# ptshopee-27.blogspot.com — MALICIOUS

> PhishDestroy identifies ptshopee-27.blogspot.com as an active credential harvesting site mimicking Shopee. 7/95 VirusTotal detections. Full report available.

## Summary
PhishDestroy identifies ptshopee-27.blogspot.com as an active credential-harvesting domain posing as Shopee, currently in an elevated risk state.    This domain was flagged with a credential-harvesting payload targeting Shopee users. VirusTotal detection stands at 7 out of 95 security vendors, the IP mapping resolves to 216.58.206.65, and the SSL certificate is issued by Google Trust Services. The domain first appeared on Blogger infrastructure and remains unlisted on major blocklists at the time of reporting.    To mitigate exposure, block inbound and outbound communications to ptshopee-27.blogspot.com and 216.58.206.65 at the network perimeter. Users who may have entered credentials should immediately reset passwords on legitimate Shopee domains and enable two-factor authentication. Report any suspected interactions to official Shopee fraud channels.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 216.58.206.65

## Detection Status
- VirusTotal: 7 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/eb395ad0-6dd9-4b9e-90e2-7d3f4d178b06
- PhishDestroy: https://phishdestroy.io/domain/ptshopee-27.blogspot.com/
- LLM endpoint: https://phishdestroy.io/domain/ptshopee-27.blogspot.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ptshopee-27.blogspot.com/
Last updated: 2026-03-26