# PhishDestroy threat dossier — youproofwifes.digital ================================================================ Fetched: 2026-07-06 16:46:37 UTC Canonical: https://phishdestroy.io/domain/youproofwifes.digital/ ## VERDICT ---------------------------------------------------------------- TAKEN DOWN (neutralised) Composite threat score: 100/100 (PhishDestroy scoring — see methodology below) Scam classification: Impersonation Targeted brand: Crypto Casino / Gambling Phishing kit: Gambler Scam ## DETECTION EVIDENCE ---------------------------------------------------------------- VirusTotal: 2/91 security vendors flagged this domain Flagging vendors: alphaMountain.ai, Forcepoint ThreatSeeker Public blocklists: listed on 1 independent blocklist ## INFRASTRUCTURE ---------------------------------------------------------------- IP address: 188.114.97.3 (CA, Toronto) ASN: AS13335 Cloudflare, Inc. Hosting org: CloudFlare, Inc. Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com Nameservers: ainsley.ns.cloudflare.com, camilo.ns.cloudflare.com Registered: 2026-05-06 Expires: 2027-05-06 Page title: Youproofwifes: Donald Trump’s Leading Blockchain Crypto Casino ## TLS CERTIFICATE ---------------------------------------------------------------- Issuer: Let's Encrypt / YE2 Expires: 2026-10-02 Status: INVALID chain Fingerprint: 855aba991da49304b62c71f18767437612ffcdb97f89f1a20b9c8e753b1d38f1 ## ABUSE-REPORT HISTORY (evidence of registrar non-response) ---------------------------------------------------------------- Status: CLOSED — no report required. This domain was neutralised before the abuse-report cycle could be dispatched — either the hosting provider / registrar suspended it on their own, the DNS went dead, or the operator abandoned the infrastructure. PhishDestroy keeps the evidence bundle on file for audit but no formal notice was sent. ## TIMELINE ---------------------------------------------------------------- Domain registered: 2026-05-06 (per WHOIS / CT — may reflect a renewal or transfer date, not first-ever registration) First detected: 2026-07-06 12:37:29 UTC (by PhishDestroy tracker) Last verified: 2026-07-06 18:20:34 UTC Neutralised: 2026-07-06 18:16:50 UTC Current status: taken down (registrar suspended or DNS dead) ## EXTERNAL CORROBORATION (third-party evidence) ---------------------------------------------------------------- URLScan.io: https://urlscan.io/result/019f3700-598f-77fc-acae-c0890dc79751/ Wayback Machine: https://web.archive.org/web/*/youproofwifes.digital crt.sh CT logs: https://crt.sh/?q=%25.youproofwifes.digital Google transparency: https://transparencyreport.google.com/safe-browsing/search?url=youproofwifes.digital AlienVault OTX: https://otx.alienvault.com/indicator/domain/youproofwifes.digital URLhaus: https://urlhaus.abuse.ch/host/youproofwifes.digital/ ## ANALYST NARRATIVE ---------------------------------------------------------------- [Generated: 2026-07-06 12:45:51 UTC — narrative may predate facts above. Treat fields in TIMELINE / DETECTION EVIDENCE / INFRASTRUCTURE as authoritative if they differ from the prose below.] This domain is flagged as a high-risk brand impersonation threat targeting users of cryptocurrency-based gambling platforms. Analysis indicates that youproofwifes.digital mimics legitimate crypto casino services, leveraging sensationalized branding—such as "Donald Trump’s Leading Blockchain Crypto Casino"—to deceive victims into depositing digital assets under false pretenses. The site’s infrastructure is designed to exploit trust in political figures and blockchain technology, a tactic increasingly observed in fraudulent gambling schemes where victims are lured with promises of high returns or exclusive bonuses. The domain’s deceptive page title and thematic content suggest a deliberate effort to capitalize on current events and public figures to enhance credibility and urgency, a hallmark of phishing operations in the crypto-gambling sector. Infrastructure analysis reveals multiple technical indicators supporting the classification of this domain as malicious. The domain was registered on May 06, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com, a registrar frequently associated with high-risk domains. It resolves to the IP address 188.114.97.3 and utilizes a Let’s Encrypt SSL certificate, which, while common among legitimate sites, is also routinely exploited by threat actors to feign authenticity. As of the latest scan, the domain is flagged by 2 out of 95 security vendors on VirusTotal, a relatively low detection rate that may reflect the domain’s recent registration or evasion techniques. No blocklist entries were identified at the time of analysis, though the domain remains active and unmitigated, posing an ongoing risk to users. Users who have visited youproofwifes.digital or interacted with its content are advised to take immediate remedial actions. If any credentials, cryptocurrency wallet addresses, or personal information were entered on the site, affected individuals should assume compromise and revoke access to any linked accounts or wallets. Cryptocurrency transactions initiated through the domain should be traced using blockchain explorers to identify receiving addresses, and victims are encouraged to report these addresses to relevant fraud tracking platforms. Additionally, users should scan their devices for malware, as brand impersonation sites often deploy malicious payloads or redirect to exploit kits. Monitoring for unauthorized transactions or account activity is critical, and affected parties should consider reporting the incident to their local cybercrime authorities or dedicated fraud reporting portals for further investigation. [Updates since narrative was generated:] - Public blocklists: now listed on 1 feed ## EVIDENCE HASHES ---------------------------------------------------------------- Favicon MD5: 5ff05e2aad7ba4fd6cab001e369460b3 TLS cert SHA-256: 855aba991da49304b62c71f18767437612ffcdb97f89f1a20b9c8e753b1d38f1 ## SCORING METHODOLOGY ---------------------------------------------------------------- Composite score is NOT derived from VirusTotal alone. PhishDestroy aggregates: - VirusTotal positive ratio - Public blocklist consensus (MetaMask, ScamSniffer, OpenPhish, PhishTank, URLhaus, CryptoFirewall, SEAL, Polkadot, Enkrypt, Phishunt, DiscordPhishing, PhishingDB) - Cloaking detection (HTTP 666 or rendering delta between bot and real visitor) - DNS-filter consensus (Quad9, CleanBrowsing, NextDNS, AdGuard, Cloudflare, etc.) - AlienVault OTX pulses + Cloudflare Radar + Google Safe Browsing - URLScan / URLQuery verdicts - Brand-impersonation heuristics (DOM analysis of forms, logos, wording) - Known phishing-kit fingerprinting (favicon hash, JS obfuscation signatures) - Wallet-drainer family classification (Angel, MS, Rainbow, Pink, Inferno, ...) - Free-TLS vs paid-cert ratio (throwaway infrastructure signal) - Registrar/hosting abuse history (this registrar's track record) - Human researcher sign-off (operator takedown team) A domain present in our database is ALREADY flagged. A low VT count by itself does NOT mean the domain is safe — new scam domains routinely show 0/95 VT for their first 7–30 days while actively draining wallets. Always cross-reference the composite score and the individual indicators above, not just VT. ## CORRECTIONS / APPEALS ---------------------------------------------------------------- Full HTML report: https://phishdestroy.io/domain/youproofwifes.digital/ JSON API: https://api.destroy.tools/v1/check?domain=youproofwifes.digital Appeal a flag: https://phishdestroy.io/appeals/ (responded to within 48 hours, FP rate <0.01%) Submit a report: https://t.me/PhishDestroy_bot About PhishDestroy: independent open-source threat-intelligence platform. Tracked: 175,536 domains (12,488 alive under monitoring, 162,123 confirmed takedowns/dead). Site: https://phishdestroy.io