# xn--pump-f1a.fun — SUSPICIOUS

> Explore the risks of xn--pump-f1a.fun, a recently registered phishing domain under investigation. Stay informed and protect your data today.

## Summary
PhishDestroy identifies xn--pump-f1a.fun as a generic phishing threat currently under investigation. Although no detections have been reported by major security vendors, the domain’s recent registration date and suspicious attributes warrant caution.

The domain resolves to IP address 172.67.164.28 and was registered through Dynadot LLC on March 5, 2026. Despite clean VirusTotal scans, its association with phishing activity is suggested by intelligence patterns and ongoing monitoring efforts. The domain remains active and may be used to deceive users or harvest credentials.

At this stage, the domain is not flagged by automated detection engines but should be treated with heightened scrutiny. Organizations are advised to monitor network traffic for interactions with xn--pump-f1a.fun, employ URL filtering, and educate users about emerging phishing risks. PhishDestroy will continue to track this domain’s behavior and update risk assessments accordingly.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: pump

## Domain Intelligence
- Registered: 2026-03-07 03:07:01
- Registrar: Dynadot LLC
- Country: US
- IP: 172.67.164.28
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["dina.ns.cloudflare.com", "guy.ns.cloudflare.com"]
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd19a-c32c-772c-96be-7fdda3f9c231.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2284c876-14be-4301-abe2-8902e43cd54e
- Wayback Machine: https://web.archive.org/web/https://xn--pump-f1a.fun
- PhishDestroy: https://phishdestroy.io/domain/xn--pump-f1a.fun/
- LLM endpoint: https://phishdestroy.io/domain/xn--pump-f1a.fun/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xn--pump-f1a.fun/
Last updated: 2026-03-19