# lbplay575.site — SUSPICIOUS

> lbplay575.site linked to live credential harvesting scam; 0/95 VirusTotal detections as of Jan 22 2026. Check the full report.

## Summary
PhishDestroy identifies an active credential-harvesting campaign centered on lbplay575.site hosted at 45.59.170.99. The domain presents itself under a Let’s Encrypt SSL certificate and was registered on January 22, 2026 through NAMECHEAP INC. Owing to its infancy and low detection footprint, researchers continue under-investigation into the true scale of this operation and associated infrastructure.

Technical indicators further underscore its malicious nature: the domain currently sits at 0 out of 95 detections on VirusTotal, indicating a bypass of conventional blocklists and AV engines. With a creation timestamp barely hours old at the time of writing, it has not yet propagated to most threat-intel feeds. The combination of a fresh domain, unflagged sandbox results, and the presence of an active SSL certificate illustrates a deliberate attempt to evade detection while targeting unsuspecting users with spoofed login portals.

Organizations and end-users are strongly advised to block lbplay575.site at the DNS and perimeter levels. If any interaction—click-through or data entry—has already occurred, immediately rotate credentials across affected services, enable multi-factor authentication where available, and inspect local DNS caches and browser history for additional indicators. Affected systems should undergo a full scan using updated endpoint protection, and any harvested credentials should be considered compromised and revoked promptly.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-22 06:50:35
- Registrar: NAMECHEAP INC
- IP: 45.59.170.99

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4470637a-7cc9-4949-ab1a-9d264befaad1
- PhishDestroy: https://phishdestroy.io/domain/lbplay575.site/
- LLM endpoint: https://phishdestroy.io/domain/lbplay575.site/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lbplay575.site/
Last updated: 2026-03-24