Is glovent.vu a scam?

Our automated security review flags glovent.vu as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Is glovent.vu safe to use?

No — glovent.vu scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.

Does glovent.vu have a valid SSL certificate?

Yes. glovent.vu presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 63 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.

Has glovent.vu been flagged by antivirus engines?

25 out of 92 antivirus engines in our malware network flagged glovent.vu as malicious or suspicious (25 outright malicious). Even one detection is a meaningful signal.

Is glovent.vu on any phishing or malware blacklists?

Yes. The major browser blocklist feeds flagged glovent.vu with the following threat categories: SOCIAL_ENGINEERING. This protects billions of browser users from visiting the site.

Where is glovent.vu hosted?

glovent.vu resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

How often is the glovent.vu report updated?

This is a permanent record of the scan run on June 29, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around glovent.vu have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Security Review

Is glovent.vu legit or a scam?

Our verdict:Dangerous· 1/100

SafeSuspiciousDangerous

This malicious site is a pixel-perfect clone of the Xfinity login portal used to harvest usernames and passwords.

Top reasons

25 antivirus engines including BitDefender and Sophos flag this site as phishing.The site is blacklisted by major browser blocklists for social engineering.Impersonates the Xfinity login portal on an unrelated '.vu' domain.

glovent.vuScanned 1h ago

Post Facebook

Trust score

DANGEROUS

Heuristics 0·MT 1

Category tags

phishing#phishing#clone site100% MT confidence

Technical red flags (2)

25 of 92 engines flagged Blacklisted by Google

Positive signals (2)

Encrypted connection Clean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence

25/92

Engines flagged this URL

Domain Age

—

Registration date unknown

MT Intelligence

Dangerous

Critical likelihood · 100% confidence

DANGEROUS

Phishing site — do not log in

Flagged on major browser safety blocklists as social engineering. This page looks designed to steal credentials. Don't log in — and if you already did, change the password anywhere you reused it and turn on two-factor authentication.

Website Preview

LIVE RENDER

glovent.vu

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence

MT Security Analyst

Critical scam likelihoodengineMT · Guardiantrust1/100

MT AgentLive web researchVisual inspection

Confidence

Our analysis confirms this site is a phishing trap. It perfectly imitates the Xfinity sign-in page, including the branding and layout, but is hosted on a suspicious '.vu' domain that has no connection to Comcast. Over 25 security engines, including BitDefender and Sophos, have flagged this specific URL as malicious. Major browser blocklists have also blacklisted the site for social engineering. The lack of any legitimate business registration or traffic history further confirms its fraudulent intent.

Full dossier

Analysis complete

Page Content

The page is a high-fidelity clone of the Xfinity (Comcast) authentication portal. It includes functional-looking links for 'Find your Xfinity ID' and 'Create a new Xfinity ID' to increase the illusion of legitimacy. However, the primary purpose is the credential-harvesting form located in the center of the page.

Infrastructure

The site is hosted on a Cloudflare IP address, a common tactic for obfuscating the true origin of phishing servers. While it uses a valid SSL certificate from Google Trust Services, this only encrypts the connection to the attacker; it does not verify the identity of the site operator.

Domain History

The domain 'glovent.vu' uses the Vanuatu country-code top-level domain, which is highly unusual for a US-based telecommunications provider like Xfinity. There is no public WHOIS data available, and the domain has zero global traffic ranking, indicating it was likely set up recently for this specific attack.

Web Reputation

The reputation of this URL is extremely poor. It has been flagged by 25 different antivirus engines and security providers. Our intelligence stack identifies it as a 'Social Engineering' threat, meaning it is actively being used in phishing campaigns to deceive users.

Risk Factors

25 antivirus engines including BitDefender and Sophos flag this site as phishing.
The site is blacklisted by major browser blocklists for social engineering.
Impersonates the Xfinity login portal on an unrelated '.vu' domain.
No legitimate business contact information or physical address provided.
Domain has no established traffic history or global ranking.

Positive Signals

The site uses a valid SSL certificate for encrypted communication.

AI Recommendation

Leave this site immediately and do not enter your Xfinity ID or password. If you have already entered credentials, change your password on the official Xfinity website and enable two-factor authentication.

Next-gen fraud intelligence

Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for glovent.vu, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Web mentions

25 scam reports

Research summary

25 scam mentions · 0 trust mentions found online

Security engines and blocklists have reached a clear consensus that this site is a phishing threat.

Antivirus Engines

Detection matrix · live

25 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

25Malicious0Suspicious43Harmless92Engines

of 92

alphaMountain.ai

Malicious· phishing

BitDefender

Malicious· phishing

Chong Lua Dao

Malicious· malicious

Cluster25

Malicious· phishing

CRDF

Malicious· malicious

Criminal IP

Malicious· phishing

CyRadar

Malicious· phishing

Emsisoft

Malicious· phishing

Ermes

Malicious· phishing

ESET

Malicious· phishing

Forcepoint ThreatSeeker

Malicious· phishing

Fortinet

Malicious· phishing

G-Data

Malicious· phishing

Google Safebrowsing

Malicious· phishing

Gridinsoft

Malicious· phishing

Kaspersky

Malicious· phishing

Lionic

Malicious· phishing

MalwareURL

Malicious· phishing

Netcraft

Malicious· malicious

Rising

Malicious· phishing

Seclookup

Malicious· malicious

SOCRadar

Malicious· malware

Sophos

Malicious· phishing

VIPRE

Malicious· malware

Webroot

Malicious· malicious

25 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check

This URL appears on threat lists

Detected threat categories: SOCIAL_ENGINEERING.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found

No clear contact details on the page

Emails on site's domainNone

Phone numbersNone

Postal addressNot listed

Linked social profiles0

Signal Summary

Several contact red flags

No contact email found anywhere on the page.
No phone number listed on the page.
No postal address visible on the page.

Domain & Encryption

Encryption Certificate

StatusValid

ProtocolTLSv1.3

IssuerGoogle Trust Services · WE1

ExpiresSep 1, 2026 (63d)

Self-signedNo

Hosting & Technology

HostingCloudflare, Inc.

Server locationUS

Web servercloudflare

Redirect Chain

Hops

Cross-domain

Lookalike

Punycode

1301http://glovent.vu/
2520https://glovent.vu/

Server Reputation

Abuse Intelligence

Confidence score0%

Reports on file0

ISPCloudflare, Inc.

Usage typeContent Delivery Network

Scam-Type Likelihood

1 scam-type patterns detected

Scam-Type Likelihood

1 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Phishing

Phishing

Moderate likelihood

35/100

Google Safe Browsing flagged this as social engineering / phishing.
AI analyst tagged this as phishing / data-harvesting.

Scam-Type Likelihood

1 of 13 categories showed signals

Top match: Phishing

Phishing

Moderate likelihood

35/100

Google Safe Browsing flagged this as social engineering / phishing.
AI analyst tagged this as phishing / data-harvesting.

Phishing site — act fast

This page shows signs of attempting to steal credentials or impersonate a trusted brand.

Do not interact with glovent.vu
Do not enter credentials, deposit money, download files, or install browser extensions from this site.
If you already typed your password — change it now
Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.
Report the phishing URL
APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.
Open
Get help on the forum
MalwareTips members can help you assess damage and next steps.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

ListedCheck ↗

VirusTotal

ListedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

polaris.xfinity.com assets.adobedtm.com xfinity.com static.cloudflareinsights.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

Our automated security review flags glovent.vu as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
No — glovent.vu scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
Yes. glovent.vu presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 63 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
25 out of 92 antivirus engines in our malware network flagged glovent.vu as malicious or suspicious (25 outright malicious). Even one detection is a meaningful signal.
Yes. The major browser blocklist feeds flagged glovent.vu with the following threat categories: SOCIAL_ENGINEERING. This protects billions of browser users from visiting the site.
glovent.vu resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
This is a permanent record of the scan run on June 29, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around glovent.vu have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

Trust / 100

Final Verdict·glovent.vu

DANGEROUS

This is a fraudulent login page designed to steal Xfinity account credentials. It uses a deceptive domain name to trick users into entering their private information. Do not enter any data on this site.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Dangerous reports

xbt8x82irz1kbcyq.hgsa226.com

2h ago

Read the review

Dangeroustrust1

allegro-powiadomienia.shop

2h ago

Read the review

Dangeroustrust1

ws.page-instant-whatsapp.com.cn

2h ago

Read the review

Dangeroustrust1

nachocebu.hostel.town

connexion-ar24.nmuser.fr

nekofreegateway.dancerblade70.workers.dev

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.