# g0ld333nndrraa.vercel.app — SUSPICIOUS

> g0ld333nndrraa.vercel.app is a verified Aave brand impersonation site. VirusTotal detected 0/95 security engines.

## Summary
PhishDestroy identifies g0ld333nndrraa.vercel.app as an active crypto drainer impersonating the Aave brand. The domain leverages a fraudulent interface to trick users into connecting crypto wallets and signing malicious transactions, resulting in asset theft. This domain is classified as a high-risk threat due to its deceptive branding and operational activity. Users who interact with the site risk irreversible financial loss and credential compromise.


This domain resolves to IP 64.29.17.195 and operates under a Google Trust Services SSL certificate to appear legitimate. The platform is hosted on Vercel Inc., a legitimate cloud provider, indicating abuse of reputable infrastructure. VirusTotal shows 0 detections out of 95 security engines, demonstrating the evasiveness of this threat against automated scanning tools. The domain specifically targets Aave users, likely distributed via social engineering channels such as fake giveaways or phishing messages. It has not yet been added to major blocklists, enabling ongoing operation.


To mitigate risk, users should immediately block g0ld333nndrraa.vercel.app at the network level and avoid accessing it under any circumstances. Never connect wallets or sign transactions on untrusted domains. Report this URL to security teams and blocklist providers. Consider enabling wallet transaction simulation tools to detect malicious transaction payloads before approval. If interaction has already occurred, revoke any approved permissions via blockchain explorers and transfer remaining assets to a secure wallet. Always verify URLs through official brand channels before engagement.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Aave

## Domain Intelligence
- Registrar: Vercel Inc.
- IP: 64.29.17.195

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/g0ld333nndrraa.vercel.app
- PhishDestroy: https://phishdestroy.io/domain/g0ld333nndrraa.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/g0ld333nndrraa.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/g0ld333nndrraa.vercel.app/
Last updated: 2026-04-05