# claimpochita.pages.dev — SUSPICIOUS

> claimpochita.pages.dev is a crypto drainer posing as a reward site. This active domain resolves to 172.66.44.107 with zero VirusTotal detections.

## Summary
PhishDestroy identifies claimpochita.pages.dev as an active crypto drainer domain impersonating a reward or giveaway platform. The site leverages Cloudflare Workers and a fraudulent front to trick users into connecting cryptocurrency wallets, where embedded drainer scripts silently siphon tokens via permissioned transactions. This is a high-risk scam vector targeting unsuspecting users under the guise of legitimate crypto rewards or airdrops.

This domain was flagged with a VirusTotal detection score of 0/95, indicating zero antivirus engines currently recognize it as malicious. It resolves to IP 172.66.44.107 and is registered through Cloudflare, Inc., leveraging a Google Trust Services SSL certificate for deceptive legitimacy. The domain is currently active and under investigation, with no confirmed blocklist entries at the time of analysis.

As of this report, claimpochita.pages.dev remains active and poses an ongoing risk to users interacting with it. Immediate action is recommended to block the domain at the network level and warn cryptocurrency users to avoid visiting the site or entering wallet credentials. Users who may have already interacted should revoke any unauthorized wallet permissions immediately and transfer remaining assets to a secure wallet. The threat remains live and under active monitoring, with mitigation efforts dependent on broader threat intelligence sharing and browser/extension blocklists.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.107

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0cb535c5-0be7-47a5-8be0-e9ab834b092f
- PhishDestroy: https://phishdestroy.io/domain/claimpochita.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/claimpochita.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/claimpochita.pages.dev/
Last updated: 2026-03-22