# app.opbitblockchain.com — MALICIOUS

> app.opbitblockchain.com is a high-risk phishing domain now offline. Learn about its threats and how to stay protected from phishing scams.

## Summary
PhishDestroy identifies app.opbitblockchain.com as a high-risk generic phishing domain targeting users under the guise of blockchain services. The domain was created on May 20, 2025, and registered through Dynadot Inc. Its primary intent was to deceive victims into divulging sensitive information or credentials.

Technical analysis reveals that app.opbitblockchain.com was flagged by 14 out of 95 security vendors on VirusTotal and appeared on two separate security blocklists. These detections indicate the domain’s use in malicious phishing campaigns. The infrastructure points to typical phishing tactics, including domain spoofing and hosting fraudulent login pages to mimic legitimate blockchain platforms.

Currently, app.opbitblockchain.com has been taken offline, effectively disrupting ongoing phishing operations tied to this domain. While it is no longer active, its prior presence on multiple blocklists underscores the importance of vigilance against similar threats. Users are advised to remain cautious of suspicious blockchain-related URLs and report any phishing attempts promptly.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Target brand: Blockchain.com
- Page title: Login Page

## Domain Intelligence
- Registered: 2025-05-20 00:36:45
- Registrar: Dynadot LLC
- Country: US
- IP: 172.245.14.131
- IP Country: US
- IP City: Buffalo
- IP Org: AS36352 HostPapa
- Nameservers: ["agni1.gfireservers.in", "agni2.gfireservers.in"]
- SSL Issuer: R13

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ArcSight Threat Intelligence", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Seclookup", "SOCRadar", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "PhishingDB"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a9a60-535a-7552-8020-4aad2eae5b97.png
- PhishDestroy: https://phishdestroy.io/domain/app.opbitblockchain.com/
- LLM endpoint: https://phishdestroy.io/domain/app.opbitblockchain.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app.opbitblockchain.com/
Last updated: 2026-03-19