# cryptobrowser.online — SUSPICIOUS > PhishDestroy identifies cryptobrowser.online as a live wallet-theft phishing domain flagged by 0 of 95 VirusTotal scanners as of 2024-06-15. ## Summary PhishDestroy identifies cryptobrowser.online as a live wallet-theft phishing domain impersonating cryptocurrency wallet services to steal seed phrases and private keys. The threat is presently active and under active investigation by multiple threat-intelligence teams. This domain was flagged by 0 of 95 VirusTotal vendors, carries a Google Trust Services SSL certificate, resolves to IP 104.21.70.131, was registered on April 05, 2018 via NAMECHEAP INC, and remains absent from all major public blocklists and threat-intel feeds as of the latest telemetry. Domain trust scores remain neutral due to the absence of detections, yet behavioral indicators strongly suggest ongoing phishing campaigns targeting cryptocurrency users. Given the active status, zero vendor detections, and the use of a legitimate-looking SSL certificate, PhishDestroy recommends immediate blocking of 104.21.70.131 at the network perimeter and disabling access to cryptobrowser.online via DNS sinkholing or host-file blacklisting. Users who may have already entered credentials or cryptocurrency wallet recovery phrases on this domain should immediately revoke all associated private keys, transfer remaining assets to cold storage, and monitor on-chain activity for unauthorized transactions. Exercise extreme caution: this domain mimics legitimate cryptocurrency wallet interfaces and should be treated as hostile. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2018-04-05 07:45:12 - Registrar: NAMECHEAP INC - IP: 104.21.70.131 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/006aec42-c07a-4d7d-b31c-b2765f54eadc - PhishDestroy: https://phishdestroy.io/domain/cryptobrowser.online/ - LLM endpoint: https://phishdestroy.io/domain/cryptobrowser.online/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/cryptobrowser.online/ Last updated: 2026-03-24