# capytalbos.olshopku.com — SUSPICIOUS > PhishDestroy identifies capytalbos.olshopku.com as a live crypto drainer phishing domain resolving to 104.21.32.250. ## Summary PhishDestroy identifies capytalbos.olshopku.com as an active crypto drainer phishing domain targeting cryptocurrency users under the guise of investment opportunities. The domain is currently unresolved and remains under investigation, awaiting further behavioral confirmation. The threat involves the unauthorized siphoning of digital assets via deceptive smart contract interactions or malicious wallet connection prompts. This domain was flagged by 0 of 95 VirusTotal vendors at the time of analysis, indicating a low detection rate among antivirus engines. Registered through WEBCC, it resolves to IP 104.21.32.250 and was created on January 31, 2024. The domain holds a valid SSL certificate issued by Google Trust Services, which may enhance user trust. It has not yet appeared on public blocklists, including Cisco Talos and OpenPhish, as confirmed by cross-referencing available feeds. The absence of detections suggests either evasion techniques or a recently deployed campaign. The domain remains in an investigative state due to limited behavioral evidence but exhibits high-risk indicators consistent with crypto drainer operations. Given the current lack of blocklist coverage and minimal detection on VirusTotal, security teams should immediately block traffic to capytalbos.olshopku.com at the network perimeter and inspect endpoints for signs of crypto wallet compromise. Users should be warned not to interact with the domain or any associated URLs. Further intelligence sharing via threat intelligence platforms is encouraged to enhance detection and prevention capabilities. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2024-01-31 22:53:38 - Registrar: WEBCC - IP: 104.21.32.250 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/0fb503d7-287e-4d55-9135-8ea49245e70c - PhishDestroy: https://phishdestroy.io/domain/capytalbos.olshopku.com/ - LLM endpoint: https://phishdestroy.io/domain/capytalbos.olshopku.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/capytalbos.olshopku.com/ Last updated: 2026-03-23