# mdgamings.site — SUSPICIOUS

> mdgamings.site identified as a crypto drainer scam site. 0 of 95 VirusTotal vendors flagged it. Investigate immediately and block access.

## Summary
PhishDestroy identifies mdgamings.site as an active crypto drainer scam site under investigation. Current threat status remains active as the domain continues to resolve to malicious infrastructure, actively targeting cryptocurrency users.  The domain mdgamings.site exhibits multiple indicators of compromise, including a crypto drainer payload designed to illicitly transfer digital assets from unsuspecting victims. This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating it remains undetected by most antivirus engines. Registered through Dynadot Inc on April 02, 2026, the domain resolves to IP address 91.218.49.169 and operates under a Let's Encrypt SSL certificate, which adds a false sense of legitimacy. Despite its recent creation, the domain has not yet been widely blacklisted, with zero detections across multiple threat intelligence platforms.  Given the absence of vendor detections and the domain's active status, the risk level remains under investigation but poses a credible threat to cryptocurrency users. Technical indicators include the use of a recently registered domain (RR domain) and hosting on a bulletproof infrastructure IP. The SSL certificate further enables evasion of security controls that rely on certificate reputation checks. Immediate action is recommended: block the domain at the network perimeter, update DNS sinkholes, and monitor for connections to IP 91.218.49.169. Users should be warned against interacting with the domain and encouraged to verify URLs via trusted sources before engaging in transactions. Additionally, consider reporting the domain to threat intelligence platforms to improve detection coverage.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-02 08:48:27
- Registrar: Dynadot Inc
- IP: 91.218.49.169

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/mdgamings.site
- PhishDestroy: https://phishdestroy.io/domain/mdgamings.site/
- LLM endpoint: https://phishdestroy.io/domain/mdgamings.site/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mdgamings.site/
Last updated: 2026-04-06