# qrandpasha-qiris.com — SUSPICIOUS

> Warning: qrandpasha-qiris.com was flagged for phishing activity and is currently offline. Avoid visiting this domain to protect your personal data.

## Summary
PhishDestroy identifies qrandpasha-qiris.com as a low-risk generic phishing domain. Although its threat level is categorized as low, users should exercise caution since phishing attempts can still result in compromised credentials or personal information.

The domain was registered recently on February 28, 2026, through NiceNIC International Group Co., Limited. It has appeared on one security blocklist and resolves to the IP address 172.67.203.150. VirusTotal analysis shows that 2 out of 95 security vendors have flagged this domain, indicating some level of suspicion but not widespread consensus. The page title "Just a moment..." suggests possible use of delay or redirection tactics common in phishing campaigns.

Currently, qrandpasha-qiris.com has been taken offline, mitigating immediate risk to users. To reduce exposure, users and organizations should continue to block this domain via network filters and remain vigilant for similar phishing attempts. PhishDestroy recommends avoiding any interaction with this domain and monitoring for any future reactivation or related threats.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Just a moment...

## Domain Intelligence
- Registered: 2026-02-28 17:00:01
- Expires: 2027-02-23 00:00:00
- Registrar: NiceNIC International Group Co., Limited
- Country: HK
- IP: 172.67.203.150
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: evelyn.ns.cloudflare.com peyton.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Fortinet", "SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/xtj5WCzt/4107f6f07834.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/45b56d41-938d-4c52-886a-5fd531761cde
- PhishDestroy: https://phishdestroy.io/domain/qrandpasha-qiris.com/
- LLM endpoint: https://phishdestroy.io/domain/qrandpasha-qiris.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/qrandpasha-qiris.com/
Last updated: 2026-03-19