# lidofinrewards.xyz — MALICIOUS

> lidofinrewards.xyz is a medium-risk phishing domain. Avoid interacting with it and verify URLs carefully to protect your personal data.

## Summary
PhishDestroy identifies lidofinrewards.xyz as an active phishing domain posing a medium-level risk to users. This threat is significant because phishing sites like this aim to deceive individuals into divulging sensitive information such as login credentials or financial details, potentially leading to identity theft or monetary loss. The urgency in addressing this domain stems from its active status and its use in fraudulent schemes.

The domain lidofinrewards.xyz was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED and was created recently on March 2, 2026. It resolves to the IP address 172.67.165.116 and has been flagged by 6 out of 95 security vendors on VirusTotal. Additionally, it appears on two security blocklists, indicating recognition by multiple threat intelligence sources of its malicious intent. These factors combined suggest a coordinated infrastructure supporting phishing activities, requiring users to exercise caution.

Users are advised to avoid accessing lidofinrewards.xyz or providing any personal or financial information if encountered. It is crucial to verify website URLs carefully before engagement and to use trusted security tools to block or warn about suspicious domains. Staying vigilant and reporting suspected phishing sites to cybersecurity platforms like PhishDestroy can help protect the broader community from falling victim to such scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: Even geduld...

## Domain Intelligence
- Registered: 2026-03-06 15:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 172.67.165.116
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["hal.ns.cloudflare.com", "marissa.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 6 vendors flagged
  Vendors: ["ChainPatrol", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc367-c1fc-73bb-b507-9460efe21662.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/lidofinrewards.xyz
- Wayback Machine: https://web.archive.org/web/https://lidofinrewards.xyz
- PhishDestroy: https://phishdestroy.io/domain/lidofinrewards.xyz/
- LLM endpoint: https://phishdestroy.io/domain/lidofinrewards.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lidofinrewards.xyz/
Last updated: 2026-03-19