rootkit.eu - dns.ninja

rootkit.eu

DNSSEC⚠️ Not signed
A2a03:b0c0:2:f0::fc3a:e001πŸ‡³πŸ‡± DIGITALOCEAN2a03:b0c0:2::/48 DigitalOcean
A209.38.54.191πŸ‡ΊπŸ‡Έ DIGITALOCEAN209.38.52.0/22 DigitalOcean
NSns4.nameshift.com ⭐
A149.248.195.131πŸ‡ΊπŸ‡Έ FLYIO-1149.248.194.0/23 FLY
PTRip-149-248-195-131.customer.flyio.net
NSns5.nameshift.com
A137.66.45.50πŸ‡ΊπŸ‡Έ FLYIO-1137.66.44.0/23 Fly.io Edge Network
PTRip-137-66-45-50.customer.flyio.net
TXTv=spf1 -all
SOAns4.nameshift.comhostmaster@nameshift.com serial=1780988400

eu

DNSSECπŸ”’ Signed (DS record present)
NSsi.dns.eu ⭐
NSbe.dns.eu
NSw.dns.eu
NSx.dns.eu
NSy.dns.eu
SOAsi.dns.eutech@eurid.eu serial=1125000581

Same first word

rootkit.nl
rootkit.es
rootkit.cc
rootkit.be
rootkit.ca
rootkit.one
rootkit.ru
rootkit.com
rootkit.co
rootkit.pl
rootkit.eu
rootkit.net.cn
rootkit.online
rootkit.it
rootkit.se
rootkit.io
rootkit.org
rootkit.hu
rootkit.me
rootkit.com.cn
rootkit.fr
rootkit.info
rootkit.finance
rootkit.dk
rootkit.ir

Similar names

ototrik.com
ortokit.com
kitroot.com
rotokit.com
trikoot.net
otkrito.com
tortiko.ru
otkrito.ru
irottko.hu
kotrito.com
kotorit.com
trikoto.com
irottko.com
tikroot.com
triokto.de
rikotto.nl
otkrito.lv
trikoto.de

DNS History

21 records (4 active, 17 former)

20162017201820192020202120222023202420252026NSns4.nameshift.comns5.nameshift.coma.gpk.eub.gpk.euc.gpk.euns1.gpk.euns1.sedoparking.comns2.gpk.euns2.sedoparking.comns3.gpk.euMXlocalhostA209.38.54.1912a03:b0c0:2:f0::fc3a:e001109.235.63.103134.199.240.162209.38.6.61212.227.255.1282604:a880:4:1d0:0:1:2626:a0002604:a880:800:14:0:1:f06c:600052.58.78.1664.190.63.222
β—‹NSa.gpk.eu2018-10-09 β†’ 2018-10-09 Β· 4 obs
β—‹ 2017-02-10 06:58:30
● 2018-10-09 04:59:22
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56
β—‹NSb.gpk.eu2018-10-09 β†’ 2018-10-09 Β· 4 obs
β—‹ 2017-02-10 06:58:30
● 2018-10-09 04:59:22
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56
β—‹NSc.gpk.eu2018-10-09 β†’ 2018-10-09 Β· 4 obs
β—‹ 2017-02-10 06:58:30
● 2018-10-09 04:59:22
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56
β—‹NSns1.gpk.eu2015-07-02 β†’ 2017-02-10 Β· 4 obs
● 2015-07-02 18:25:56
● 2017-02-10 06:58:30
β—‹ 2018-10-09 04:59:22
β—‹ 2026-06-09 07:06:56
β—‹NSns1.sedoparking.com2026-03-04 β†’ 2026-06-09 Β· 2 obs
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56
β—‹NSns2.gpk.eu2015-07-02 β†’ 2017-02-10 Β· 4 obs
● 2015-07-02 18:25:56
● 2017-02-10 06:58:30
β—‹ 2018-10-09 04:59:22
β—‹ 2026-06-09 07:06:56
β—‹NSns2.sedoparking.com2026-03-04 β†’ 2026-06-09 Β· 2 obs
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56
β—‹NSns3.gpk.eu2015-07-02 β†’ 2017-02-10 Β· 4 obs
● 2015-07-02 18:25:56
● 2017-02-10 06:58:30
β—‹ 2018-10-09 04:59:22
β—‹ 2026-06-09 07:06:56
●NSns4.nameshift.com2026-03-04 β†’ 2026-06-09 Β· 3 obs
β—‹ 2018-10-09 04:59:22
● 2026-03-04 03:28:08
● 2026-06-09 07:06:56
●NSns5.nameshift.com2026-03-04 β†’ 2026-06-09 Β· 3 obs
β—‹ 2018-10-09 04:59:22
● 2026-03-04 03:28:08
● 2026-06-09 07:06:56
β—‹MXlocalhost2026-03-04 β†’ 2026-06-09 Β· 2 obs
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56
β—‹A109.235.63.1032015-07-02 β†’ 2016-04-26 Β· 4 obs
● 2015-07-02 18:25:56
● 2016-04-26 15:53:50
β—‹ 2017-02-10 06:58:30
β—‹ 2026-06-09 07:06:56
β—‹A134.199.240.1622026-04-15 β†’ 2026-04-15 Β· 4 obs
β—‹ 2026-04-09 09:26:38
● 2026-04-15 16:36:18
β—‹ 2026-06-06 07:42:02
β—‹ 2026-06-09 07:06:56
●A209.38.54.1912026-03-04 β†’ 2026-06-09 Β· 6 obs
β—‹ 2018-10-09 04:59:22
● 2026-03-04 03:28:08
β—‹ 2026-04-09 09:26:38
β—‹ 2026-04-15 16:36:18
● 2026-06-06 07:42:02
● 2026-06-09 07:06:56
β—‹A209.38.6.612026-04-09 β†’ 2026-04-09 Β· 4 obs
β—‹ 2026-03-04 03:28:08
● 2026-04-09 09:26:38
β—‹ 2026-04-15 16:36:18
β—‹ 2026-06-09 07:06:56
β—‹A212.227.255.1282017-02-10 β†’ 2017-02-10 Β· 4 obs
β—‹ 2016-04-26 15:53:50
● 2017-02-10 06:58:30
β—‹ 2018-10-09 04:59:22
β—‹ 2026-06-09 07:06:56
β—‹A2604:a880:4:1d0:0:1:2626:a0002026-04-09 β†’ 2026-04-09 Β· 4 obs
β—‹ 2026-03-04 03:28:08
● 2026-04-09 09:26:38
β—‹ 2026-04-15 16:36:18
β—‹ 2026-06-09 07:06:56
β—‹A2604:a880:800:14:0:1:f06c:60002026-04-15 β†’ 2026-04-15 Β· 4 obs
β—‹ 2026-04-09 09:26:38
● 2026-04-15 16:36:18
β—‹ 2026-06-06 07:42:02
β—‹ 2026-06-09 07:06:56
●A2a03:b0c0:2:f0::fc3a:e0012026-03-04 β†’ 2026-06-09 Β· 6 obs
β—‹ 2018-10-09 04:59:22
● 2026-03-04 03:28:08
β—‹ 2026-04-09 09:26:38
β—‹ 2026-04-15 16:36:18
● 2026-06-06 07:42:02
● 2026-06-09 07:06:56
β—‹A52.58.78.162018-10-09 β†’ 2018-10-09 Β· 4 obs
β—‹ 2017-02-10 06:58:30
● 2018-10-09 04:59:22
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56
β—‹A64.190.63.2222026-03-04 β†’ 2026-06-09 Β· 2 obs
β—‹ 2026-03-04 03:28:08
β—‹ 2026-06-09 07:06:56

πŸ” DNS Trace

πŸ“‹ Delegation Chain

ZoneNameserversGlue
euw.dns.eu, x.dns.eu, y.dns.eu, be.dns.eu...-
rootkit.euns4.nameshift.com, ns5.nameshift.com-

βœ… Authoritative Response

Server:149.248.195.131

NS records: ns4.nameshift.com, ns5.nameshift.com

πŸ”’ DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for rootkit.eu (unsigned zone)

⏱️ Timing

Total: 1160ms | Queries: -

πŸ“„ Records

TypeCountSample Data
A1209.38.54.191
AAAA12a03:b0c0:2:f0::fc3a:e001
NS2ns4.nameshift.com, ns5.nameshift.com
MX1. (pri: 0)
TXT1v=spf1 -all
SOA1ns4.nameshift.com hostmaster.nameshift.c

Analysis

IP Addresses

rootkit.eu points to two IP numbers: 209.38.54.191 and 2a03:b0c0:2:f0::fc3a:e001.

zhg.be, lacta.de, ten-dam.nl plus two other host names have IP numbers in common with rootkit.eu.

Name Servers

rootkit.eu has two authoritative name servers β€” ns4.nameshift.com and ns5.nameshift.com.

The name server configuration of rootkit.eu is shared with other domains, for instance unternehmerstudie.de, mail.19067.de, brazzer.eu and two others.

rootkit.eu partially shares its NS delegation with several other domains, including netvantage.de, mail.pluskurs.de, travelquote.de and two others.

ns4.nameshift.com resolves to 149.248.195.131. ns5.nameshift.com resolves to 137.66.45.50. Both host names point to a single IP number.