Is blsa-at.cfd a scam?

Our automated security review flags blsa-at.cfd as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Is blsa-at.cfd safe to use?

No — blsa-at.cfd scored 25/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.

Does blsa-at.cfd have a valid SSL certificate?

Yes. blsa-at.cfd presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 75 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.

Has blsa-at.cfd been flagged by antivirus engines?

1 out of 92 antivirus engines in our malware network flagged blsa-at.cfd as malicious or suspicious. Even one detection is a meaningful signal.

Is blsa-at.cfd on any phishing or malware blacklists?

No. blsa-at.cfd is not currently listed on the major browser blocklist feeds that modern browsers use.

Where is blsa-at.cfd hosted?

blsa-at.cfd resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

How often is the blsa-at.cfd report updated?

This is a permanent record of the scan run on June 16, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around blsa-at.cfd have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Security Review

Is blsa-at.cfd legit or a scam?

Our verdict:Dangerous· 25/100

SafeSuspiciousDangerous

Spam-injected phishing domain promoting a network of short-lived fake-shop variants via comment-section link campaigns.

Top reasons

Domain appears exclusively in spam comments on unrelated websites, paired with phishing prompts in Russian ('Follow the link and claim yours').Part of a coordinated network of throwaway .cfd, .quest, .top, and .hair domains all promoting LoveShop/Shop1.biz variants.No business registration, company information, or legitimate contact details found anywhere.

blsa-at.cfdScanned 1h ago

Post Facebook

Trust score

DANGEROUS

Heuristics 83·MT 18

Category tags

spam & phishingscam shop network#Phishing#Fake Shop#Data Harvester92% MT confidence

Warning signals (1)

1 of 92 engines flagged

Positive signals (3)

Not on major blacklists Encrypted connection Clean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence

1/92

Engines flagged this URL

Domain Age

—

Registration date unknown

MT Intelligence

Dangerous

Critical likelihood · 92% confidence

DANGEROUS

Critical risk detected

Spam-injected phishing domain promoting a network of short-lived fake-shop variants via comment-section link campaigns. Multiple independent checks — antivirus engines, browser safety blocklists, and threat databases — flagged this site. Don't enter personal information, deposit money, or download files.

Website Preview

LIVE RENDER

blsa-at.cfd

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence

MT Security Analyst

Critical scam likelihoodengineMT · Guardiantrust18/100

MT AgentLive web researchVisual inspectionNetwork correlation

Confidence

The domain blsa-at.cfd has no legitimate business presence, no registration records, and no independent reviews. Our research found it appearing only in spam comments on unrelated legitimate websites, always paired with hashtags (#loveshop, #shop1, #loveshop1300-biz) and Russian-language prompts like 'Follow the link and claim yours'—classic phishing bait. The page title and meta description reference multiple LoveShop and Shop1.biz variants, indicating this is one node in a coordinated scam-shop network. Our analysis also identified related throwaway domains (blsa-at.quest, blsa-at.top, bs2web-at.hair) posted in the same campaigns, some explicitly marketed as mirrors or bypass links to restricted marketplaces. The hosting IP has zero abuse reports and the SSL is valid, but these are cheap to obtain and do not indicate legitimacy. Fortinet flagged the domain as spam, aligning with the comment-injection pattern.

Full dossier

Analysis complete

Page Content

The page title and meta description both reference 'LoveShop' and 'Shop1.biz' variants, suggesting the site is part of a coordinated network promoting multiple shop domains. The body text is Russian-language content about product categories, discounts, and shopping guides—generic filler designed to appear legitimate to search engines. No genuine business contact information, postal address, or company registration is present.

Infrastructure

Hosting IP 104.21.77.125 has zero abuse reports and a clean reputation score. SSL certificate is valid and issued by Google Trust Services. However, these signals are inexpensive to obtain and do not indicate legitimacy. The domain uses a .cfd TLD, a cheap and commonly abused extension favoured by spam and scam operators.

Domain History

WHOIS data is unavailable, typical of throwaway domains. The domain is not indexed in global traffic rankings. No legitimate business or service is associated with blsa-at.cfd.

Web Reputation

Our research found the domain appearing exclusively in spam comments on unrelated legitimate websites (productx.org, estranky.cz, oekolia.de, moza.com.ua). Comments consistently pair the domain with hashtags (#loveshop, #shop1, #loveshop13, #loveshop16.biz) and Russian-language phishing prompts. Related domains (blsa-at.quest, blsa-at.top, bs2web-at.hair, blsp.at) appear in the same campaigns, some explicitly marketed as mirrors or bypass links. No scam reports, complaints, or positive reviews exist for this domain.

Risk Factors

Domain appears exclusively in spam comments on unrelated websites, paired with phishing prompts in Russian ('Follow the link and claim yours').
Part of a coordinated network of throwaway .cfd, .quest, .top, and .hair domains all promoting LoveShop/Shop1.biz variants.
No business registration, company information, or legitimate contact details found anywhere.
Related domains explicitly marketed as mirrors or bypass links to restricted or underground marketplaces.
Generic Russian-language filler content designed to appear legitimate to search engines.
Fortinet flagged the domain as spam.
WHOIS data unavailable and domain not indexed in global traffic rankings—hallmarks of throwaway scam infrastructure.

Positive Signals

Valid SSL certificate issued by Google Trust Services.
Hosting IP has zero abuse reports and clean reputation score.
No malware detected by our antivirus network (1 spam flag from Fortinet is reputational, not malware).

AI Recommendation

Do not visit this domain or enter any personal or payment information. Report the spam comments to the affected websites (productx.org, estranky.cz, oekolia.de) so they can remove the injection links.

Scam network detected

7 linked domains correlated

blsa-at.cfd is one node in a coordinated network of throwaway domains promoting LoveShop and Shop1.biz variants via spam-comment injection. Related domains use similar naming patterns and are posted in identical campaigns across unrelated websites. Some variants are explicitly marketed as mirrors or bypass links.

blsa-at.questblsa-at.topbs2web-at.hairblsp.atLoveShop16.bizShop1.bizLoveShop13.biz

Next-gen fraud intelligence

Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for blsa-at.cfd, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration

No public record found

Could not match the site to a registered company — common for small sites.

Clone check

Not a clone

No well-known site's layout or branding detected here.

Typosquat check

No look-alike match

The domain doesn't resemble any well-known brand's spelling.

Web mentions

2 scam reports

Key findings

7 headline facts from open-web research

Domain blsa-at.cfd appears exclusively in spam and comment-section links on unrelated legitimate websites (productx.org, estranky.cz guestbooks, oekolia.de, moza.com.ua, etc.).
Links frequently paired with hashtags #loveshop #shop1 #loveshop13 #loveshop16.biz #shop1.biz and Russian phrases such as "Переходи по ссылке и забери свой" ("Follow the link and claim yours").
Associated with other similar short-lived .cfd, .quest, .top, .hair, and .at domains (blsa-at.quest, blsa-at.top, bs2web-at.hair, blsp.at) that are also posted in the same spam campaigns.
bs2web-at variants are explicitly marketed in some comments as mirrors or bypass links, often in contexts related to restricted or underground marketplaces (e.g., Blacksprut references).
Page title "Loveshop — LoveShop16.biz Shop1.biz" and description "LoveShop LoveShop13.biz Shop1.biz" indicate the scanned site is promoting or is one of a series of short-lived shop domains.
No reviews, business records, Trustpilot, ScamAdviser, or Reddit mentions of blsa-at.cfd itself; no legitimate company or service uses this domain.
Domain age listed as unknown; typical of throwaway domains used in affiliate spam, phishing, or scam shop campaigns.

Scam reports (2)

Direct quotes from public scam databases, forums, and news.

Multiple spam comment sites (estranky.cz, oekolia.de, etc.)open
"blsa-at.cfd /showcase.html #loveshop #shop1 #loveshop1300-biz #shop1-biz #loveshop12 #loveshop14 #loveshop13 #loveshop15"
Multiple spam comment sites (estranky.cz, oekolia.de, etc.)open
"blsa-at.cfd /post/loveshop-zakazat/index.html #loveshop #shop1 #loveshop1300-biz #shop1-biz"

Research summary

Narrative write-up from our AI analyst, grounded on the facts above

Our research found blsa-at.cfd appearing only in spam comments on unrelated legitimate websites (productx.org, estranky.cz, oekolia.de, moza.com.ua). Comments consistently pair the domain with hashtags (#loveshop, #shop1, #loveshop1300-biz, #loveshop16.biz) and Russian-language phishing prompts such as 'Follow the link and claim yours.' Related domains (blsa-at.quest, blsa-at.top, bs2web-at.hair, blsp.at) appear in identical campaigns, some explicitly marketed as mirrors or bypass links to restricted marketplaces. No scam reports, complaints, positive reviews, or business registration records exist for this domain.

Antivirus Engines

Detection matrix · live

1 engine flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

0Malicious1Suspicious55Harmless92Engines

of 92

Fortinet

Suspicious· spam

1 antivirus engine flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check

Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found

No clear contact details on the page

Emails on site's domainNone

Phone numbers2024-12-21

Postal addressNot listed

Linked social profiles0

Signal Summary

Several contact red flags

No contact email found anywhere on the page.
No postal address visible on the page.

Phone number listed (2024-12-21).

Domain & Encryption

Encryption Certificate

StatusValid

ProtocolTLSv1.3

IssuerGoogle Trust Services · WE1

ExpiresAug 30, 2026 (75d)

Self-signedNo

Hosting & Technology

HostingCloudflare, Inc.

Server locationUS

Web servercloudflare

Server Reputation

Abuse Intelligence

Confidence score0%

Reports on file0

ISPCloudflare, Inc.

Usage typeContent Delivery Network

Avoid this site

Our automated review flagged enough risk that you should treat this site as unverified.

Do not interact with blsa-at.cfd
Do not enter credentials, deposit money, download files, or install browser extensions from this site.
Verify the business through independent channels
Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.
Never use irreversible payment methods
Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.
Share your experience
If you have additional context, drop a comment below or post on the MalwareTips forum.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

Not listedCheck ↗

VirusTotal

ListedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

mc.yandex.ru static.cloudflareinsights.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

Our automated security review flags blsa-at.cfd as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
No — blsa-at.cfd scored 25/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
Yes. blsa-at.cfd presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 75 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
1 out of 92 antivirus engines in our malware network flagged blsa-at.cfd as malicious or suspicious. Even one detection is a meaningful signal.
No. blsa-at.cfd is not currently listed on the major browser blocklist feeds that modern browsers use.
blsa-at.cfd resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
This is a permanent record of the scan run on June 16, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around blsa-at.cfd have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

Trust / 100

Final Verdict·blsa-at.cfd

DANGEROUS

This domain is a spam-injection point for a network of throwaway shop scams. It appears exclusively in comment-spam campaigns across unrelated websites, paired with Russian-language phishing prompts and hashtags linking to LoveShop variants. Do not visit or enter any payment details.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Dangerous reports

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.