Domain > mixedwork.com

This indicator is referenced in AlienVault OTX pulse ""

Reports

http://www.trendmicro.com/cloud-content/us/pdfs/se...

https://otx.alienvault.com/pulse/54e7606d13432a133...

https://securelist.com/files/2015/02/The-Desert-Fa...

Files that talk to mixedwork.com

MD5	A/V
0aee50dff0a4c22da5ff3decdb261897
59482460da44c3d7192970e705688162	[Downloader-FAMB!59482460DA44] [Trojan.Dropper.SFXAI] [Malware] [BehavesLike.Win32.BadFile.dc] [Win32.Troj.Stabs.eb.(kcloud)] [Trj/Chgt.L] [PE:Malware.FakeXLS@CV!1.9C3D]
987244d374a033872d1f9764de55d45f	[Trojan.Dropper.SFXAI] [Malware]
72ef4096acd0b9274d5d6f2d981eb724	[Malware]
1691aca2b2209ddb76d5107da92861e7	[Trojan.Dropper.SFXAI] [Malware] [PE:Malware.FakeXLS@CV!1.9C3D] [Win32.Troj.Stabs.eb.(kcloud)]

Whois

Property	Value
Email	support@nepras.com
NameServer	NS2.MIXEDWORK.COM
Created	2014-02-18 00:00:00
Changed	2015-02-12 00:00:00
Expires	2016-02-18 00:00:00
Registrar	GODADDY.COM, LLC

DNS Resolutions

Date	IP Address
2014-11-20	188.40.81.136 (ClassC)
2016-03-03	50.63.202.52 (ClassC)
2018-11-14	184.168.221.104 (ClassC)
2019-05-30	199.184.144.27 (ClassC)
2019-12-15	69.172.201.153 (ClassC)
2020-05-09	88.214.207.96 (ClassC)
2020-06-11	45.88.202.115 (ClassC)
2020-07-22	34.206.12.234 (ClassC)
2020-07-22	54.208.77.124 (ClassC)
2020-07-22	35.169.58.188 (ClassC)
2021-01-26	52.58.78.16 (ClassC)
2024-09-13	3.64.163.50 (ClassC)
2024-11-03	99.83.138.213 (ClassC)
2024-11-07	13.248.252.114 (ClassC)
2025-05-23	76.223.54.146 (ClassC)
2025-05-29	13.248.169.48 (ClassC)

HTTP/1.1 463 Date: Wed, 15 May 2019 08:26:32 GMTContent-Type: text/htmlContent-Length: 8849Connection: keep-aliveKeep-Alive: timeout20ETag: 59ee6153-2291X-DIS-Request-ID: c4c87a910ddfcdfec89d7ca1ffb92

!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>html xmlnshttp://www.w3.org/1999/xhtml>head>meta http-equivContent-Type contenttext/html; charsetutf-8 />title>463 Restricted Client - DOSarrest Internet Security/title>link href/DOAError/assets/css/core.css relstylesheet typetext/css />link relshortcut icon href/DOAError/assets/images/favicon.ico />link relapple-touch-icon href/DOAError/assets/images/icon-protection.png />script>function id_process(n){for(var tn+,rdocument.cookie.split(;),e0;er.length;e++){for(var gre; g.charAt(0);)gg.substring(1,g.length);if(0g.indexOf(t))return g.substring(t.length,g.length)}return null};/script>/head>body onloadmyFunction(), myFunction2(), myFunction3()>div idapDiv1>  table width100% border0 cellspacing0 cellpadding0 bgcolor#444444>    tr>      td colspan3 bg background/DOAError/assets/images/bottom_separator.png>img src/DOAError/assets/images/bottom_separator.png width5 height9 />/td>    /tr>    tr>      td width18>img src/DOAError/assets/images/bottom_trans_spacer.png alt width18 height18 />/td>      td>img src/DOAError/assets/images/bottom_trans_spacer.png alt width18 height18 />/td>      td width18>img src/DOAError/assets/images/bottom_trans_spacer.png alt width18 height18 />/td>    /tr>    tr>      td width18>img src/DOAError/assets/images/bottom_trans_spacer.png width18 height55 />/td>      td width148 alignleft valigntop>table width960 border0 aligncenter cellpadding0 cellspacing0>        tr>          td alignleft valigntop classbottomtext>DOSarrest Internet Security is a cloud based fully managed DDoS protection service.  This request has been blocked by DOSarrest due to the above violation.  If you believe you are getting blocked in error please contact the administrator of span idhost>/span>script>function myFunction() {    var x  location.host;    document.getElementById(host).innerHTML  x;}/script>            /span> to resolve this issue./td>          td width18>img src/DOAError/assets/images/bottom_

Subdomains

Date	Domain	IP
NS2.MIXEDWORK.COM	2019-06-01	199.184.144.27

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]