verzekering-protocol[.]com
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of verzekering-protocol[.]com
The domain verzekering-protocol[.]com appears to present itself as a financial-security or card-protection service. The visible page title, "Card Stop," along with Dutch-language text such as "Wij helpen u onmiddellijk beveiligen. Vul hieronder uw gegevens in," suggests the site is targeting Dutch-speaking users and is framed as an urgent card-blocking or fraud-response portal. The page asks for personal and banking-related information, including a full name and IBAN, which indicates it is designed to collect sensitive financial details.
Based on the domain wording, the site name loosely references insurance or protocol-related terminology, but the visible branding and content focus on payment-card security rather than a clearly identified insurer or bank. No clear evidence of a legitimate operator, regulated financial institution, or established corporate identity is visible in the provided scan context. The combination of generic branding, urgent fraud-related messaging, and requests for banking information may indicate that the site is attempting to imitate a financial-assistance workflow rather than functioning as a transparent, established service.
Safety Assessment for verzekering-protocol[.]com
Multiple independent signals raise significant concerns about this website at the time of the scan. It was categorized by several web-classification providers as phishing or fraud-related, and 19 out of 91 security engines flagged it as malicious, phishing-related, or otherwise suspicious. In addition, the domain had a very low trust score in the supplied scan context, was not ranked among widely visited sites, and appeared on threat-related databases associated with social-engineering activity.
The page content shown in the screenshot is also consistent with credential-harvesting behavior. It presents an urgent fraud-service theme and asks visitors to submit sensitive information such as full name and IBAN. That pattern is commonly associated with social-engineering pages that attempt to obtain banking details under the pretense of helping secure an account or stop card misuse. While one malware scan reported no malicious files at the time of inspection, a clean file scan does not rule out phishing, because phishing pages often rely on deceptive forms rather than downloadable malware.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site was using a valid Let's Encrypt SSL certificate that was set to expire in July 2026. A valid certificate only indicates that traffic may be encrypted in transit; it does not verify that the operator is trustworthy. The domain was relatively new at about 146 days old, used Cloudflare nameservers, and DNSSEC was unsigned. The web server was identified as LiteSpeed, with hosting attributed to Prospero OOO and an IP geolocated to St Petersburg, Russia.
From a technical-risk perspective, the combination of a newly registered domain, lack of DNSSEC signing, low visibility, and phishing-related detections increases concern. No iframe abuse or flagged external links were reported in the supplied malware scan, but the broader detection profile suggests the primary issue may be deceptive page content and data collection rather than overt malware delivery.
Share your experience with this website. Was it safe? Did you encounter any issues?