# gshortterm.com — SUSPICIOUS > PhishDestroy identifies gshortterm.com as a credential theft domain with 0/95 VirusTotal detections. Avoid sharing sensitive data—report immediately if. ## Summary PhishDestroy’s automated threat detection pipeline has flagged gshortterm.com as an active credential theft domain under investigation. This domain was registered on August 08, 2025, through GoDaddy.com, LLC, and resolves to IP address 119.42.146.38. The site currently leverages a Let’s Encrypt SSL certificate to appear legitimate, while its recent creation date and unresolved status indicate a high-risk, rapidly deployed infrastructure. As of the last scan, VirusTotal returned 0 detections out of 95 engines, suggesting it has not yet been widely recognized by security vendors. This domain presents a clear credential theft threat, likely designed to mimic legitimate login portals for popular services or platforms. While the specific brand being impersonated has not been confirmed, its operational pattern aligns with common phishing lures used to harvest user credentials. Technical indicators include registration via GoDaddy, deployment on IP 119.42.146.38, and a domain creation date of August 08, 2025. The lack of detections on VirusTotal highlights the importance of proactive monitoring, as newly registered domains often bypass immediate detection. The domain has not been flagged in Google Safe Browsing (GSB) and remains unblocked by major threat intelligence feeds. As of the latest assessment, the threat remains active with an under-investigation status. Users are advised to avoid interacting with gshortterm.com and report any encounters immediately. Organizations should consider blocking the domain and IP at the network perimeter. Given the absence of detections and the domain’s recent registration, the risk of credential compromise is elevated. PhishDestroy continues to monitor this domain and urges users to validate URLs and use multi-factor authentication to mitigate potential exposure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-08-08 12:07:19 - Registrar: GoDaddy.com, LLC - IP: 119.42.146.38 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/gshortterm.com - PhishDestroy: https://phishdestroy.io/domain/gshortterm.com/ - LLM endpoint: https://phishdestroy.io/domain/gshortterm.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/gshortterm.com/ Last updated: 2026-04-06