MalwareTips
DANGEROUS

Phishing site — do not log in

Flagged on major browser safety blocklists as social engineering. This page looks designed to steal credentials. Don't log in — and if you already did, change the password anywhere you reused it and turn on two-factor authentication.

Security Review

Is dpd.plxqzmtrnv.ink legit or a scam?

Our verdict:Dangerous· 1/100

Phishing domain registered 11 days ago, flagged by 21 antivirus engines and browser blocklists for credential harvesting.

Top reasons
21 of 92 antivirus engines flagged as phishing or malicious, including BitDefender, Emsisoft, and Cluster25.Major browser blocklists flagged for social-engineering attacks.Domain registered only 11 days ago — typical of short-lived phishing campaigns.
dpd.plxqzmtrnv.inkScanned 1h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 0·MT 12
Category tags
phishingsocial-engineering#Phishing#Data Harvester95% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
21/92
Engines flagged this URL
Domain Age
11 days old
Registered May 28, 2026
MT Intelligence
Dangerous
Critical likelihood · 95% confidence

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust12/100
MT AgentLive web researchVisual inspection
0%
Confidence
The domain dpd.plxqzmtrnv.ink exhibits multiple confirmed phishing indicators. Our antivirus network detected malicious activity with 21 of 92 engines flagging it as phishing or malicious, including tier-1 detectors BitDefender, Emsisoft, and Cluster25. Major browser blocklists independently flagged the page for social-engineering attacks. The domain was registered only 11 days ago through a privacy-unprotected registration, a common pattern for short-lived phishing campaigns. The subdomain structure (dpd.plxqzmtrnv.ink) mimics legitimate parcel-delivery services, likely designed to trick users into entering login credentials or payment information. No legitimate business presence, no traffic ranking, and no positive reputation signals support this assessment.
Full dossier
Analysis complete

Page Content

The domain uses a subdomain pattern (dpd.*) that imitates legitimate parcel-delivery services, a common phishing tactic to lower user suspicion during credential entry.

Infrastructure

Hosted on IP 104.21.49.251 with valid SSL (Let's Encrypt, 78 days to expiry). The SSL certificate provides no legitimacy signal — phishing sites routinely obtain free certificates. The IP has zero abuse reports but is shared hosting, typical for disposable phishing infrastructure.

Domain History

Registered 11 days ago via Dominet (HK) Limited with privacy protection disabled. The extremely recent registration combined with phishing-engine consensus is a hallmark of active phishing campaigns designed to evade detection before being taken down.

Web Reputation

Not indexed in global traffic rankings. No positive reviews or business registration found. 21 antivirus engines and major browser blocklists flag it as malicious social-engineering content.

Risk Factors
6
  • 21 of 92 antivirus engines flagged as phishing or malicious, including BitDefender, Emsisoft, and Cluster25.
  • Major browser blocklists flagged for social-engineering attacks.
  • Domain registered only 11 days ago — typical of short-lived phishing campaigns.
  • Subdomain mimics legitimate parcel-delivery services (DPD) to trick users into entering credentials.
  • Privacy-unprotected WHOIS registration with no legitimate business presence.
  • Not indexed in global traffic rankings; zero legitimate business signals.
Positive Signals
1
  • Valid SSL certificate issued by Let's Encrypt (though this does not indicate legitimacy on phishing sites).
AI Recommendation
Do not visit this site or enter any personal information. If you received a link to this domain in an email or message claiming to be from a delivery service, report it as phishing to your email provider or the legitimate service being impersonated.
Next-gen fraud intelligence
Evidence-backedCross-checked

Website Preview

Screenshot of dpd.plxqzmtrnv.ink
LIVE RENDER
dpd.plxqzmtrnv.ink

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for dpd.plxqzmtrnv.ink, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
11 days
Registered May 2026
Web mentions
No scam reports found
No complaints, no negative coverage turned up in our sweep.

Antivirus Engines

Detection matrix · live
21 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

21Malicious0Suspicious43Harmless92Engines
0
of 92
alphaMountain.ai
Malicious· phishing
BitDefender
Malicious· phishing
Cluster25
Malicious· phishing
CRDF
Malicious· malicious
Criminal IP
Malicious· phishing
Emsisoft
Malicious· phishing
ESET
Malicious· phishing
Forcepoint ThreatSeeker
Malicious· phishing
Fortinet
Malicious· phishing
G-Data
Malicious· phishing
Google Safebrowsing
Malicious· phishing
Gridinsoft
Malicious· phishing
LevelBlue
Malicious· phishing
Lionic
Malicious· phishing
Netcraft
Malicious· malicious
Rising
Malicious· phishing
Seclookup
Malicious· malicious
SOCRadar
Malicious· phishing
Sophos
Malicious· phishing
VIPRE
Malicious· phishing
Webroot
Malicious· malicious

21 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
This URL appears on threat lists

Detected threat categories: SOCIAL_ENGINEERING, SOCIAL_ENGINEERING.

Domain & Encryption

Domain History
Age11 days old
RegistrarDominet (HK) Limited
RegisteredMay 28, 2026
ExpiresMay 28, 2027
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · E7
ExpiresAug 26, 2026 (78d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://dpd.plxqzmtrnv.ink/
  • 2200https://dpd.plxqzmtrnv.ink/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Scam-Type Likelihood

1 scam-type patterns detected
Scam-Type Likelihood

1 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Phishing
Phishing
Moderate likelihood
35/100
  • Google Safe Browsing flagged this as social engineering / phishing.
  • AI analyst tagged this as phishing.

Phishing site — act fast

This page shows signs of attempting to steal credentials or impersonate a trusted brand.

  • Do not interact with dpd.plxqzmtrnv.ink

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • If you already typed your password — change it now

    Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.

  • Report the phishing URL

    APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.

    Open
  • Get help on the forum

    MalwareTips members can help you assess damage and next steps.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
ListedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags dpd.plxqzmtrnv.ink as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — dpd.plxqzmtrnv.ink scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. dpd.plxqzmtrnv.ink presents a valid TLSv1.3 certificate issued by Let's Encrypt · E7, expiring in 78 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • dpd.plxqzmtrnv.ink is 11 days old, registered on 5/28/2026 through Dominet (HK) Limited. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • 21 out of 92 antivirus engines in our malware network flagged dpd.plxqzmtrnv.ink as malicious or suspicious (21 outright malicious). Even one detection is a meaningful signal.
  • Yes. The major browser blocklist feeds flagged dpd.plxqzmtrnv.ink with the following threat categories: SOCIAL_ENGINEERING, SOCIAL_ENGINEERING. This protects billions of browser users from visiting the site.
  • dpd.plxqzmtrnv.ink resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

Final Verdict

0
Trust / 100
Final Verdict·dpd.plxqzmtrnv.ink
DANGEROUS

This is a phishing site designed to harvest credentials or personal data. Created 11 days ago, it's flagged by 21 antivirus engines and major browser blocklists as social-engineering malware.

Do not visit this site or enter any personal information. If you received a link to this domain in an email or message claiming to be from a delivery service, report it as phishing to your email provider or the legitimate service being impersonated.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust33
jjj195.com
6m ago
Read the review
Dangeroustrust12
account.remote-otp.com
8m ago
Read the review
Dangeroustrust1
72264.xyz
11m ago
Read the review
Dangeroustrust24
uuuu.com
13m ago
Read the review
Dangeroustrust1
almarabeaunited.com
13m ago
Read the review
Dangeroustrust1
ghanapoest.eu.cc
15m ago
Read the review
Dangeroustrust1
nyjfv.xyz
16m ago
Read the review
Dangeroustrust1
mitaomaodou.com
17m ago
Read the review
Dangeroustrust1
coin-bse-app.zapier.app
18m ago
Read the review
Dangeroustrust1
web-git-05-20-featwebshowread-onlytokeninfoforex-4642a4-uniswap.vercel.app
18m ago
Read the review
Dangeroustrust45
cedarbureau.digital
20m ago
Read the review
Dangeroustrust1
scriptapi.dev
20m ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.