# grandbeting-qiris.com — SUSPICIOUS

> grandbeting-qiris.com was identified as a medium-risk phishing site with generic impersonation tactics.

## Summary
PhishDestroy has classified grandbeting-qiris.com as a medium-risk generic phishing threat. The domain was used to impersonate unspecified services with the intent of deceiving users into divulging sensitive information. Although the exact brand or service targeted is unclear, the phishing nature of this domain poses a notable security risk.

The domain grandbeting-qiris.com was registered on March 2, 2026, through NiceNIC International Group Co., Limited. It resolved to IP address 172.67.166.225 and was detected on one security blocklist. VirusTotal’s analysis flagged the domain as suspicious by 3 out of 95 security vendors, indicating some consensus around its malicious intent. The webpage title “Just a moment...” suggests it may have used delay or redirection tactics typical of phishing setups designed to avoid immediate detection.

Currently, grandbeting-qiris.com is offline, reducing immediate risk to users. However, users are advised to remain vigilant and avoid interacting with or submitting credentials on suspicious or unverified domains. Organizations should continue monitoring related infrastructure and educate users on recognizing generic phishing schemes. Blocking the domain at network perimeters and using updated threat intelligence feeds will help mitigate potential future threats related to this or similar domains.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-03-02 15:00:01
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 172.67.166.225
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: evelyn.ns.cloudflare.com peyton.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["Fortinet", "Seclookup", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/CKJtchqy/d93fed06784b.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/8659a89a-1f76-4317-93a9-b1e1deefb47b
- PhishDestroy: https://phishdestroy.io/domain/grandbeting-qiris.com/
- LLM endpoint: https://phishdestroy.io/domain/grandbeting-qiris.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/grandbeting-qiris.com/
Last updated: 2026-03-19