# mytesttterrrrjsadj-com-a7b8d7.pages.dev — SUSPICIOUS

> Mytesttterrrrjsadj-com-a7b8d7.pages.dev hosts a generic phishing drainer targeting crypto wallets. Resolves to 172.66.47.5.

## Summary
PhishDestroy identifies mytesttterrrrjs-ad-com-a7b8d7.pages.dev as a live generic phishing domain deploying a cryptocurrency drainer kit. The domain mimics legitimate services to trick users into connecting wallets and approving malicious transactions. While no specific brand is impersonated in known intelligence, the infrastructure and behavior align with drainer-as-a-service toolkits observed in recent campaigns. No custom kit has been publicly identified, suggesting the use of an off-the-shelf solution available to threat actors.  

This domain was flagged with a 0/95 detection rate on VirusTotal as of the latest scan, indicating it remains undetected by most antivirus engines. It resolves to IP 172.66.47.5 via Cloudflare, Inc., with an SSL certificate issued by Google Trust Services. The domain has been confirmed on two separate blocklists and is currently blocked by MetaMask and SEAL security solutions. While the exact creation date is not provided in available intelligence, its presence on active blocklists confirms recent deployment.  

The domain is classified as active with a risk level marked as under_investigation, though it is already flagged by multiple security vendors. Immediate response actions include blocking at network and endpoint levels based on known indicators. Users are strongly advised to avoid clicking unverified links, verify domain accuracy before inputting credentials, and ensure wallet extensions and security software are updated. The remaining risk is moderate given the domain's low detection coverage and active campaign status, warranting continued monitoring and proactive blocking.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.5

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["MetaMask", "SEAL"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/358044ec-f97b-4432-9258-a6f7387a6111
- PhishDestroy: https://phishdestroy.io/domain/mytesttterrrrjsadj-com-a7b8d7.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/mytesttterrrrjsadj-com-a7b8d7.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mytesttterrrrjsadj-com-a7b8d7.pages.dev/
Last updated: 2026-04-01