# abrxrx-wallet.pages.dev — SUSPICIOUS > PhishDestroy identifies abrxrx-wallet.pages.dev as a live crypto drainer targeting digital asset holders. Flagged by 0 of 95 VirusTotal vendors. ## Summary PhishDestroy identifies the domain abrxrx-wallet.pages.dev as an active crypto drainer, currently under investigation for fraudulent cryptocurrency theft operations. This webpage is designed to deceive users into connecting wallets to a malicious smart contract, enabling unauthorized token and NFT transfers without consent. The threat has been escalated to active status, indicating ongoing malicious activity and potential for further damage within the cryptocurrency ecosystem. This domain resolves to IP address 188.114.97.3 and is registered through Cloudflare, Inc., leveraging Google Trust Services for its SSL certificate to enhance appearance of legitimacy. VirusTotal currently shows 0 detections out of 95 scanning engines, suggesting that signature-based detection systems have not yet flagged this threat. The domain utilizes a Cloudflare-managed infrastructure, which often complicates takedown efforts due to rapid IP rotation and hidden WHOIS data. While no definitive creation date is provided, the use of *.pages.dev subdomains suggests a recent deployment under the Pages.dev platform, which has become a popular hosting choice for threat actors seeking free and anonymous web presence. The lack of detections, combined with the domain’s active status and cryptocurrency drainer functionality, elevates the risk profile significantly for unsuspecting crypto users. Users are strongly advised to avoid interacting with abrxrx-wallet.pages.dev and to verify any wallet connection URLs through official project websites or trusted community sources. Cryptocurrency holders should disable wallet extensions when not in use, revoke suspicious smart contract approvals via tools like revoke.cash, and monitor approved permissions regularly. Block the IP 188.114.97.3 at the firewall level and report the domain to security platforms such as Google Safe Browsing, PhishTank, and local cybercrime units. Institutions should consider adding this domain to real-time threat intelligence feeds to prevent accidental exposure through email, social media, or search engine results. Due to the active and evolving nature of crypto drainers, continued monitoring is essential to mitigate financial losses across multiple blockchains. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/370af122-acf1-4f7a-b5e2-5daf4ef20b6c - PhishDestroy: https://phishdestroy.io/domain/abrxrx-wallet.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/abrxrx-wallet.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/abrxrx-wallet.pages.dev/ Last updated: 2026-03-30