# teponfts.xyz — SUSPICIOUS

> PhishDestroy identifies teponfts.xyz as a crypto-drainer domain registered March 2026 via NICENIC. 4/95 VirusTotal vendors flag this site. Check the full report.

## Summary
teponfts.xyz is a recently activated crypto-drainer domain that poses an elevated theft risk to cryptocurrency wallets and users who sign malicious transactions. When visited, the site prompts visitors to connect their wallet under the guise of NFT minting or token giveaways, then silently drains approved tokens via malicious smart-contract calls. Security vendors have already begun flagging this domain, with 4 out of 95 engines on VirusTotal detecting malicious behavior as of today.  This domain was registered through NICENIC INTERNATIONAL GROUP CO., LIMITED on March 20, 2026. Its certificate is issued by Let’s Encrypt, and it resolves to IP address 188.114.97.3, which hosts multiple high-risk domains tied to cryptocurrency theft campaigns. The combination of a fresh registration date and low detection rate suggests this infrastructure is actively being weaponized. Given the domain’s naming pattern and SSL issuance, it appears designed to mimic legitimate NFT platforms to deceive users into authorizing wallet connections.  If you visited teponfts.xyz or connected your wallet, immediately revoke any token approvals using tools like revoke.cash or Etherscan’s token approval checker. Disconnect the wallet from your browser and scan for unauthorized transactions. Report the incident to your wallet provider and consider transferring remaining funds to a fresh wallet with a new seed phrase. Always verify domain legitimacy through official project channels before interacting with crypto-related sites.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-20 23:56:21
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 4 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/bf6d870e-b019-4382-8f47-7298d6aedcde
- PhishDestroy: https://phishdestroy.io/domain/teponfts.xyz/
- LLM endpoint: https://phishdestroy.io/domain/teponfts.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/teponfts.xyz/
Last updated: 2026-03-23