Is dpd.xvnrqzlmtp.club a scam?

Our automated security review flags dpd.xvnrqzlmtp.club as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Is dpd.xvnrqzlmtp.club safe to use?

No — dpd.xvnrqzlmtp.club scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.

Does dpd.xvnrqzlmtp.club have a valid SSL certificate?

Yes. dpd.xvnrqzlmtp.club presents a valid TLSv1.3 certificate issued by Let's Encrypt · E8, expiring in 77 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.

How old is the dpd.xvnrqzlmtp.club domain?

dpd.xvnrqzlmtp.club is 12 days old, registered on 5/27/2026 through Dominet (HK) Limited. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.

Has dpd.xvnrqzlmtp.club been flagged by antivirus engines?

22 out of 92 antivirus engines in our malware network flagged dpd.xvnrqzlmtp.club as malicious or suspicious (21 outright malicious). Even one detection is a meaningful signal.

Is dpd.xvnrqzlmtp.club on any phishing or malware blacklists?

Yes. The major browser blocklist feeds flagged dpd.xvnrqzlmtp.club with the following threat categories: SOCIAL_ENGINEERING. This protects billions of browser users from visiting the site.

Where is dpd.xvnrqzlmtp.club hosted?

dpd.xvnrqzlmtp.club resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

How often is the dpd.xvnrqzlmtp.club report updated?

We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

DANGEROUS

Phishing site — do not log in

Flagged on major browser safety blocklists as social engineering. This page looks designed to steal credentials. Don't log in — and if you already did, change the password anywhere you reused it and turn on two-factor authentication.

Security Review

Is dpd.xvnrqzlmtp.club legit or a scam?

Name: Is dpd.xvnrqzlmtp.club legit or a scam?
Item: dpd.xvnrqzlmtp.club
Rating: 1
Author: MalwareTips

Our verdict:Dangerous· 1/100

SafeSuspiciousDangerous

Phishing site impersonating DPD parcel delivery; 12-day-old domain flagged by 21 antivirus engines and browser blocklists.

Top reasons

21 antivirus engines flag as phishing; 6 named detectors (BitDefender, Emsisoft, Cluster25, Criminal IP, alphaMountain.ai, CRDF) confirm phishing classification.Domain registered only 12 days ago—typical of disposable phishing infrastructure.Impersonates DPD, a major parcel delivery service, to harvest credentials or payment data.

dpd.xvnrqzlmtp.clubScanned 1h ago

Post Facebook

Trust score

DANGEROUS

Heuristics 0·MT 12

Category tags

phishingsocial-engineering#Phishing#Data Harvester95% MT confidence

Technical red flags (3)

22 of 92 engines flagged Blacklisted by Google Domain is 12 days old

Positive signals (2)

Encrypted connection Clean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence

22/92

Engines flagged this URL

Domain Age

12 days old

Registered May 27, 2026

MT Intelligence

Dangerous

Critical likelihood · 95% confidence

MT Intelligence

Advanced threat intelligence

MT Security Analyst

Critical scam likelihoodengineMT · Guardiantrust12/100

MT AgentLive web researchVisual inspection

Confidence

The domain dpd.xvnrqzlmtp.club is a phishing operation targeting DPD customers. Twenty-one antivirus engines, including BitDefender, Emsisoft, and Cluster25, flag it as phishing, and major browser blocklists have marked it for social engineering. The domain was registered only 12 days ago—a hallmark of throwaway phishing infrastructure. The random subdomain prefix (xvnrqzlmtp) combined with the .club TLD mimics legitimate delivery-service URLs to trick users into entering credentials or payment details. The site has zero legitimate traffic ranking and no business registration. The SSL certificate, while valid, is trivial to obtain and provides no legitimacy signal for a phishing domain.

Full dossier

Analysis complete

Page Content

The domain uses 'dpd' in its name to impersonate DPD (a well-known European parcel delivery company). The random subdomain and .club TLD are typical of phishing infrastructure designed to evade pattern-matching filters while remaining visually similar to legitimate URLs at a glance.

Infrastructure

Hosted on IP 104.21.29.77 with a valid Let's Encrypt SSL certificate expiring in 77 days. The IP has zero abuse reports and a clean reputation score, but this is common for newly-provisioned hosting used in phishing campaigns. SSL validity alone does not indicate legitimacy.

Domain History

Registered 12 days ago via Dominet (HK) Limited with privacy protection disabled. The extremely recent registration age is consistent with disposable phishing domains that are cycled frequently to evade takedowns.

Web Reputation

Flagged by 21 of 92 antivirus engines as phishing, with detectors including alphaMountain.ai, BitDefender, Cluster25, CRDF, Criminal IP, and Emsisoft all identifying it as phishing. Major browser blocklists have classified it as social engineering. No legitimate traffic ranking; not indexed by global search engines.

Risk Factors

21 antivirus engines flag as phishing; 6 named detectors (BitDefender, Emsisoft, Cluster25, Criminal IP, alphaMountain.ai, CRDF) confirm phishing classification.
Domain registered only 12 days ago—typical of disposable phishing infrastructure.
Impersonates DPD, a major parcel delivery service, to harvest credentials or payment data.
Blocked by major browser security lists for social engineering.
Random subdomain (xvnrqzlmtp) combined with .club TLD mimics legitimate delivery URLs.
Zero global traffic ranking and no legitimate business presence.
Privacy-unprotected WHOIS registration via offshore registrar (Dominet HK) typical of phishing operations.

Positive Signals

Valid SSL certificate from Let's Encrypt (standard for all sites, including phishing).

AI Recommendation

Do not visit this site. Do not enter any personal information, credentials, or payment details. If you received a link to this domain in an email or SMS claiming to be from DPD, report it to DPD directly and to your email provider or mobile carrier as phishing.

Next-gen fraud intelligence

Evidence-backedCross-checked

Website Preview

LIVE RENDER

dpd.xvnrqzlmtp.club

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for dpd.xvnrqzlmtp.club, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age

12 days

Registered May 2026

Web mentions

No scam reports found

No complaints, no negative coverage turned up in our sweep.

Research summary

Narrative write-up from our AI analyst

No independent review data available.

Antivirus Engines

Detection matrix · live

22 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

21Malicious1Suspicious43Harmless92Engines

of 92

alphaMountain.ai

Malicious· phishing

BitDefender

Malicious· phishing

Cluster25

Malicious· phishing

CRDF

Malicious· malicious

Criminal IP

Malicious· phishing

Emsisoft

Malicious· phishing

ESET

Malicious· phishing

Forcepoint ThreatSeeker

Malicious· phishing

Fortinet

Malicious· phishing

G-Data

Malicious· phishing

Google Safebrowsing

Malicious· phishing

Gridinsoft

Malicious· phishing

Kaspersky

Malicious· phishing

Lionic

Malicious· phishing

Netcraft

Malicious· malicious

Phishtank

Malicious· phishing

Rising

Malicious· phishing

SOCRadar

Malicious· phishing

Sophos

Malicious· phishing

VIPRE

Malicious· phishing

Webroot

Malicious· malicious

LevelBlue

Suspicious· suspicious

22 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check

This URL appears on threat lists

Detected threat categories: SOCIAL_ENGINEERING.

Domain & Encryption

Domain History

Age12 days old

RegistrarDominet (HK) Limited

RegisteredMay 27, 2026

ExpiresMay 27, 2027

Owner privacyVisible

Encryption Certificate

StatusValid

ProtocolTLSv1.3

IssuerLet's Encrypt · E8

ExpiresAug 25, 2026 (77d)

Self-signedNo

Hosting & Technology

HostingCloudflare, Inc.

Server locationUS

Redirect Chain

Hops

Cross-domain

Lookalike

Punycode

1301http://dpd.xvnrqzlmtp.club/
2200https://dpd.xvnrqzlmtp.club/

Server Reputation

Abuse Intelligence

Confidence score0%

Reports on file0

ISPCloudflare, Inc.

Usage typeContent Delivery Network

Scam-Type Likelihood

1 scam-type patterns detected

Scam-Type Likelihood

1 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Phishing

Phishing

Moderate likelihood

35/100

Google Safe Browsing flagged this as social engineering / phishing.
AI analyst tagged this as phishing.

Scam-Type Likelihood

1 of 13 categories showed signals

Top match: Phishing

Phishing

Moderate likelihood

35/100

Google Safe Browsing flagged this as social engineering / phishing.
AI analyst tagged this as phishing.

Phishing site — act fast

This page shows signs of attempting to steal credentials or impersonate a trusted brand.

Do not interact with dpd.xvnrqzlmtp.club
Do not enter credentials, deposit money, download files, or install browser extensions from this site.
If you already typed your password — change it now
Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.
Report the phishing URL
APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.
Open
Get help on the forum
MalwareTips members can help you assess damage and next steps.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

ListedCheck ↗

VirusTotal

ListedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

Our automated security review flags dpd.xvnrqzlmtp.club as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
No — dpd.xvnrqzlmtp.club scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
Yes. dpd.xvnrqzlmtp.club presents a valid TLSv1.3 certificate issued by Let's Encrypt · E8, expiring in 77 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
dpd.xvnrqzlmtp.club is 12 days old, registered on 5/27/2026 through Dominet (HK) Limited. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
22 out of 92 antivirus engines in our malware network flagged dpd.xvnrqzlmtp.club as malicious or suspicious (21 outright malicious). Even one detection is a meaningful signal.
Yes. The major browser blocklist feeds flagged dpd.xvnrqzlmtp.club with the following threat categories: SOCIAL_ENGINEERING. This protects billions of browser users from visiting the site.
dpd.xvnrqzlmtp.club resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

Final Verdict

Trust / 100

Final Verdict·dpd.xvnrqzlmtp.club

DANGEROUS

This is a phishing site impersonating DPD (a major parcel delivery service). It was registered only 12 days ago, flagged by 21 antivirus engines as phishing, and blocked by major browser security lists. Do not enter any personal or payment information.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Dangerous reports

account.remote-otp.com

coin-bse-app.zapier.app

18m ago

Read the review

Dangeroustrust1

web-git-05-20-featwebshowread-onlytokeninfoforex-4642a4-uniswap.vercel.app

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.