# olx.proces-dostav.cfd — SUSPICIOUS > olx.proces-dostav.cfd poses as a fake OLX delivery scam hosting on Let's Encrypt; avoid any input and block with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies olx.proces-dostav.cfd as an active generic phishing site that masquerades as a delivery portal for OLX, a popular classifieds platform. This domain specifically targets users expecting order notifications or shipment updates, harvesting credentials and personal data under the guise of a legitimate logistics service. The threat is not generic; it is a focused impersonation attack designed to trick OLX customers into surrendering sensitive information through a convincing but fraudulent interface. Risk is elevated because the site leverages a valid SSL certificate from Let’s Encrypt, which can mislead users into believing the connection is secure. Traffic is routed through IP 188.114.96.3, a hosting node known for transient malicious campaigns. This domain was flagged by PhishDestroy with the following indicators: VirusTotal detected 0/95 security engines as of the latest scan, the domain was registered on March 17, 2024 through Global Domain Group LLC, and it currently lacks inclusion on major public blocklists—indicating a relatively new but actively evolving threat. While SSL encryption is present, it does not imply legitimacy; rather, it reflects a common tactic used by threat actors to bypass browser warnings and gain user trust. The combination of a recent creation date, low detection rate, and hosting on a suspicious IP range suggests this campaign is still in its early operational phase and may expand rapidly. Users who visited olx.proces-dostav.cfd should immediately cease any interaction and avoid entering login credentials or personal information. If credentials were entered, change passwords immediately across all accounts, enable two-factor authentication where available, and monitor financial accounts for suspicious activity. Use a reputable security tool to scan devices for malware, as fraudulent sites often bundle drive-by downloads. Block the domain at the network level if possible, and report the site to your email provider, browser, and platforms like Google Safe Browsing or PhishDestroy to aid in early blocking. This domain represents a credible imitation; vigilance and prompt action are critical to prevent account compromise and data loss. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-17 16:09:49 - Registrar: Global Domain Group LLC - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/49e2bba6-8abb-4304-895b-d3fffa859ab7 - PhishDestroy: https://phishdestroy.io/domain/olx.proces-dostav.cfd/ - LLM endpoint: https://phishdestroy.io/domain/olx.proces-dostav.cfd/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/olx.proces-dostav.cfd/ Last updated: 2026-03-31