rootkit.finance - dns.ninja

`rootkit.finance`

DNSSEC	⚠️ Not signed
A	157.90.33.73^{🇩🇪 Hetzner157.90.0.0/16 HETZNER-DC}
		PTR	`old-psh4.1push.io`
A	157.90.33.74^{🇩🇪 Hetzner157.90.0.0/16 HETZNER-DC}
NS	`ns1.park-my-domain.net` ⭐
		A	46.224.16.22^{🇮🇷 Hetzner46.224.0.0/15 HETZNER-DC}
			PTR	`ns1.park-my-domain.net`
NS	`ns2.park-my-domain.net`
		A	65.108.243.18^{🇫🇮 Hetzner65.108.0.0/16 HETZNER-DC}
			PTR	`static.18.243.108.65.clients.your-server.de`
SOA	`ns1.park-my-domain.net`hostmaster@rootkit.finance 2026-05-29 #5

`finance`

	DNSSEC	🔒 Signed (DS record present)
	NS	`v0n0.nic.finance` ⭐
	NS	`v0n1.nic.finance`
	NS	`v0n2.nic.finance`
	NS	`v0n3.nic.finance`
	NS	`v2n0.nic.finance`
	NS	`v2n1.nic.finance`
	SOA	`v0n0.nic.finance`hostmaster@donuts.email serial=1780960579

Same first word

rootkit.net.cn

rootkit.online

rootkit.it

rootkit.se

rootkit.io

rootkit.org

rootkit.hu

rootkit.me

rootkit.com.cn

rootkit.fr

rootkit.info

rootkit.finance

rootkit.dk

rootkit.ir

rootkit.nl

rootkit.es

rootkit.cc

rootkit.be

rootkit.ca

rootkit.one

rootkit.ru

rootkit.com

rootkit.co

rootkit.pl

rootkit.eu

Similar names

ototrik.com

ortokit.com

kitroot.com

rotokit.com

trikoot.net

otkrito.com

tortiko.ru

otkrito.ru

irottko.hu

kotrito.com

kotorit.com

trikoto.com

irottko.com

tikroot.com

triokto.de

rikotto.nl

otkrito.lv

trikoto.de

DNS History

22 records (4 active, 18 former)

○NS5579.ns1.abovedomains.com2026-03-31 → 2026-03-31 · 3 obs

○ 2026-03-18 06:45:52
● 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○NS5579.ns2.abovedomains.com2026-03-31 → 2026-03-31 · 3 obs

○ 2026-03-18 06:45:52
● 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○NSns1.abovedomains.com2026-03-31 → 2026-03-31 · 3 obs

○ 2026-03-18 06:45:52
● 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○NSns1.dns-redirect.com2026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

●NSns1.park-my-domain.net2026-06-09 → 2026-06-09 · 2 obs

○ 2026-03-31 02:29:52
● 2026-06-09 00:12:30

○NSns2.abovedomains.com2026-03-31 → 2026-03-31 · 3 obs

○ 2026-03-18 06:45:52
● 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○NSns2.dns-redirect.com2026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

●NSns2.park-my-domain.net2026-06-09 → 2026-06-09 · 2 obs

○ 2026-03-31 02:29:52
● 2026-06-09 00:12:30

○MXpark-mx.above.com2026-03-31 → 2026-03-31 · 2 obs

● 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A103.224.212.2002026-03-31 → 2026-03-31 · 3 obs

○ 2026-03-18 06:45:52
● 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

●A157.90.33.732026-06-09 → 2026-06-09 · 2 obs

○ 2026-03-31 02:29:52
● 2026-06-09 00:12:30

●A157.90.33.742026-06-09 → 2026-06-09 · 2 obs

○ 2026-03-31 02:29:52
● 2026-06-09 00:12:30

○A195.201.128.1792026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A2600:9000:a612:55d9:1b82:e963:5969:d2c72026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A2a01:4f8:1c1e:d6f1::12026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A2a01:4ff:1f0:dd50::12026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A2a01:4ff:f0:5f41::12026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A46.62.237.1382026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A5.161.230.872026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A5.161.47.862026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A5.78.156.592026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

○A76.223.91.202026-02-20 → 2026-03-18 · 4 obs

● 2026-02-20 01:30:14
● 2026-03-18 06:45:52
○ 2026-03-31 02:29:52
○ 2026-06-09 00:12:30

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
finance	v0n0.nic.finance, v0n1.nic.finance, v0n2.nic.finance, v0n3.nic.finance...	12 records
rootkit.finance	ns1.park-my-domain.net, ns2.park-my-domain.net	-

✅ Authoritative Response

Server:65.108.243.18

NS records: ns1.park-my-domain.net, ns2.park-my-domain.net

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for rootkit.finance (unsigned zone)

⏱️ Timing

Total: 1102ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`157.90.33.74, 157.90.33.73`
NS	2	`ns2.park-my-domain.net, ns1.park-my-domain.net`
SOA	1	`ns1.park-my-domain.net hostmaster.rootki`

📌 Glue Records Collected

Total: 12

In-bailiwick: 12 (v0n0.nic.finance, v0n0.nic.finance, v0n1.nic.finance...)

Analysis

IP Addresses

rootkit.finance points to two IP numbers: 157.90.33.73 and 157.90.33.74.

macedonia-young-(0x77686f7265)s-in-negotino.aijournal.top, k-zann.123rutor.su, b-cjw.123rutor.su plus two other host names have IP numbers in common with rootkit.finance.

Name Servers

rootkit.finance is delegated to two name servers: ns1.park-my-domain.net and ns2.park-my-domain.net.

The name server configuration of rootkit.finance is shared with other domains, for instance absolutesign.us, angelboot.com, sheam.mom and two others.

rootkit.finance shares at least some of its name servers with other domains, such as festup.es.

ns1.park-my-domain.net resolves to 46.224.16.22. ns2.park-my-domain.net resolves to 65.108.243.18. Both host names point to a single IP number.