# nfu20050910.shop — MALICIOUS

> Explore the safety check for nfu20050910.shop. Learn about its phishing risk, current offline status, and recommended user precautions.

## Summary
PhishDestroy identifies nfu20050910.shop as a high-risk domain associated with generic phishing threats. This classification indicates the domain was likely used to deceive users into divulging personal information or credentials by impersonating legitimate entities. Due to the nature of phishing, users encountering this domain should exercise extreme caution to avoid potential data compromise.

Supporting this assessment, the domain was created recently on February 21, 2026, and has been flagged by 14 out of 95 security vendors on VirusTotal, signaling widespread suspicion. Additionally, it has been included in two security blocklists and appears in one AlienVault OTX threat intelligence pulse, reinforcing the domain’s malicious reputation. The domain registration through Gname.com Pte. Ltd. and multiple security indicators contribute to the conclusion that this infrastructure was part of a coordinated phishing operation.

Currently, nfu20050910.shop is offline, which reduces immediate risk to internet users. Nonetheless, PhishDestroy advises vigilance when interacting with unknown or suspicious websites, particularly newly registered domains with negative intelligence. Users should ensure their devices have updated security software and avoid providing sensitive data to unverified sources. Continuous monitoring and blocking of this domain by security platforms help mitigate further exposure to phishing attacks.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Gname.com Pte. Ltd.
- Country: SG
- Nameservers: ["a5.share-dns.com", "b5.share-dns.net"]

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "ESTsecurity", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "CryptoFirewall"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb0df-5d81-7677-b2e2-34c1caffcabf.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/cc2d6bae-e254-4191-a45e-4392cdd73eba
- PhishDestroy: https://phishdestroy.io/domain/nfu20050910.shop/
- LLM endpoint: https://phishdestroy.io/domain/nfu20050910.shop/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/nfu20050910.shop/
Last updated: 2026-03-19