malware.guide - dns.ninja

`malware.guide`

DNSSEC	⚠️ Not signed
A	2606:4700:3032::6815:2bfc^{🇺🇸 Cloudflare2606:4700:3032::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	2606:4700:3033::ac43:c045^{🇺🇸 Cloudflare2606:4700:3033::/48 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	104.21.43.252^{Cloudflare104.21.32.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
A	172.67.192.69^{🇺🇸 Cloudflare172.67.192.0/20 , Inc. 101 Townsend Street, San Francisco, California 94107, US} ✓ In HTTPS hints
NS	`brad.ns.cloudflare.com` ⭐
		A	2606:4700:58::adf5:3b69^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`brad.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c169^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`brad.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:2169^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`brad.ns.cloudflare.com`
		A	108.162.193.105^{🇺🇸 Cloudflare108.162.193.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`brad.ns.cloudflare.com`
		A	172.64.33.105^{🇺🇸 Cloudflare172.64.33.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`brad.ns.cloudflare.com`
		A	173.245.59.105^{🇺🇸 Cloudflare173.245.59.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`brad.ns.cloudflare.com`
NS	`kay.ns.cloudflare.com`
		A	2606:4700:50::adf5:3a7d^{🇺🇸 Cloudflare2606:4700:50::/44 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kay.ns.cloudflare.com`
		A	2803:f800:50::6ca2:c07d^{🇨🇷 Cloudflare2803:f800:50::/45 LACNIC generated route6 for CloudFlare Latin America S.R.L}
			PTR	`kay.ns.cloudflare.com`
		A	2a06:98c1:50::ac40:207d^{🇺🇸 Cloudflare2a06:98c1:50::/45}
			PTR	`kay.ns.cloudflare.com`
		A	108.162.192.125^{🇺🇸 Cloudflare108.162.192.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kay.ns.cloudflare.com`
		A	172.64.32.125^{🇺🇸 Cloudflare172.64.32.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kay.ns.cloudflare.com`
		A	173.245.58.125^{🇺🇸 Cloudflare173.245.58.0/24 , Inc. 101 Townsend Street, San Francisco, California 94107, US}
			PTR	`kay.ns.cloudflare.com`
TXT	`google-site-verification=QT17bmAIF-sweQn89HL-zE7MCxM7ZRsMic6oAvrpCp4`
HTTPS	HTTP/3, HTTP/2 ✓ hints match
		IPv4 hints	104.21.43.252, 172.67.192.69
		IPv6 hints	2606:4700:3032::6815:2bfc, 2606:4700:3033::ac43:c045
		ECH	X25519, HKDF-SHA256 + AES-128-GCM draft, id=222, name=cloudflare-ech.com
SOA	`brad.ns.cloudflare.com`dns@cloudflare.com serial=2406278308

`guide`

	DNSSEC	🔒 Signed (DS record present)
	NS	`v0n0.nic.guide` ⭐
	NS	`v0n1.nic.guide`
	NS	`v0n2.nic.guide`
	NS	`v0n3.nic.guide`
	NS	`v2n0.nic.guide`
	NS	`v2n1.nic.guide`
	SOA	`v0n0.nic.guide`hostmaster@donuts.email serial=1781957787

Same first word

malware.email

malware.ru

malware.guru

malware.tv

malware.fr

malware.ro

malware.nu

malware.lu

malware.community

malware.org

malware.re

malware.me

malware.boutique

malware.watch

malware.no

malware.cz

malware.careers

malware.forum

malware.report

malware.es

malware.at

malware.exposed

malware.hosting

malware.com

malware.solutions

malware.business

malware.services

malware.eu

malware.guide

malware.net

malware.pl

malware.fox

malware.be

malware.(0x706f726e)

malware.exchange

malware.today

malware.cn

malware.cc

malware.biz

malware.center

malware.se

malware.farm

malware.sx

malware.wtf

malware.cl

malware.directory

malware.su

malware.expert

malware.builders

malware.win

malware.mobi

malware.onl

malware.com.br

malware.zip

malware.ai

malware.xyz

Similar names

meralaw.com

walmare.com

marwael.fr

malwear.wtf

amlware.com

elmarwa.com

malwear.com

amrelaw.com

rawmale.com

lawream.com

mawlare.net

wealarm.com

malwear.co

malwear.org

realawm.com

amerlaw.com

reamlaw.net

reamlaw.com

DNS History

10 records (6 active, 4 former)

●NSbrad.ns.cloudflare.com2026-04-30 → 2026-06-20 · 3 obs

○ 2026-03-27 09:36:50
● 2026-04-30 23:51:58
● 2026-06-20 12:57:50

●NSkay.ns.cloudflare.com2026-04-30 → 2026-06-20 · 3 obs

○ 2026-03-27 09:36:50
● 2026-04-30 23:51:58
● 2026-06-20 12:57:50

○NSns1.digitalocean.com2026-03-20 → 2026-03-27 · 4 obs

● 2026-03-20 16:53:34
● 2026-03-27 09:36:50
○ 2026-04-30 23:51:58
○ 2026-06-20 12:57:50

○NSns2.digitalocean.com2026-03-20 → 2026-03-27 · 4 obs

● 2026-03-20 16:53:34
● 2026-03-27 09:36:50
○ 2026-04-30 23:51:58
○ 2026-06-20 12:57:50

○NSns3.digitalocean.com2026-03-20 → 2026-03-27 · 4 obs

● 2026-03-20 16:53:34
● 2026-03-27 09:36:50
○ 2026-04-30 23:51:58
○ 2026-06-20 12:57:50

●A104.21.43.2522026-04-30 → 2026-06-20 · 3 obs

○ 2026-03-27 09:36:50
● 2026-04-30 23:51:58
● 2026-06-20 12:57:50

○A143.110.147.1092026-03-20 → 2026-03-27 · 4 obs

● 2026-03-20 16:53:34
● 2026-03-27 09:36:50
○ 2026-04-30 23:51:58
○ 2026-06-20 12:57:50

●A172.67.192.692026-04-30 → 2026-06-20 · 3 obs

○ 2026-03-27 09:36:50
● 2026-04-30 23:51:58
● 2026-06-20 12:57:50

●A2606:4700:3032::6815:2bfc2026-04-30 → 2026-06-20 · 3 obs

○ 2026-03-27 09:36:50
● 2026-04-30 23:51:58
● 2026-06-20 12:57:50

●A2606:4700:3033::ac43:c0452026-04-30 → 2026-06-20 · 3 obs

○ 2026-03-27 09:36:50
● 2026-04-30 23:51:58
● 2026-06-20 12:57:50

🔍 DNS Trace

📋 Delegation Chain

Zone	Nameservers	Glue
guide	v0n0.nic.guide, v0n1.nic.guide, v0n2.nic.guide, v0n3.nic.guide...	12 records
malware.guide	kay.ns.cloudflare.com, brad.ns.cloudflare.com	-

✅ Authoritative Response

Server:172.64.32.125

NS records: kay.ns.cloudflare.com, brad.ns.cloudflare.com

🔒 DNSSEC Status

⚠️ Insecure (no DNSSEC)

No DS record for malware.guide (unsigned zone)

⏱️ Timing

Total: 244ms | Queries: -

📄 Records

Type	Count	Sample Data
A	2	`104.21.43.252, 172.67.192.69`
AAAA	2	`2606:4700:3033::ac43:c045, 2606:4700:3032::6815:2bfc`
NS	2	`brad.ns.cloudflare.com, kay.ns.cloudflare.com`
TXT	1	`google-site-verification=QT17bmAIF-sweQn`
HTTPS	1	`{"priority":1,"target":".","alpn":["h3",`
SOA	1	`brad.ns.cloudflare.com dns.cloudflare.co`

📌 Glue Records Collected

Total: 12

In-bailiwick: 12 (v0n0.nic.guide, v0n0.nic.guide, v0n1.nic.guide...)

Analysis

IP Addresses

malware.guide points to the four IP addresses 104.21.43.252, 172.67.192.69, 2606:4700:3032::6815:2bfc and 2606:4700:3033::ac43:c045.

blog.synthetic-turf.ca, bootietech.digital, www.fusp.org plus two other host names have IP numbers in common with malware.guide.

Name Servers

The NS records for malware.guide delegate to brad.ns.cloudflare.com and kay.ns.cloudflare.com.

The name server configuration of malware.guide is shared with other domains, for instance virsec.org, fusetv.co.uk, keralawebdesigncompany.co.in and two others.

There is at least partial name server overlap between malware.guide and other domains — super-lotto.com, vitrotek.com.tr, saltworld.net and two more among them.

These name servers frequently co-occur with the name servers trevor.ns.cloudflare.com and emma.ns.cloudflare.com.

Hosts with 6 IP addresses each:

brad.ns.cloudflare.com maps to 108.162.193.105, 172.64.33.105, 173.245.59.105 and 3 additional IP addresses.

kay.ns.cloudflare.com maps to 108.162.192.125, 172.64.32.125, 173.245.58.125 and 3 additional IP addresses.