# esegpanel.icu — SUSPICIOUS

> esegpanel.icu hosts an emerging crypto drainer with 0/95 VirusTotal detections. Threat actors may be impersonating legitimate crypto services to steal digital.

## Summary
PhishDestroy identifies esegpanel.icu as a recently activated crypto drainer domain under active threat investigation. This domain, registered through PDR Ltd. d/b/a PublicDomainRegistry.com on September 18, 2025, resolves to IP address 188.114.96.3 and utilizes a Let's Encrypt SSL certificate to appear legitimate. Significantly, VirusTotal currently shows zero detections across 95 security engines, indicating this threat has evaded conventional detection mechanisms thus far.  This domain poses a direct risk to cryptocurrency users through sophisticated digital asset theft. The infrastructure supports a crypto drainer operation designed to intercept and divert transaction funds to attacker-controlled wallets. The domain's recent creation date and clean VirusTotal report suggest either a newly deployed threat or one that has recently evolved its tactics to bypass existing defenses. The use of PublicDomainRegistry as the registrar, combined with the Let's Encrypt certificate, provides the threat actors with the appearance of legitimacy necessary to deceive security-conscious users.  Users who have visited esegpanel.icu should immediately check their cryptocurrency wallets for unauthorized transactions. Revoke any browser permissions granted to the domain through extension managers, clear browser cache and cookies, and run a full system scan with updated antivirus software. Consider rotating all cryptocurrency wallet credentials and enabling multi-factor authentication where available. Network administrators should block both the domain and its associated IP address (188.114.96.3) at the firewall level to prevent further access to this infrastructure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-09-18 13:02:43
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c6f40952-d5fe-48ba-8d6b-f258282b7b1b
- PhishDestroy: https://phishdestroy.io/domain/esegpanel.icu/
- LLM endpoint: https://phishdestroy.io/domain/esegpanel.icu/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/esegpanel.icu/
Last updated: 2026-03-30