# com-secure.us — SUSPICIOUS

> Stay safe from com-secure.us phishing attempts. This domain is offline but beware of credential theft. Avoid entering personal info on suspicious sites.

## Summary
PhishDestroy identifies com-secure.us as a medium-risk credential phishing domain that was used to deceive users into submitting sensitive login information. Although currently taken offline, this domain posed a threat by impersonating trusted services to steal usernames and passwords. Users should remain vigilant as phishing sites like this can lead to identity theft and unauthorized account access.

This phishing scheme reportedly relied on mimicking legitimate login portals or services, prompting users to enter their credentials. The domain resolved to an IP address associated with prior malicious activity and appeared on multiple security blocklists. Despite only 3 out of 95 VirusTotal engines flagging it, the presence on blocklists and its suspicious registration details through Key-Systems GmbH indicate a genuine risk. The page title “Welcome to nginx!” suggests the site was inactive or improperly configured at the time of discovery, but the phishing intent was clear.

If you have visited com-secure.us and entered any login details, it is critical to immediately change your passwords for the affected accounts and enable multi-factor authentication where available. Monitor your accounts for unusual activity and consider running a full security scan on your devices. Avoid revisiting the domain and stay informed about emerging phishing threats through trusted platforms like PhishDestroy.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Welcome to nginx!

## Domain Intelligence
- Registered: 2025-11-30 19:55:15
- Registrar: Key-Systems GmbH
- Country: DE
- IP: 172.67.214.107
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: davina.ns.cloudflare.com donovan.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["alphaMountain.ai", "Gridinsoft", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ae82f-4ff4-73ab-a58e-89d3330373ac.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/335160fc-c830-40cd-9f76-e812d0d25d5b
- Wayback Machine: https://web.archive.org/web/https://com-secure.us
- PhishDestroy: https://phishdestroy.io/domain/com-secure.us/
- LLM endpoint: https://phishdestroy.io/domain/com-secure.us/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/com-secure.us/
Last updated: 2026-03-19