# pengupunksabs.pages.dev — SUSPICIOUS > PhishDestroy identifies pengupunksabs.pages.dev as an active crypto drainer impersonating PENGU Punks with 0/95 VirusTotal detections. Do not interact. ## Summary PhishDestroy identifies pengupunksabs.pages.dev as an active crypto drainer impersonating the PENGU Punks brand. The domain uses Cloudflare Pages hosting and resolves to IP 172.66.47.135 with a Google Trust Services SSL certificate to appear legitimate. Users risk losing cryptocurrency or credentials if they connect wallets or enter seed phrases on this fraudulent site. This domain was flagged with 0 detections out of 95 VirusTotal scans and is registered through Cloudflare, Inc., a common tactic to avoid immediate takedown. The site was created recently and operates under the guise of a PENGU Punks promotional giveaway or airdrop to trick victims into connecting fake NFT minting or trading portals. The absence of detections indicates it is still in early campaign stages, targeting less cautious users. If you visited pengupunksabs.pages.dev or entered any information, immediately revoke any connected wallet permissions using tools like revoke.cash or your wallet’s security settings. Do not enter seed phrases, private keys, or sign wallet transactions on suspicious links. Report the domain to Cloudflare Abuse via https://www.cloudflare.com/abuse/form and monitor your wallet for unauthorized transactions. Use hardware wallets for high-value assets and enable transaction alerts to detect fraudulent transfers early. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.135 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/pengupunksabs.pages.dev - PhishDestroy: https://phishdestroy.io/domain/pengupunksabs.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/pengupunksabs.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/pengupunksabs.pages.dev/ Last updated: 2026-04-09