# pemblokiran-shoppe.annyoying.my.id — MALICIOUS > PhishDestroy identifies pemblokiran-shoppe.annyoying.my.id as a crypto drainer phishing site mimicking Shoppe. ## Summary PhishDestroy classifies pemblokiran-shoppe.annyoying.my.id as an ACTIVE crypto drainer phishing domain at elevated risk. This domain is currently resolving to IP 172.67.156.163 and was flagged by 15 of 95 VirusTotal vendors. The SSL certificate is issued by Google Trust Services, adding superficial legitimacy to the lure. Historical data suggests this domain is part of a campaign impersonating legitimate e-commerce platforms to harvest cryptocurrency wallet credentials and drain funds. The combination of high VirusTotal detections and active hosting infrastructure indicates a mature, operational threat designed for financial exploitation. Technical indicators confirm this domain’s malicious intent: the IP 172.67.156.163 is associated with multiple known phishing and crypto-draining operations, and the .my.id ccTLD suggests opportunistic regional targeting. The SSL certificate from Google Trust Services may be abused to bypass browser warnings, creating a false sense of security. With 15 detections across a broad vendor base, including major AV engines, this domain has not evaded detection entirely but remains accessible and active, indicating either a new campaign or a resurgence of a previously dormant operation. Users encountering this domain should immediately cease interaction and verify its status using PhishDestroy’s real-time scanner. Organizations are advised to block both the domain and IP 172.67.156.163 at the network perimeter via DNS sinkholing or firewall rules. Cryptocurrency users should double-check wallet connection URLs and enable transaction confirmations for outgoing transfers. For maximum protection, isolate infected endpoints and rotate wallet credentials if exposure is suspected. Proactive threat hunting for similar domains is recommended due to the active nature of this campaign. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.67.156.163 ## Detection Status - VirusTotal: 15 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/11120bd7-0f54-4dae-9733-348678f0db6c - PhishDestroy: https://phishdestroy.io/domain/pemblokiran-shoppe.annyoying.my.id/ - LLM endpoint: https://phishdestroy.io/domain/pemblokiran-shoppe.annyoying.my.id/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/pemblokiran-shoppe.annyoying.my.id/ Last updated: 2026-03-21