# sol.incinerator.tools — SUSPICIOUS > sol.incinerator.tools is a crypto drainer domain with 0/95 VirusTotal detections. Immediate action: block entry, inspect wallets, and report to ScamSniffer. ## Summary PhishDestroy identifies sol.incinerator.tools as an active crypto drainer domain targeting cryptocurrency users through deceptive Solana-related impersonation schemes. This domain mimics legitimate Solana ecosystem services to trick victims into connecting wallets or signing malicious transactions, enabling cryptocurrency theft. The infrastructure is designed for rapid fund depletion once wallet permissions are granted, characteristic of advanced crypto drainer kits that leverage social engineering against blockchain users. sol.incinerator.tools resolves to IP address 172.67.171.232 and operates with a Let's Encrypt SSL certificate to appear legitimate. VirusTotal shows 0 detections out of 95 security engines, indicating this threat is currently undetected by most antivirus solutions. The domain appears on 1 security blocklist and is explicitly blocked by ScamSniffer, a specialized blockchain security platform. Technical indicators including the IP reputation, SSL configuration, and blocklist status suggest this is a newly deployed or stealthily operated threat vector with minimal forensic footprint. This domain remains under investigation with active status and poses significant risk to cryptocurrency users, particularly those interacting with Solana-based applications. Current protective measures include domain blocking at the network level and reporting through ScamSniffer's detection systems. However, the 0/95 VirusTotal detection rate indicates this threat could spread rapidly before conventional security systems identify it. Users should immediately block sol.incinerator.tools at DNS and firewall levels, avoid any wallet connections to this domain, and report any suspicious transactions to relevant blockchain security teams. The risk remains elevated due to undetected status and potential for widespread victimization before automated defenses catch up. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 172.67.171.232 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["ScamSniffer"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/5ad96542-922b-4538-8f0e-98e7f7501378 - PhishDestroy: https://phishdestroy.io/domain/sol.incinerator.tools/ - LLM endpoint: https://phishdestroy.io/domain/sol.incinerator.tools/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/sol.incinerator.tools/ Last updated: 2026-03-27