# spin96-au.com — SUSPICIOUS

> PhishDestroy identifies spin96-au.com as a crypto drainer domain flagged by 1 of 95 VirusTotal vendors. Block this domain immediately.

## Summary
PhishDestroy identifies spin96-au.com as a fraudulent domain associated with a crypto drainer scam, currently active and posing an elevated risk to users. The domain specifically impersonates a gambling/casino theme to lure victims into depositing cryptocurrency, which is then drained by malicious actors. Security researchers and organizations tracking fraudulent domains have flagged this as a high-priority threat due to its active status and deceptive tactics.  This domain, spin96-au.com, was flagged by 1 of 95 VirusTotal vendors as of the latest scan, indicating limited but detectable malicious activity. It resolves to the IP address 188.114.96.3 and is registered through NICENIC INTERNATIONAL GROUP CO., LIMITED. The domain was created on February 18, 2025, and possesses an SSL certificate issued by Google Trust Services, which may be leveraged to appear legitimate. Despite the low VirusTotal detection rate, the domain's recent creation date and active status warrant caution, as threat actors often use newly registered domains with freshly issued certificates to evade early detection systems.  As of the latest intelligence, spin96-au.com remains active and represents an ongoing threat to unsuspecting users. The domain employs a crypto drainer scheme, where victims are tricked into connecting their cryptocurrency wallets under the guise of depositing funds into a casino platform. Once connected, the drainer silently transfers funds to attacker-controlled wallets. To mitigate risk, organizations and individuals should promptly block this domain at the network level, monitor for connections to the associated IP address (188.114.96.3), and educate users about the dangers of crypto drainer scams. Additionally, consider reporting this domain to threat intelligence platforms and local cybersecurity authorities to aid in broader mitigation efforts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-02-18 09:54:40
- Registrar: NICENIC INTERNATIONAL GROUP CO., LIMITED
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c876084f-b02b-49d6-b9de-67f63c4d0020
- PhishDestroy: https://phishdestroy.io/domain/spin96-au.com/
- LLM endpoint: https://phishdestroy.io/domain/spin96-au.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/spin96-au.com/
Last updated: 2026-03-27