# www.fantasty.coinity.site — SUSPICIOUS > Fantasty.coinity.site is a credential harvesting domain flagged by 1/95 VirusTotal scanners. This site poses as a crypto wallet login page to steal credentials. ## Summary PhishDestroy identifies fantasty.coinity.site as an active credential harvesting domain leveraging a spoofed login interface to target cryptocurrency users. The domain mimics legitimate services to deceive victims into surrendering wallet credentials or seed phrases. No known drainer kit or brand association is currently documented, suggesting a generic but evolving phishing campaign designed to harvest high-value account access. This domain resolves to IP 78.159.119.244 and was registered through Atak Domain Bilgi Teknolojileri A.Ş. on April 05, 2025. The site holds a valid Let’s Encrypt SSL certificate, which may increase user trust despite its malicious intent. VirusTotal detection stands at 1/95 security vendors as of seed 03ae3f, indicating low but present recognition within the security community. The domain remains unlisted in Google Safe Browsing (GSB) and shows no blocklist entries beyond this isolated detection, suggesting a recently deployed threat with limited exposure. The domain remains active and poses an elevated risk due to its plausible appearance and crypto-focused lures. Users are advised to block access, refrain from interacting with the site, and report the domain to threat intelligence platforms. While current risk is elevated, the limited detection footprint and lack of widespread blocklisting indicate that proactive blocking and user awareness remain the most effective defenses. Remaining risk is moderate due to the potential for rapid expansion or payload changes. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2025-04-05 19:14:09 - Registrar: Atak Domain Bilgi Teknolojileri A.Ş. - IP: 78.159.119.244 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7919acb9-c84d-447b-a7b6-003ad165d224 - PhishDestroy: https://phishdestroy.io/domain/www.fantasty.coinity.site/ - LLM endpoint: https://phishdestroy.io/domain/www.fantasty.coinity.site/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/www.fantasty.coinity.site/ Last updated: 2026-03-26