# smtp-ip.services — MALICIOUS

> Avoid smtp-ip.services, a high-risk phishing domain now offline. Stay alert and protect your data from potential scams linked to this domain.

## Summary
PhishDestroy has identified smtp-ip.services as a high-risk phishing domain. Classified under generic phishing, this domain was created on March 04, 2026, and has been involved in malicious activities targeting unsuspecting users. Its primary intent appears to be credential harvesting or scam facilitation.

From a technical standpoint, smtp-ip.services resolved to the IP address 5.45.126.136 and was flagged by 13 out of 95 security vendors on VirusTotal. Additionally, the domain appeared on at least one security blocklist, confirming its association with suspicious or harmful behavior. The domain’s page title simply matches the domain name, which is a common tactic used to lower suspicion during phishing campaigns.

Currently, smtp-ip.services is offline, reflecting a swift takedown response. This status indicates effective mitigation efforts to limit further exposure or harm. PhishDestroy recommends continued vigilance against similar domains and encourages users to verify URLs carefully before interacting with unknown services.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 0)
- Page title: smtp-ip.services

## Domain Intelligence
- Registered: 2026-03-04 15:07:01
- IP: 5.45.126.136
- IP Country: EE
- IP City: Jõhvi
- IP Org: AS198068 P.A.G.M. OU
- Nameservers: dns.fastdns24.com dns2.fastdns24.org dns3.fastdns24.eu dns4.fastdns24.link
- SSL Issuer: none

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Seclookup", "SOCRadar", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/bgk75vWT/5d599bb31b19.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/dbd61bef-9a1b-4100-aa47-9d9d0689b460
- PhishDestroy: https://phishdestroy.io/domain/smtp-ip.services/
- LLM endpoint: https://phishdestroy.io/domain/smtp-ip.services/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/smtp-ip.services/
Last updated: 2026-03-19