# op-net.org — SUSPICIOUS

> op-net.org is a crypto drainer phishing site flagged by 0 of 95 VirusTotal vendors. Resolves to 188.114.96.3. Block immediately to prevent stolen funds.

## Summary
PhishDestroy identifies op-net.org as an active crypto drainer phishing domain currently under investigation for credential theft and cryptocurrency harvesting. This domain is not yet flagged by external threat intelligence vendors but exhibits high-risk indicators requiring immediate scrutiny due to its operational timeline and infrastructure alignment with known fraudulent patterns.


This domain was flagged by 0 of 95 VirusTotal vendors as of investigative discovery, registered through PDR Ltd. d/b/a PublicDomainRegistry.com, resolving to IP address 188.114.96.3 with a Let's Encrypt SSL certificate. The domain was created on March 20, 2026, indicating a recently established presence with minimal historical trust scoring across threat intelligence platforms. The lack of VirusTotal detections suggests either a very recent deployment or evasion tactics, emphasizing the need for proactive blocking regardless of current vendor consensus.


Current status remains active with ongoing investigation into its operational scope and victim targeting. Concrete recommendations include immediate network-level blocking of op-net.org and associated IP address 188.114.96.3, inspection of all DNS resolutions to this IP to identify potential internal compromise, and user awareness campaigns highlighting the domain's deceptive domain structure mimicking legitimate network operations. Enhanced monitoring of cryptocurrency wallet addresses interacting with this domain is advised due to its suspected crypto drainer functionality.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-20 20:34:38
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b202296e-d5e2-4550-bf3f-4d8d2dd1cabd
- PhishDestroy: https://phishdestroy.io/domain/op-net.org/
- LLM endpoint: https://phishdestroy.io/domain/op-net.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/op-net.org/
Last updated: 2026-03-25