# mur5ad.pages.dev — SUSPICIOUS

> PhishDestroy identifies mur5ad.pages.dev as a crypto drainer domain, flagged by 0 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies mur5ad.pages.dev as an active crypto drainer domain currently under investigation. This domain mimics legitimate services to trick users into connecting cryptocurrency wallets, enabling unauthorized fund transfers. The threat remains active and is being closely monitored for further indicators of compromise.

According to verified threat intelligence, mur5ad.pages.dev resolves to IP 188.114.96.3 and is registered through Cloudflare, Inc. This domain has not yet been flagged by any of the 95 VirusTotal vendors as of the latest scan. It holds a valid SSL certificate issued by Google Trust Services, which may contribute to its deceptive legitimacy. However, the lack of detections does not equate to safety, and users are strongly advised to exercise caution when encountering this domain or its associated links.

Given the active status and crypto drainer nature of mur5ad.pages.dev, PhishDestroy recommends immediate avoidance of this domain and any associated URLs. Users who may have interacted with this domain or entered sensitive information should disconnect their wallets from untrusted sites, revoke any unauthorized permissions, and monitor their transaction history for suspicious activity. Organizations are urged to update their threat intelligence feeds and block this domain at the network level to prevent further exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/80af570b-0f8e-4cf5-a35f-644e728c4d6d
- PhishDestroy: https://phishdestroy.io/domain/mur5ad.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/mur5ad.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mur5ad.pages.dev/
Last updated: 2026-03-26