This cluster centers on 9 connected domains identified through shared infrastructure and registration patterns. The domains include florists.com, zdnet.com, tt3j2x4k5ycaa5zt.onion, gnupg.org, danwin1210.me, winzen4.de, gpg4usb.org, fhostingineiwjg6cppciac2bemu42nwsupvvisihnczinok362qfrqd.onion, tires.com. The connected infrastructure includes 3 email addresses (user@danwin1210.me, d@winzen4.de, user@tt3j2x4k5ycaa5zt.onion). This campaign was identified through automated analysis of threat inte...
Domain
florists.com
First seen Feb 22, 2026
Suspicious
- No SSL certificate
- 1 community report from users
Campaign Intelligence
Details
Related Domains
domain
zdnet.com
same infrastructuredomaintires.com
same infrastructuredomainpogo.com
same infrastructuredomaintt3j2x4k5ycaa5zt.onion
campaign co-memberdomaingnupg.org
campaign co-memberdomaindanwin1210.me
campaign co-memberdomainwinzen4.de
campaign co-memberdomaingpg4usb.org
campaign co-memberdomainfhostingineiwjg6cppciac2bemu42nwsupvvisihnczinok362qfrqd.onion
campaign co-memberemailuser@danwin1210.me
campaign co-memberemaild@winzen4.de
campaign co-memberemailuser@tt3j2x4k5ycaa5zt.onion
campaign co-memberCommunity Reports
Florists.com - Pic on right is what website promised, left is what was delivered. What's my recourse?
4149 days ago6 upvotes
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.