# solaoap.pages.dev — SUSPICIOUS

> solaoap.pages.dev, a crypto drainer, shows 0/95 VirusTotal detections. Analyzed by PhishDestroy. Act now to secure your crypto assets.

## Summary
PhishDestroy identifies solaoap.pages.dev as an active crypto drainer posing as a legitimate service to trick users into transferring cryptocurrency to fraudulent wallets. The domain leverages Cloudflare's infrastructure and a Google Trust Services SSL certificate to appear credible, while its recent registration and low detection rate on VirusTotal make it a stealthy threat to unsuspecting users. This investigation highlights the need for immediate action to prevent financial losses.  This domain resolves to IP 172.66.44.146 and operates under Cloudflare, Inc., with a VirusTotal detection rate of 0 out of 95 scanners, indicating it has evaded most automated security tools. The domain's SSL certificate is issued by Google Trust Services, which adds a misleading layer of legitimacy, while its use of a `.pages.dev` subdomain under Cloudflare's Pages platform suggests a focus on exploiting free hosting services to host malicious content. The absence of blocklist entries further underscores its ability to fly under the radar, increasing the risk to users who may interact with it unknowingly.  If you have visited solaoap.pages.dev or suspect interaction with this domain, immediately revoke any wallet approvals or connected permissions to prevent unauthorized transactions. Use dedicated security tools to scan your devices for malware, as crypto drainers often deploy additional payloads like keyloggers or Trojans. Report the domain to your wallet provider and local cybersecurity authorities to help mitigate its spread. Stay vigilant and avoid interacting with unsolicited links, especially those promoting crypto-related services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.146

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d2137d05-6078-4dca-8409-12a1a2cc3a51
- PhishDestroy: https://phishdestroy.io/domain/solaoap.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/solaoap.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/solaoap.pages.dev/
Last updated: 2026-03-22