Help RSS API Feed Maltego Contact                        

Domain > mail.com

This indicator is referenced in AlienVault OTX pulse ""

Is this malicious?
Most users have voted this as MALICIOUS

Reports
http://researchcenter.paloaltonetworks.com/2017/01...    

Files that talk to mail.com
MD5A/V
5e5f2ba73005a54ea71e591feff2b1d7[Artemis!5E5F2BA73005] [Trojan.Win32.Jorik.Cutwail.pgy]
4c6eb01b40395d4a8294f7393f0a5936[HW32.CDB.E642] [W32/Worm-AAEH.pq!4C6EB01B4039] [WS.Reputation.1] [Injector.GJTG] [Worm.Win32.VB.NG] [Win32.HLLW.Autoruner2.12544] [Worm/Vobfus.agcpv] [Mal/VB-ALW] [Worm:Win32/Vobfus.ZR] [PE:Malware.XPACK-HIE/Heur!1.9C48] [Worm.Win32.Vobfus] [Inject2.ABEP] [Trojan.Win32.Injector.BCCY] [Win32/Worm.221]
2a6e7154c7f62a8109dae1b6a6a204c3[SHeur4.BNRB] [TrojanDownloader*Win32/Cutwail.BS]
7b34d19bfbc7f1b735f825de01b281f8
970a7ea91d4845a5c13d26b6fa4664a0[HW32.CDB.95aa] [PWSZbot-FBOS!970A7EA91D48] [Trojan.Crypt.NKN] [TROJ_FORUCON.BMC] [Trojan.Win32.Inject.nnuq] [TR/Dropper.VB.7310] [Virus.Win32.Heur.p] [SHeur4.BWOZ]
abe19665682ad3e10ba09471775c150b[Malware.Packer.FFS] [Heuristic.LooksLike.Win32.Suspicious.E]
3fb83eaf2a665f71ac2065f5f6956d50[HW32.CDB.5da2] [Packed.Win32.Katusha.1!O] [Trojan.Win32.Hlux.cynagk] [Trojan.FakeAV] [Kryptik.CDQY] [Win32/Kelihos.GeEUUIB] [Backdoor.Win32.Hlux.dqkq] [Backdoor.Hlux!m6CCC6SKjdo] [Win32.Backdoor.Hlux.Lose] [Backdoor.Win32.Hlux.DUHE] [Trojan.Packed.26581] [Trojan[Backdoor]/Win32.Hlux] [Win32.Hack.Hlux.dq.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.aDM]
8e0c45d714cfb9ec425923a8167305d6
0f5f90b03b49b276d148f7e6be7c30f1[HW32.CDB.27e0] [Packed.Win32.Katusha.1!O] [Trojan.Win32.Hlux.cxxldj] [Trojan.FakeAV] [Kryptik.CCFN] [Win32/Kelihos.OWUMMQC] [Backdoor.Win32.Hlux.dqeh] [Backdoor.Hlux!9TTR+wn2IWc] [Backdoor.Win32.Hlux.DUHE] [BackDoor.Slym.12819] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32/Kryptik.CAXO] [Win32.Backdoor.Hlux.Hpn] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.ArxZ]
924be15014f785cb08ccda07be93344c[HW32.CDB.954a] [Trojan.Gatak.r3] [Spyware.Password] [TROJ_GATAK.SMZ] [UnclassifiedMalware] [Trojan.Inject1.39822] [Trojan:Win32/Gatak] [W32/Trojan.YPKT-3534] [Trojan.Win32.Dropper.Arz] [PE:Malware.XPACK-HIE/Heur!1.9C48] [Trojan.SuspectCRC] [W32/Kryptik.BWVS!tr] [Crypt3.CQE] [Win32/Trojan.e46]
27213d33434bf796a9f535ec98e8a918[HW32.CDB.03b6]
709622547c3e4b44144047282940995b[HW32.CDB.9120] [Packed.Win32.Katusha.1!O] [Backdoor.Hlux!iLXsQOxcJ2A] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dprt] [TrojWare.Win32.Kryptik.CAUP] [Trojan.Packed.26581] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32/Kryptik.CAXO] [Backdoor.Win32.Kelihos] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.AP]
d23e1b1c21087cfab86abe73c285956f[RDN/Spybot.bfr!l] [Trojan.Crypt.NKN] [Backdoor.Androm!s+mLSVBpBBw] [Backdoor.Win32.Androm.dqjv] [Trojan.PWS.Stealer.12751] [TR/Dropper.VB.13202] [Spyware/Win32.Zbot] [Virus.Win32.Heur.p] [Backdoor.Win32.Androm.at] [W32/Injector.BAEN!tr] [Trj/dtcontx.L]
7abb1e7e80e0f342f0452ae91375fce3
2263766e2732eb5e6eb78b5d35423883[Crypt2.BTUL] [TrojanDownloader*Win32/Cutwail.BS]
a307aebabac30c0aef35b4c9c4e9176b[Trojan.Downloader] [Virus] [Trojan.Win32.MLW.diqnd] [Suspicious.Cloud.5] [Mal/Palevo-B] [Trojan.Spambot.11951] [Trojan:Win32/Nedsym.G] [Trojan/Win32.Yakes] [Trojan.Yakes] [Trojan.Win32.Nedsym]
8889d486a91b3448e8b429ef99a536d0[HW32.CDB.1cb9] [Trojan.Win32.Kryptik.cwzoai] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dnla] [Backdoor.Hlux!yM05ScK42o0] [Trojan.Packed.26544] [Mal/FakeAV-UF] [Backdoor:Win32/Kelihos] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Backdoor.Win32.Kelihos] [W32/Hlux.DNLA!tr.bdr] [Crypt_s.GMK] [Trojan.Win32.Kryptik.CASL] [Win32/Trojan.337]
11769c481554f793ec20fe2b0189a751[HW32.CDB.B5f3] [Packed.Win32.Katusha.3!O] [Trojan.Win32.Hlux.cxorid] [WS.Reputation.1] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dsfl] [TrojWare.Win32.Kryptik.CBCJ] [VirTool:Win32/Obfuscator.WT] [Trojan/Win32.MalPacked] [Heur.Trojan.Hlux] [Trojan.Crypt] [W32/Kryptik.BD!tr] [Crypt_s.GNC] [Trojan.Win32.Kryptik.bCBLX]
17c3b162c4f71c7aef83c9e7644b6752
2855d896ffb37c2fd165ff7e54b55220[HW32.CDB.89ca] [Trojan.Win32.Tepfer.cxaqha] [Kryptik.CCFN] [Trojan-PSW.Win32.Tepfer.twka] [Trojan.PWS.Tepfer!4r2LvpOQWF0] [BackDoor.Slym.13348] [Mal/FakeAV-UF] [Trojan[PSW]/Win32.Tepfer] [Backdoor:Win32/Kelihos] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [W32/Hlux.BWUN!tr.bdr] [Trojan.Win32.Kryptik.CASL] [Win32/Trojan.337]

Whois
PropertyValue
Email hostmaster@schlund.de
NameServer NS-GMX.UI-DNS.COM
Created 1997-03-24 00:00:00
Changed 2014-04-16 00:00:00
Expires 2016-03-25 00:00:00
Registrar PSI-USA, INC. DBA DO

DNS Resolutions
DateIP Address
2013-01-3174.208.122.50 (ClassC)
2013-06-19213.165.66.221 (ClassC)
2013-10-15213.165.66.221 (ClassC)
2014-06-2474.208.240.131 (ClassC)
2014-06-2474.208.240.235 (ClassC)
2014-06-24217.160.153.70 (ClassC)
2014-06-2474.208.122.51 (ClassC)
2014-06-24217.72.200.228 (ClassC)
2014-07-1382.165.229.45 (ClassC)
2014-09-1574.208.122.31 (ClassC)
2014-12-1174.208.122.31 (ClassC)
2015-02-0874.208.191.194 (ClassC)
2019-11-0374.208.232.28 (ClassC)
2021-10-1574.208.5.20 (ClassC)
2025-08-2582.165.229.87 (ClassC)

Port 80

Port 443

Subdomains
DateDomainIP
mx00.mail.com2025-08-2274.208.5.20
i0.mail.com2014-05-11165.254.155.64
sec-i0.mail.com2025-07-1982.165.229.152
mx01.mail.com2025-08-0674.208.5.22
i1.mail.com2013-12-17165.254.155.59
smtp1.mail.com2025-08-0274.208.5.15
i2.mail.com2014-02-05165.254.206.98
hsp2.mail.com2025-08-1974.208.232.205
3c-lxa.mail.com2025-08-1274.208.232.36
3c-pre-lxa.mail.com2025-08-2174.208.232.66
navigator-pre-lxa.mail.com2025-08-2074.208.232.199
addressbook.navigator-pre-lxa.mail.com2025-08-2074.208.232.199
trackbar.navigator-pre-lxa.mail.com2025-08-0374.208.232.199
navigator-lxa.mail.com2025-08-2374.208.232.199
oauthbridge.navigator-lxa.mail.com2025-08-1974.208.232.199
lps.navigator-lxa.mail.com2025-08-2074.208.232.199
cats.navigator-lxa.mail.com2023-08-1674.208.232.209
epimetheus.navigator-lxa.mail.com2025-08-2074.208.232.199
generic.mail.com2025-07-0482.165.229.12
download.mail.com2015-02-06205.185.206.155
mout-xforward.mail.com2025-07-2082.165.159.131
service.mail.com2025-08-0182.165.229.87
mout-bounce.mail.com2025-06-1374.208.4.220
calendar-pre.mail.com2025-08-2274.208.232.200
search.mail.com2025-08-2274.208.232.198
smadi.mail.com2024-05-2474.208.232.192
mailcheck.mail.com2025-08-25217.160.153.92
dl.mail.com2023-08-2523.55.184.171
web-mail.mail.com2025-08-0974.208.5.15
m.mail.com2025-04-2082.165.229.152
traco.mail.com2025-08-2074.208.232.192
go.mail.com2025-06-2882.165.229.152
plus-bap.mail.com2025-08-24195.20.251.58
imap.mail.com2025-08-2074.208.5.13
help.mail.com2025-06-1082.165.229.87
shop.mail.com2025-08-20217.160.153.92
pop.mail.com2014-08-0274.208.5.28
hsp.mail.com2025-06-1274.208.232.205
smtp.mail.com2014-06-2074.208.5.31
calendar.mail.com2022-11-0774.208.232.204
lightmailer.mail.com2025-08-2374.208.232.199
plus-bs.mail.com2025-08-06195.20.250.115
games.mail.com2025-08-20217.160.153.92
permissions.mail.com2024-07-02217.72.199.35
mta-sts.mail.com2025-06-24213.165.67.101
storage-us.mail.com2025-08-2074.208.232.47
storage-file-us.mail.com2025-08-2374.208.240.242
storage-pre-us.mail.com2025-08-0674.208.232.42
plus.mail.com2025-07-03195.20.250.115
absys.mail.com2023-09-1682.165.229.16
myaccount.mail.com2025-08-11217.160.153.92
mout.mail.com2025-08-0674.208.4.201
storage-pre-eu.mail.com2025-08-23195.20.251.132
v.mail.com2014-03-19165.254.207.80
carddav.mail.com2025-08-2074.208.232.199
caldav.mail.com2025-08-1174.208.232.200
tgw.mail.com2025-03-2074.208.232.203
www.mail.com2013-10-1974.208.122.31
partnerproxy.mail.com2024-08-0882.165.229.44
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information