# coinpassport.net — SUSPICIOUS

> coinpassport.net is under investigation for potential phishing threats. Learn about its infrastructure and current risk status updated by PhishDestroy.

## Summary
PhishDestroy identifies coinpassport.net as an active phishing domain currently under investigation due to its suspicious registration details and potential misuse for fraudulent activities. Although no direct detections have been recorded by major antivirus vendors, the domain exhibits characteristics common to phishing threats, warranting cautious monitoring.

Technically, coinpassport.net resolves to the IP address 188.114.97.3 and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. The domain was created recently on March 02, 2026, which aligns with patterns often seen in transient phishing infrastructures. VirusTotal scans reveal zero detections across 95 security vendors, suggesting the domain may be newly registered or employing evasion techniques. Despite the clean scan results, the domain's young age and registrar profile contribute to its risk profile.

Currently, coinpassport.net remains active and under ongoing analysis by PhishDestroy. Organizations and users are advised to exercise caution when interacting with this domain and avoid submitting sensitive information. Monitoring network traffic for connections to this domain and updating phishing filters is recommended until conclusive threat intelligence determines its definitive classification.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 404)
- Page title: 404 Not Found

## Domain Intelligence
- Registered: 2026-03-05 11:07:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: lauryn.ns.cloudflare.com mark.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["Fortinet", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/f21f7a85-c850-4878-863e-b7a79f7d90a0.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/coinpassport.net
- Wayback Machine: https://web.archive.org/web/https://coinpassport.net
- PhishDestroy: https://phishdestroy.io/domain/coinpassport.net/
- LLM endpoint: https://phishdestroy.io/domain/coinpassport.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/coinpassport.net/
Last updated: 2026-03-19