# dinero-6rm.pages.dev — SUSPICIOUS > dinero-6rm.pages.dev hosts a crypto drainer phishing page with 0/95 VirusTotal detections. Avoid this domain to protect crypto assets. Take action now. ## Summary PhishDestroy identifies dinero-6rm.pages.dev as an active crypto drainer domain designed to trick users into unknowingly transferring cryptocurrency assets to cybercriminal-controlled wallets. This domain mimics financial services or investment platforms to deceive victims into approving fraudulent transactions, often exploiting social media campaigns or malicious advertisements to spread. Once a user connects a wallet or enters private keys, the drainer automatically siphons funds without further interaction, making it a high-risk threat to cryptocurrency holders. The domain leverages Cloudflare’s hosting infrastructure, likely to evade detection and maintain availability, while using Google Trust Services for SSL encryption to appear legitimate. This domain was flagged by PhishDestroy’s threat intelligence pipeline with 0 detections out of 95 engines on VirusTotal, indicating it remains under the radar on major scanning platforms despite active malicious activity. Registered through Cloudflare, Inc., the domain resolves to IP 172.66.44.86 and is currently classified as 'active' with a risk status of 'under_investigation'. The lack of third-party detections suggests a need for proactive user protection strategies, as traditional antivirus and scanning tools may not yet recognize the threat. If you visited or interacted with dinero-6rm.pages.dev, disconnect your wallet immediately and revoke any unauthorized token approvals through your wallet provider’s interface or tools like Etherscan’s token approval checker. Do not approve any pending transactions you did not initiate. Reset passwords and enable two-factor authentication on all related financial accounts. Report the domain to your antivirus provider and block it at the network level if possible. Stay vigilant for unusual financial activity and consider using hardware wallets with limited exposure to online interfaces to minimize risk. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.86 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e6b3df0f-6eaa-4eb7-8e9e-2c7ea8f010a1 - PhishDestroy: https://phishdestroy.io/domain/dinero-6rm.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/dinero-6rm.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/dinero-6rm.pages.dev/ Last updated: 2026-03-24