# redstone-finance.pages.dev — SUSPICIOUS > PhishDestroy warns that redstone-finance.pages.dev is a crypto drainer impersonating Redstone Finance. ## Summary PhishDestroy identifies redstone-finance.pages.dev as an active crypto drainer scam posing as Redstone Finance, a legitimate decentralized finance protocol. This domain leverages Cloudflare and Google Trust Services to appear legitimate while hosting malicious scripts designed to drain cryptocurrency wallets. The elevated risk level reflects its confirmed malicious activity and ongoing abuse of legitimate infrastructure to deceive users. This domain was flagged by Polkadot, Codeesura, ScamSniffer, and Enkrypt, with VirusTotal reporting a detection ratio of 1 out of 95 security vendors. It resolves to IP 172.66.45.34 and has been added to 4 blocklists, indicating widespread recognition as a threat. The use of Google Pages (pages.dev) and Cloudflare further complicates detection by exploiting trusted services. This domain employs a classic impersonation tactic, mimicking Redstone Finance to lure users into connecting their wallets or entering sensitive information. The crypto drainer payload is likely delivered through fake investment opportunities, fake airdrop claims, or phishing links shared via social media or email. The domain's SSL certificate from Google Trust Services adds a veneer of legitimacy, while Cloudflare's infrastructure obscures its true origin. The combination of these factors creates a high-risk environment for cryptocurrency users, particularly those unfamiliar with the tactics used by threat actors to exploit decentralized finance ecosystems. To mitigate the risk posed by redstone-finance.pages.dev, users should avoid interacting with the domain entirely. If you have already visited the site or connected your wallet, revoke any unauthorized permissions immediately using tools like revoke.cash or your wallet's built-in permission manager. Never enter seed phrases, private keys, or wallet passwords on any site claiming to be Redstone Finance or any other DeFi protocol. Verify the legitimacy of any crypto-related website by checking official Redstone Finance channels (website, Twitter, Discord) for the correct domain. Use browser extensions like MetaMask's phishing detection or dedicated security tools like PhishDestroy to scan links before clicking. Report this domain to your wallet provider and relevant security platforms to help prevent further abuse. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.45.34 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 4 hits Lists: ["Polkadot", "Codeesura", "ScamSniffer", "Enkrypt"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/redstone-finance.pages.dev - PhishDestroy: https://phishdestroy.io/domain/redstone-finance.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/redstone-finance.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/redstone-finance.pages.dev/ Last updated: 2026-04-07