# testinghuesting2.pages.dev — SUSPICIOUS > PhishDestroy flags testinghuesting2.pages.dev as an active crypto drainer impersonating a login portal. ## Summary PhishDestroy identifies testinghuesting2.pages.dev as an ACTIVE crypto drainer domain leveraging a fake login interface to harvest cryptocurrency wallet credentials. The threat is currently under investigation but remains accessible and operational, posing an immediate risk to users who interact with the site. The domain is hosted on Cloudflare Pages and resolves to IP 172.66.44.91, indicating active infrastructure despite low detection rates. This domain was flagged with 0 detections out of 95 engines on VirusTotal, a critical observation given the lack of proactive blocking by major antivirus platforms. It is registered through Cloudflare, Inc., utilizing a Google Trust Services SSL certificate to enhance credibility. The IP address 172.66.44.91 is associated with Cloudflare’s edge network, a common choice for phishing operators to obscure origin and evade takedowns. No known blocklist inclusion has been confirmed as of current monitoring, and the domain remains unflagged by major threat intelligence feeds. Immediate mitigation is required. Users must avoid entering any credentials or cryptocurrency wallet information on this domain. If access occurred, disconnect from the internet, revoke session tokens, and transfer funds to a new wallet immediately. Report the domain to PhishDestroy and your browser’s safe browsing program. Monitor wallet activity for unauthorized transactions. Do not rely solely on SSL indicators—verify legitimacy through official channels only. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.91 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b29838fe-185d-4da8-abde-add6ba8085e1 - PhishDestroy: https://phishdestroy.io/domain/testinghuesting2.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/testinghuesting2.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/testinghuesting2.pages.dev/ Last updated: 2026-04-12