# 1-win.rest — MALICIOUS

> Warning: 1-win.rest is a high-risk crypto drainer impersonating a blockchain casino. Avoid this offline domain to protect your crypto assets.

## Summary
PhishDestroy identifies 1-win.rest as a dangerous crypto drainer posing as a blockchain crypto casino linked to Donald Trump. This domain targets unsuspecting crypto users with fraudulent schemes designed to steal digital assets.

The phishing method involves mimicking a legitimate crypto casino to lure victims into depositing funds or connecting wallets, enabling attackers to drain cryptocurrencies directly. The domain was flagged by multiple security vendors and appears on blocklists, confirming its malicious intent.

Users should avoid interacting with this domain or any related links. Always verify crypto platforms through trusted sources, enable two-factor authentication, and report suspicious domains to security services to safeguard digital assets.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: 1-win: Donald Trump’s Leading Blockchain Crypto Casino

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Global Domain Group LLC
- Country: US
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: dom.ns.cloudflare.com val.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "SOCRadar", "Sophos", "Trustwave", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bd980-4e6d-711d-8849-9fdeb2b3ae6f.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/634ad336-5236-4f41-956a-323524ae57dc
- PhishDestroy: https://phishdestroy.io/domain/1-win.rest/
- LLM endpoint: https://phishdestroy.io/domain/1-win.rest/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/1-win.rest/
Last updated: 2026-03-19