auth-rabby-wallet-app-io-us.pages[.]dev
Category: Information Technology, Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of auth-rabby-wallet-app-io-us.pages[.]dev
This website appears to present itself as an informational landing page for Rabby Wallet, a cryptocurrency wallet focused on managing digital assets and interacting with DeFi services. The page title, meta description, and visible content describe wallet features such as multi-chain support, browser extension access, mobile app availability, and transaction tracking. Its overall theme places it in the cryptocurrency and wallet-software space rather than as a general corporate website.
However, the domain itself is a Cloudflare Pages subdomain, "auth-rabby-wallet-app-io-us.pages[.]dev," rather than an obvious primary domain associated with the Rabby Wallet brand. The page also links out to mobile app stores and to the official-looking support domain for Rabby, which may indicate an attempt to resemble or borrow legitimacy from an established crypto product. Based on the naming pattern and page presentation, it appears likely that the site is trying to imitate or closely associate itself with the Rabby Wallet brand rather than operating as a clearly identified official property.
Safety Assessment for auth-rabby-wallet-app-io-us.pages[.]dev
Multiple scan sources classified this page in phishing or fraud-related categories at the time of this scan, and 13 out of 91 security engines flagged it. In addition, the domain was listed in a major web-threat database for social engineering. While one malware scan reported no malicious files among the small number of files examined, that result does not outweigh the broader phishing-related detections, especially for a page that appears designed to persuade users to trust a crypto-wallet brand.
The domain name is also a notable concern. It combines the Rabby brand name with extra words such as "auth," "app," "io," and "us" on a third-party hosting subdomain, which closely resembles the naming style often used by look-alike pages. The screenshot shows branding and descriptive text for Rabby Wallet, but the site is not hosted on the brand's apparent main domain. In cryptocurrency contexts, this kind of brand-referencing setup may be used to capture wallet installs, credentials, or seed phrases.
Based on these findings, this website may pose potential risks to visitors. The available scan data suggests a meaningful likelihood of phishing or brand impersonation activity at the time of this scan.
Technical Description
The site is hosted on Cloudflare infrastructure and resolves to a Cloudflare IP address in Canada. It uses a valid TLS certificate issued by a mainstream certificate authority, with expiry in July 2026. The presence of HTTPS indicates encrypted transport, but this should not be interpreted as proof of legitimacy, since phishing pages commonly use valid certificates as well.
The domain is about five years old, registered through Cloudflare, and its DNSSEC status is unsigned. It is deployed under the pages.dev hosting environment rather than a dedicated branded domain, which can make rapid deployment easier. No malicious files, flagged external links, or iframes were identified in the limited file/link scan provided, but the stronger risk indicators here come from phishing classifications, blacklist presence, and the brand-resembling domain structure rather than from embedded malware artifacts.
Share your experience with this website. Was it safe? Did you encounter any issues?