# vote-dreamcash.xyz — SUSPICIOUS

> vote-dreamcash.xyz is linked to low-risk phishing activity. Avoid sharing personal info and verify site authenticity before interacting.

## Summary
PhishDestroy identifies vote-dreamcash.xyz as a domain associated with generic phishing activities, categorized under a low-risk threat level. This domain is designed to deceive users potentially by mimicking legitimate voting or financial services to extract sensitive information. While the immediate risk is assessed as low, users should remain cautious due to the deceptive nature of phishing sites.

The domain vote-dreamcash.xyz was registered recently on March 2, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com, a common registrar used by malicious actors for disposable domains. It currently resolves to the IP address 104.21.83.220, which is part of a cloud-based hosting service. VirusTotal analysis shows a single detection out of 95 security vendors, indicating limited but non-negligible suspicion. The domain remains active and accessible, indicating ongoing potential for phishing campaigns.

Given the active status of vote-dreamcash.xyz and its association with phishing risks, PhishDestroy strongly recommends users avoid interacting with this domain or providing any personal or financial information. Security professionals and users should monitor for further intelligence updates, and network defenders may consider blocking or flagging this domain to prevent potential exploitation. Due diligence and verification through trusted sources are advised before engaging with any voting or payment-related websites.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 0)
- Page title: Season One | Dreamcash

## Domain Intelligence
- Registered: 2026-03-04 13:07:01
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- Country: IN
- IP: 104.21.83.220
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: dee.ns.cloudflare.com walt.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["Forcepoint ThreatSeeker", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://i.ibb.co/Lh6Q8QxB/62030f5746cb.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/df77489f-ba9a-4266-9c1a-20c9d352247c
- PhishDestroy: https://phishdestroy.io/domain/vote-dreamcash.xyz/
- LLM endpoint: https://phishdestroy.io/domain/vote-dreamcash.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/vote-dreamcash.xyz/
Last updated: 2026-03-19