# vote-rhea.xyz — SUSPICIOUS

> vote-rhea.xyz is a generic phishing domain created on March 28, 2026. Users should avoid it due to ongoing risk investigations.

## Summary
PhishDestroy identifies vote-rhea.xyz as a domain engaged in generic phishing threats. There is no specific brand association or drainer kit linked to this domain at this time, but the threat classification indicates potential malicious intent to deceive users and capture sensitive information.

The domain vote-rhea.xyz was registered through PDR Ltd. d/b/a PublicDomainRegistry.com on March 28, 2026. It currently holds a Let’s Encrypt SSL certificate and resolves to IP address 188.114.96.3. VirusTotal reports zero detections out of 95 antivirus engines, indicating it has not yet been flagged by antivirus or anti-phishing services. There is no Google Safe Browsing (GSB) status or other blocklist data reported at this time.

Presently, vote-rhea.xyz remains active and under investigation for phishing risks. Because it is not yet flagged by major threat intelligence sources, user caution is critical. Security teams should monitor the domain for changes in detection status. Users should avoid interacting with vote-rhea.xyz and refrain from submitting personal or financial information to this domain until further intelligence confirms its safety or risk mitigation measures are enforced. The ongoing investigation status means the risk level could escalate if new evidence emerges.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-28 17:39:56
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/31203b03-40ed-4539-a1dc-eac6ead3ed3b
- PhishDestroy: https://phishdestroy.io/domain/vote-rhea.xyz/
- LLM endpoint: https://phishdestroy.io/domain/vote-rhea.xyz/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/vote-rhea.xyz/
Last updated: 2026-03-30