# info-resmi2359.blogspot.com — MALICIOUS

> The Blogspot domain info-resmi2359.blogspot.com is a crypto drainer flagged by 13 of 95 VirusTotal vendors; it impersonates official services.

## Summary
PhishDestroy identifies the active phishing domain info-resmi2359.blogspot.com as a crypto drainer currently impersonating an official service to steal cryptocurrency assets.


This domain was flagged by 13 of 95 VirusTotal security vendors, resolving to IP 142.251.208.1. The domain is registered under Blogger (Google), with its creation date and historical blocklist count not publicly disclosed; its trust scores rank in the lowest percentiles across multiple threat intelligence feeds.


Current status remains active, with no signs of takedown. Users should avoid interaction entirely. PhishDestroy recommends immediate blacklisting at network and endpoint levels, scanning for related artifacts such as wallet addresses or malicious scripts, and educating users on verifying Blogspot domains via official channels. Organizations are advised to deploy DNS filtering rules and endpoint detection rules targeting the IP and domain to prevent credential or asset theft.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 142.251.208.1

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- PhishDestroy: https://phishdestroy.io/domain/info-resmi2359.blogspot.com/
- LLM endpoint: https://phishdestroy.io/domain/info-resmi2359.blogspot.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/info-resmi2359.blogspot.com/
Last updated: 2026-03-26