# dpd.trases-bag.icu — MALICIOUS

> dpd.trases-bag.icu is linked to credential theft with 12/95 VirusTotal detections. Google flags it for social engineering. Avoid sharing info.

## Summary
dpd.trases-bag.icu is an active phishing domain engaged specifically in credential theft schemes. It appears to impersonate services related to the DPD brand, aiming to deceive users into divulging sensitive login information. There is no direct evidence of a crypto drainer kit or other malware payloads linked, but the primary attack vector is social engineering through fraudulent login prompts.

Technical indicators for dpd.trases-bag.icu include a VirusTotal detection count of 12 out of 95 security vendors flagging the domain. The domain is registered via Gname.com Pte. Ltd. and was created recently on March 27, 2026. It resolves to the IP address 43.165.3.85. Google Safe Browsing categorizes this domain under SOCIAL_ENGINEERING, confirming it is used for deceptive practices targeting user credentials. The domain also maintains an SSL certificate issued by Let's Encrypt, which may lend it a false sense of legitimacy to unsuspecting users.

Currently, dpd.trases-bag.icu remains active and poses a high risk to users due to its ongoing credential theft operations. Security teams should block and monitor this domain to prevent data compromise. Users are advised not to interact with any communication or web pages originating from this domain, especially avoiding inputting any personal or login information. Organizations should update threat intelligence feeds and enforce domain filtering to mitigate exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-27 07:18:47
- Registrar: Gname.com Pte. Ltd.
- IP: 43.165.3.85

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/dbf65040-9ea8-418f-ac90-06b5723c0308
- PhishDestroy: https://phishdestroy.io/domain/dpd.trases-bag.icu/
- LLM endpoint: https://phishdestroy.io/domain/dpd.trases-bag.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dpd.trases-bag.icu/
Last updated: 2026-03-28