# proposal-aerodromefinance.net — MALICIOUS

> Beware of proposal-aerodromefinance.net—a high-risk phishing site active now. Protect your data from fraudulent schemes linked to this domain.

## Summary
PhishDestroy identifies proposal-aerodromefinance.net as a high-risk generic phishing domain actively targeting unsuspecting users. The site uses the page title "Aerodrome Proposal" to lure victims, likely attempting to impersonate legitimate financial or proposal-related services to steal sensitive information.

This domain was created on February 21, 2026, and currently resolves to the IP address 188.114.97.3. It is flagged in 16 out of 95 VirusTotal security scans and appears on three distinct security blocklists, indicating broad recognition of its malicious intent. Additionally, it has been observed in a threat intelligence pulse on AlienVault OTX, suggesting ongoing monitoring and threat activity.

As of now, proposal-aerodromefinance.net remains active and poses an elevated risk to users. PhishDestroy strongly recommends avoiding any interaction with this domain, refraining from submitting personal or financial details, and ensuring endpoint protection solutions are updated and vigilant against this threat.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Aerodrome Proposal

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- SSL Issuer: WE1

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Lionic", "Seclookup", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019945ed-c210-7683-a19a-48f88464bb2f.png
- PhishDestroy: https://phishdestroy.io/domain/proposal-aerodromefinance.net/
- LLM endpoint: https://phishdestroy.io/domain/proposal-aerodromefinance.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/proposal-aerodromefinance.net/
Last updated: 2026-03-19