# dinodfop.com — SUSPICIOUS

> PhishDestroy flags dinodfop.com as a live crypto-drainer scam confirmed by 1/95 VirusTotal engines. Never connect wallets to this malicious site.

## Summary
PhishDestroy identifies dinodfop.com as an active crypto-drainer phishing domain that targets cryptocurrency users by masquerading as a legitimate service to trick victims into signing malicious transactions. The domain does not impersonate a specific brand but instead presents itself as a generic crypto platform to phish wallet credentials and drain funds via malicious drainer scripts. The site leverages deceptive UI elements and fake transaction confirmations to trick users into authorizing unauthorized transfers. This method has become increasingly common among threat actors seeking to exploit the trust placed in decentralized finance platforms.

This domain was flagged by PhishDestroy and appears on one external blocklist. Technical indicators include a VirusTotal detection ratio of 1 out of 95 security vendors, registration through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolution to IP address 172.67.184.115. The domain secured an SSL certificate from Google Trust Services, indicating an attempt to appear legitimate. Its creation date of April 08, 2025, suggests it is a recently deployed threat, designed to evade early detection mechanisms. Despite low public detection rates, the presence on even a single blocklist underscores its malicious intent and active deployment.

As of this report, dinodfop.com remains active and unblocked by most security vendors, presenting an elevated risk to cryptocurrency users. PhishDestroy continues to monitor and block this domain for all users of its protection platform. However, users outside the PhishDestroy ecosystem remain exposed to potential compromise. The combination of a low VT score, fresh registration, and SSL certificate suggests this threat is likely part of a larger, coordinated campaign. Users are strongly advised to verify any crypto-related site through PhishDestroy’s real-time scanning tools before connecting wallets or entering sensitive information. Remaining risk is elevated due to the domain’s active status and low detection coverage.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-04-08 21:59:19
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.184.115

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b62ee237-4f0f-4fb2-8582-695cf6573deb
- PhishDestroy: https://phishdestroy.io/domain/dinodfop.com/
- LLM endpoint: https://phishdestroy.io/domain/dinodfop.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dinodfop.com/
Last updated: 2026-03-27