# gov-ethena.finance — SUSPICIOUS

> PhishDestroy flags gov-ethena.finance as a generic phishing site claiming government ties. Resolves to 188.114.97.

## Summary
PhishDestroy identifies gov-ethena.finance as a freshly minted generic phishing domain designed to mimic official government services and harvest user credentials or payment details.

This domain was flagged after resolving to IP address 188.114.97.3 and producing zero detections on VirusTotal as of seed 34edf0. Domain creation occurred on April 06, 2026 via NICENIC INTERNATIONAL GROUP CO., LIMITED, with a current Let’s Encrypt SSL certificate still valid.

If you visited gov-ethena.finance, stop entering any information immediately. Run a full antivirus scan and change passwords on separate, trusted devices. Do not reopen the site; report the URL to your security team or local cybercrime unit. Monitor financial statements closely for unauthorized transactions and consider enabling two-factor authentication on critical accounts preemptively.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-06 20:31:31
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/gov-ethena.finance
- PhishDestroy: https://phishdestroy.io/domain/gov-ethena.finance/
- LLM endpoint: https://phishdestroy.io/domain/gov-ethena.finance/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/gov-ethena.finance/
Last updated: 2026-04-06