# dotgbuff.com — SUSPICIOUS

> dotgbuff.com is an active domain linked to potential phishing. Learn about its risk status and infrastructure. Stay informed with PhishDestroy insights.

## Summary
PhishDestroy identifies dotgbuff.com as a domain associated with generic phishing activities, currently classified as under investigation. The domain was registered recently on July 29, 2025, raising suspicion due to its young age and potential malicious intent.

Technical analysis reveals dotgbuff.com resolves to the IP address 188.114.96.3 and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. Despite extensive scanning via VirusTotal yielding zero detections among 95 security vendors, the domain's suspicious registration details and active status warrant caution.

As dotgbuff.com remains active and under scrutiny, users and organizations are advised to exercise heightened vigilance. Avoid interacting with unsolicited emails or links referencing this domain until further intelligence confirms its nature. Continuous monitoring and proactive blocking measures are recommended to mitigate potential phishing risks associated with dotgbuff.com.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Удобный автоматизированный сервис для анализа персонажей, статистики и обучения в компьютерных играх

## Domain Intelligence
- Registered: 2025-07-29 22:09:59
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: alberto.ns.cloudflare.com olga.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content

### Page Text
Your request was blocked.

## Evidence
- Screenshot: https://i.ibb.co/NgvMFmBd/c5be8ab74fb0.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/d86abcd1-5f7c-4396-9d50-9567fea14cb8
- PhishDestroy: https://phishdestroy.io/domain/dotgbuff.com/
- LLM endpoint: https://phishdestroy.io/domain/dotgbuff.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dotgbuff.com/
Last updated: 2026-03-15