# rover-hub.link — MALICIOUS

> Rover-hub.link is an active phishing domain flagged for social engineering. Learn how it threatens your security and how to stay protected.

## Summary
PhishDestroy identifies rover-hub.link as an active phishing domain involved in generic phishing attacks designed to deceive users into divulging sensitive information. This threat is considered high risk due to its use of social engineering tactics that can lead to credential theft, financial loss, or identity compromise. Awareness of such domains is essential for maintaining cybersecurity hygiene and preventing successful phishing exploits.

The domain rover-hub.link was registered on January 19, 2026, through Hosting Concepts B.V. d/b/a Registrar.eu. It resolves to the IP address 151.247.193.142. VirusTotal analysis shows that 15 out of 95 security vendors flag this domain, indicating moderate detection coverage. Google Safe Browsing categorizes it under social engineering threats, and it appears on at least one security blocklist. These indicators reinforce the domain's malicious nature and its involvement in phishing campaigns.

Users are advised to avoid interacting with any emails, links, or websites associated with rover-hub.link. Security best practices include verifying URLs before clicking, enabling multi-factor authentication, and using updated anti-phishing software. Organizations should consider blocking this domain at the network level and educating their personnel about the risks posed by such deceptive domains. Staying vigilant against emerging phishing threats like rover-hub.link is critical to safeguarding personal and corporate data.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: RoVer

## Domain Intelligence
- Registered: 2026-03-06 07:07:01
- Registrar: Hosting Concepts B.V. d/b/a Registrar.eu
- Country: CZ
- IP: 151.247.193.142
- IP Country: FR
- IP City: Paris
- IP Org: AS399486 12651980 CANADA INC.
- Nameservers: ns1.eggywall.cc ns2.eggywall.cc
- SSL Issuer: none

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CRDF", "CyRadar", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "Google Safebrowsing", "Lionic", "Netcraft", "Seclookup", "Sophos", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc7be-0e7f-73a7-b4cb-8a86acedcb53.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/rover-hub.link
- Wayback Machine: https://web.archive.org/web/https://rover-hub.link
- PhishDestroy: https://phishdestroy.io/domain/rover-hub.link/
- LLM endpoint: https://phishdestroy.io/domain/rover-hub.link/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rover-hub.link/
Last updated: 2026-03-16