# telos-4ji.pages.dev — SUSPICIOUS

> telos-4ji.pages.dev is a crypto drainer phishing site flagged by 2/95 VirusTotal vendors. Avoid entering wallet details or credentials. Report immediately.

## Summary
PhishDestroy identifies telos-4ji.pages.dev as an active crypto drainer phishing domain posing an elevated risk to users. This site is engineered to trick cryptocurrency holders into authorizing malicious wallet transactions, resulting in direct asset theft. The domain mimics legitimate services to deceive visitors into connecting wallets or entering private keys, credentials, or seed phrases.


This domain resolves to IP 172.66.44.164 and is registered through Cloudflare, Inc. It is protected by a Google Trust Services SSL certificate, yet carries elevated risk due to its detection on 2 independent security blocklists and a VirusTotal score of 2/95 security vendors flagging it. The combination of Cloudflare’s infrastructure and Google’s certificate lends false legitimacy, masking its malicious intent. Despite these surface-level validations, behavioral and heuristic analysis confirms crypto-draining functionality.


Users must avoid interacting with this site entirely. Do not connect wallets, input private keys, seed phrases, or login credentials. If you have already visited, disconnect your wallet immediately, revoke any unauthorized permissions via tools like revoke.cash, and scan your system for malware. Report the domain to your wallet provider and to PhishDestroy for further investigation. Exercise extreme caution with any .pages.dev subdomain, especially those requesting crypto-related actions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.164

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["ScamSniffer", "Enkrypt"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8770822f-2b9f-41ef-b093-7d3fd09634ed
- PhishDestroy: https://phishdestroy.io/domain/telos-4ji.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/telos-4ji.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/telos-4ji.pages.dev/
Last updated: 2026-03-28