# sepolia2.pages.dev — SUSPICIOUS

> PhishDestroy flags sepolia2.pages.dev as a live crypto drainer kit on Google Cloudflare hosting, 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies sepolia2.pages.dev as an active crypto-draining phishing domain hosted on Google Trust Services via Cloudflare Pages. This page is designed to trick cryptocurrency users into connecting their wallets and unknowingly signing malicious transactions that drain funds. The infrastructure and naming pattern (sepolia2) strongly suggest a clone targeting users of Ethereum testnet tools or services, exploiting the “Sepolia” public test network to appear legitimate.  

This domain’s technical fingerprint includes a VirusTotal score of 0/95 detections, indicating it remains undetected by most antivirus engines at the time of analysis. It resolves to IP address 172.66.46.222, a Cloudflare edge endpoint. Registrar data shows the domain is managed through Cloudflare, Inc., leveraging their infrastructure for both hosting (Pages.dev) and SSL termination via Google Trust Services. As of this report, the domain is under investigation and has not yet been listed on major blocklists such as Google Safe Browsing (GSB) or PhishTank, leaving users exposed.  

The domain is currently active and poses a high risk to users who interact with it, particularly those involved in Web3 or cryptocurrency activities. PhishDestroy has flagged this domain due to its direct association with crypto-draining behavior. Security teams are advised to block access via network and DNS level controls and to warn users not to interact with this domain. Despite its current lack of detections, the presence of a drainer kit on a reputable hosting platform indicates an elevated and evolving threat. Users should verify any unknown .pages.dev URL on PhishDestroy before taking any action, especially wallet connections.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.222

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/584f16c0-f970-427f-91a3-0c868971ff1f
- PhishDestroy: https://phishdestroy.io/domain/sepolia2.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sepolia2.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sepolia2.pages.dev/
Last updated: 2026-03-26