# fortnitelp.pages.dev — SUSPICIOUS

> PhishDestroy identifies fortnitelp.pages.dev as a brand impersonation phishing domain actively stealing crypto via fake Fortnite giveaways.

## Summary
PhishDestroy identifies fortnitelp.pages.dev as a recently activated Fortnite-themed crypto drainer phishing domain masquerading as a legitimate Fortnite Live Points (LP) giveaway portal. The landing page is hosted on Cloudflare Pages (pages.dev) and leverages Google Trust Services SSL certificates to mimic authenticity. Threat actors are promoting this fraudulent domain through social media and gaming forums, tricking users into connecting their cryptocurrency wallets under the false pretense of receiving in-game rewards. While no specific drainer kit hash has been publicly released, the infrastructure closely resembles known cryptocurrency harvesting campaigns targeting gaming communities.  

This domain was flagged with a VirusTotal detection score of 0/95 as of the latest scan, indicating it currently evades most antivirus and threat intelligence platforms. It was registered through Cloudflare, Inc., resolves to IP address 188.114.97.3, and is associated with Cloudflare's edge network infrastructure. Google Safe Browsing (GSB) has not yet flagged the domain, and it remains absent from major threat intelligence blocklists. The domain's creation date is recent and under active monitoring, with no historical reputation data available. These traits suggest a fast-moving, opportunistic campaign built for short-term exploitation before detection systems catch up.  

As of this report, the domain remains active and under investigation with a status classified as 'active'. PhishDestroy analysts continue to monitor its propagation vectors and wallet drainer mechanics. While immediate risk is elevated within targeted gaming communities, broader exposure remains limited due to low detection scores and absence on blocklists. Users are advised to avoid interacting with fortnitelp.pages.dev, verify any gaming-related giveaway domains through official Epic Games or Fortnite channels, and report wallet connection warnings to their security tools. Blocking the domain at the network level and updating endpoint defenses are recommended to mitigate exposure to this evolving threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/52f33edf-0108-42ff-8933-7e8556e60b22
- PhishDestroy: https://phishdestroy.io/domain/fortnitelp.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/fortnitelp.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/fortnitelp.pages.dev/
Last updated: 2026-03-21