# rajabandot222.com — SUSPICIOUS

> rajabandot222.com is a brand impersonation domain pushing a crypto drainer with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies rajabandot222.com as a recently activated crypto-draining domain posing as a legitimate service. This site attempts to trick visitors into connecting cryptocurrency wallets and authorizing malicious transactions that silently drain funds. The threat is still under active investigation but already shows signs of live operation against unsuspecting users.  This domain was flagged on March 24, 2025, just days ago, and currently shows zero detections across 95 VirusTotal scanners. It resolves to IP 188.114.97.3 and hides behind a Google Trust Services SSL certificate to appear legitimate. The domain was registered through NameSilo, LLC, a registrar known for both legitimate and malicious use, allowing threat actors to quickly stand up fraudulent infrastructure.  If you or anyone in your organization visited rajabandot222.com, disconnect any connected wallets immediately and revoke any unauthorized token approvals through your wallet’s interface. Do not interact with any prompts or transaction requests that appear while on the site. Report the incident to your security team and consider rotating any exposed credentials. Block the domain at your network perimeter and update blocklists to prevent further access.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-03-24 09:56:55
- Registrar: NameSilo, LLC
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0f0ae1f3-3bfd-4f5d-8c8c-138839675f6c
- PhishDestroy: https://phishdestroy.io/domain/rajabandot222.com/
- LLM endpoint: https://phishdestroy.io/domain/rajabandot222.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rajabandot222.com/
Last updated: 2026-03-22