# pooledeth.net — SUSPICIOUS

> pooledeth.net is hosting a sophisticated Ethereum pooling scam. 1/95 vendors flagged this domain. Inspect the full report.

## Summary
PhishDestroy identifies pooledeth.net as an active Ethereum mining-pool scam designed to trick cryptocurrency investors into surrendering credentials or transferring funds to attacker-controlled wallets. The risk level is elevated due to the combination of a brand-new domain, low detection coverage, and use of a legitimate-looking SSL certificate. Users who interact with this site risk immediate financial loss and potential credential harvesting.  pooledeth.net was registered on 2024-09-28 and resolves to 188.114.96.3 via Google Trust Services, increasing its perceived legitimacy while remaining under the radar of most security vendors; VirusTotal shows only 1 out of 95 engines flagging the domain, and the registrar NICENIC INTERNATIONAL GROUP CO., LIMITED provides minimal transparency, typical of fly-by-night hosting operations.  Mitigation for this Ethereum pooling scam includes adding pooledeth.net and its IP 188.114.96.3 to network blocklists, disabling access to the domain from corporate environments, and advising users to verify any cryptocurrency pooling URLs against official project websites. Since the SSL certificate is issued by a reputable CA, users should not rely on padlock icons alone; instead, they should cross-check the domain against known legitimate endpoints and treat any unsolicited pooling links as high-risk.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2024-09-28 18:32:35
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a35d0472-bf7e-4447-a8f5-dd97a2bac2b9
- PhishDestroy: https://phishdestroy.io/domain/pooledeth.net/
- LLM endpoint: https://phishdestroy.io/domain/pooledeth.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pooledeth.net/
Last updated: 2026-03-27