# dopplerfi.com — MALICIOUS

> dopplerfi.com exhibits phishing traits with suspicious registration and activity. Stay cautious and verify before interacting with this domain.

## Summary
PhishDestroy identifies dopplerfi.com as a domain exhibiting characteristics consistent with generic phishing attempts. The domain is relatively new, created on March 03, 2026, and is currently classified under an active but under investigation risk level. While there are no current detections from VirusTotal or other major security vendors, the domain's behavior and registration details warrant careful scrutiny.

dopplerfi.com resolves to the IP address 172.67.128.252 and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. Despite the lack of flagged detections, its recent creation date combined with the choice of registrar raises suspicion. The domain has not yet appeared on major blocklists or threat intelligence feeds, suggesting it may be in the early stages of malicious use or testing.

At present, dopplerfi.com remains active and under close monitoring. Users and security teams are advised to exercise caution when encountering this domain, avoiding any interaction or input of sensitive information until further analysis is completed. Continuous observation and updated threat intelligence are recommended to determine if this domain escalates to a confirmed phishing threat.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 200)
- Page title: Doppler Finance — DP

## Domain Intelligence
- Registered: 2026-03-03 00:00:00
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 172.67.128.252
- Nameservers: christina.ns.cloudflare.com mcgrory.ns.cloudflare.com

## Detection Status
- VirusTotal: 6 vendors flagged
  Vendors: ["CyRadar", "Fortinet", "Gridinsoft", "SOCRadar", "Trustwave", "alphaMountain.ai"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd1de-0504-758e-a073-b099f4f4885d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8d9d0e8d-9c56-4b83-8a10-7b89481c57e1
- PhishDestroy: https://phishdestroy.io/domain/dopplerfi.com/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dopplerfi.com/
Last updated: 2026-03-14