# impuls-corevo.com — SUSPICIOUS

> impuls-corevo.com identified as credential theft phishing site. Flagged by 3 of 95 VirusTotal vendors. Block immediately to protect credentials and assets.

## Summary
PhishDestroy identifies impuls-corevo.com as an active credential theft campaign targeting users through deceptive login portals. The domain operates with elevated risk status and is confirmed to be collecting user credentials under false pretenses. It has been active since November 17, 2025, indicating an ongoing operation designed to harvest sensitive authentication data.  This domain was flagged by 3 of 95 VirusTotal security vendors, is listed on one security blocklist, and is blocked by InversionDNS. It is registered through NETIM, resolves to IP 91.236.116.172, and utilizes a Let's Encrypt SSL certificate. Google Safe Browsing classifies it under SOCIAL_ENGINEERING, confirming its malicious intent. The domain’s recent creation date and low trust indicators make it a high-risk endpoint for credential harvesting.  Users and organizations are strongly advised to block impuls-corevo.com at the network and endpoint levels. Avoid accessing the domain and inspect DNS logs for recent resolutions. If credentials were entered, rotate passwords immediately and enable multi-factor authentication. Report indicators to your threat intelligence team for further analysis and containment.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-11-17 21:34:11
- Registrar: NETIM
- IP: 91.236.116.172

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["InversionDNS"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/cd39045a-8931-48a8-8237-2f7e909b14f4
- PhishDestroy: https://phishdestroy.io/domain/impuls-corevo.com/
- LLM endpoint: https://phishdestroy.io/domain/impuls-corevo.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/impuls-corevo.com/
Last updated: 2026-03-22