# claimvvsfinancereward.pages.dev — SUSPICIOUS

> claimvvsfinancereward.pages.dev operates as a crypto drainer targeting finance reward campaigns with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies claimvvsfinancereward.pages.dev as an active crypto drainer site under investigation. The domain impersonates financial reward programs to trick users into connecting crypto wallets and initiating unauthorized transactions. Security research indicates the threat actor leverages a drainer kit designed to siphon funds from compromised wallets, particularly those holding Ethereum-based tokens or interacting with DeFi protocols. No specific brand is being impersonated in this campaign; instead, the attackers rely on generic ‘finance reward’ lures to broaden victim scope.


Technical indicators confirm elevated risk: the domain resolves to IP 188.114.96.3, registered through Cloudflare, Inc., and secured with a Let’s Encrypt SSL certificate. VirusTotal shows 0 detections out of 95 scanners as of latest scan. While Google Safe Browsing (GSB) status remains unflagged and blocklist counts are currently zero, the absence of detections suggests either a newly deployed kit or evasion tactics such as domain hopping via Cloudflare Workers (pages.dev). The domain’s recent creation and clean reputation profile make it highly effective against automated detection systems.


The domain remains active and poses a critical risk to cryptocurrency users seeking financial incentives. Immediate actions include blocking the IP 188.114.96.3 and domain at network and endpoint levels, disabling wallet connections to the site, and reporting the domain to Cloudflare Trust & Safety. Users are advised to verify reward offers through official channels and avoid any unsolicited links. While this domain is under investigation, the risk of wallet compromise and fund loss is imminent. Continuous monitoring and proactive blocking are recommended until definitive containment is achieved.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8b37a040-2d97-4aea-9641-4c5e26efe7f4
- PhishDestroy: https://phishdestroy.io/domain/claimvvsfinancereward.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/claimvvsfinancereward.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/claimvvsfinancereward.pages.dev/
Last updated: 2026-03-22