# web-phentom-wallet.pages.dev — MALICIOUS

> web-phentom-wallet.pages.dev is a high-risk crypto drainer. Avoid this site and never enter your wallet info. Stay safe and verify URLs carefully.

## Summary
PhishDestroy identifies web-phentom-wallet.pages.dev as a high-risk crypto drainer designed to steal users' cryptocurrency wallet credentials. This type of threat is particularly dangerous because it can lead to irreversible loss of digital assets, compromising users’ financial security and privacy.

The domain was registered on February 21, 2026, using Cloudflare’s services, and has been flagged by multiple security vendors and blocklists. Google Safe Browsing classifies it under social engineering threats, indicating deceptive tactics to trick users into revealing sensitive information. Although the site is currently offline, its previous activity poses a significant warning.

Users should avoid visiting web-phentom-wallet.pages.dev and never input any wallet or private key information on suspicious sites. Always verify domain authenticity before interacting with crypto wallets and enable two-factor authentication where possible. If you suspect exposure, immediately transfer funds to a secure wallet and monitor accounts for unusual activity.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.115
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["cosmin.ns.cloudflare.com", "marjory.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cacdd-2193-753f-9405-afcedc60f3f7.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1aee28b0-9d88-4998-b734-68b605358638
- PhishDestroy: https://phishdestroy.io/domain/web-phentom-wallet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/web-phentom-wallet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web-phentom-wallet.pages.dev/
Last updated: 2026-03-19