Domain > down0.xz19.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to down0.xz19.com

MD5	A/V
85b5fc9351f4119fe7e138e0fe4977d8	[Win32/ASuspect.HHEOH] [Dropper.Win32.Undef.zf] [TR/Drop.Mudrop.asj.9] [Trojan.00000000000000000.mg] [Win32/TrojanDropper.Delf.NVY] [Dhupad.CEL] [W32/Mudrop.ASJ!tr] [TrojanDownloader*Win32/Peevet.A] [Backdoor.Win32.PcClient] [Trojan-Dropper.Win32.Mudrop.asj] [Mal_MLWR-24] [Troj/Drop-DV] [TrojanDropper.Mudrop] [Dropper.Win32.Mudrop.asj] [BC.Heuristic.Trojan.SusPacked.BF-6.A] [Trojan.StartPage.27322]

Whois

Property	Value
Email	privacy@dynadot.com
NameServer	4.DNPKDNS.COM
Created	2011-03-29 00:00:00
Changed	2015-03-30 00:00:00
Expires	2016-03-29 00:00:00
Registrar	DYNADOT, LLC

DNS Resolutions

Date	IP Address
2024-01-29	34.205.242.146 (ClassC)
2024-02-21	52.71.57.184 (ClassC)
2024-03-17	54.209.32.212 (ClassC)
2024-04-07	3.140.13.188 (ClassC)
2024-05-12	3.94.41.167 (ClassC)
2024-05-25	18.119.154.66 (ClassC)
2024-07-03	52.86.6.113 (ClassC)
2024-07-10	54.161.222.85 (ClassC)
2024-07-24	3.88.97.237 (ClassC)
2024-08-31	199.193.125.58 (ClassC)
2026-02-08	8.140.26.145 (ClassC)

Subdomains

Date	Domain	IP
3146750.xz19.com	2024-08-23	199.193.125.58
5191580.xz19.com	2024-07-08	52.86.6.113
down0.xz19.com	2024-01-29	34.205.242.146
dw7658001.xz19.com	2025-12-15	8.140.26.145
4324881.xz19.com	2026-01-19	8.140.26.145
dw7193981.xz19.com	2025-11-25	8.140.26.145
3649832.xz19.com	2024-01-11	3.130.204.160
down19882.xz19.com	2025-09-11	8.140.26.145
8760153.xz19.com	2023-12-17	3.130.204.160
1351553.xz19.com	2023-12-17	3.130.204.160
1588217.xz19.com	2025-09-13	8.140.26.145
zg3rz37.xz19.com	2025-09-09	8.140.26.145
2460257.xz19.com	2025-11-26	8.140.26.145
4927298.xz19.com	2024-08-22	199.193.125.58
syacf.xz19.com	2025-09-09	8.140.26.145
bcfhi.xz19.com	2026-01-20	8.140.26.145
downhlccqcw.xz19.com	2014-10-11	98.126.14.74

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]