rootkit.ca - dns.ninja

`rootkit.ca`

DNSSEC	⚠️ Not signed
NS	`launch1.spaceship.net` ⭐
		A	2400:cb00:2049:1::a29f:1a26^{🇺🇸 Cloudflare2400:cb00:2049::/48 , Inc. 101 Townsend Street}
		A	162.159.26.38^{Cloudflare162.159.26.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
NS	`launch2.spaceship.net`
		A	2400:cb00:2049:1::a29f:1b20^{🇺🇸 Cloudflare2400:cb00:2049::/48 , Inc. 101 Townsend Street}
		A	162.159.27.32^{Cloudflare162.159.27.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
MX	`smtp.google.com` ⭐
		A	2607:f8b0:4004:c1b::1a^{🇺🇸 Google2607:f8b0:4004::/48}
			PTR	`wv-in-f26.1e100.net`
		A	2607:f8b0:4004:c1b::1b^{🇺🇸 Google2607:f8b0:4004::/48}
			PTR	`wv-in-f27.1e100.net`
		A	2607:f8b0:4004:c29::1a^{🇺🇸 Google2607:f8b0:4004::/48}
			PTR	`yuiadum-in-f26.1e100.net`
		A	2607:f8b0:4004:c29::1b^{🇺🇸 Google2607:f8b0:4004::/48}
			PTR	`yuiadum-in-f27.1e100.net`
		A	142.251.163.26^{🇺🇸 Google142.251.163.0/24}
			PTR	`wv-in-f26.1e100.net`
		A	142.251.163.27^{🇺🇸 Google142.251.163.0/24}
			PTR	`wv-in-f27.1e100.net`
		A	142.251.167.27^{🇺🇸 Google142.251.167.0/24}
			PTR	`ww-in-f27.1e100.net`
		A	173.194.45.26^{🇺🇸 Google173.194.0.0/16}
			PTR	`yuiadum-in-f26.1e100.net`
		A	173.194.45.27^{🇺🇸 Google173.194.0.0/16}
			PTR	`yuiadum-in-f27.1e100.net`
TXT	`google-site-verification=SWtH7cPI-e6yno6hNSNN0i6CPqAT0yjmlVRGqt0qST4`
SOA	`launch1.spaceship.net`support@spaceship.com serial=1779474342

`ca`

	DNSSEC	🔒 Signed (DS record present)
	NS	`prd-czp-05.corp.cira.ca` ⭐
	NS	`any.ca-servers.ca`
	NS	`c.ca-servers.ca`
	NS	`d.ca-servers.ca`
	NS	`j.ca-servers.ca`
	SOA	`prd-czp-05.corp.cira.ca`admin-dns@cira.ca serial=2606121830

Same first word

rootkit.org

rootkit.hu

rootkit.me

rootkit.com.cn

rootkit.fr

rootkit.info

rootkit.finance

rootkit.dk

rootkit.ir

rootkit.nl

rootkit.es

rootkit.cc

rootkit.be

rootkit.ca

rootkit.one

rootkit.ru

rootkit.com

rootkit.co

rootkit.pl

rootkit.eu

rootkit.net.cn

rootkit.online

rootkit.it

rootkit.se

rootkit.io

Similar names

ototrik.com

ortokit.com

kitroot.com

rotokit.com

trikoot.net

otkrito.com

tortiko.ru

otkrito.ru

irottko.hu

kotrito.com

kotorit.com

trikoto.com

irottko.com

tikroot.com

triokto.de

rikotto.nl

otkrito.lv

trikoto.de

DNS History

15 records (3 active, 12 former)

○NSdns1.registrar-servers.com2015-06-20 → 2017-03-31 · 4 obs

● 2015-06-20 11:37:30
● 2017-03-31 05:11:34
○ 2018-10-09 04:54:52
○ 2026-06-12 19:10:08

○NSdns2.registrar-servers.com2015-06-20 → 2017-03-31 · 4 obs

● 2015-06-20 11:37:30
● 2017-03-31 05:11:34
○ 2018-10-09 04:54:52
○ 2026-06-12 19:10:08

○NSdns3.registrar-servers.com2015-06-20 → 2016-07-21 · 4 obs

● 2015-06-20 11:37:30
● 2016-07-21 17:09:42
○ 2017-03-31 05:11:34
○ 2026-06-12 19:10:08

○NSdns4.registrar-servers.com2015-06-20 → 2016-07-21 · 4 obs

● 2015-06-20 11:37:30
● 2016-07-21 17:09:42
○ 2017-03-31 05:11:34
○ 2026-06-12 19:10:08

○NSdns5.registrar-servers.com2015-06-20 → 2016-07-21 · 4 obs

● 2015-06-20 11:37:30
● 2016-07-21 17:09:42
○ 2017-03-31 05:11:34
○ 2026-06-12 19:10:08

●NSlaunch1.spaceship.net2026-04-07 → 2026-06-12 · 3 obs

○ 2018-10-09 04:54:52
● 2026-04-07 19:25:52
● 2026-06-12 19:10:08

●NSlaunch2.spaceship.net2026-04-07 → 2026-06-12 · 3 obs

○ 2018-10-09 04:54:52
● 2026-04-07 19:25:52
● 2026-06-12 19:10:08

○MXalt1.aspmx.l.google.com2026-04-07 → 2026-06-12 · 2 obs

○ 2026-04-07 19:25:52
○ 2026-06-12 19:10:08

○MXalt2.aspmx.l.google.com2026-04-07 → 2026-06-12 · 2 obs

○ 2026-04-07 19:25:52
○ 2026-06-12 19:10:08

○MXaspmx.l.google.com2026-04-07 → 2026-06-12 · 2 obs

○ 2026-04-07 19:25:52
○ 2026-06-12 19:10:08

○MXaspmx2.googlemail.com2026-04-07 → 2026-06-12 · 2 obs

○ 2026-04-07 19:25:52
○ 2026-06-12 19:10:08

○MXaspmx3.googlemail.com2026-04-07 → 2026-06-12 · 2 obs

○ 2026-04-07 19:25:52
○ 2026-06-12 19:10:08

○MXmail.rootkit.ca2015-06-20 → 2017-03-31 · 4 obs

● 2015-06-20 11:37:30
● 2017-03-31 05:11:34
○ 2018-10-09 04:54:52
○ 2026-06-12 19:10:08

●MXsmtp.google.com2026-04-07 → 2026-06-12 · 3 obs

○ 2018-10-09 04:54:52
● 2026-04-07 19:25:52
● 2026-06-12 19:10:08

○A88.198.110.1682015-06-20 → 2017-03-31 · 4 obs

● 2015-06-20 11:37:30
● 2017-03-31 05:11:34
○ 2018-10-09 04:54:52
○ 2026-06-12 19:10:08

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
ca	c.ca-servers.ca, d.ca-servers.ca, j.ca-servers.ca, any.ca-servers.ca	-
rootkit.ca	launch1.spaceship.net, launch2.spaceship.net	-

✅ Authoritative Response

Server:162.159.26.38

NS records: launch1.spaceship.net, launch2.spaceship.net

🔒 DNSSEC Status

🔐 Secure (DNSSEC validated)

Chain of trust verified from root to domain

⏱️ Timing

Total: 1280ms | Queries: -

📄 Records

Type	Count	Sample Data
NS	2	`launch2.spaceship.net, launch1.spaceship.net`
MX	1	`smtp.google.com (pri: 1)`
TXT	1	`google-site-verification=SWtH7cPI-e6yno6`
SOA	1	`launch1.spaceship.net support.spaceship.`

Analysis

Name Servers

Two name servers handle the delegation for rootkit.ca: launch1.spaceship.net and launch2.spaceship.net.

rootkit.ca shares its NS records with other domains, for example zenex.site, compute.tv, 025181.cc and two others.

launch1.spaceship.net and launch2.spaceship.net both carry two IP addresses. The A records for launch1.spaceship.net are 162.159.26.38 and 2400:cb00:2049:1::a29f:1a26; the A records for launch2.spaceship.net are 162.159.27.32 and 2400:cb00:2049:1::a29f:1b20.

Mail Servers

The sole mail server for rootkit.ca is smtp.google.com.

Among the domains sharing a mail server setup with rootkit.ca are dixonenterprisegroup.com, mx.pidan.it, adad.com.tr and two others.

There is at least a partial MX overlap between rootkit.ca and other domains, including smodis.net, leparc.com.ec, yerimhazir.com and two others.

The mail servers alt1.aspmx.l.google.com and alt2.aspmx.l.google.com are commonly paired with these mail servers.

With 9 IP addresses total, smtp.google.com resolves to 142.251.163.26, 142.251.163.27, 142.251.167.27 and 6 others.