# amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone — MALICIOUS

> Active phishing threat detected on amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone. Avoid interaction to protect your data.

## Summary
PhishDestroy identifies a high-risk generic phishing campaign leveraging the domain amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone. This campaign poses significant danger as it targets users with deceptive content that may lead to credential theft or financial loss. The use of a long and complex subdomain aims to mimic official government-related sites, increasing the likelihood of victim engagement.

Analysis of the domain infrastructure reveals it resolves to the IP address 108.165.154.180 and is currently listed on one security blocklist. VirusTotal flags it by 13 out of 95 security vendors, corroborating its malicious nature. The domain's presence in blocklists and flagged status suggests an active, ongoing phishing effort designed to exploit unsuspecting users.

Users are advised to avoid clicking on links or providing sensitive information when encountering this domain or similar variants. Employ strong email filtering, ensure updated endpoint protection, and report suspicious messages promptly. Vigilance against phishing tactics like this is essential to safeguarding personal and organizational security.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: GoDaddy.com, LLC
- Country: US
- IP: 108.165.154.180
- IP Country: US
- IP City: New York City
- IP Org: AS26383 Baxet Group Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: none

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["BitDefender", "Cluster25", "CRDF", "CyRadar", "DNS8", "ESET", "Fortinet", "G-Data", "Gridinsoft", "Seclookup", "Sophos", "URLQuery", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc284-4b63-727c-9aa2-bbcb73a58df4.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone
- PhishDestroy: https://phishdestroy.io/domain/amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone/
- LLM endpoint: https://phishdestroy.io/domain/amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/amendes-antai-gouv-infractions.s1124277.ha025.t.mydomain.zone/
Last updated: 2026-03-16