# vww-coinsase.pro — SUSPICIOUS

> PhishDestroy identifies vww-coinsase.pro hosting a fake cryptocurrency exchange redirecting to a credential phishing page. Check the full report.

## Summary
PhishDestroy identifies vww-coinsase.pro as an active cryptocurrency-themed phishing domain currently under investigation for credential harvesting.

This domain was flagged within 24 hours of registration on March 28, 2026, by a seed-triggered pipeline (1a50ae). It shows 0 detections out of 95 scanners on VirusTotal, a low-risk SSL certificate issued by Let’s Encrypt, and points to IP 188.114.96.3. The registrar is NICENIC INTERNATIONAL GROUP CO., LIMITED, a provider implicated in past bulk malicious registrations. As of today, no entries exist on Google Safe Browsing, PhishTank, OpenPhish, or SURBL. The domain operates with a neutral trust score on Cloudflare Radar and holds no historical reputation, indicating a newly weaponized domain likely purchased for short-lived campaigns.

Cryptocurrency phishing remains a high-risk vector due to immediate financial loss potential. Users interacting with vww-coinsase.pro risk exposing wallet credentials or mnemonic phrases via spoofed login or recovery pages. The domain’s recent creation and zero detections suggest it is actively being tested in the wild, possibly through email spam, social media ads, or typosquatting on legitimate exchanges. Because the registrar and hosting infrastructure are known to tolerate misuse, traditional blocklists may lag behind active deployment. Users should avoid visiting the domain, block it at the network perimeter using the IP 188.114.96.3 and domain hash 1a50ae, inspect SSL handshakes for anomalies, and report any encountered phishing pages to their security teams or Anti-Phishing Working Group channels for rapid takedown.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-28 18:23:19
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/370c21a4-b0ef-4034-8453-8bc6c4686c2c
- PhishDestroy: https://phishdestroy.io/domain/vww-coinsase.pro/
- LLM endpoint: https://phishdestroy.io/domain/vww-coinsase.pro/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/vww-coinsase.pro/
Last updated: 2026-03-29