# divvyfi.app — SUSPICIOUS

> divvyfi.app is a live crypto drainer phishing domain. Flagged by 0 of 95 VirusTotal engines. Do not interact or enter credentials.

## Summary
PhishDestroy identifies divvyfi.app as a live crypto drainer phishing domain currently engaged in active credential theft and asset harvesting campaigns.

This domain was flagged internally as a generic phishing domain and is currently under investigation by the PhishDestroy threat intelligence unit. The domain is registered through CloudFlare, Inc. and resolved to IP address 172.67.136.44 at the time of analysis. divvyfi.app was created on December 03, 2025, and currently holds a Google Trust Services SSL certificate. At the time of evaluation, 0 out of 95 VirusTotal security vendors had flagged this domain, indicating minimal public detection coverage as of the analysis timestamp. The domain has not yet appeared on major threat intelligence blocklists, and its Trust Score remains unrated by independent cybersecurity scoring platforms due to its recent registration.

While the immediate risk profile is under investigation, divvyfi.app exhibits multiple red flags consistent with crypto drainer operations, including recent domain creation, active infrastructure, and circumvention of early detection mechanisms. Users are advised to avoid accessing this domain, refrain from entering any credentials, and report any suspicious interactions involving divvyfi.app to PhishDestroy or their organization’s incident response team. Security teams are encouraged to monitor internal DNS logs and endpoint telemetry for connections to 172.67.136.44 and implement web filtering rules to block access to the domain until further analysis is complete.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-12-03 15:34:53
- Registrar: CloudFlare, Inc.
- IP: 172.67.136.44

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5490064c-6bf4-47ac-a773-72f93e4dca91
- PhishDestroy: https://phishdestroy.io/domain/divvyfi.app/
- LLM endpoint: https://phishdestroy.io/domain/divvyfi.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/divvyfi.app/
Last updated: 2026-04-01