# appuphled-log.pages.dev — SUSPICIOUS > PhishDestroy flags appuphled-log.pages.dev as a crypto drainer with 0/95 VirusTotal detections. Avoid interaction immediately. ## Summary PhishDestroy identifies appuphled-log.pages.dev as an active crypto drainer domain currently under investigation for credential theft. The domain resolves to IP 188.114.96.3, is hosted by Cloudflare, and holds a Google Trust Services SSL certificate. As of the latest scan, VirusTotal reports 0 detections out of 95 scanners, indicating it remains unflagged across major security platforms. This domain was flagged by PhishDestroy’s seed 832983 and is linked to a generic phishing campaign targeting cryptocurrency users. Technical indicators include registration through Cloudflare, Inc., a dynamic IP address associated with multiple high-risk domains, and a recently issued SSL certificate from Google Trust Services—often used to lend false legitimacy to fraudulent sites. The domain’s creation date remains unlisted due to Cloudflare’s privacy protections, but its association with *.pages.dev subdomains suggests recent deployment. Current blocklist inclusion is unverified, though the absence of detections implies it has evaded automated detection thus far. Mitigation for this crypto drainer threat requires immediate action: avoid clicking links or entering credentials on appuphled-log.pages.dev or any related subdomains. Users should verify the legitimacy of cryptocurrency-related websites through official channels and implement wallet restrictions to prevent unauthorized transactions. Additionally, report the domain to threat intelligence platforms like VirusTotal, PhishDestroy, or your security provider. Network defenders are advised to block the IP 188.114.96.3 and monitor for related infrastructure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/05c05ac5-75ef-4462-8203-d499243fa054 - PhishDestroy: https://phishdestroy.io/domain/appuphled-log.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/appuphled-log.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/appuphled-log.pages.dev/ Last updated: 2026-04-11