# syncrectifiaction.pages.dev — SUSPICIOUS > PhishDestroy identifies syncrectifiaction.pages.dev as a crypto drainer impersonating Rectification services. 0/95 VirusTotal detections signal fresh threat. ## Summary PhishDestroy has flagged syncrectifiaction.pages.dev as an active crypto drainer impersonating Rectification-branded notices. The domain resolves to 172.66.45.30 and is served via Cloudflare, using a legitimate Let’s Encrypt SSL certificate to appear trustworthy. With zero VirusTotal detections at the time of analysis, this site is newly active and designed to trick users into connecting crypto wallets so malicious scripts can drain funds. This domain was registered through Cloudflare, Inc., resolving to IP 172.66.45.30 and hosting on Cloudflare Pages. VirusTotal scanning returned 0 of 95 engines flagging the URL, indicating it is not yet widely blacklisted despite its active campaign. The SSL certificate issued by Let’s Encrypt adds superficial legitimacy, a common tactic among crypto drainers to lower user suspicion. Persistent monitoring is essential, as such sites often operate for only a few hours before being taken down or rebranded. If you visited syncrectifiaction.pages.dev, immediately disconnect your wallet from the site, revoke any unauthorized permissions via your wallet’s settings, and scan your device for malware. Never input seed phrases or private keys on any site linked from unsolicited messages. Report the domain to your antivirus provider and share the URL with PhishDestroy for further analysis to help protect the broader community from this crypto drainer. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.45.30 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/56cbfb81-dfb9-4eb9-90b3-1d04ea5c9a21 - PhishDestroy: https://phishdestroy.io/domain/syncrectifiaction.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/syncrectifiaction.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/syncrectifiaction.pages.dev/ Last updated: 2026-03-24