# dairuqueen.com — SUSPICIOUS

> PhishDestroy identifies dairuqueen.com as a crypto drainer phishing domain, with 1/95 VirusTotal detections. Act now to secure your assets.

## Summary
PhishDestroy has flagged dairuqueen.com as an active crypto drainer phishing site, presenting an elevated risk to cryptocurrency users. This domain mimics legitimate branding to trick victims into connecting wallets or revealing private keys, leading to direct asset theft. Technical analysis confirms malicious intent through multiple indicators, warranting immediate caution and proactive blocklisting.

This domain was registered on March 12, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolves to IP address 185.114.96.3. Only 1 out of 95 VirusTotal security vendors currently detect this domain as malicious, likely due to its recent creation and low historical reputation. The SSL certificate issued by Let’s Encrypt may give a false sense of legitimacy, but it does not validate the domain’s safety. As of the latest scan, no major blocklists (e.g., PhishTank, OpenPhish, URLVoid) include this domain, and domain reputation services show minimal trust scores due to its young age and lack of legitimate web presence.

To mitigate risk, users should avoid interacting with dairuqueen.com or any linked pages, especially those soliciting wallet connections or private key input. Cryptocurrency holders are advised to verify sender domains via official channels, use hardware wallets, and install browser extensions that block known phishing sites. Organizations should add 185.114.96.3 and dairuqueen.com to internal deny lists and monitor outbound traffic for connections to this IP. Report this domain to security teams (e.g., Google Safe Browsing, VirusTotal) to accelerate its takedown and reduce exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-12 05:48:13
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7f9b7188-9e72-45e4-9f9f-f814fc1acd50
- PhishDestroy: https://phishdestroy.io/domain/dairuqueen.com/
- LLM endpoint: https://phishdestroy.io/domain/dairuqueen.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dairuqueen.com/
Last updated: 2026-03-23