# rfp-proposal.ceo — SUSPICIOUS

> Explore the low-risk phishing threat of rfp-proposal.ceo. Learn about its infrastructure, creation, and how to stay safe from potential scams.

## Summary
PhishDestroy identifies rfp-proposal.ceo as a domain involved in generic phishing activity, classified with a low risk level. While this threat type generally aims to deceive users into revealing sensitive information, the current evaluation suggests limited immediate danger. However, vigilance is advised as phishing tactics can evolve rapidly and even low-risk domains may serve as entry points for more sophisticated attacks.

The domain rfp-proposal.ceo was registered recently on February 6, 2026, through Porkbun, LLC, a known registrar. It resolves to the IP address 104.225.130.131. VirusTotal analysis detected only a single security vendor flagging this domain out of 95, indicating minimal consensus on malicious activity. Despite the low detection rate, the domain’s recent creation and its association with a CEO-themed name could be exploited for phishing campaigns targeting business professionals.

Users are recommended to exercise caution when interacting with unsolicited communications referencing rfp-proposal.ceo or related domains. Avoid clicking on suspicious links or providing personal information without verification. Security teams should monitor email filters and update blocklists to include this domain if further suspicious activity emerges. Continuous awareness and a skeptical approach remain the best defense against evolving phishing threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: One moment, please...

## Domain Intelligence
- Registered: 2026-02-06 00:00:00
- Registrar: Porkbun, LLC
- IP: 104.225.130.131
- Nameservers: curitiba.ns.porkbun.com,fortaleza.ns.porkbun.com,maceio.ns.porkbun.com,salvador.ns.porkbun.com

## Detection Status
- VirusTotal: 4 vendors flagged
  Vendors: ["Bfore.Ai PreCrime", "CRDF", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/DDLtDf4p/40784abf8fff.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/ebbe3056-d4aa-4a11-9b13-9901280a1e12
- PhishDestroy: https://phishdestroy.io/domain/rfp-proposal.ceo/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rfp-proposal.ceo/
Last updated: 2026-03-14