# cecrreha.digital — MALICIOUS

> cecrreha.digital is flagged for phishing and social engineering. Avoid interaction; the domain is offline but was high risk.

## Summary
PhishDestroy identifies cecrreha.digital as a high-risk phishing domain, primarily involved in social engineering attacks targeting unsuspecting users. Such threats are critical because they aim to steal sensitive information by deceiving victims into trusting fraudulent sites.

The domain was registered through PDR Ltd. d/b/a PublicDomainRegistry.com and created on February 21, 2026. It resolved to IP 188.114.96.3 and appeared on two security blocklists. VirusTotal flagged it by 19 out of 95 security vendors, and Google Safe Browsing marked it for social engineering. AlienVault OTX also included this domain in a known threat pulse. Currently, the domain is taken offline.

Users should avoid visiting or interacting with cecrreha.digital, especially any communication referencing it. Maintaining updated security software and awareness about phishing tactics is essential. If you encounter suspicious emails or links referencing this domain, report and delete them to prevent compromise.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Helvionex

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Expires: 2027-01-21 00:00:00
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: darl.ns.cloudflare.com jessica.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Cluster25", "CRDF", "CyRadar", "DNS8", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bff2d-c63f-761f-bd11-8022c5909cfe.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/234436d4-7b53-462e-b180-e282c044f2f2
- PhishDestroy: https://phishdestroy.io/domain/cecrreha.digital/
- LLM endpoint: https://phishdestroy.io/domain/cecrreha.digital/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cecrreha.digital/
Last updated: 2026-03-19