noting that 'shareasale.com' appears in my NextDNS log as "Allowed by Affiliate & Tracking Links", and I do have that option enabled in my NextDNS settings.

$ host shareasale.com 45.90.30.148
Using domain server:
Name: 45.90.30.148
Address: 45.90.30.148#53
Aliases:

shareasale.com has address 45.90.28.4
shareasale.com has address 45.90.30.4
shareasale.com has IPv6 address 2a07:a8c0:4::
shareasale.com has IPv6 address 2a07:a8c1:4::

$ host 45.90.28.4
4.28.90.45.in-addr.arpa domain name pointer relay.nextdns.io.
$ host 45.90.30.4
4.30.90.45.in-addr.arpa domain name pointer relay.nextdns.io.

$ host shareasale.com 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

shareasale.com has address 104.16.100.120
shareasale.com has address 104.16.99.120
shareasale.com mail is handled by 0 shareasale-com.mail.protection.outlook.com.

Reply

null

Content aside

  • 10 mths agoLast active
  • 17Views
  • 1 Following