# houdinisap.com — SUSPICIOUS

> houdinisap.com poses as a fake crypto wallet using a newly registered domain from October 11, 2025. This site mimics wallet login pages to steal credentials.

## Summary
PhishDestroy identifies houdinisap.com as a fraudulent cryptocurrency wallet phishing site designed to steal user credentials. This domain mimics legitimate wallet login interfaces to trick visitors into entering private keys or seed phrases, risking direct theft of cryptocurrency assets.

This domain was flagged by 2 out of 95 security vendors on VirusTotal, created on October 11, 2025, and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. The SSL certificate issued by Google Trust Services does not guarantee authenticity, as threat actors frequently exploit trusted issuers. The domain has also been blocked by MetaMask and SEAL, and is currently listed on 2 security blocklists, resolving to IP address 104.21.4.216.

If you visited houdinisap.com, immediately disconnect from the site and do not enter any wallet credentials, private keys, or seed phrases. Check your wallet applications for unauthorized transactions. Rotate all passwords used on this site and enable two-factor authentication where possible. If you entered sensitive information, transfer remaining funds to a new wallet immediately and consider revoking any connected permissions. Report the domain to your security software and avoid interacting with similar sites claiming to offer cryptocurrency services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-10-11 21:57:25
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 104.21.4.216

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["MetaMask", "SEAL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/houdinisap.com
- PhishDestroy: https://phishdestroy.io/domain/houdinisap.com/
- LLM endpoint: https://phishdestroy.io/domain/houdinisap.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/houdinisap.com/
Last updated: 2026-04-08