# gregarious-maamoul-fdf5b4.netlify.app — MALICIOUS

> Gregarious-maamoul-fdf5b4.netlify.app is a high-risk phishing site mimicking Amazon. Avoid interaction and verify links. Stay safe with PhishDestroy insights.

## Summary
PhishDestroy identifies gregarious-maamoul-fdf5b4.netlify.app as a high-risk generic phishing domain. This classification is based on its intent to deceive users through a cloned Amazon page, putting visitors at significant risk of credential theft or fraud.

Supporting evidence includes its creation date on March 8, 2026, its registration through Netlify, and its resolution to IP address 35.157.26.135. The domain appeared on one security blocklist and was flagged by 12 out of 95 security vendors on VirusTotal, indicating credible suspicion from multiple threat detection sources. The site’s page title, 'Amazon Clone,' further confirms its phishing nature targeting Amazon users or customers.

Mitigation efforts are currently effective as the domain status is offline, preventing active exploitation at this time. Users are advised to avoid visiting this domain and to remain vigilant when interacting with unfamiliar URLs, especially those resembling trusted brands. PhishDestroy recommends continuous monitoring as phishing domains may reappear or use alternate infrastructures for future attacks.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Page title: Amazon Clone

## Domain Intelligence
- Registered: 2026-03-08 13:07:01
- Registrar: Netlify
- Country: US
- IP: 35.157.26.135
- IP Country: DE
- IP City: Frankfurt am Main
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: DigiCert Inc / DigiCert Global G2 TLS RSA SHA256 2020 CA1

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ADMINUSLabs", "BitDefender", "Ermes", "ESET", "Emsisoft", "Fortinet", "G-Data", "Lionic", "Netcraft", "Sophos", "Trustwave", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ccd56-2ea2-7371-8b51-bda4cece18e4.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/ce342a81-2f28-4879-b03d-0fa7d1a54a6f
- Wayback Machine: https://web.archive.org/web/https://phishdestroy.io/domain/gregarious-maamoul-fdf5b4.netlify.app/
- PhishDestroy: https://phishdestroy.io/domain/gregarious-maamoul-fdf5b4.netlify.app/
- LLM endpoint: https://phishdestroy.io/domain/gregarious-maamoul-fdf5b4.netlify.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gregarious-maamoul-fdf5b4.netlify.app/
Last updated: 2026-03-19