# chandi.sarzone.com — SUSPICIOUS

> PhishDestroy identifies chandi.sarzone.com as a generic phishing domain with 0/95 VirusTotal detections. Check the full report now.

## Summary
PhishDestroy identifies the domain chandi.sarzone.com as a generic phishing site currently under investigation. This domain is linked to a generic phishing campaign, though specific impersonation targets remain unverified. The infrastructure shows no association with known drainer kits, suggesting an emergent or evolving threat vector. The domain's age (registered October 11, 2015) and SSL certificate via Let's Encrypt add superficial legitimacy, but early-stage phishing operations often exploit such trusted services to obscure malicious intent.  This domain resolves to IP address 65.181.111.160 and was registered through GoDaddy.com, LLC. VirusTotal currently flags it with 0/95 detections, indicating low immediate detection by antivirus engines. The domain's creation date predates many modern phishing campaigns, yet its lack of blocklist entries suggests either a newly deployed or minimally observed threat. These technical indicators imply an opportunistic or experimental phishing operation rather than a large-scale, established campaign.  The domain remains active, with no current blocklist presence despite its reported status. Security teams are advised to monitor this IP and domain for changes in behavior or detection rates. Given the low detection score and generic nature of the threat, the residual risk is elevated for users encountering unsolicited links. Immediate actions include verifying domain reputation via full reports and implementing network-level blocks for the associated IP. Remaining risk hinges on further criminal adoption of this infrastructure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2015-10-11 17:03:43
- Registrar: GoDaddy.com, LLC
- IP: 65.181.111.160

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d6dac133-2f47-4702-bfa3-17fe9418f7bc
- PhishDestroy: https://phishdestroy.io/domain/chandi.sarzone.com/
- LLM endpoint: https://phishdestroy.io/domain/chandi.sarzone.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/chandi.sarzone.com/
Last updated: 2026-04-01