# dpd.traces-cog.icu — MALICIOUS

> PhishDestroy identifies the active phishing domain dpd.traces-cog.icu targeting DHL customers. 15/95 security engines flag this high-risk site impersonating.

## Summary
PhishDestroy identifies the active phishing domain dpd.traces-cog.icu as a high-risk threat impersonating DHL shipping services to harvest user credentials and payment details. This domain resolves to IP address 43.165.3.85 and utilizes a Let’s Encrypt SSL certificate to appear legitimate. Attackers registered this domain on March 27, 2026 through Gname.com Pte. Ltd., a registrar frequently abused for malicious activity.  This domain poses a SPECIFIC threat by deploying social engineering tactics via fraudulent tracking notifications and fake delivery alerts sent to unsuspecting users. According to VirusTotal, 15 out of 95 security vendors flag this domain, and it is explicitly blocked by Google Safe Browsing under the SOCIAL_ENGINEERING category. The combination of a recently created domain, low detection rate among security tools, and affiliation with a high-risk registrar underscores its malicious intent and elevated threat level.  Users who visited dpd.traces-cog.icu should immediately cease interaction and scan their devices using updated antivirus software. If any credentials or payment information were entered, those details must be changed or revoked immediately and reported to the respective service provider. Users are advised to report the domain to their email provider or browser security team and avoid clicking on unsolicited links in messages claiming to be from DHL. PhishDestroy strongly recommends blocking this domain at the network level and monitoring financial accounts for suspicious activity.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-27 11:33:50
- Registrar: Gname.com Pte. Ltd.
- IP: 43.165.3.85

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/60f3cc5f-4d73-4ac9-b095-1b63045e953b
- PhishDestroy: https://phishdestroy.io/domain/dpd.traces-cog.icu/
- LLM endpoint: https://phishdestroy.io/domain/dpd.traces-cog.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dpd.traces-cog.icu/
Last updated: 2026-03-28