# besowin156.pro — SUSPICIOUS

> besowin156.pro active crypto drainer threat with 0/95 VirusTotal detections. Assess risk and block immediately.

## Summary
PhishDestroy identifies besowin156.pro as an active crypto-draining site posing as a generic registrar interface. This domain leverages a deceptive layout to trick users into connecting wallets and signing malicious transactions that silently drain crypto assets. Criminals register lookalike domains to exploit trust in legitimate services, and besowin156.pro follows that pattern by using a Let’s Encrypt SSL certificate and a recent registration date to appear credible. The domain was created on April 04, 2026 and resolves to 188.114.97.3, a server likely hosting multiple rogue endpoints.

Technical indicators confirm this is a low-detection threat: VirusTotal shows 0 engines flagging the domain out of 95 scanners, indicating evasion via freshness and minimal footprint. The registrar, Fewmoretaps OU (d/b/a Trustname.com), has no published abuse history, increasing the risk that this domain will persist unchecked. Evidence suggests the infrastructure is still live and may expand quickly if unblocked.

Users who visited the domain should immediately revoke any wallet connections made through its interface and transfer remaining assets to a clean wallet. Scan local systems with updated AV tools for crypto-stealer malware and review transaction histories for unauthorized transfers. Block besowin156.pro at DNS and firewall levels to prevent further access. Report the domain to your security team and trusted threat-intel platforms to accelerate takedown.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-04-04 15:04:56
- Registrar: Fewmoretaps OU d/b/a Trustname.com
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/besowin156.pro
- PhishDestroy: https://phishdestroy.io/domain/besowin156.pro/
- LLM endpoint: https://phishdestroy.io/domain/besowin156.pro/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/besowin156.pro/
Last updated: 2026-04-04