# yourflukeplace.shop — SUSPICIOUS > yourflukeplace.shop flagged for credential theft; 2/95 VirusTotal detections. Review now to prevent account compromise. ## Summary PhishDestroy identifies yourflukeplace.shop as an active credential theft domain leveraging brand impersonation tactics to harvest user login credentials. This decoy storefront mimics legitimate e-commerce platforms, likely targeting unsuspecting shoppers through social engineering lures such as fake discounts or urgency-based prompts. The infrastructure hosts a spoofed checkout interface designed to exfiltrate entered credentials via server-side scripting or API calls to attacker-controlled endpoints, bypassing browser security controls through obfuscated JavaScript payloads. This domain was registered through PDR Ltd. d/b/a PublicDomainRegistry.com on February 27, 2026, and resolves to IP address 172.67.191.84. Security monitoring confirms a VirusTotal detection rate of 2 out of 95 vendors, indicating low initial visibility among threat intelligence platforms despite active credential harvesting operations. The domain operates under a valid Let's Encrypt SSL certificate to establish trust, while the recent creation date suggests opportunistic deployment following a pattern observed in seasonal shopping spikes. Public blocklist databases do not currently include this domain, presenting an elevated window of opportunity for exploitation. The domain remains active as of this assessment, with current risk classified as elevated due to the combination of recent registration, low detection coverage, and credential theft objective. Immediate remediation includes DNS blocking at the network perimeter, endpoint detection rule deployment using observed IP and domain indicators, and user awareness training focused on verifying site authenticity through HTTPS certificate inspection and domain reputation checks. Organizations should implement proactive threat hunting queries targeting outbound connections to this IP range while conducting credential stuffing risk assessments for affected user bases. Residual risk persists until the domain is sinkholed or added to blocklists by major security vendors. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-02-27 03:47:58 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 172.67.191.84 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/67e00672-9639-4094-af05-e63125702eed - PhishDestroy: https://phishdestroy.io/domain/yourflukeplace.shop/ - LLM endpoint: https://phishdestroy.io/domain/yourflukeplace.shop/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/yourflukeplace.shop/ Last updated: 2026-03-23