# login.workshopvotebrowse.com — MALICIOUS > Discover why login.workshopvotebrowse.com is flagged for credential phishing and its current offline status. Stay informed with PhishDestroy insights. ## Summary PhishDestroy identifies login.workshopvotebrowse.com as a high-risk credential phishing domain designed to deceive users into divulging sensitive login information. Classified under social engineering threats, this domain mimics legitimate login portals to harvest credentials, posing significant security risks. The domain was registered on February 21, 2026, and quickly attracted attention due to suspicious activities linked to phishing campaigns. Technical analysis reveals that login.workshopvotebrowse.com was flagged by Google Safe Browsing with social engineering warnings and appeared on two distinct security blocklists. VirusTotal reports indicate that 17 out of 95 security vendors classify this domain as malicious, underscoring a broad consensus on its threat level. The domain infrastructure was likely used to facilitate credential theft through deceptive user interfaces and phishing lures, leveraging social engineering tactics to maximize user impact. Currently, the domain is offline, reflecting effective takedown efforts to mitigate ongoing risk. PhishDestroy notes that removing access to such domains is critical to disrupting phishing campaigns and protecting end-users. Continuous monitoring of similar domains and prompt response remain essential components in combating evolving phishing threats, as exemplified by the lifecycle of login.workshopvotebrowse.com. The unique seed d11439 further emphasizes the distinct fingerprint and detection patterns associated with this phishing activity. ## Threat Details - Verdict: MALICIOUS - Site status: dead (HTTP 403) - Page title: workshopvotebrowse.com | 522: Connection timed out ## Domain Intelligence - Registered: 2026-02-21 07:01:08 - Registrar: Global Domain Group LLC - Country: US - IP: 172.67.180.96 - IP Country: US - IP City: San Francisco - IP Org: AS13335 Cloudflare, Inc. - Nameservers: ["carter.ns.cloudflare.com", "reza.ns.cloudflare.com"] - SSL Issuer: Google Trust Services / WE1 ## Detection Status - VirusTotal: 17 vendors flagged Vendors: ["ADMINUSLabs", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Phishing Database", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"] - Google Safe Browsing: FLAGGED - Blocklists: 1 hits Lists: ["PhishDestroy"] ## Evidence - Screenshot: https://urlscan.io/screenshots/019b9e73-2d07-734e-bb0a-5603966d49bd.png - Cloudflare Radar: https://radar.cloudflare.com/scan/a5954e52-f71d-43fc-9123-2f03e03477c6 - PhishDestroy: https://phishdestroy.io/domain/login.workshopvotebrowse.com/ - LLM endpoint: https://phishdestroy.io/domain/login.workshopvotebrowse.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/login.workshopvotebrowse.com/ Last updated: 2026-03-19