# reservecertitude.com — SUSPICIOUS

> reservecertitude.com is a confirmed credential phisher (1/95 VirusTotal detections) that began hosting on August 16, 2022.

## Summary
reservecertitude.com is currently hosting a live credential-phishing operation designed to steal usernames and passwords. The page mimics a legitimate login portal but sends whatever is typed straight to attackers, who then hijack the real account. Victims risk immediate take-over of email, banking, or corporate services once credentials are captured. Users who enter any information should change passwords everywhere immediately and enable two-factor authentication on every account that offers it.  reservecertitude.com presents one of the lightest detection profiles observed: only 1 out of 95 top security vendors flagged the domain at time of assessment. The domain was registered on August 16, 2022 through NICENIC INTERNATIONAL GROUP CO., LIMITED and now resolves to host 216.106.179.55 protected by a Let’s Encrypt SSL certificate. Despite the low vendor count, behavior analysis and site structure clearly match known phishing kits; the SSL merely adds a false sense of security.  If you visited or typed anything into reservecertitude.com, assume the credentials were compromised. Disconnect any active sessions on the affected service, reset the password using a different device, and enable multi-factor authentication before logging back in. Run a malware scan on the device used to access the page and consider rotating passwords on any other services where the same username or password pair was reused. Report the incident to your IT team or the service provider being impersonated.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2022-08-16 17:39:54
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 216.106.179.55

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2684c504-995f-413f-9288-430e0d261bbc
- PhishDestroy: https://phishdestroy.io/domain/reservecertitude.com/
- LLM endpoint: https://phishdestroy.io/domain/reservecertitude.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/reservecertitude.com/
Last updated: 2026-03-27