Domain > temp.injection.me

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to temp.injection.me

MD5	A/V
5bfcf21334d9786205982c166db08d6a	[Trojan.DownLoader16.14912] [TROJ_SPNR.38K314] [Trojan.Win32.KorplugBackdoor.Win32.Gulpix] [W32/Trojan.GMYY-0622] [BackdoorWin32/Plugx.T!dha] [W32/Korplug.CF!tr] [Win32/Korplug.FI] [Trojan.DOMG.hpfx.dll] [BDS/Plugx.275243]

Whois

Property	Value
Name	Registration Private
Organization	Domains By Proxy, LLC
Email	injection.me@domainsbyproxy.com
Zip Code	85260
City	Scottsdale
State	Arizona
Country	US
Phone	+1.4806242599
Fax	+1.4806242598
NameServer	ns76.domaincontrol.com
Created	2015-09-04 14:50:05
Changed	2015-11-03 20:50:07
Expires	2016-09-04 14:50:05
Registrar	GoDaddy.com, LLC

DNS Resolutions

Date	IP Address
2015-09-09	216.158.229.206 (ClassC)
2016-11-26	185.53.178.12 (ClassC)
2017-03-09	185.53.178.7 (ClassC)
2019-02-12	192.64.147.205 (ClassC)
2019-04-04	198.54.117.199 (ClassC)
2019-04-04	198.54.117.200 (ClassC)
2019-04-04	198.54.117.197 (ClassC)
2019-04-04	198.54.117.198 (ClassC)
2019-09-07	173.0.140.210 (ClassC)
2024-08-07	170.178.183.18 (ClassC)
2024-08-29	103.224.212.211 (ClassC)
2025-04-06	13.248.169.48 (ClassC)
2025-05-30	76.223.54.146 (ClassC)

Port 80

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]