# web-wallstreetpepe.pages.dev — SUSPICIOUS > PhishDestroy identifies web-wallstreetpepe.pages.dev as hosting an active crypto drainer. Flagged by 0 of 95 VirusTotal vendors. Avoid interaction immediately. ## Summary PhishDestroy identifies the domain web-wallstreetpepe.pages.dev as hosting an active crypto drainer campaign targeting cryptocurrency users. This threat is currently active and leverages deceptive tactics to trick victims into approving malicious token approvals or transferring funds to attacker-controlled addresses. The campaign is suspected to be impersonating Wall Street Pepe (WPEPE), a memecoin project, to gain credibility among crypto investors seeking early exposure to trending assets. No detections have been recorded on VirusTotal, indicating this campaign may be in its initial propagation phase, increasing the risk of exposure to unwary users. Seed 930323. The domain web-wallstreetpepe.pages.dev was registered through Cloudflare, Inc. and resolves to IP address 188.114.97.3. This IP is associated with Cloudflare’s edge network, which is commonly abused by threat actors to host phishing and malware due to its legitimate infrastructure and high trust scores. The SSL certificate is issued by Google Trust Services, further enhancing the domain’s perceived legitimacy. As of the latest check, this domain has generated 0 detections out of 95 VirusTotal vendors, indicating it remains undetected by most antivirus engines. This low detection rate, combined with the use of a reputable CDN and SSL provider, suggests a well-crafted operation designed to evade initial scrutiny. The domain is hosted on Cloudflare Pages, a legitimate static site hosting service, which is frequently exploited to deliver payloads via deceptive landing pages mimicking legitimate crypto platforms. Seed 930323. This domain is currently active and poses a high risk to cryptocurrency users, particularly those familiar with or interested in WPEPE tokens. The use of a crypto drainer indicates that the attackers aim to exploit wallet approvals or transaction signatures to siphon funds directly from victim wallets. Given the lack of detections on VirusTotal and the domain’s reliance on trusted infrastructure, it is likely that this campaign is targeting users through social media, forums, or direct messaging where WPEPE is discussed. Users should avoid clicking any links associated with this domain and should revoke any suspicious token approvals via their wallet settings. Organizations should consider blocking this domain and IP at the network perimeter. Seed 930323. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/6e612bc9-40c5-4e73-8228-0afde53d89be - PhishDestroy: https://phishdestroy.io/domain/web-wallstreetpepe.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/web-wallstreetpepe.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/web-wallstreetpepe.pages.dev/ Last updated: 2026-03-31