rootkit.dk - dns.ninja

`rootkit.dk`

DNSSEC	🔒 Signed (DS record present)
A	2606:4700:3035::6815:3e94^{🇺🇸 Cloudflare2606:4700:3035::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	2606:4700:3037::ac43:88b4^{🇺🇸 Cloudflare2606:4700:3037::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	104.21.62.148^{Cloudflare104.21.48.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	172.67.136.180^{🇺🇸 Cloudflare172.67.128.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
NS	`diva.ns.cloudflare.com` ⭐
		A	2606:4700:50::adf5:3a61^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`diva.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c061^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`diva.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:2061^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`diva.ns.cloudflare.com`
		A	108.162.192.97^{🇺🇸 Cloudflare108.162.192.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`diva.ns.cloudflare.com`
		A	172.64.32.97^{🇺🇸 Cloudflare172.64.32.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`diva.ns.cloudflare.com`
		A	173.245.58.97^{🇺🇸 Cloudflare173.245.58.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`diva.ns.cloudflare.com`
NS	`frank.ns.cloudflare.com`
		A	2606:4700:58::adf5:3ba6^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`frank.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c1a6^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`frank.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:21a6^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`frank.ns.cloudflare.com`
		A	108.162.193.166^{🇺🇸 Cloudflare108.162.193.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`frank.ns.cloudflare.com`
		A	172.64.33.166^{🇺🇸 Cloudflare172.64.33.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`frank.ns.cloudflare.com`
		A	173.245.59.166^{🇺🇸 Cloudflare173.245.59.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`frank.ns.cloudflare.com`
MX	`aspmx.l.google.com` ⭐
		A	2607:f8b0:4004:c1d::1a^{🇺🇸 Google2607:f8b0:4004::/48}
			PTR	`ww-in-f26.1e100.net`
		A	142.251.163.27^{🇺🇸 Google142.251.163.0/24}
			PTR	`wv-in-f27.1e100.net`
MX	`alt1.aspmx.l.google.com`⁽⁵⁾
		A	2800:3f0:4003:c0f::1b^{🇨🇱 Google2800:3f0:4003::/48}
		A	108.177.123.26^{🇺🇸 Google108.177.123.0/24}
			PTR	`lcscld-in-f26.1e100.net`
MX	`alt2.aspmx.l.google.com`⁽⁵⁾
		A	2a00:1450:400b:c02::1a^{🇮🇪 Google2a00:1450:400b::/48}
			PTR	`dj-in-f26.1e100.net`
		A	172.253.116.26^{🇺🇸 Google172.253.116.0/24}
			PTR	`dj-in-f26.1e100.net`
MX	`aspmx2.googlemail.com`⁽¹⁰⁾
		A	2800:3f0:4003:c0f::1b^{🇨🇱 Google2800:3f0:4003::/48}
		A	108.177.123.27^{🇺🇸 Google108.177.123.0/24}
			PTR	`lcscld-in-f27.1e100.net`
MX	`aspmx3.googlemail.com`⁽¹⁰⁾
		A	2a00:1450:400b:c02::1b^{🇮🇪 Google2a00:1450:400b::/48}
			PTR	`dj-in-f27.1e100.net`
		A	172.253.116.26^{🇺🇸 Google172.253.116.0/24}
			PTR	`dj-in-f26.1e100.net`
TXT	`ahrefs-site-verification_4e7b3a9f1235a840167f5a962297eed0ce7c02662a0e0e5ab72c...`
TXT	`google-site-verification=r6j4u-_aVAd2LVerJERyIa-2-AQjTAzcw8KmWDcQF6c`
TXT	`v=spf1 include:_spf.google.com ~all`
HTTPS	HTTP/3, HTTP/2 ✓ hints match
		IPv4 hints	104.21.62.148, 172.67.136.180
		IPv6 hints	2606:4700:3035::6815:3e94, 2606:4700:3037::ac43:88b4
		ECH	X25519, HKDF-SHA256 + AES-128-GCM draft, id=21, name=cloudflare-ech.com
SOA	`diva.ns.cloudflare.com`dns@cloudflare.com serial=2405162572

`dk`

	DNSSEC	🔒 Signed (DS record present)
	NS	`b.nic.dk` ⭐
	NS	`c.nic.dk`
	NS	`h.nic.dk`
	NS	`l.nic.dk`
	NS	`s.nic.dk`
	NS	`t.nic.dk`
	TXT	`DK zone updateEpoch 1780975441localtime Tue Jun 9 05:24:01 2026gmtime Tue Ju...`
	SOA	`b.nic.dk`tech@punktum.dk serial=1780975441

Same first word

rootkit.it

rootkit.se

rootkit.io

rootkit.org

rootkit.hu

rootkit.me

rootkit.com.cn

rootkit.fr

rootkit.info

rootkit.finance

rootkit.dk

rootkit.ir

rootkit.nl

rootkit.es

rootkit.cc

rootkit.be

rootkit.ca

rootkit.one

rootkit.ru

rootkit.com

rootkit.co

rootkit.pl

rootkit.eu

rootkit.net.cn

rootkit.online

Similar names

rotokit.com

trikoot.net

otkrito.com

tortiko.ru

otkrito.ru

irottko.hu

kotrito.com

kotorit.com

trikoto.com

irottko.com

tikroot.com

triokto.de

rikotto.nl

otkrito.lv

trikoto.de

ototrik.com

ortokit.com

kitroot.com

DNS History

23 records (11 active, 12 former)

●NSdiva.ns.cloudflare.com2026-02-16 → 2026-06-09 · 3 obs

○ 2018-10-09 04:43:34
● 2026-02-16 14:22:06
● 2026-06-09 04:04:18

●NSfrank.ns.cloudflare.com2026-02-16 → 2026-06-09 · 3 obs

○ 2018-10-09 04:43:34
● 2026-02-16 14:22:06
● 2026-06-09 04:04:18

○NSns1.gratisdns.dk2015-07-11 → 2018-10-09 · 4 obs

● 2015-07-11 15:31:08
● 2018-10-09 04:43:34
○ 2026-02-16 14:22:06
○ 2026-06-09 04:04:18

○NSns2.gratisdns.dk2015-07-11 → 2018-10-09 · 4 obs

● 2015-07-11 15:31:08
● 2018-10-09 04:43:34
○ 2026-02-16 14:22:06
○ 2026-06-09 04:04:18

○NSns3.gratisdns.dk2015-07-11 → 2018-10-09 · 4 obs

● 2015-07-11 15:31:08
● 2018-10-09 04:43:34
○ 2026-02-16 14:22:06
○ 2026-06-09 04:04:18

○NSns4.gratisdns.dk2015-07-11 → 2018-10-09 · 4 obs

● 2015-07-11 15:31:08
● 2018-10-09 04:43:34
○ 2026-02-16 14:22:06
○ 2026-06-09 04:04:18

○NSns5.gratisdns.dk2015-07-11 → 2018-10-09 · 4 obs

● 2015-07-11 15:31:08
● 2018-10-09 04:43:34
○ 2026-02-16 14:22:06
○ 2026-06-09 04:04:18

●MXalt1.aspmx.l.google.com2018-10-09 → 2026-06-09 · 2 obs

● 2018-10-09 04:43:34
● 2026-06-09 04:04:18

●MXalt2.aspmx.l.google.com2018-10-09 → 2026-06-09 · 2 obs

● 2018-10-09 04:43:34
● 2026-06-09 04:04:18

●MXaspmx.l.google.com2018-10-09 → 2026-06-09 · 2 obs

● 2018-10-09 04:43:34
● 2026-06-09 04:04:18

●MXaspmx2.googlemail.com2018-10-09 → 2026-06-09 · 2 obs

● 2018-10-09 04:43:34
● 2026-06-09 04:04:18

●MXaspmx3.googlemail.com2018-10-09 → 2026-06-09 · 2 obs

● 2018-10-09 04:43:34
● 2026-06-09 04:04:18

●A104.21.62.1482026-02-16 → 2026-06-09 · 5 obs

○ 2018-10-09 04:43:34
● 2026-02-16 14:22:06
● 2026-06-08 05:40:06
○ 2026-06-08 09:13:52
● 2026-06-09 04:04:18

○A139.59.213.2032018-10-09 → 2018-10-09 · 4 obs

○ 2017-03-19 09:42:00
● 2018-10-09 04:43:34
○ 2026-02-16 14:22:06
○ 2026-06-09 04:04:18

●A172.67.136.1802026-02-16 → 2026-06-09 · 5 obs

○ 2018-10-09 04:43:34
● 2026-02-16 14:22:06
● 2026-06-08 05:40:06
○ 2026-06-08 09:13:52
● 2026-06-09 04:04:18

○A188.114.96.02026-06-08 → 2026-06-08 · 3 obs

○ 2026-06-08 05:40:06
● 2026-06-08 09:13:52
○ 2026-06-09 04:04:18

○A188.114.97.02026-06-08 → 2026-06-08 · 3 obs

○ 2026-06-08 05:40:06
● 2026-06-08 09:13:52
○ 2026-06-09 04:04:18

○A213.239.200.1072016-06-19 → 2017-03-19 · 4 obs

● 2016-06-19 14:07:08
● 2017-03-19 09:42:00
○ 2018-10-09 04:43:34
○ 2026-06-09 04:04:18

●A2606:4700:3035::6815:3e942026-02-16 → 2026-06-09 · 5 obs

○ 2018-10-09 04:43:34
● 2026-02-16 14:22:06
● 2026-06-08 05:40:06
○ 2026-06-08 09:13:52
● 2026-06-09 04:04:18

●A2606:4700:3037::ac43:88b42026-02-16 → 2026-06-09 · 5 obs

○ 2018-10-09 04:43:34
● 2026-02-16 14:22:06
● 2026-06-08 05:40:06
○ 2026-06-08 09:13:52
● 2026-06-09 04:04:18

○A2a03:b0c0:3:d0::6dd:90012018-10-09 → 2018-10-09 · 4 obs

○ 2017-03-19 09:42:00
● 2018-10-09 04:43:34
○ 2026-02-16 14:22:06
○ 2026-06-09 04:04:18

○A2a06:98c1:3120::2026-06-08 → 2026-06-08 · 3 obs

○ 2026-06-08 05:40:06
● 2026-06-08 09:13:52
○ 2026-06-09 04:04:18

○A2a06:98c1:3121::2026-06-08 → 2026-06-08 · 3 obs

○ 2026-06-08 05:40:06
● 2026-06-08 09:13:52
○ 2026-06-09 04:04:18

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
dk	t.nic.dk, c.nic.dk, l.nic.dk, b.nic.dk...	-
rootkit.dk	diva.ns.cloudflare.com, frank.ns.cloudflare.com	-

✅ Authoritative Response

Server:172.64.33.166

NS records: diva.ns.cloudflare.com, frank.ns.cloudflare.com

🔒 DNSSEC Status

🔐 Secure (DNSSEC validated)

Chain of trust verified from root to domain

⏱️ Timing

Total: 1457ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`172.67.136.180, 104.21.62.148`
AAAA	2	`2606:4700:3035::6815:3e94, 2606:4700:3037::ac43:88b4`
NS	2	`diva.ns.cloudflare.com, frank.ns.cloudflare.com`
MX	5	`aspmx.l.google.com (pri: 1), aspmx2.googlemail.com (pri: 10)...`
TXT	3	`ahrefs-site-verification_4e7b3a9f1235a84, google-site-verification=r6j4u-_aVAd2LVe...`
HTTPS	1	`{"priority":1,"target":".","alpn":["h3",`
SOA	1	`diva.ns.cloudflare.com dns.cloudflare.co`

Analysis

IP Addresses

rootkit.dk resolves to 4 IP numbers: 104.21.62.148, 172.67.136.180, 2606:4700:3035::6815:3e94 and 2606:4700:3037::ac43:88b4.

Additional host names — fisherjonesfamilydentistry.com, 18hairygirls.com, codevaruosad.com and two others — share IP numbers with rootkit.dk.

Name Servers

rootkit.dk uses two name servers for its delegation: diva.ns.cloudflare.com and frank.ns.cloudflare.com.

rootkit.dk shares its name server setup with other domains, including iboi.pl, tiindiquei.com.br, valuesec.dk and two others.

rootkit.dk has at least partial name server overlap with other domains, such as casualninesucceed.work, ftiria.org, lockensmartaccess.com and two others.

These name servers tend to appear together with the name servers dean.ns.cloudflare.com, dexter.ns.cloudflare.com and serenity.ns.cloudflare.com.

Host names with 6 IP numbers:

diva.ns.cloudflare.com has IP addresses 108.162.192.97, 172.64.32.97, 173.245.58.97 plus three more.

frank.ns.cloudflare.com has IP addresses 108.162.193.166, 172.64.33.166, 173.245.59.166 plus three more.

Mail Servers

rootkit.dk is handled by 5 mail servers: aspmx2.googlemail.com, aspmx3.googlemail.com, aspmx.l.google.com and two others.

rootkit.dk shares mail servers — at least in part — with other domains, including hefty.co, lancasterwriter.com, pluscred.com and two others.

These mail servers are frequently used alongside mail servers alt1.aspmx.l.google.com, alt2.aspmx.l.google.com, alt3.aspmx.l.google.com and three others.

Host names with two IP numbers:

aspmx2.googlemail.com directs traffic to 108.177.123.27 and 2800:3f0:4003:c0f::1b.

aspmx3.googlemail.com directs traffic to 172.253.116.26 and 2a00:1450:400b:c02::1b.

aspmx.l.google.com directs traffic to 142.251.163.27 and 2607:f8b0:4004:c1d::1a.

alt1.aspmx.l.google.com directs traffic to 108.177.123.26 and 2800:3f0:4003:c0f::1b.

alt2.aspmx.l.google.com directs traffic to 172.253.116.26 and 2a00:1450:400b:c02::1a.

Both aspmx2.googlemail.com and alt1.aspmx.l.google.com resolve to 2800:3f0:4003:c0f::1b IP addresses each.

Both aspmx3.googlemail.com and alt2.aspmx.l.google.com resolve to 172.253.116.26 IP addresses each.