# myfciuqqluipjmbteam.saystudio.net — MALICIOUS

> myfciuqqluipjmbteam.saystudio.net posed a severe Facebook phishing threat. Now offline. Learn what happened and how to protect yourself.

## Summary
PhishDestroy identifies myfciuqqluipjmbteam.saystudio.net as a high-risk generic phishing domain masquerading as Facebook. Such phishing sites are designed to steal login credentials and personal data, posing significant security risks to users. This threat matters because it targets one of the most widely used social platforms, increasing potential impact.

This domain was registered recently on March 7, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com and resolved to IP address 94.199.205.30. It appeared on at least one security blocklist and was flagged by 18 out of 95 security vendors on VirusTotal, reflecting broad detection of malicious activity. The Gridinsoft trust score for this domain stands at 0/100, underscoring its untrustworthy nature. Currently, the domain is offline, mitigating ongoing risk.

Users are advised to remain vigilant against suspicious links, especially those claiming to be Facebook login pages. Always verify URL authenticity before entering credentials and enable two-factor authentication on your accounts for added protection. If you encounter suspicious domains like myfciuqqluipjmbteam.saystudio.net, report them to your security provider and avoid any interaction.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 404)
- Page title: Facebook

## Domain Intelligence
- Registered: 2026-03-07 01:07:01
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 94.199.205.30
- IP Country: TR
- IP City: Istanbul
- IP Org: AS42807 CIZGI TELEKOMUNIKASYON ANONIM SIRKETI
- Nameservers: ["cpns1.turhost.com", "cpns2.turhost.com"]
- SSL Issuer: Let's Encrypt / R13

## Detection Status
- VirusTotal: 18 vendors flagged
  Vendors: ["ADMINUSLabs", "BitDefender", "CyRadar", "DNS8", "ESET", "Emsisoft", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "OpenPhish", "Seclookup", "Sophos", "URLQuery", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/V0P46Jhy/b2aeb38aeb3f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/837b95dc-40b5-4f0d-b476-9f35dba61643
- Wayback Machine: https://web.archive.org/web/https://myfciuqqluipjmbteam.saystudio.net
- PhishDestroy: https://phishdestroy.io/domain/myfciuqqluipjmbteam.saystudio.net/
- LLM endpoint: https://phishdestroy.io/domain/myfciuqqluipjmbteam.saystudio.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/myfciuqqluipjmbteam.saystudio.net/
Last updated: 2026-03-19