# pickwinner.pro — MALICIOUS

> Pickwinner.pro is under investigation for potential phishing risks. Stay cautious and verify before interacting with this domain. Learn more now.

## Summary
PhishDestroy identifies pickwinner.pro as an active domain exhibiting characteristics consistent with generic phishing threats. Although the risk level is currently under investigation, caution is advised when encountering this domain due to its suspicious nature.

Supporting evidence for this assessment includes the domain's resolution to the IP address 172.67.179.89, which is associated with multiple threat reports in various threat intelligence feeds. Notably, VirusTotal scans show zero detections across 95 security vendors, indicating that this domain has not yet been flagged by traditional antivirus or URL scanning tools. This lack of detection suggests either recent registration or a low-profile phishing campaign. The domain's registration details and infrastructure are being closely monitored as part of the ongoing investigation.

Given the domain's active status and potential for phishing activity, users and organizations are recommended to exercise heightened vigilance. Avoid submitting personal or financial information on websites hosted under pickwinner.pro until further clarity is achieved. PhishDestroy continues to track this domain’s behavior and will update its risk status as new intelligence emerges. Implementing standard phishing mitigation strategies, such as email filtering and endpoint protection, remains prudent in this context.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: pickwinner Platfrom

## Domain Intelligence
- Registered: 2026-03-05 13:07:01
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 172.67.179.89
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: eugene.ns.cloudflare.com grannbo.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Gridinsoft", "Lionic", "Phishing Database", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "PhishingDB"]

## Evidence
- Screenshot: https://i.ibb.co/TDwFp1fn/00d1868763ff.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/pickwinner.pro
- PhishDestroy: https://phishdestroy.io/domain/pickwinner.pro/
- LLM endpoint: https://phishdestroy.io/domain/pickwinner.pro/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pickwinner.pro/
Last updated: 2026-03-19