# empiregdf.pics — SUSPICIOUS

> empiregdf.pics is a credential harvesting phishing site flagged by 0 of 95 VirusTotal vendors. Check the full report.

## Summary
PhishDestroy identifies empiregdf.pics as an active credential harvesting phishing domain targeting unsuspecting users.

This domain was flagged by 0 of 95 VirusTotal security vendors, was registered through Dynadot LLC, and resolves to IP 188.114.96.3. The domain was created on January 13, 2026, and currently operates with a Google Trust Services SSL certificate.

The domain remains under investigation due to its recent creation and low detection rate. Users are advised to avoid interacting with empiregdf.pics and verify the authenticity of any login prompts. If exposed, immediately change passwords and enable multi-factor authentication on all relevant accounts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-13 07:14:52
- Registrar: Dynadot LLC
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f54de493-3131-4744-b8d9-bcd3d0d42669
- PhishDestroy: https://phishdestroy.io/domain/empiregdf.pics/
- LLM endpoint: https://phishdestroy.io/domain/empiregdf.pics/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/empiregdf.pics/
Last updated: 2026-04-12