# vispwzsf.web.app — MALICIOUS > PhishDestroy identifies vispwzsf.web.app as a crypto drainer phishing site. VT flags 11/95 vendors; avoid wallet connections. Monitor transactions closely. ## Summary PhishDestroy identifies vispwzsf.web.app as an active crypto drainer domain posing significant risk to cryptocurrency users. This domain employs deceptive techniques to trick victims into connecting wallets, enabling unauthorized fund transfers to attacker-controlled addresses. The threat level remains high due to its current operational status and the involvement of sophisticated social engineering tactics designed to bypass security awareness. Domain analysis reveals multiple red flags across multiple security platforms. VirusTotal confirms detection by 11 out of 95 security vendors, indicating widespread recognition as malicious. The domain was registered through Google LLC and resolves to IP address 199.36.158.100, which has been associated with previous phishing infrastructure. Notably, this domain appears on one security blocklist and maintains an active status despite efforts to contain it. The SSL certificate issued by Google Trust Services adds a veneer of legitimacy, potentially increasing the success rate of impersonation attempts. The page title 'Redirection...' suggests immediate redirection to secondary malicious payloads upon access. Mitigation requires immediate action from both users and security teams. Cryptocurrency holders should treat any connection requests to this domain as highly suspicious, particularly those involving wallet connections or transaction approvals. Organizations should implement DNS filtering to block access to this domain and its IP address. Additionally, security teams should monitor network traffic for connections to 199.36.158.100 and investigate any wallet interactions involving this infrastructure. User education regarding wallet connection risks and the importance of verifying domain legitimacy before any interaction remains critical. Immediate reporting of any observed activity involving this domain to relevant threat intelligence platforms is strongly encouraged to aid collective defense efforts. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP ?) - Page title: Redirection... ## Domain Intelligence - Registrar: Google LLC - IP: 199.36.158.100 ## Detection Status - VirusTotal: 11 vendors flagged - Google Safe Browsing: clean - Blocklists: 1 hits Lists: ["OISD"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f20260e9-1c62-4eaa-8095-358a01b324c0 - PhishDestroy: https://phishdestroy.io/domain/vispwzsf.web.app/ - LLM endpoint: https://phishdestroy.io/domain/vispwzsf.web.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/vispwzsf.web.app/ Last updated: 2026-04-15