# 5sol.pro — SUSPICIOUS

> PhishDestroy identifies 5sol.pro as a crypto drainer phishing domain with 3/95 VirusTotal detections. Blocked by SEAL & MetaMask due to active credential theft.

## Summary
PhishDestroy identifies 5sol.pro as a high-risk crypto drainer domain designed to deceive cryptocurrency users into unknowingly authorizing malicious wallet transactions. This domain mimics legitimate cryptocurrency service branding to trick visitors into connecting their wallets, whereupon sophisticated smart contract-based drainers silently siphon assets. Once connected, the drainer executes unauthorized transfers, often draining entire wallet balances within seconds. Victims typically encounter this threat through malicious social media ads, imposter support channels, or phishing links distributed via email or messaging platforms. The operational model leverages urgency and perceived legitimacy to bypass user skepticism during critical wallet connection prompts.  This domain was flagged by multiple security systems due to suspicious characteristics: it resolves to IP 104.21.63.30, carries a Let's Encrypt SSL certificate, and has been blocked by major security platforms including SEAL and MetaMask. Security intelligence shows this domain was registered through Global Domain Group LLC on March 19, 2026—indicating extremely recent creation designed to evade historical detection. The domain appears on 2 active security blocklists, and VirusTotal reports detection by 3 out of 95 security vendors at time of analysis, with that ratio likely to increase as threat intelligence spreads. These technical indicators demonstrate coordinated malicious infrastructure rather than opportunistic abuse.  Users who visited 5sol.pro should immediately disconnect any connected wallets using wallet settings or browser extensions, transfer remaining assets to a new, isolated wallet, and revoke any token approvals through tools like revoke.cash or similar platforms. Reset account passwords if credentials were entered, enable two-factor authentication on all crypto services, and scan devices with updated antivirus software. Report wallet addresses and domains to relevant security teams and blocklists to help protect others. Avoid any further interaction with this domain or similar recently registered sites with minimal detection history.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-19 10:25:17
- Registrar: Global Domain Group LLC
- IP: 104.21.63.30

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["SEAL", "MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/cdf32c4d-69dc-4377-846a-24f844e6cd96
- PhishDestroy: https://phishdestroy.io/domain/5sol.pro/
- LLM endpoint: https://phishdestroy.io/domain/5sol.pro/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/5sol.pro/
Last updated: 2026-03-24