# claimdog.pages.dev — SUSPICIOUS > Phishing domain claimdog.pages.dev detected distributing crypto drainer malware. VirusTotal 0/95 detections. Check the full report. ## Summary PhishDestroy identifies claimdog.pages.dev as an active crypto drainer phishing domain designed to trick users into unknowingly transferring cryptocurrency to attacker-controlled wallets. The domain mimics legitimate cryptocurrency service interfaces, likely promoted through social engineering campaigns targeting blockchain users. Upon interaction, victims are prompted to connect their wallets, after which malicious scripts execute unauthorized transactions that drain assets without requiring additional approvals. This represents a high-risk threat to digital asset holders due to the irreversible nature of blockchain transactions and the sophisticated social engineering tactics employed by threat actors to build trust before initiating theft. This domain was flagged by PhishDestroy with a unique seed identifier 2fc06e and shows concerning technical indicators including 0 out of 95 VirusTotal detections, indicating it remains under the radar of mainstream security vendors. The domain resolves to IP address 172.66.47.136 and operates through Cloudflare, Inc. as registrar, utilizing a Google Trust Services SSL certificate to appear legitimate. Security researchers note this configuration is characteristic of malicious domains that exploit free tier services to rapidly deploy and rotate infrastructure while maintaining plausible deniability through legitimate-looking certificates. The complete lack of current blocklist detections suggests this threat actor is actively evading detection mechanisms. Users who visited claimdog.pages.dev should immediately revoke any wallet connections made to the domain and transfer remaining assets to a new, secure wallet. Scan all connected devices for malware using reputable antivirus software, as crypto drainers often deploy additional payloads. Report the domain to your wallet provider and relevant blockchain security platforms. Enable multi-factor authentication on all cryptocurrency accounts and never approve wallet connections from unknown domains. Consider using hardware wallets for large holdings and implement transaction monitoring alerts to detect suspicious activity early. Monitor blockchain explorers for any unauthorized transactions and report incidents to appropriate authorities if theft occurs. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.136 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/585cf0f2-aa7b-418c-b73b-b9b392584c0e - PhishDestroy: https://phishdestroy.io/domain/claimdog.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/claimdog.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/claimdog.pages.dev/ Last updated: 2026-03-30