# gingerwallet.pages.dev — SUSPICIOUS > GingerWallet.pages.dev is a crypto drainer site with 2/95 VirusTotal detections. Check the full report. ## Summary GingerWallet.pages.dev has been identified by PhishDestroy as an active crypto drainer posing an elevated risk to cryptocurrency users. This domain is specifically designed to trick victims into connecting their wallets and approving malicious transactions that drain funds. The threat is ongoing, with the domain currently resolving to a live server (188.114.97.3) and actively engaging in fraudulent activity. This domain was flagged by PhishDestroy with an elevated risk rating due to its confirmed functionality as a cryptocurrency drainer. The site was registered through Cloudflare, Inc., and is protected by a Google Trust Services SSL certificate, which may give it an appearance of legitimacy. VirusTotal reports a low detection rate of 2 out of 95 security vendors, indicating poor recognition by automated scanning tools. The domain resolves to IP address 188.114.97.3 and appears to be actively hosted on Cloudflare's infrastructure. The unique seed identifier (4a741a) confirms its classification within a known campaign of crypto-draining operations. To mitigate the risk of falling victim to this drainer, cryptocurrency users should avoid visiting or interacting with GingerWallet.pages.dev entirely. Never connect your wallet or approve transactions on untrusted sites. Use wallet extensions that provide transaction simulation or approval filtering to block suspicious requests. Check community blocklists and security forums for updated IOCs (Indicators of Compromise) related to this domain. If you suspect exposure, immediately revoke any malicious approvals via your wallet’s interface and transfer remaining assets to a clean wallet. Report the domain to your antivirus provider and relevant cryptocurrency security platforms. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/bd4b046f-e7a2-4a92-9976-08bb9f1d750d - PhishDestroy: https://phishdestroy.io/domain/gingerwallet.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/gingerwallet.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/gingerwallet.pages.dev/ Last updated: 2026-03-31