Help RSS API Feed Maltego Contact                        

Domain > mail3.cit.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to mail3.cit.com
MD5A/V
e21b3469b4fc1efddf76d8c89f1ebb2a[Malware.Packer.HGX1] [Heuristic.LooksLike.Win32.Suspicious.E] [W32/Kryptik.AXUE!tr]
5ea646ffdc1e9bc7759fdfc926de7660[PWS-FASY!5EA646FFDC1E] [Malware.Packer.EGX7] [Password-Stealer] [Trojan] [Hlux.XD] [Trojan-PSW.Win32.Tepfer.ijnk] [BackDoor.Slym.1498] [TR/Rogue.14575.23] [Heuristic.BehavesLike.Win32.Suspicious-BAY.G] [Troj/Tepfer-Q] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Foreign] [HeurEngine.MaliciousPacker] [Win32/Kelihos.F] [Trojan-PWS.Win32.Tepfer] [W32/Kryptik.X!tr] [Trj/Tepfer.B]
0b3871cee57208c860538b215d68b031[HW32.CDB.E7e9] [Packed.Win32.Katusha.3!O] [Win32.Malware!Drop] [WS.Reputation.1] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dtkk] [UnclassifiedMalware] [BackDoor.Slym.13011] [Trojan[Backdoor]/Win32.Hlux] [Trojan:Win32/Sisron] [Heur.Trojan.Hlux] [Win32/Kryptik.CBNK] [Trojan.Crypt3] [W32/Kryptik.BD!tr] [Crypt3.OIU] [Backdoor.Win32.Hlux.am]
9844a1b8a10ed4568240ae7a528bef5d[HW32.CDB.Bf28] [Backdoor.Kelihos] [Malware.Packer.OCD] [Trojan.PWS.Tepfer!vHSA+Pr89Pk] [Kryptik.CCFN] [Win32/Kelihos.baJHSHD] [Trojan-PSW.Win32.Tepfer.tokd] [Trojan.Win32.Kryptik.cvtteo] [UnclassifiedMalware] [BackDoor.Slym.13304] [TR/Crypt.EPACK.53967] [Mal/Kelihos-A] [Backdoor:Win32/Kelihos] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/FakeAv.BWUN!tr] [Crypt_s.GCT] [Trojan.Win32.InfoStealer.AZ] [Win32/Trojan.65e]
2625ca957f30c6fb439d6fb819b96e96[HW32.CDB.0b76] [Packed.Win32.Katusha.3!O] [WS.Reputation.1] [Kryptik.CDQY] [Trojan.Win32.S.PSW-Tepfer.829456.AK] [UnclassifiedMalware] [Trojan.Packed.26581] [Win32.Malware!Drop] [Win32.Troj.Undef.(kcloud)] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.ZDOX-3335] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Kryptik.BD!tr] [Crypt_s.GNC]
d6a71b4d3098eab4dddab30fddbaef35[FakeSecTool-FCX!D6A71B4D3098] [Malware.Packer.FFS] [BackDoor.SlymENT.2075] [Heuristic.LooksLike.Win32.Suspicious.E] [PE:Malware.XPACK/RDM!5.1]

Whois
PropertyValue
Email digital@cit.com
NameServer CITONLINEDNS2.CITONLINE.COM
Created 1994-08-19 00:00:00
Changed 2013-09-13 00:00:00
Expires 2015-08-18 00:00:00
Registrar MARKMONITOR INC.

DNS Resolutions
DateIP Address
2025-07-30206.212.89.138 (ClassC)

Subdomains
DateDomainIP
mail2.cit.com2014-07-05206.212.89.200
mail3.cit.com2025-07-30206.212.89.138
ns3.cit.com2025-07-21193.108.91.8
ns4.cit.com2025-07-2884.53.139.65
ns5.cit.com2025-07-212.22.230.66
ns6.cit.com2025-07-2123.211.132.67
ns7.cit.com2025-07-2195.101.36.64
ns8.cit.com2025-07-2123.211.61.65
prod.cit.com2024-09-1023.44.175.141
cabsso.service.cit.com2024-11-2523.67.33.44
selfservice.cit.com2024-08-1823.46.17.33
api-selfservice.cit.com2024-02-1123.50.233.101
consumermortgage.cit.com2024-09-183.163.24.35
cabauthentication.cit.com2024-11-2523.192.230.83
idp01p.cit.com2024-10-03104.98.114.161
citbankapp.cit.com2025-03-1523.46.228.174
api-citbankapp.cit.com2024-06-1623.44.175.141
content.citbankapp.cit.com2025-07-17192.225.159.75
uat-loanviewer.cit.com2024-08-1523.46.17.13
docs.cit.com2024-11-2523.67.33.44
cms-images.cit.com2022-02-23108.156.120.119
cis.cit.com2024-11-2423.46.17.57
uat1-cis.cit.com2024-10-1223.46.17.17
imageexceptions.cit.com2024-11-2523.192.230.83
access.cit.com2024-11-2523.46.17.52
uat3.access.cit.com2024-10-0823.46.17.17
uat4.access.cit.com2024-11-0323.46.17.17
ilease.access.cit.com2024-11-2423.46.17.57
uat3.ilease.access.cit.com2024-08-2223.46.228.173
uat4.ilease.access.cit.com2024-08-2023.54.19.187
www.ilease.access.cit.com2024-11-2523.46.17.69
www.access.cit.com2024-11-2423.46.17.59
cms-assets.cit.com2024-09-02204.246.191.103
dataprivacyrights.cit.com2024-07-05104.70.127.49
api-dataprivacyrights.cit.com2024-11-2423.54.19.129
uat-api-dataprivacyrights.cit.com2024-09-01104.98.114.137
www-uat.cit.com2024-09-2023.46.17.17
account.cit.com2024-11-2523.46.17.69
newtest.cit.com2024-07-2623.46.17.20
civ.cit.com2025-01-14206.212.108.127
www.cit.com2023-12-01104.96.163.213
managerpay.cit.com2024-11-2423.46.17.59
uatcit-managerpay.cit.com2024-08-1723.46.17.13
vendorpay.cit.com2025-07-0445.60.12.235
propertypay.cit.com2024-11-2523.54.19.177
uatcit-propertypay.cit.com2024-11-1023.46.17.13
www.propertypay.cit.com2024-10-1023.46.17.22
View on OTX | View on ThreatMiner








Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]



� Copyright 2019 AlienVault, Inc. | Legal| Status| Do Not Sell My Personal Information