# velodromepay.com — MALICIOUS

> Velodromepay.com is an active phishing domain posing medium risk. Avoid interaction and report suspicious activity immediately.

## Summary
PhishDestroy has identified velodromepay.com as a medium-risk phishing domain designed to deceive users under the guise of financial services, suggested by its page title 'Velodrome — Move Money at Speed.' This threat aims to capture sensitive information by impersonating legitimate payment platforms, putting unsuspecting visitors at potential risk of fraud or data theft.

The domain was registered on March 13, 2026, through NiceNIC International Group Co., Limited and currently resolves to the IP address 188.114.97.3. It remains active and is listed on one security blocklist, with seven out of ninety-five security vendors on VirusTotal flagging it for suspicious activity. This infrastructure indicates ongoing efforts by malicious actors to exploit the domain for phishing campaigns.

Given its active status and existing detections, users are advised to exercise caution by avoiding any interaction with the domain or related communications. Organizations should consider blocking this domain at network levels and update their phishing filters accordingly. Continuous monitoring and user awareness remain essential to mitigate risks associated with velodromepay.com.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Velodrome — Move Money at Speed

## Domain Intelligence
- Registered: 2026-03-13 03:07:02
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["bradley.ns.cloudflare.com", "uma.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 7 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "Fortinet", "Gridinsoft", "Kaspersky", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce53e-e723-7143-8e60-d64d18cb1bb3.png
- PhishDestroy: https://phishdestroy.io/domain/velodromepay.com/
- LLM endpoint: https://phishdestroy.io/domain/velodromepay.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/velodromepay.com/
Last updated: 2026-03-19