# member01.agency-partner-apply.com — MALICIOUS

> member01.agency-partner-apply.com mimics Meta Business Help Centre to steal credentials. This domain was flagged by 17/95 VirusTotal vendors and resolves to IP.

## Summary
PhishDestroy identifies member01.agency-partner-apply.com as an active domain engaged in generic phishing, specifically impersonating the Meta Business Help Centre to deceive users into submitting sensitive information. The site poses as a legitimate support resource for Meta Business Suite users but is designed to harvest credentials and potentially inject drainer malware. No specific drainer kit has been confirmed, but the page title and SSL certificate alignment with Google Trust Services suggest a high-fidelity imitation to bypass suspicion.    Technical indicators for this domain reveal significant red flags. VirusTotal rates the domain at a 17/95 detection score, indicating partial but not universal recognition of the threat. The domain is registered through Gransy, s.r.o., a registrar associated with bulk domain registrations, which often correlates with malicious activity. It resolves to IP address 104.21.47.148, a known hosting provider frequently linked to phishing infrastructure. The domain was created on October 30, 2025, suggesting a recent and opportunistic registration, likely targeting Meta Business Suite users during peak activity periods. Google Safe Browsing (GSB) has not yet flagged this domain, and blocklist counts indicate limited dissemination, though the threat remains active and evolving.    The domain is currently active and operational, with no evidence of takedown as of the latest analysis. Immediate response actions include blocking the domain at the network and endpoint levels, updating firewall rules to restrict access to 104.21.47.148, and reporting the domain to Meta’s fraud team and relevant cybersecurity authorities such as CERT or AbuseIPDB. Users are advised to avoid interacting with the domain, verify any support links directly through official Meta channels, and enable multi-factor authentication (MFA) on their Meta Business accounts. Remaining risk is elevated due to the domain’s recent creation, partial detection coverage, and the high likelihood of further impersonation campaigns. Continuous monitoring and proactive threat hunting are recommended to mitigate potential credential theft and downstream attacks.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Page title: Meta Business Help Centre

## Domain Intelligence
- Registered: 2025-10-30 09:58:02
- Registrar: Gransy, s.r.o.
- IP: 104.21.47.148

## Detection Status
- VirusTotal: 17 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8af523df-f385-489f-934c-58de09907929
- PhishDestroy: https://phishdestroy.io/domain/member01.agency-partner-apply.com/
- LLM endpoint: https://phishdestroy.io/domain/member01.agency-partner-apply.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/member01.agency-partner-apply.com/
Last updated: 2026-03-29