# claim-sentient.pages.dev — SUSPICIOUS

> PhishDestroy flags claim-sentient.pages.dev as an active crypto drainer kit hosted via Cloudflare Pages. VirusTotal shows 0/95 detections now.

## Summary
PhishDestroy’s automated pipeline has flagged the domain claim-sentient.pages.dev as an active crypto_drainer kit under seed 10b745. The infrastructure is designed to impersonate legitimate web3 interfaces, tricking users into signing malicious transactions that transfer native tokens and NFTs to attacker-controlled wallets. No specific brand is mimicked in the current sample, suggesting a generic but high-volume campaign aimed at capturing seed-phrase holders and walletconnect sessions. The drainer kit leverages front-end obfuscation and Cloudflare Workers to evade static analysis, making it particularly dangerous for on-chain users who rely on browser-based signers.

Technical indicators confirm a lightweight footprint: the domain resolves to IPv4 172.66.44.95, is registered through Cloudflare, Inc., and holds a Google Trust Services SSL certificate. As of the latest scan, VirusTotal returns 0 detections out of 95 engines and the domain remains unlisted by Google Safe Browsing. WHOIS data shows Cloudflare Pages as the hosting platform, which allows rapid deployment and takedown evasion. With no public blocklist presence yet, the domain is still active and propagating across social channels and airdrop lists.

PhishDestroy currently classifies this domain as active and under_investigation, reflecting the low detection count and high evasion tactics. The domain remains reachable and is actively draining funds from unsuspecting crypto users. Users are strongly advised to check their transaction confirmations against block explorers, avoid clicking shortened links promising “free mints” or “airdrops,” and report any suspicious domains to PhishDestroy for immediate inclusion in browser-blocking lists. Remaining risk is assessed as high until detection coverage improves and the drainer kit’s backend wallet addresses are widely blacklisted.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.95

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/dddfd976-e5c6-4e31-aeba-27c0ecbbe18d
- PhishDestroy: https://phishdestroy.io/domain/claim-sentient.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/claim-sentient.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/claim-sentient.pages.dev/
Last updated: 2026-03-23