# web.pinjoy.org — SUSPICIOUS

> web.pinjoy.org is a live credential-harvesting phishing site created 2025-10-21; avoid entering credentials here and block 128.1.34.165 immediately.

## Summary
PhishDestroy identifies web.pinjoy.org as an active credential-harvesting phishing portal currently under investigation for generic phishing activity. The domain masquerades as a legitimate service to steal user credentials and is classified as a high-risk threat vector. Current status remains active and unresolved as of today.  web.pinjoy.org was registered on 2025-10-21 through NAMECHEAP INC and resolves to IP 128.1.34.165. The site operates under a valid Let's Encrypt SSL certificate. To date, 0 out of 95 VirusTotal security vendors have flagged this domain. No third-party blocklists currently list the domain or its associated IP. Domain age is less than 24 hours, with no historical reputation data available.  This domain poses an immediate credential theft risk. Users are advised to avoid visiting web.pinjoy.org and to block IP 128.1.34.165 at the network perimeter. Organizations should update firewall rules, DNS sinkholes, and endpoint protection signatures to mitigate exposure. Monitor for outbound connections to this IP and inspect employee credential submissions to unauthorized domains. If compromised, enforce password resets and enable multi-factor authentication across affected accounts. Report indicators to CERT and local threat intelligence platforms for collective defense. Status remains under investigation pending further IOC validation and takedown coordination.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-10-21 03:11:12
- Registrar: NAMECHEAP INC
- IP: 128.1.34.165

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b8ad700e-369a-420b-a522-2c9cbeba62c5
- PhishDestroy: https://phishdestroy.io/domain/web.pinjoy.org/
- LLM endpoint: https://phishdestroy.io/domain/web.pinjoy.org/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web.pinjoy.org/
Last updated: 2026-03-22