# sharediwaslot.vip — SUSPICIOUS > PhishDestroy warns that sharediwaslot.vip is a crypto drainer posing as a fake login portal. This domain (created 1/25/2026) has 0/95 VirusTotal detections and. ## Summary PhishDestroy has flagged sharediwaslot.vip as an active crypto drainer under investigation, with a current risk level classified as under_investigation. This domain exhibits clear malicious intent by mimicking legitimate login pages to steal cryptocurrency wallet credentials or directly drain funds from unwary users. The domain's rapid deployment—registered just days ago on January 25, 2026—combined with its zero detections on VirusTotal (0/95) and lack of presence on major blocklists, suggests it is either newly operational or employing evasion tactics to fly under the radar. This domain was flagged via PhishDestroy’s automated pipeline, which identified its association with a generic phishing campaign. The infrastructure behind sharediwaslot.vip is hosted on 99.83.238.163, a residential IP range commonly abused by threat actors to evade traditional blocklists. The domain was registered through Dynadot Inc, a registrar frequently used in bulk malicious registrations due to its low verification barriers. SSL certificates from Let’s Encrypt are often weaponized by attackers to lend false legitimacy to phishing pages, and this domain follows that pattern. Despite its apparent novelty (created January 25, 2026), the absence of detections on VirusTotal (0/95) indicates that mainstream security vendors have not yet flagged it, leaving end-users vulnerable. Trust scores for this domain remain critically low, with no reputable categorization and no association with known benign services. To mitigate the risk posed by sharediwaslot.vip, users should immediately cease all interactions with the domain and avoid entering any credentials or cryptocurrency wallet information. If this domain was accessed inadvertently, disconnect from the internet, clear browser cache and cookies, and scan devices for malware using reputable security software. For organizations, PhishDestroy recommends blocking the IP 99.83.238.163 at the network perimeter and flagging the domain across all security tools. Users should verify any suspicious links using PhishDestroy’s real-time threat lookup tool before engaging. Always cross-reference domains with official sources, especially when dealing with cryptocurrency platforms or financial services. Proactive threat intelligence sharing within communities can help prevent the spread of such malicious domains. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-01-25 08:27:26 - Registrar: Dynadot Inc - IP: 99.83.238.163 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/054d4e6e-de95-4036-8492-d517958e41b4 - PhishDestroy: https://phishdestroy.io/domain/sharediwaslot.vip/ - LLM endpoint: https://phishdestroy.io/domain/sharediwaslot.vip/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/sharediwaslot.vip/ Last updated: 2026-03-31