# ens0.click — SUSPICIOUS

> ens0.click is linked to low-risk phishing activity and remains active. Stay cautious and avoid interaction. Learn more on PhishDestroy.

## Summary
PhishDestroy identifies ens0.click as a domain associated with generic phishing attempts. Although the risk level is considered low, the domain is designed to deceive users, potentially leading to credential theft or other malicious outcomes. Users should exercise caution when encountering this site, especially since its page title 'Just a moment...' may attempt to mask its true intent.

The domain ens0.click was registered recently on March 13, 2026, through Sav.com, LLC, and resolves to IP address 172.67.140.156. It currently appears on one security blocklist, indicating some recognition of suspicious activity. VirusTotal analysis flags it by one out of ninety-five security vendors, reflecting limited but notable concern. The domain infrastructure and registration details suggest it could be part of a wider phishing campaign exploiting new, short-lived domains.

As of now, ens0.click remains active and continues to pose a potential threat at a low level. PhishDestroy recommends users avoid clicking links or submitting any personal information on this domain. Network defenders should consider blocking access and monitoring for related phishing activity. Staying informed and cautious will reduce the risk of falling victim to this ongoing phishing operation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-03-13 03:07:02
- Registrar: Sav.com, LLC
- Country: US
- IP: 172.67.140.156
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: owen.ns.cloudflare.com tara.ns.cloudflare.com
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ce53f-090e-7414-9732-fb09a09f3b31.png
- PhishDestroy: https://phishdestroy.io/domain/ens0.click/
- LLM endpoint: https://phishdestroy.io/domain/ens0.click/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ens0.click/
Last updated: 2026-03-19