# ghjioook.weebly.com — MALICIOUS

> PhishDestroy identifies ghjioook.weebly.com as a credential harvesting site. 15 vendors flag this domain. Check the full report.

## Summary
PhishDestroy identifies ghjioook.weebly.com as an active credential harvesting domain posing an elevated risk to users. This Weebly-hosted site is designed to trick visitors into submitting sensitive login credentials under false pretenses, making it a critical threat to monitor and block.

This domain was flagged by 15 of 95 VirusTotal security vendors, indicating widespread recognition of its malicious nature. It resolves to IP address 74.115.51.8 and operates with a Let’s Encrypt SSL certificate for added credibility. Registered through Safenames Ltd, the domain was created on March 29, 2006, and is currently blocked by OpenPhish. Its presence on one security blocklist further solidifies its status as a confirmed malicious resource.

Organizations should immediately block ghjioook.weebly.com at the network and DNS levels to prevent user exposure. Users who may have interacted with this site should assume their credentials may have been compromised and take immediate steps to change passwords and enable multi-factor authentication where applicable. Full incident response and IOCs are available in the associated threat advisory for deeper analysis.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2006-03-29 00:25:07
- Registrar: Safenames Ltd
- IP: 74.115.51.8

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["OpenPhish"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/61f71ffe-80df-43d4-bbee-378ef35af69a
- PhishDestroy: https://phishdestroy.io/domain/ghjioook.weebly.com/
- LLM endpoint: https://phishdestroy.io/domain/ghjioook.weebly.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ghjioook.weebly.com/
Last updated: 2026-03-27