# engstart-live.ghost.io — MALICIOUS

> Warning: engstart-live.ghost.io is a high-risk phishing domain. Avoid clicking links and report suspicious activity immediately.

## Summary
PhishDestroy identifies engstart-live.ghost.io as an active high-risk phishing domain targeting unsuspecting users. The domain is employed to conduct generic phishing attacks aimed at harvesting sensitive information through deceptive tactics.

This domain was registered on February 21, 2026, and currently remains active. It appears on two prominent security blocklists, and VirusTotal analysis shows that 13 out of 95 security vendors flag this domain for malicious activity. The infrastructure leverages the ghost.io platform, which is often abused to host phishing content due to its ease of deployment and anonymity.

PhishDestroy recommends immediate vigilance regarding any communications referencing engstart-live.ghost.io. Users should avoid interacting with links or attachments originating from this domain. Security teams should update blocklists and scanning tools to detect and mitigate risks posed by this threat promptly.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 402)
- Page title: Site unavailable

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: 1API GmbH
- Nameservers: ["woz.ns.cloudflare.com", "sara.ns.cloudflare.com"]

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Phishtank", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content

### Page Text
Site unavailable What is Ghost? Site unavailable. If you're the owner, email us on support@ghost.org

### External Links
- https://ghost.org/

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5e3a1029-39a1-456f-83bc-9cbdbd4f7750
- PhishDestroy: https://phishdestroy.io/domain/engstart-live.ghost.io/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/engstart-live.ghost.io/
Last updated: 2026-03-14