# l-3fp.pages.dev — SUSPICIOUS

> PhishDestroy identifies l-3fp.pages.dev as a generic phishing domain with crypto drainer activity. VirusTotal flags 0/95 engines.

## Summary
PhishDestroy identifies l-3fp.pages.dev as a crypto drainer phishing domain designed to trick users into connecting fraudulent cryptocurrency wallets or revealing seed phrases. Victims may unknowingly approve malicious transactions that drain funds from compatible wallets like MetaMask or Trust Wallet. The domain leverages Cloudflare Pages hosting to obscure its infrastructure, making it harder to trace while providing SSL encryption via Google Trust Services. Security researchers note that crypto drainers often impersonate legitimate services, NFT projects, or wallet interfaces to gain trust before stealing assets. If you interact with this site, your connected wallets are at immediate risk of unauthorized blockchain transactions.


This domain was flagged on Cloudflare Pages with VirusTotal showing 0/95 detections at the time of review, indicating minimal immediate detection by antivirus engines. The domain has been active since its registration through Cloudflare, Inc., which provides anonymity layers to threat actors. SSL certificates issued by Google Trust Services (GTS) further legitimize the site in users' browsers, despite its malicious intent. The hosting IP 188.114.96.3 is associated with Cloudflare’s infrastructure, which is commonly abused for phishing campaigns due to its fast deployment and evasion capabilities. The unique seed identifier fe406f confirms this entry’s position in our phishing database for further investigation.


If you visited l-3fp.pages.dev, disconnect all cryptocurrency wallets immediately and revoke any unauthorized connections through your wallet’s settings. Do not approve any transaction requests, even if they appear to originate from the site. Scan your device with up-to-date antivirus software for keyloggers or browser extensions you don’t recognize. Report this domain to your wallet provider and consider transferring remaining funds to a fresh wallet with enhanced security measures. Monitor blockchain transaction histories closely for signs of unauthorized transfers. For future protection, verify domains through official project websites or trusted security databases before interacting with crypto-related platforms.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/54fd467e-f5b7-4c1e-b053-b3fab14e1ef8
- PhishDestroy: https://phishdestroy.io/domain/l-3fp.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/l-3fp.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/l-3fp.pages.dev/
Last updated: 2026-03-28