matrix icon indicating copy to clipboard operation
matrix copied to clipboard
verified publisher icon mypdns

nebulaquestcorporation.cc

Open g0d33p3rsec opened this issue 1 year ago • 0 comments

Comments

This domain is being used to distribute Lumma Stealer. See #681 and https://github.com/mitchellkrogza/phishing/pull/450

Wildcard domain records

nebulaquestcorporation.cc|malicious

Sub-Domain records

No response

Hosts (RFC:953) specific records, not used by DNS RPZ firewalls

No response

SeafeSearch records

No response

Screenshots

Screenshot

Links to external sources

https://nebulaquestcorporation.cc/cdnusa/invoiceupsstage
https://urlscan.io/result/e79640b4-6ca8-4bc9-b08e-b3b5955947b6/
https://www.virustotal.com/gui/file/9d9cfd342000ad5655052b050abd59afd502e4e570335c5922da03c117ec2749

logs from uBlock Origin

N/A

g0d33p3rsec avatar Jul 12 '24 21:07 g0d33p3rsec