# beef-meme.pages.dev — SUSPICIOUS

> beef-meme.pages.dev is a crypto drainer impersonating the Cowboy Meme brand. VirusTotal reports 0/95 detections. Avoid interactions immediately.

## Summary
PhishDestroy identifies beef-meme.pages.dev as an active crypto drainer impersonating the Cowboy Meme brand, leveraging meme culture to deceive cryptocurrency users. The page, titled 'Cowboys HODL BEEF,' is designed to trick victims into connecting their wallets or transferring funds under the guise of a meme-themed cryptocurrency scam. This domain is part of a broader trend where threat actors exploit viral internet trends to spread malicious links, often through social media or decentralized platforms. The drainer kit likely includes wallet connection prompts or fake transaction interfaces to siphon funds from unsuspecting users. Cloudflare's Pages service is being abused to host this malicious content, making it harder to take down quickly due to Cloudflare's widespread infrastructure.

The technical indicators for this domain are as follows: VirusTotal shows 0 detections out of 95 engines as of the latest scan, indicating it has evaded traditional antivirus detection mechanisms. The domain resolves to IP address 188.114.97.3, which is associated with Cloudflare's infrastructure, a common tactic to obscure the true origin of malicious sites. The domain was registered through Cloudflare, Inc., and is protected by an SSL certificate issued by Google Trust Services, further enhancing its legitimacy in the eyes of potential victims. This domain has been flagged on two security blocklists and is currently active. Additional metadata such as the domain's creation date was not provided in the available intelligence.

As of now, beef-meme.pages.dev remains active and poses an ongoing risk to cryptocurrency users, particularly those engaged in meme coin communities. It has been blocked by security tools such as Enkrypt and ScamSniffer, but its use of Cloudflare's infrastructure and a valid SSL certificate means it can still reach a wide audience. The low VirusTotal detection rate suggests that signature-based defenses are ineffective against this threat. Users are strongly advised to avoid interacting with this domain and to report it to their security providers or platforms like PhishDestroy. The remaining risk is high due to the domain's active status, the lack of widespread detection, and its potential to spread rapidly through social media channels. Immediate action is required to mitigate the spread of this drainer and protect potential victims.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP ?)
- Page title: Cowboys HODL BEEF

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["Enkrypt", "ScamSniffer"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0faa9caf-8b5b-4f88-83ef-ee5545cdd959
- PhishDestroy: https://phishdestroy.io/domain/beef-meme.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/beef-meme.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/beef-meme.pages.dev/
Last updated: 2026-04-13