# loginunivers4l2026.wasmer.app — SUSPICIOUS

> loginunivers4l2026.wasmer.app is a credential theft domain impersonating a login portal. Detected with 0/95 VirusTotal detections. Avoid entering credentials.

## Summary
PhishDestroy identifies loginunivers4l2026.wasmer.app as an active credential theft domain designed to harvest user login credentials under the guise of a legitimate login portal. This domain engages in brand impersonation, leveraging a deceptive naming convention to mimic a plausible service interface. No cryptocurrency drainer kit or advanced JavaScript payloads were observed in initial sandbox analysis, suggesting a focus on traditional credential harvesting rather than fund exfiltration.  This domain resolves to IP address 62.210.172.150 and is secured with a Let's Encrypt SSL certificate, which may contribute to user trust during phishing interactions. The domain was registered through Wasmer.app’s subdomain service and currently shows 0 detections on VirusTotal (0/95 engines). Historical WHOIS data indicates recent creation, though exact registration date remains unverified in public records. Google Safe Browsing (GSB) has not yet flagged the domain, and no entries are found in major threat intelligence blocklists such as PhishTank or OpenPhish.  The domain remains active and under investigation, with no immediate remediation by hosting providers or security vendors. Users are advised to avoid interacting with this domain and to verify URLs before entering sensitive credentials. Remaining risk is assessed as moderate given the absence of detection coverage and the domain’s active status. Users should report this domain to their security teams and consider blocking the IP 62.210.172.150 at the network perimeter.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 62.210.172.150

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d04287e5-94d3-437a-b36c-f85e25c3f0f1
- PhishDestroy: https://phishdestroy.io/domain/loginunivers4l2026.wasmer.app/
- LLM endpoint: https://phishdestroy.io/domain/loginunivers4l2026.wasmer.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/loginunivers4l2026.wasmer.app/
Last updated: 2026-04-01