# claimmomentum.pages.dev — MALICIOUS

> claimmomentum.pages.dev is flagged for crypto draining and social engineering. Avoid interaction and report suspicious activity to stay safe online.

## Summary
PhishDestroy identifies claimmomentum.pages.dev as a high-risk domain involved in crypto drainer activity. Classified under social engineering threats, this domain aims to deceive users into compromising their cryptocurrency assets. The domain was registered recently, on February 21, 2026, and is associated with phishing tactics targeting crypto holders.

Technical analysis reveals that claimmomentum.pages.dev resolves to IP address 172.66.47.91 and is registered through Cloudflare, Inc. The domain has been flagged by Google Safe Browsing for social engineering and appears on three separate security blocklists. VirusTotal detection includes 14 out of 95 security vendors marking it as malicious, underscoring its threat credibility. The Cloudflare-hosted infrastructure was likely chosen to provide some anonymity and fast content delivery.

Currently, claimmomentum.pages.dev is offline following takedown actions prompted by its malicious behavior. Users are strongly advised not to visit or interact with this domain. PhishDestroy recommends reporting any related phishing attempts and exercising caution with unsolicited crypto-related links or pages claiming unusual momentum or gains.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.91
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["drake.ns.cloudflare.com", "tori.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a5709-2fcf-705e-9156-0933d1cf2181.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b4c845ad-37b1-4e29-9959-ee077894ae4b
- PhishDestroy: https://phishdestroy.io/domain/claimmomentum.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/claimmomentum.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/claimmomentum.pages.dev/
Last updated: 2026-03-19