# luckyapp373.fit — SUSPICIOUS

> luckyapp373.fit is a crypto drainer domain with 0/95 VirusTotal detections. This domain poses as a cryptocurrency app to steal wallet assets.

## Summary
PhishDestroy identifies luckyapp373.fit as an active crypto drainer domain impersonating a cryptocurrency application. The threat type is a generic phishing campaign specifically designed to drain cryptocurrency wallets via deceptive application impersonation.  This domain was flagged with a status of active and a risk level of under_investigation. It resolves to IP address 45.59.170.96 and utilizes a Let's Encrypt SSL certificate. VirusTotal currently shows 0 detections out of 95 engines, indicating low immediate detection but not confirming safety. The domain was registered through NAMECHEAP INC on January 22, 2026, suggesting a very recent registration likely intended for short-lived malicious operations. As of this assessment, no confirmed blocklist inclusions or trust scores are available, which may indicate either an emergent or stealthily operated campaign.  This domain presents a significant risk due to its cryptocurrency drainer nature, where victims are tricked into connecting their wallets under false pretenses. The lack of current detections on VirusTotal (0/95) highlights the evolving tactics of threat actors to evade signature-based detection systems. Immediate mitigation steps include blocking the domain and IP address at the network perimeter, disabling SSL inspection for this domain if enforced, and flagging any internal DNS resolutions to this address. Users should be warned against interacting with any applications or links associated with luckyapp373.fit, and any previously connected cryptocurrency wallets should undergo immediate security audits. Endpoint monitoring for unusual outbound connections to 45.59.170.96 is strongly advised to detect potential compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-01-22 06:51:12
- Registrar: NAMECHEAP INC
- IP: 45.59.170.96

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/cd1558fc-b249-400d-9ccf-fe3abbbdea91
- PhishDestroy: https://phishdestroy.io/domain/luckyapp373.fit/
- LLM endpoint: https://phishdestroy.io/domain/luckyapp373.fit/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/luckyapp373.fit/
Last updated: 2026-03-24