# dazzling-sunshine-2bc570.netlify.app — MALICIOUS > dazzling-sunshine-2bc570.netlify.app is a verified crypto drainer impersonating a wallet login page. 18/95 security vendors flag this domain. ## Summary PhishDestroy identifies dazzling-sunshine-2bc570.netlify.app as an active crypto drainer, a high-risk phishing site designed to steal cryptocurrency funds by tricking users into connecting malicious wallet extensions or entering private keys on a fake login portal. This domain leverages Netlify’s hosting infrastructure to host deceptive pages mimicking legitimate crypto services, making it part of a growing trend in crypto-related social engineering campaigns. The scam is specifically engineered to drain digital assets from unsuspecting victims, with indicators pointing to automated fund transfers upon wallet connection or seed phrase submission. This domain was flagged by Google Safe Browsing under the SOCIAL_ENGINEERING category and is blocked by 18 out of 95 VirusTotal security vendors, including multiple threat intelligence platforms specializing in cryptocurrency scams. It resolves to IP address 35.157.26.135, hosted on Netlify’s infrastructure, which is frequently exploited for fast-flux phishing operations due to its legitimate CDN capabilities. While the SSL certificate (issued by DigiCert Inc) appears legitimate at first glance, its presence does not validate the site’s intent—only the encryption channel. The domain’s recent creation and rapid deployment to evade detection further underscore its malicious nature. Mitigation for this crypto drainer threat requires immediate action: users should avoid accessing dazzling-sunshine-2bc570.netlify.app entirely. If any interaction occurred, disconnect the wallet from the browser, revoke any unintended approvals via blockchain explorers (e.g., Etherscan for Ethereum), and transfer remaining funds to a newly generated, secure wallet. Always verify crypto-related URLs through PhishDestroy or official project websites before entering credentials or connecting wallets. Enable hardware wallet signing and multi-factor authentication where possible, and educate users on recognizing fake login prompts and unsolicited wallet connection requests to prevent future exposure. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Netlify - IP: 35.157.26.135 ## Detection Status - VirusTotal: 18 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/4b48304b-5581-410f-93fd-c02ab4bec3bd - PhishDestroy: https://phishdestroy.io/domain/dazzling-sunshine-2bc570.netlify.app/ - LLM endpoint: https://phishdestroy.io/domain/dazzling-sunshine-2bc570.netlify.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/dazzling-sunshine-2bc570.netlify.app/ Last updated: 2026-04-01