# pairdrop.gemini.endrm.net — SUSPICIOUS

> pairdrop.gemini.endrm.net is an active crypto drainer domain flagged for suspicious activity. Stay alert and avoid interactions to protect your assets.

## Summary
PhishDestroy identifies pairdrop.gemini.endrm.net as a crypto drainer domain registered recently on February 11, 2023. The domain is hosted under Squarespace Domains II LLC and continues to pose a risk by targeting cryptocurrency users with fraudulent schemes aimed at draining digital wallets.

Technical analysis reveals that the domain resolves to IP address 195.201.116.254 and currently appears on one known security blocklist. VirusTotal's scan results show limited detection, with only one out of ninety-five security vendors flagging the domain, indicating early-stage or low-profile activity but still warranting caution due to its malicious intent.

The domain remains active and operational, with a low but real threat level. Users and security platforms are advised to monitor this domain closely and implement blocking measures to prevent potential crypto asset theft. Awareness and avoidance of this domain are crucial to safeguarding digital currencies from exploitation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Log in - YunoHost

## Domain Intelligence
- Registered: 2023-02-11 21:10:01
- Expires: 2027-02-11 21:10:01
- Registrar: Squarespace Domains II LLC
- Country: USA
- IP: 195.201.116.254
- Nameservers: ns-cloud-d1.googledomains.com ns-cloud-d2.googledomains.com ns-cloud-d3.googledomains.com ns-cloud-d4.googledomains.com

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["SOCRadar"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Live Page Content

### Page Text
Loading

## Evidence
- Screenshot: https://urlscan.io/screenshots/019928df-72c5-73af-81f8-31e7b17991a3.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b63fa9fc-445d-4fa6-87b8-e7dc64a93c18
- PhishDestroy: https://phishdestroy.io/domain/pairdrop.gemini.endrm.net/

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pairdrop.gemini.endrm.net/
Last updated: 2026-03-13