# multicoo.pages.dev — SUSPICIOUS

> multicoo.pages.dev is a crypto drainer phishing domain with 0 VirusTotal detections. Avoid entering wallets or credentials—verify first.

## Summary
PhishDestroy identifies multicoo.pages.dev as an active crypto-drainer phishing domain currently under investigation. This fraudulent host imitates legitimate cryptocurrency services to trick users into connecting crypto wallets and approving unauthorized token transfers.  multicoo.pages.dev is flagged by 0 of 95 VirusTotal security vendors as of seed 74c7ea, indicating it has not yet been widely blacklisted despite suspicious behavior. The domain was registered through Cloudflare, Inc., resolves to the IPv4 address 172.66.47.94, and holds a Google Trust Services SSL certificate. As of this report, VirusTotal remains unaware of its malicious intent, no blocklist inclusion has been detected, and no specific creation date or trust score downgrade is available—likely due to its recent registration and low public exposure.  The status of this domain remains active and under investigation. PhishDestroy advises users to treat multicoo.pages.dev as a high-risk crypto-drainer scam and refrain from clicking links, connecting wallets, or entering credentials. Always access crypto platforms directly via verified bookmarks or official URLs, and monitor wallet activity for unauthorized transactions. Block the IP 172.66.47.94 at the network level and report any interactions with this domain to your security team or wallet provider immediately.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.94

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c19e7ab3-9b3e-4178-b6f5-cb14c9cb5457
- PhishDestroy: https://phishdestroy.io/domain/multicoo.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/multicoo.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/multicoo.pages.dev/
Last updated: 2026-04-13