The domain music.mixxen.com is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Wednesday, October 30, 2013
Expires date:
Sunday, October 30, 2016
Updated date:
Saturday, October 31, 2015
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Scanner detections:
Detections (86% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.SurfIslandSolutions.F, PUP.TomorrowTechnology.Installer (M), PUP.Injekt.SurfIslandSolutions.Installer (M), PUP.Tomorrow.Installer (M), PUP.Injekt.SurfIsla.Installer (M)
66.67%
Malwarebytes
PUP.Optional.Mixxen.A
41.67%
Avira AntiVirus
ADWARE/Adware.Gen7
41.67%
Baidu Antivirus
Adware.MSIL.PullUpdate
33.33%
McAfee
Artemis!8F7890813D6A, Artemis!051AF2A65D0D, Artemis!0C6EFA206F55, Artemis!87284B88ED7F
33.33%
Trend Micro House Call
Suspicious_GEN.F47V0110, Suspicious_GEN.F47V0223, Suspicious_GEN.F47V1227, Suspici.8C7FCC2E
33.33%
Sophos
Generic PUA EB, Generic PUA MO, Generic PUA DD, Generic PUA PN
33.33%
ESET NOD32
MSIL/Adware.PullUpdate.J.gen (variant)
33.33%
Comodo Security
ApplicUnwnt
25.00%
Fortinet FortiGate
Adware/PullUpdate
25.00%
VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
16.67%
Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen
16.67%
ESET NOD32
MSIL/Adware.PullUpdate.J.gen application
8.33%
Bkav FE
W32.HfsAdware
8.33%
The domain music.mixxen.com has been seen to resolve to the following 21 IP addresses.
ec2-52-7-45-81.compute-1.amazonaws.com
August 29, 2016
ec2-52-87-56-87.compute-1.amazonaws.com
August 29, 2016
ec2-54-236-134-75.compute-1.amazonaws.com
July 2, 2016
ec2-52-7-246-134.compute-1.amazonaws.com
July 2, 2016
ec2-52-20-159-100.compute-1.amazonaws.com
May 24, 2016
ec2-52-72-172-53.compute-1.amazonaws.com
May 24, 2016
ec2-54-175-216-195.compute-1.amazonaws.com
May 21, 2016
ec2-50-16-180-207.compute-1.amazonaws.com
May 21, 2016
ec2-54-165-38-34.compute-1.amazonaws.com
April 11, 2016
ec2-52-73-184-248.compute-1.amazonaws.com
April 11, 2016
ec2-54-172-241-241.compute-1.amazonaws.com
April 11, 2016
ec2-54-174-22-20.compute-1.amazonaws.com
March 3, 2016
ec2-54-173-236-142.compute-1.amazonaws.com
March 3, 2016
ec2-52-20-138-250.compute-1.amazonaws.com
November 18, 2015
ec2-52-4-83-49.compute-1.amazonaws.com
November 18, 2015
ec2-54-175-25-36.compute-1.amazonaws.com
November 12, 2015
ec2-107-21-39-76.compute-1.amazonaws.com
November 12, 2015
ec2-54-243-105-232.compute-1.amazonaws.com
October 7, 2015
ec2-50-19-80-20.compute-1.amazonaws.com
October 7, 2015
ec2-107-22-226-162.compute-1.amazonaws.com
May 4, 2015
ec2-54-243-84-245.compute-1.amazonaws.com
May 4, 2015
File downloads found at URLs served by music.mixxen.com.
The following 4 files have been seen to comunicate with music.mixxen.com in live environments.
URL:
http://music.mixxen.com/
Google Analytics:
UA-56454417
Title:
“Free Pop, Rap, Rock, Hip Hop Music & More - Mixxen Internet Radio”
Description:
“Instantly Listen to Any Pop, Rap or Hip Hop Artist or Song, Less Ads and 100% Free!”
Network:
Amazon Web Services (AWS), running an EC2 instance
SSL certificate subject:
CN=music.mixxen.com, OU=Domain Control Validated by OneClickSSL, C=US
SSL certificate issuer:
CN=AlphaSSL CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE
Web server:
Page Server II 2.1.57 a0d9af7 (Page Server II 2.1.72 a66ede1) (Page Server II 2.1.78 98d7ebd)
Statistics are for the previous month.