nebulaquestcorporation.cc

Comments

This domain is being used to distribute Lumma Stealer. See #681 and https://github.com/mitchellkrogza/phishing/pull/450

Wildcard domain records

nebulaquestcorporation.cc|malicious

Sub-Domain records

No response

Hosts (RFC:953) specific records, not used by DNS RPZ firewalls

No response

SeafeSearch records

No response

Screenshots

Screenshot

Links to external sources

https://nebulaquestcorporation.cc/cdnusa/invoiceupsstage
https://urlscan.io/result/e79640b4-6ca8-4bc9-b08e-b3b5955947b6/
https://www.virustotal.com/gui/file/9d9cfd342000ad5655052b050abd59afd502e4e570335c5922da03c117ec2749

logs from uBlock Origin

N/A

mypdns / matrix

nebulaquestcorporation.cc #682

Comments

Wildcard domain records

Sub-Domain records

Hosts (RFC:953) specific records, not used by DNS RPZ firewalls

SeafeSearch records

Screenshots

Links to external sources

logs from uBlock Origin