# american-bitcoin.entry-cryptolist.app — SUSPICIOUS > The domain american-bitcoin.entry-cryptolist.app mimics Bitcoin branding with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies american-bitcoin.entry-cryptolist.app as an active brand impersonation domain targeting Bitcoin users. This malicious domain attempts to deceive visitors by exploiting Bitcoin’s trusted name to distribute malware, harvest credentials, or promote fraudulent investment schemes. The threat actor leverages social engineering tactics, such as mimicking legitimate cryptocurrency services, to trick users into disclosing sensitive information or transferring funds. The domain’s infrastructure, including the resolved IP 188.114.97.3 and SSL certificate issued by Google Trust Services, suggests a sophisticated setup designed to evade initial detection while maintaining a veneer of legitimacy. Evidence supporting the malicious nature of this domain includes a current VirusTotal detection rate of 0/95, indicating that no antivirus engines have flagged its payloads or infrastructure as of the latest analysis. While the registrar and domain creation date remain unverified in public sources, the absence of detections highlights the stealthy nature of this campaign. Additionally, the domain’s association with the broader crypto-themed fraud ecosystem—evidenced by its inclusion in PhishDestroy’s seed-based tracking system (seed: 085e13)—further underscores its role in a coordinated impersonation strategy. The SSL certificate, though issued by a trusted authority, does not validate the domain’s legitimacy; instead, it may be abused to establish trust with potential victims. Users who have visited american-bitcoin.entry-cryptolist.app should immediately cease all interactions with the domain and scan their devices for malware using updated antivirus software. If any credentials, cryptocurrency wallet details, or personal information were entered, users must revoke access to those accounts immediately and monitor for unauthorized transactions. Reporting the domain to PhishDestroy, local cybersecurity authorities, or the targeted brand (Bitcoin) can help mitigate further damage. Organizations should block this domain at the network level to prevent additional exposure. Proactive threat intelligence sharing within security communities is critical to disrupting this and similar campaigns before they escalate. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Bitcoin ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/american-bitcoin.entry-cryptolist.app - PhishDestroy: https://phishdestroy.io/domain/american-bitcoin.entry-cryptolist.app/ - LLM endpoint: https://phishdestroy.io/domain/american-bitcoin.entry-cryptolist.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/american-bitcoin.entry-cryptolist.app/ Last updated: 2026-04-11