# ray-event.com — SUSPICIOUS

> ray-event.com is flagged for crypto drainer phishing, with 1/95 security vendors detecting threats. Avoid this site to protect your digital assets from.

## Summary
PhishDestroy identifies ray-event.com as a crypto drainer phishing domain designed to steal cryptocurrency assets through deceptive tactics. This domain specifically poses a high risk to users by mimicking legitimate services to trick victims into connecting cryptocurrency wallets or divulging sensitive credentials. The site leverages social engineering to exploit trust, particularly targeting users in the crypto space where transactions are irreversible and funds are highly vulnerable to theft. By luring users with false promises or fake services, the threat actors behind ray-event.com aim to drain wallets of digital assets, including tokens and NFTs, leaving victims with irreversible financial losses. Immediate caution is advised for anyone who encounters this domain in crypto-related contexts such as wallet connections, token swaps, or phishing messages.  This domain was flagged by 1 out of 95 security vendors on VirusTotal, indicating limited but notable detection of its malicious nature. It resolves to IP address 188.114.96.3 and is registered through Hello Internet Corp, a domain registrar known for accommodating anonymous registrations. The domain was created on February 27, 2026, which is an unusually recent creation date for a website claiming to offer legitimate services, a common tactic among threat actors to quickly deploy and discard malicious infrastructure. Additionally, ray-event.com appears on 1 security blocklist and is explicitly blocked by MetaMask, a widely used cryptocurrency wallet, further validating its malicious intent. The presence of a Let's Encrypt SSL certificate does not indicate legitimacy, as threat actors frequently use free certificates to appear trustworthy while hosting malicious content.  Users who have visited ray-event.com should immediately disconnect any connected cryptocurrency wallets and revoke any permissions granted to the site through their wallet’s connection settings. If you entered any credentials or connected a wallet, monitor your accounts for unauthorized transactions and consider transferring remaining assets to a secure wallet not previously exposed to this domain. Revoke API keys or third-party permissions associated with this site through your wallet’s security settings. If you suspect any compromise, report the incident to your wallet provider and consider a full security audit of your digital assets and devices. Always verify the authenticity of websites claiming to offer crypto services by cross-referencing official channels and using hardware wallets for sensitive transactions. Stay vigilant against domains with recent creation dates or those using free SSL certificates as potential red flags for malicious activity.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2026-02-27 22:17:05
- Registrar: Hello Internet Corp
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["MetaMask"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6c87a011-64e0-4074-8570-bdffc15d4c67
- PhishDestroy: https://phishdestroy.io/domain/ray-event.com/
- LLM endpoint: https://phishdestroy.io/domain/ray-event.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ray-event.com/
Last updated: 2026-03-23