# portal-drops.cfd — MALICIOUS

> portal-drops.cfd was flagged for phishing and is currently offline. Avoid interaction and stay alert for similar malicious sites.

## Summary
PhishDestroy identifies portal-drops.cfd as a medium-risk phishing domain designed to deceive users into divulging sensitive information. The domain was used in generic phishing campaigns targeting a broad range of potential victims.

The domain resolved to IP address 104.21.55.51 and was registered through DYNADOT LLC on October 20, 2025. It appeared on six security blocklists, and nine security vendors flagged it on VirusTotal before it was taken offline. This infrastructure is typical of transient phishing operations leveraging reputable registrars.

Users are advised to avoid clicking on links from unknown or suspicious sources, especially those resembling portal-drops.cfd. Maintaining updated security software and verifying website legitimacy before entering personal data can help prevent phishing attacks. Although the domain is currently offline, vigilance against similar threats remains essential.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Google

## Domain Intelligence
- Registered: 2025-10-20 14:53:53
- Expires: 2026-10-20 23:59:59
- Registrar: Dynadot LLC
- Country: US
- IP: 142.250.185.100
- IP Org: Cloudflare CDN
- Nameservers: brenna.ns.cloudflare.com hassan.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 9 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "CyRadar", "Fortinet", "Lionic", "Seclookup", "Sophos", "Trustwave", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 5 hits
  Lists: ["PhishDestroy", "MetaMask", "Polkadot", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a0ba3-1db9-74f3-8bce-2a8055f9be33.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f55b4f7e-dd80-4fab-b8cf-54f08318ef23
- PhishDestroy: https://phishdestroy.io/domain/portal-drops.cfd/
- LLM endpoint: https://phishdestroy.io/domain/portal-drops.cfd/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/portal-drops.cfd/
Last updated: 2026-03-19