# inewsnm-formpylaters.innocentindo.my.id — SUSPICIOUS

> inewsnm-formpylaters.innocentindo.my.id is a crypto drainer impersonating a web form. Flagged by 0 of 95 VirusTotal vendors. Avoid interaction.

## Summary
PhishDestroy identifies inewsnm-formpylaters.innocentindo.my.id as an active generic phishing domain currently under investigation for impersonating a web-based form, likely designed for credential theft or crypto drainer deployment. The domain’s status remains active, and no definitive brand impersonation has been confirmed; however, the suspicious naming convention suggests a decoy form aimed at harvesting user input for malicious purposes. Analysis indicates the threat is evolving, with no current blocklist entries or detections, warranting heightened scrutiny.  

This domain resolves to IP address 104.21.52.45 and is associated with a Google Trust Services SSL certificate, indicating a valid HTTPS connection setup. As of the latest scan, the domain was flagged by 0 of 95 VirusTotal vendors, suggesting it has not yet been widely recognized as malicious. The domain was registered under the .my.id ccTLD via the registrar Innocentindo, with the creation date still under review. The absence of VirusTotal detections and blocklist presence places this domain in a low-signal, high-risk category, requiring further behavioral analysis to confirm malicious intent.  

The current status of inewsnm-formpylaters.innocentindo.my.id remains active, with no immediate takedown actions observed. Given the domain’s SSL certificate and infrastructure setup, it is likely leveraging HTTPS to appear legitimate, increasing the risk of successful user deception. Users are strongly advised to avoid interacting with this domain or any embedded forms. Security teams should monitor this domain for changes in reputation, scan associated infrastructure, and consider preemptive blocking at the network level. Additionally, organizations should reinforce user awareness regarding unsolicited or suspicious web forms, emphasizing the verification of domain legitimacy before inputting sensitive information.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 104.21.52.45

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/inewsnm-formpylaters.innocentindo.my.id
- PhishDestroy: https://phishdestroy.io/domain/inewsnm-formpylaters.innocentindo.my.id/
- LLM endpoint: https://phishdestroy.io/domain/inewsnm-formpylaters.innocentindo.my.id/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/inewsnm-formpylaters.innocentindo.my.id/
Last updated: 2026-04-04