# rider-ad6.pages.dev — MALICIOUS

> Domain rider-ad6.pages.dev is a crypto drainer impersonating popular brands. Google Safe Browsing flags it as social engineering.

## Summary
PhishDestroy identifies the domain rider-ad6.pages.dev as an active crypto drainer phishing site. This threat type involves malicious actors using fake login portals or deceptive transaction prompts to drain cryptocurrency from unsuspecting users. While specific brand impersonation is not explicitly detailed in the intelligence, the site is classified as a generic phishing platform with crypto-draining functionality, commonly associated with high-risk social engineering schemes.


Technical analysis reveals rider-ad6.pages.dev bears multiple hallmarks of malicious infrastructure. The domain, registered through Cloudflare, Inc., resolves to IP address 172.66.44.249 and is protected by a Google Trust Services SSL certificate. VirusTotal flags this domain with a score of 8 out of 95 security vendors, indicating partial but not universal detection. Google Safe Browsing classifies the site under the SOCIAL_ENGINEERING category, and the domain appears on 2 independent security blocklists. As a Cloudflare Pages domain, it leverages reputable hosting infrastructure to enhance credibility while concealing its malicious intent.


The domain remains active as of the latest assessment, despite being blocked by ScamSniffer and Enkrypt. While Cloudflare-based domains often have short lifespans due to takedown sensitivity, this site persists with elevated risk potential. Users are strongly advised to avoid interacting with rider-ad6.pages.dev and to verify any suspicious links using PhishDestroy’s real-time domain lookup tool. No official takedown or mitigation by the hosting provider has been recorded. Given the presence of multiple security vendors, blocklists, and GSB flagging, the residual risk remains high for potential victims, particularly in crypto and Web3 contexts where drainer kits are prevalent. Immediate avoidance and proactive verification are recommended to prevent financial loss.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.249

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["ScamSniffer", "Enkrypt"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3201edc0-3086-4bef-a275-3472618f816a
- PhishDestroy: https://phishdestroy.io/domain/rider-ad6.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/rider-ad6.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rider-ad6.pages.dev/
Last updated: 2026-03-28