# eclaim.pages.dev — MALICIOUS

> eclaim.pages.dev identified as an active crypto drainer, flagged by 7/95 VirusTotal vendors. Avoid visiting this site—use PhishDestroy to verify links.

## Summary
PhishDestroy identifies eclaim.pages.dev as a confirmed crypto-draining scam. This malicious domain, hosted via Cloudflare, leverages Google’s SSL certificate to appear legitimate while surreptitiously siphoning cryptocurrency from unwitting users.  This domain was flagged by 7 out of 95 VirusTotal security vendors, indicating elevated risk. It resolves to IP 172.66.47.45 and is registered through Cloudflare, Inc., leveraging the platform’s infrastructure to evade takedowns. The site purports to be an e-claim service but is engineered to deploy a crypto drainer payload, silently transferring funds from victims’ digital wallets upon interaction.  If you’ve visited eclaim.pages.dev, suspend wallet connections immediately and revoke any unauthorized transactions. Run a full antivirus scan on your device and consider your credentials potentially compromised. Use PhishDestroy’s verification tool to check links before interacting, and report this domain to your cybersecurity team to prevent further exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.45

## Detection Status
- VirusTotal: 7 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c1f410df-6576-4e95-9958-5692670229fa
- PhishDestroy: https://phishdestroy.io/domain/eclaim.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/eclaim.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eclaim.pages.dev/
Last updated: 2026-03-26