# robolitiony.lol — SUSPICIOUS

> PhishDestroy identifies robolitiony.lol as a drainer phishing site registered March 31, 2026 resolving to IP 104.21.13.175.

## Summary
PhishDestroy identifies robolitiony.lol as a drainer phishing domain posing as a cryptocurrency service. This domain mimics legitimate platforms to trick users into connecting wallets and signing malicious transactions that drain funds. No known brand impersonation detected yet, but the site uses a drainer kit likely sourced from bulletproof kits sold on underground forums. The threat vector targets wallet holders seeking quick token launches or airdrops.    Technical indicators for robolitiony.lol include a VirusTotal detection score of 0/95, a Let’s Encrypt SSL certificate, registration through PDR Ltd. d/b/a PublicDomainRegistry.com, domain creation on March 31, 2026, and resolution to IP 104.21.13.175. Google Safe Browsing (GSB) has not yet flagged the domain, and no public blocklists list it. The domain age is under 24 hours at the time of analysis, indicating a very recent deployment likely designed for short-lived campaigns.    This domain is currently ACTIVE with a status of under_investigation by security teams. Users should immediately block access to 104.21.13.175 and robolitiony.lol at the firewall or DNS level. Avoid visiting or interacting with the site due to active drainer functionality. Remaining risk is MODERATE-HIGH given zero detections on VirusTotal and fresh domain registration, suggesting the campaign may still be in early propagation. Expect detection rates to rise as threat intelligence feeds update. Monitor wallets for unauthorized transactions and report any suspicious activity to wallet providers.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-03-31 10:16:57
- Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com
- IP: 104.21.13.175

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/robolitiony.lol
- PhishDestroy: https://phishdestroy.io/domain/robolitiony.lol/
- LLM endpoint: https://phishdestroy.io/domain/robolitiony.lol/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/robolitiony.lol/
Last updated: 2026-04-02