# test-3810.lol — SUSPICIOUS

> test-3810.lol is a fresh generic phishing site detected by PhishDestroy, resolving to IP 104.21.89.132 with 0/95 VirusTotal detections.

## Summary
PhishDestroy has identified an active credential theft domain, test-3810.lol, currently under investigation for phishing activities. This domain poses a direct risk to unsuspecting visitors by potentially harvesting login credentials or sensitive data. The site’s behavior aligns with common phishing tactics, where users are lured into entering personal information under false pretenses, such as fake login portals or surveys.  This domain was flagged based on concrete indicators: it currently shows 0 detections out of 95 scans on VirusTotal, indicating it has not yet been widely recognized as malicious. It was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 27, 2026, and resolves to the IP address 104.21.89.132. Additionally, the domain uses a Let’s Encrypt SSL certificate, which may lend it an air of legitimacy to visitors. Despite its fresh registration and low detection rate, the domain is active and should be treated with caution.  If you have already visited test-3810.lol, avoid entering any personal or login credentials. If you suspect you’ve shared sensitive information, change your passwords immediately and monitor your accounts for unusual activity. Report the domain to your security team or through phishing reporting channels to help prevent further harm. Do not interact with this site, and ensure your system’s security tools are updated to detect potential threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-27 23:40:35
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.89.132

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/11b8edbc-8e7f-48ce-86f5-7457d2b06502
- PhishDestroy: https://phishdestroy.io/domain/test-3810.lol/
- LLM endpoint: https://phishdestroy.io/domain/test-3810.lol/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/test-3810.lol/
Last updated: 2026-03-28