Suspicious Activity
larom.cfd
"The domain is newly registered and uses a high-risk TLD, which are common indicators of malicious activity. Significant content cloaking was detected, serving different content based on the user agent, and the URL parameters suggest an OAuth or authentication flow, often abused in phishing attempts. The 'security check' page likely serves as a deceptive front for credential harvesting."
Note: This finding is based on scans of specific URLs on the domain, not necessarily the root domain itself.
URLert analyzed recent scan activity for larom.cfd and found 1 result.
| Status | Target URL | Time |
|---|---|---|
| Suspicious | https://larom.cfd// | 4w ago |
Historical and current IP address mappings for this domain.
| IP Address / Infrastructure | Status | Subdomains | Last Seen |
|---|---|---|---|
CLOUDFLARENET - Cloudflare, Inc. (AS13335) | Active | larom.cfd | Today |
CLOUDFLARENET - Cloudflare, Inc. (AS13335) | Active | larom.cfd | Today |
Run a real-time investigation to understand the specific threats on any URL from this domain.
This assessment is based on automated analysis and may not be definitive.
Always verify independently before taking action.
Real experiences from people who visited this domain