# www.spinnhart.com — SUSPICIOUS

> PhishDestroy identifies spinnhart.com as a live fake wallet-drainer phishing site hosted on AWS (IP 52.222.236.30).

## Summary
PhishDestroy flags spinnhart.com as a generic phishing domain designed to steal cryptocurrency through a fake wallet-drainer kit. No specific cryptocurrency brand is mimicked in the available intelligence, suggesting a general-purpose drainer may be deployed once victims land on the page. The domain resolves to a single IPv4 address (52.222.236.30) on Amazon’s cloud, which is typical for short-lived phishing campaigns seeking high availability at low cost.  This domain was registered on 10 August 2025 through NameSilo, LLC in the same month it went live, indicating a very recent campaign. VirusTotal currently shows 0 detections out of 95 engines, meaning the payload remains undetected by most antivirus products. Google Safe Browsing has not yet blacklisted the domain, and public blocklists show zero entries, leaving end-users fully exposed. The Amazon SSL certificate adds a veneer of legitimacy but does not guarantee safety.  The threat is ACTIVE and under investigation by PhishDestroy. Immediate user action includes blocking both the domain and the IP (52.222.236.30) at the network or DNS level. Until the domain is sinkholed or blacklisted by major browsers, treat any interaction as high-risk; refrain from connecting wallets or entering seed phrases. Remaining risk is HIGH while the domain remains unlisted on major threat intelligence platforms and continues to resolve.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2025-08-10 08:48:16
- Registrar: NameSilo, LLC
- IP: 52.222.236.30

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b54f93df-56dd-4219-afeb-bd6e371437f8
- PhishDestroy: https://phishdestroy.io/domain/www.spinnhart.com/
- LLM endpoint: https://phishdestroy.io/domain/www.spinnhart.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/www.spinnhart.com/
Last updated: 2026-03-25