# crpytweb3check.com — SUSPICIOUS > PhishDestroy flags crpytweb3check.com as an active crypto drainer impersonating Web3 security checks. Domain resolves to 208.98.35. ## Summary PhishDestroy identifies crpytweb3check.com as an active generic phishing domain posing as a Web3 security validator under investigation for crypto drainer activity. The domain was registered on March 25, 2026, through Dynadot Inc and resolves to IP 208.98.35.210. It utilizes a Let's Encrypt SSL certificate, suggesting an attempt to appear legitimate to unsuspecting users entering wallet addresses or seed phrases. This domain exhibits several high-risk technical indicators: VirusTotal currently shows 0 out of 95 detection engines flagging the domain, indicating it remains largely undetected by security vendors. The domain is newly registered with a creation date of March 25, 2026, which is a common tactic for threat actors to evade historical blocklists. The registrar, Dynadot Inc, has not yet taken action to suspend or flag the domain. As of the latest data, the domain is not flagged by Google Safe Browsing (GSB) and has not been added to any major domain blocklists, leaving users vulnerable to exposure. The campaign is currently active with a status of under investigation, meaning it is still propagating across various channels including social media, messaging platforms, and potentially through compromised websites or ads. PhishDestroy has flagged this domain as part of an ongoing threat intelligence operation and is actively monitoring its activity. The remaining risk is classified as high due to the domain's newness, lack of vendor detection, and the specific targeting of Web3 users who may unknowingly enter credentials or approve malicious transactions. Users are strongly advised to verify any Web3 security-related domains on PhishDestroy before interacting and to avoid entering sensitive information on untrusted sites. Immediate network and endpoint blocking of the IP 208.98.35.210 is recommended for organizations to mitigate potential compromise. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-03-25 15:59:22 - Registrar: Dynadot Inc - IP: 208.98.35.210 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/eaddf68f-abd0-487e-a42f-ea06f9978252 - PhishDestroy: https://phishdestroy.io/domain/crpytweb3check.com/ - LLM endpoint: https://phishdestroy.io/domain/crpytweb3check.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/crpytweb3check.com/ Last updated: 2026-03-26