# foundation.mlranetwork.net — MALICIOUS > foundation.mlranetwork.net hosts high-risk phishing scams targeting users. Avoid interaction and report suspicious activity immediately to stay safe. ## Summary PhishDestroy identifies foundation.mlranetwork.net as a high-risk phishing domain actively engaging in fraudulent activities. The domain is associated with a deceptive webpage titled "Mira Airdrop Claim," which attempts to lure users into submitting sensitive information under false pretenses. Classified under generic phishing, it aims to exploit unsuspecting individuals through social engineering tactics linked to cryptocurrency giveaways. Technical analysis reveals that foundation.mlranetwork.net resolves to the IP address 104.21.83.74 and was registered recently on February 21, 2026, via PDR Ltd. d/b/a PublicDomainRegistry.com. The domain is flagged by 10 out of 95 security vendors on VirusTotal and appears on two separate security blocklists, reinforcing its malicious nature. Its infrastructure supports typical phishing lifecycles, including rapid domain registration and hosting on IPs commonly used in fraudulent schemes. Currently, the domain remains active and continues to pose a significant threat to internet users. PhishDestroy recommends immediate blocking and monitoring of any interaction with foundation.mlranetwork.net. Users are advised to avoid clicking links or submitting any data on this domain. Continuous threat intelligence updates are crucial to mitigate risks associated with this and similar phishing operations. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 530) - Page title: Mira Airdrop Claim ## Domain Intelligence - Registered: 2026-02-21 07:01:08 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - Country: IN - IP: 104.21.83.74 - Nameservers: ["ns1.verification-hold.suspended-domain.com", "ns2.verification-hold.suspended-domain.com"] - SSL Issuer: WE1 ## Detection Status - VirusTotal: 10 vendors flagged Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Seclookup", "Sophos"] - Google Safe Browsing: clean - Blocklists: 2 hits Lists: ["PhishDestroy", "ScamSniffer"] ## Evidence - Screenshot: https://urlscan.io/screenshots/0199c41a-e8aa-759d-9b39-b5cf22a9f769.png - PhishDestroy: https://phishdestroy.io/domain/foundation.mlranetwork.net/ - LLM endpoint: https://phishdestroy.io/domain/foundation.mlranetwork.net/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/foundation.mlranetwork.net/ Last updated: 2026-03-19