# stake-origindefi.xyz — MALICIOUS

> Caution advised for stake-origindefi.xyz, linked to crypto draining threats. Domain under active investigation. Avoid interaction until safety confirmed.

## Summary
PhishDestroy identifies stake-origindefi.xyz as an active domain associated with a crypto drainer threat type, currently classified under a risk level of under investigation. This means that while no definitive malicious detections have occurred yet, the domain warrants close monitoring due to its potential risk.

The domain was registered recently on March 16, 2026, through NICENIC INTERNATIONAL GROUP CO., LIMITED, and resolves to the IP address 172.67.160.70. Despite a clean VirusTotal scan showing zero detections by 95 security vendors, the domain’s recent creation and registration details suggest suspicious activity consistent with emerging crypto-drainer campaigns. This preliminary intelligence, combined with infrastructure indicators, keeps the domain flagged for further scrutiny.

Users and researchers should exercise caution and avoid engaging with stake-origindefi.xyz, especially in the context of cryptocurrency transactions or wallet interactions. PhishDestroy continues to track and analyze the domain’s behavior to update its status promptly. Until conclusive evidence is obtained, the domain remains active and under investigation as a potential threat vector.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 403)

## Domain Intelligence
- Registered: 2026-03-16 18:09:28
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- Country: CN
- IP: 172.67.160.70
- Nameservers: jasmine.ns.cloudflare.com morgan.ns.cloudflare.com

## Detection Status
- VirusTotal: 6 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019d0197-8a99-7458-b30b-a6a699dadf66.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/be199f91-a271-4fa9-a082-5fac1e62a832
- PhishDestroy: https://phishdestroy.io/domain/stake-origindefi.xyz/
- LLM endpoint: https://phishdestroy.io/domain/stake-origindefi.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/stake-origindefi.xyz/
Last updated: 2026-03-19