# denodrop.com — SUSPICIOUS

> denodrop.com caught distributing fake file-sharing phishing scams. VirusTotal shows 0/95 detections. Check the full report.

## Summary
PhishDestroy identifies denodrop.com as a recently activated fake file-sharing phishing domain designed to trick users into downloading malware or surrendering login credentials. The site mimics legitimate cloud storage services to exploit trust in common file transfer workflows. Security researchers have flagged this domain as active and under investigation due to its clear intent to deceive visitors under the guise of harmless file sharing.  This domain was first registered on April 5, 2025, through NICENIC INTERNATIONAL GROUP CO., LIMITED, a registrar associated with high volumes of newly created, short-lived domains. As of the latest scan, denodrop.com resolves to IP address 188.114.96.3 and uses a Google Trust Services SSL certificate, which may be leveraged to appear legitimate and bypass browser security warnings. Notably, it currently shows 0 detections out of 95 engines on VirusTotal, indicating it has not yet been widely recognized as malicious.  If you visited denodrop.com, avoid entering any personal or financial information and do not download any files. Clear your browser cache and run a full antivirus scan immediately. Report the domain to your network administrator or security team if you're on a managed device. Do not reuse passwords associated with this site. Stay vigilant—new phishing domains often fly under the radar until widespread reports trigger detection updates.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-04-05 15:01:01
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7299f15b-f35f-4ab7-a732-080ca9812369
- PhishDestroy: https://phishdestroy.io/domain/denodrop.com/
- LLM endpoint: https://phishdestroy.io/domain/denodrop.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/denodrop.com/
Last updated: 2026-03-27