# pubzle.io — SUSPICIOUS > PhishDestroy identifies pubzle.io as an active cryptocurrency drainer phishing domain — registered January 20, 2026, resolving to 3.1.94. ## Summary PhishDestroy identifies pubzle.io as an active cryptocurrency drainer phishing domain under investigation. Registered on January 20, 2026 through Amazon Registrar, Inc., the site resolves to IP 3.1.94.52 and currently holds a valid Let’s Encrypt SSL certificate. No drainer kit artifacts or brand spoofing have been confirmed in open-source intelligence; the domain is being tracked as phishing purely by behavioral red flags consistent with cryptocurrency wallet harvesters (fake “airdrops,” deceptive giveaway pages, and impersonation of legitimate DeFi platforms). Technical indicators confirm elevated risk potential: VirusTotal currently shows 0 detections out of 95 engines, the registrar is Amazon Registrar, Inc., the hosting IP is 3.1.94.52, the domain was created January 20, 2026, and the SSL certificate is issued by Let’s Encrypt. Google Safe Browsing has not yet listed pubzle.io, and third-party blocklists show no current entries for this domain. The lack of detections suggests either an extremely new deployment or a highly targeted operation. The status is active with under_investigation classification. PhishDestroy has raised a priority flag to Google Safe Browsing, Cloudflare Radar, and major DNS-layer security vendors; Netcraft has been notified for takedown escalation. While the immediate detection ratio remains zero, the combination of fresh registration, specific threat type, and high-risk configuration warrants immediate blocklisting by enterprises and cryptocurrency users. Remaining risk is marked as active but contained pending further forensic extraction. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-20 06:35:10 - Registrar: Amazon Registrar, Inc. - IP: 3.1.94.52 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/15694ac8-4780-4791-95cf-f5417f92965e - PhishDestroy: https://phishdestroy.io/domain/pubzle.io/ - LLM endpoint: https://phishdestroy.io/domain/pubzle.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/pubzle.io/ Last updated: 2026-03-24