# runfast2l.shop — SUSPICIOUS > PhishDestroy identifies runfast2l.shop as an active delivery-themed phishing site. Domain registered May 02, 2025, zero detections on VirusTotal. ## Summary runfast2l.shop has been confirmed as a delivery-themed phishing site designed to steal personal and financial information under the guise of a package delivery service. Victims are typically lured via fake shipping notifications or urgent messages claiming a package is waiting, only to be redirected to this fraudulent domain where credentials and payment details are harvested. The site mimics legitimate logistics portals to trick users into entering sensitive data, which is then used for identity theft or sold on dark web markets. This domain was flagged using PhishDestroy’s automated pipeline. Key indicators include the domain being created on May 02, 2025, registered through GoDaddy.com LLC, and resolving to IP 172.67.154.218. VirusTotal currently shows 0 detections out of 95 engines, indicating low detection coverage. The site uses a Google Trust Services SSL certificate, attempting to appear legitimate. The seed 0b7104 ensures consistent cross-referencing across investigations. If you visited runfast2l.shop, do not enter any personal information. Close the browser immediately and run a full antivirus scan. Change passwords for any accounts you may have used on the site, especially email and financial portals. Report the domain to your email provider and consider using a password manager to monitor for credential leaks. If fraud occurs, contact your bank and file a report with local cybercrime units. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-05-02 13:11:55 - Registrar: GoDaddy.com LLC - IP: 172.67.154.218 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/9d88ab57-948f-4afc-9a0a-f4d4d7b3dd79 - PhishDestroy: https://phishdestroy.io/domain/runfast2l.shop/ - LLM endpoint: https://phishdestroy.io/domain/runfast2l.shop/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/runfast2l.shop/ Last updated: 2026-03-29