# vispwzsf.firebaseapp.com — MALICIOUS > vispwzsf.firebaseapp.com hosts a generic crypto drainer phishing page with 11/95 VirusTotal detections. Block before compromise. ## Summary PhishDestroy identifies vispwzsf.firebaseapp.com as a high-risk domain actively engaged in generic phishing activities, specifically hosting a crypto-draining operation designed to siphon cryptocurrency assets from unsuspecting victims. The page exhibits redirection behavior, likely luring users with false promises or deceptive links that ultimately facilitate unauthorized fund transfers. Given its active status and the absence of legitimate branding, this domain represents a significant threat to users’ digital assets, warranting immediate attention and preventive measures. This domain was flagged by 11 out of 95 security vendors on VirusTotal, underscoring its malicious intent. Registered through Google LLC and resolving to IP 199.36.158.100, it operates under a Google Trust Services SSL certificate, which may lend it an air of authenticity. However, its presence on at least one security blocklist (OISD) and the ambiguous page title 'Redirection...' further expose its deceptive nature. The combination of these indicators—high VT detection rate, trusted registrar, and redirection mechanics—paints a clear picture of a sophisticated phishing campaign targeting cryptocurrency users. To mitigate exposure to this threat, organizations and individuals should immediately block vispwzsf.firebaseapp.com at the network and endpoint levels. Users must exercise extreme caution when encountering links or domains associated with generic redirection pages, particularly those hosted on Firebase domains. Implementing DNS filtering solutions and leveraging threat intelligence feeds that include real-time domain reputation checks can significantly reduce the risk of falling victim to crypto-draining phishing schemes. Additionally, educating users about the tactics employed by these threat actors—such as spoofed redirections and false promises—can serve as a critical line of defense. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP ?) - Page title: Redirection... ## Domain Intelligence - Registrar: Google LLC - IP: 199.36.158.100 ## Detection Status - VirusTotal: 11 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OISD"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e6958eaa-afdf-46cd-8398-6da52a5e7b64 - PhishDestroy: https://phishdestroy.io/domain/vispwzsf.firebaseapp.com/ - LLM endpoint: https://phishdestroy.io/domain/vispwzsf.firebaseapp.com/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/vispwzsf.firebaseapp.com/ Last updated: 2026-04-15