# dydx-tax.pages.dev — SUSPICIOUS

> PhishDestroy identifies dydx-tax.pages.dev as a brand impersonation site with 0/95 VirusTotal detections targeting dYdX users. Avoid entering credentials.

## Summary
PhishDestroy has flagged dydx-tax.pages.dev as an active brand impersonation domain designed to mimic the legitimate dYdX cryptocurrency trading platform. This deceptive site leverages Cloudflare’s Pages.dev infrastructure to host a fraudulent interface aimed at deceiving users into revealing sensitive credentials or approving unauthorized crypto transactions. The infrastructure aligns with common tactics used by crypto drainers, where threat actors impersonate trusted platforms to exploit user trust and facilitate illicit fund transfers.  This domain was flagged with 0 detections out of 95 VirusTotal scans as of the latest assessment. The domain resolves to IP 188.114.96.3 and is registered through Cloudflare, Inc., a common tactic used to obscure the true origin of malicious infrastructure. Although the SSL certificate is issued by Google Trust Services—an expected feature for legitimate platforms—this should not be interpreted as a sign of safety, as threat actors often exploit trusted certificate authorities to enhance credibility. The active status of this threat indicates ongoing exposure to users.  If you have visited dydx-tax.pages.dev, cease all interactions immediately and revoke any connected wallet permissions or API keys from your dYdX account. Monitor your transaction history and connected wallet addresses for unauthorized activity. Report the domain to your security team or platform administrators to aid in broader threat mitigation. Avoid entering any credentials or engaging with wallet connection prompts until the site can be independently verified as legitimate.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: dYdX

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/dydx-tax.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/dydx-tax.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/dydx-tax.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dydx-tax.pages.dev/
Last updated: 2026-04-03