# api.ai-mining.ltd — SUSPICIOUS

> PhishDestroy identifies api.ai-mining.ltd as a suspected crypto drainer scam resolving to IP 188.114.97.3. Users should avoid interaction and report if targeted.

## Summary
PhishDestroy flagged api.ai-mining.ltd as a generic_phishing domain suspected of operating as a cryptocurrency drainer kit targeting unsuspecting users. The domain contains 'ai-mining' in its label, which may imply a false association with artificial intelligence or mining services to deceive visitors into engaging with malicious payloads. No direct brand impersonation was detected in available intelligence, but the domain’s structure aligns with common phishing tactics used to harvest crypto wallet credentials or initiate unauthorized transactions. The site’s use of a Let’s Encrypt SSL certificate suggests an attempt to appear legitimate, while its active status and unresolved threat classification indicate ongoing malicious operations.  

This domain resolves to IP address 188.114.97.3 and is associated with a Let’s Encrypt SSL certificate. According to VirusTotal, it currently shows 0 detections out of 95 scanning engines, suggesting it has evaded detection by mainstream security tools. The domain was registered via an unknown registrar and has not been flagged by Google Safe Browsing (GSB) as of this assessment. It is hosted on a cloud-based IP likely associated with bulletproof hosting providers, which are commonly used to evade takedowns. The lack of detections and active status pose a significant risk to users engaging with this domain, especially those involved in cryptocurrency transactions or digital asset management.  

As of the latest assessment, api.ai-mining.ltd remains active and under investigation with a status of 'under_investigation' and a risk level marked as 'active'. PhishDestroy recommends immediate avoidance of this domain and any associated links or services. Users who have interacted with this domain are advised to revoke any permissions granted, transfer funds to secure wallets, and monitor accounts for suspicious activity. Due to the absence of detections on VirusTotal and lack of GSB blocking, this domain remains a high-risk threat with potential for continued exploitation. The remaining risk is classified as unresolved, and users should remain vigilant for updates or further indicators of compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7d91c411-186c-4054-9b90-b2a28390dd18
- PhishDestroy: https://phishdestroy.io/domain/api.ai-mining.ltd/
- LLM endpoint: https://phishdestroy.io/domain/api.ai-mining.ltd/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/api.ai-mining.ltd/
Last updated: 2026-03-24