# pub-f4bf4b5c581d4d2fae8ac6d8e8ea7310.r2.dev — MALICIOUS

> Warning: pub-f4bf4b5c581d4d2fae8ac6d8e8ea7310.r2.dev is a fake login page! 16/95 VirusTotal vendors flagged it. Verify safety on PhishDestroy.

## Summary
PhishDestroy assesses pub-f4bf4b5c581d4d2fae8ac6d8e8ea7310.r2.dev as a high-risk domain due to its association with fake login pages. This type of phishing aims to steal user credentials by mimicking legitimate login interfaces. Exercise extreme caution if you encounter this domain.  

This domain resolves to IP address 104.18.50.34 and utilizes an SSL certificate issued by Let's Encrypt. The domain appears on 3 security blocklists, including those maintained by PhishingArmy, PhishingDB, and OISD. VirusTotal analysis reveals that 16 out of 95 security vendors have flagged this domain as malicious. The convergence of these indicators strongly suggests malicious intent.  

To mitigate the risk posed by fake login pages, always verify the authenticity of a website before entering any credentials. Check the URL for subtle misspellings or inconsistencies. Enable multi-factor authentication wherever possible to add an extra layer of security. If you suspect you have entered your credentials on a fake login page, immediately change your password and monitor your accounts for any unauthorized activity. Consider using a password manager to help protect against phishing attacks.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.18.50.34

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishingArmy", "PhishingDB", "OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d339e9b9-0562-4504-96cc-a64342edca9d
- PhishDestroy: https://phishdestroy.io/domain/pub-f4bf4b5c581d4d2fae8ac6d8e8ea7310.r2.dev/
- LLM endpoint: https://phishdestroy.io/domain/pub-f4bf4b5c581d4d2fae8ac6d8e8ea7310.r2.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pub-f4bf4b5c581d4d2fae8ac6d8e8ea7310.r2.dev/
Last updated: 2026-04-12