Domain > mail3.baxter.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to mail3.baxter.com

MD5	A/V
18e659efd6bd23972f0a9a6a9ecae920	[HW32.CDB.9c4f] [Trojan.Win32.Kryptik.cxapgj] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dmyv] [Backdoor.Hlux!x5Q6ZTEiRSs] [BackDoor.Slym.13348] [Mal/FakeAV-UF] [Trojan[Backdoor]/Win32.Hlux] [VirTool:Win32/Obfuscator.WT] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Win32.SuspectCrc] [W32/Kryptik.BWUN!tr] [Crypt3.LQN] [Trojan.Win32.Kryptik.CASL] [Win32/Trojan.337]
1623be5a046aa215162665c5067332e0	[HW32.CDB.Db63] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [Trojan-PSW.Win32.Tepfer.tybm] [Trojan.PWS.Tepfer!sA6n+JUlMF8] [UnclassifiedMalware] [Trojan.Packed.26581] [Backdoor:Win32/Kelihos.F] [W32/Trojan.YSDP-3009] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BWUN!tr] [Crypt_s.GNC] [Trojan.Win32.InfoStealer.aRBP]
3ff79e59f23983931c7f8b78ff705df1	[HW32.CDB.6c99] [Kryptik.CCFN] [Win32/Kelihos.SeNdHLB] [Backdoor.Win32.Hlux.dlkp] [Backdoor.Hlux!oUNizOsy5vo] [TrojWare.Win32.Kryptik.CASU] [Trojan.Packed.26544] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Backdoor.Win32.Hlux.At] [Trojan-Downloader.Win32.Waledac] [W32/Hlux.AGWI!tr] [Win32/Trojan.337]
86122dbf79ec3a983d9ecb120470a00f	[Artemis!86122DBF79EC] [Trojan.Win32.Yakes.fhyw] [TR/Changeling.A.3509] [Win32.Trojan.Yakes.Dyfy] [Trojan.Win32.Spammer] [Win32/Cryptor] [Trojan.Win32.Spammer.bAC] [Win32/Trojan.Multi.daf]
aa8bce86b54809bdebb6b9180fd28faa	[HW32.CDB.9ff1] [Backdoor.Kelihos] [Malware.Packer.OCD] [Trojan.PWS.Tepfer!tVAsqipwB5g] [Kryptik.CCFN] [Win32/Kelihos.UKQTbT] [Trojan-PSW.Win32.Tepfer.tokc] [Trojan.Win32.Kryptik.cvttkj] [Trojan.Win32.A.PSW-Tepfer.845328.DE] [Mal/Kelihos-A] [UnclassifiedMalware] [BackDoor.Slym.13304] [TR/Crypt.EPACK.53971] [Trojan[PSW]/Win32.Tepfer] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/FakeAv.BWUN!tr] [Crypt_s.GCT] [Trojan.Win32.InfoStealer.aNw] [Win32/Trojan.967]

Whois

Property	Value
Name	Domain Admin
Organization	Baxter Healthcare Corporation
Email	hostmaster@baxter.com
Address	One Baxter Parkway
Zip Code	60015
City	Deerfield
State	IL
Country	US
Phone	+1.2249482000
Fax	+1.2249481813
NameServer	ne1.baxter.com
Created	1992-01-23 05:00:00
Changed	2015-01-20 06:41:29
Expires	2016-01-24 00:00:00
Registrar	CSC CORPORATE DOMAIN

DNS Resolutions

Date	IP Address
2014-05-29	198.89.159.242 (ClassC)
2025-12-16	198.89.201.241 (ClassC)

Subdomains

Date	Domain	IP
ne1.baxter.com	2025-09-06	198.89.201.240
ne3.baxter.com	2025-08-28	173.245.58.105
mail3.baxter.com	2014-05-29	198.89.159.242
mail4.baxter.com	2014-06-18	198.89.211.242
guest-wireless-emea.baxter.com	2025-10-02	1.1.1.1
emeaanesthesia.baxter.com	2025-12-11	172.64.148.147
c3401011vce001.ucc.baxter.com	2025-06-28	8.33.141.36
c3401051vce001.ucc.baxter.com	2025-09-22	113.29.106.144
c3401012vce001.ucc.baxter.com	2025-09-13	8.33.141.36
c3401032vce001.ucc.baxter.com	2025-07-19	194.88.78.25
c3401021vce002.ucc.baxter.com	2025-12-08	4.7.203.36
c3401022vce002.ucc.baxter.com	2025-09-09	4.7.203.36
c3401042vce002.ucc.baxter.com	2025-06-26	213.244.157.25
c3401062vce002.ucc.baxter.com	2025-05-13	8.244.130.144
c3401011vce003.ucc.baxter.com	2025-12-08	8.33.141.37
c3401051vce003.ucc.baxter.com	2025-11-27	113.29.106.145
c3401012vce003.ucc.baxter.com	2025-09-16	8.33.141.37
c3401032vce003.ucc.baxter.com	2025-09-12	194.88.78.26
c3401021vce004.ucc.baxter.com	2025-09-13	4.7.203.37
c3401022vce004.ucc.baxter.com	2025-09-21	4.7.203.37
c3401042vce004.ucc.baxter.com	2025-08-04	213.244.157.26
c3401062vce004.ucc.baxter.com	2025-07-15	8.244.130.145
c3401011vce005.ucc.baxter.com	2025-09-09	8.33.141.38
c3401012vce005.ucc.baxter.com	2025-09-10	8.33.141.38
c3401032vce005.ucc.baxter.com	2025-07-02	194.88.78.27
c3401021vce006.ucc.baxter.com	2025-08-19	4.7.203.38
c3401022vce006.ucc.baxter.com	2025-05-17	4.7.203.38
c3401042vce006.ucc.baxter.com	2025-08-19	213.244.157.27
c3401vcecluster.ucc.baxter.com	2025-03-26	8.33.141.37
service.baxter.com	2025-08-19	104.18.21.10
uno-sbox1.truevue.baxter.com	2024-05-08	104.18.41.148
api.truevue.baxter.com	2025-10-11	104.18.26.245
qa-eu.api.baxter.com	2024-05-05	172.64.149.212
outlook.baxter.com	2023-08-26	40.103.49.22
mail.baxter.com	2023-08-26	40.103.49.38
c2s-nil.baxter.com	2025-11-27	198.89.158.207
dev-2.bhp.baxter.com	2025-08-07	104.18.9.168
dev-3.bhp.baxter.com	2025-07-01	104.18.9.168
dev.doseiq.baxter.com	2025-08-22	104.18.10.168
autodiscover.baxter.com	2023-08-26	40.103.48.198
investor.baxter.com	2014-12-20	165.254.206.89
jobs.baxter.com	2021-01-25	104.18.236.225
emeaacutetherapies.baxter.com	2025-11-26	172.64.154.163
voalte-insight.baxter.com	2023-08-26	104.18.43.142
tradeconnect-dev.baxter.com	2025-09-01	46.137.230.232
qae.hcw.baxter.com	2024-06-03	18.197.208.152
www.baxter.com	2025-05-16	172.64.151.170

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]