# bloomsnipers.net — SUSPICIOUS

> Explore the ongoing investigation of bloomsnipers.net, a potentially malicious domain linked to phishing attempts. Stay informed with PhishDestroy.

## Summary
PhishDestroy has identified bloomsnipers.net as a domain under investigation due to its association with generic phishing threats. Although no direct detections have been reported by major security vendors, the domain's recent creation and suspicious context warrant caution. The site titled "Bloom Sniper" raises concerns about potential deceptive activity aimed at harvesting sensitive information.

Technically, bloomsnipers.net was registered on October 17, 2025, via NICENIC INTERNATIONAL GROUP CO., LIMITED and resolves to the IP address 94.183.234.240. Current VirusTotal scans indicate zero detections across 95 security engines, suggesting it remains undetected by automated systems. However, the domain's youthful age combined with its registrar profile aligns with common characteristics of emerging phishing infrastructure.

The domain remains active and under close monitoring. Users and security professionals are advised to exercise vigilance when encountering communications or links related to bloomsnipers.net. PhishDestroy recommends blocking the domain at network levels where feasible and reporting any suspicious interactions to help bolster collective threat intelligence.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Bloom Sniper

## Domain Intelligence
- Registered: 2025-10-17 00:00:00
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 94.183.234.240
- Nameservers: ns3.my-ndns.com ns4.my-ndns.com

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Fortinet", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd1c4-513b-704a-ba3d-89d2efeffb74.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/37078dab-6800-43de-8340-45101f81301e
- PhishDestroy: https://phishdestroy.io/domain/bloomsnipers.net/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bloomsnipers.net/
Last updated: 2026-03-14