# vote-chainlink.app — MALICIOUS

> vote-chainlink.app is a confirmed phishing site flagged for social engineering. Avoid interaction and ensure your credentials remain secure.

## Summary
PhishDestroy identifies vote-chainlink.app as a high-risk phishing domain impersonating Chainlink, a prominent oracle platform. The site was designed to deceive users into divulging sensitive information, posing significant risks to personal and financial security. Such phishing schemes undermine trust in legitimate services and can lead to identity theft or financial loss.

The domain vote-chainlink.app was registered on February 21, 2026, through NiceNIC International Group Co., Limited, and was flagged by Google Safe Browsing for social engineering. It appeared on three security blocklists and was detected as malicious by 11 out of 95 security vendors on VirusTotal. While the domain resolved to IP 188.114.96.3, it is currently taken offline, halting active phishing attempts.

Users should remain vigilant against any communications or links associated with vote-chainlink.app. It is crucial not to enter personal or financial information on suspicious websites and to verify URLs carefully when accessing Chainlink services. Employ updated security software, enable multi-factor authentication, and report any phishing attempts encountered to protect your digital assets.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Chainlink: The Industry-Standard Oracle Platform

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["alec.ns.cloudflare.com", "dolly.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 11 vendors flagged
  Vendors: ["ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Seclookup", "Sophos"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a2c21-1598-751b-a553-61bbbf53e9d1.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1280f570-491f-4b52-b0dc-a23522b2f108
- PhishDestroy: https://phishdestroy.io/domain/vote-chainlink.app/
- LLM endpoint: https://phishdestroy.io/domain/vote-chainlink.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/vote-chainlink.app/
Last updated: 2026-03-19