# pepeunchained2-claims.pages.dev — MALICIOUS

> pepeunchained2-claims.pages.dev is a known crypto drainer site flagged by 16/95 VirusTotal vendors. Check the full report.

## Summary
PhishDestroy identifies pepeunchained2-claims.pages.dev as an active crypto drainer domain with an elevated risk level. This Pages.dev-hosted site is designed to trick cryptocurrency users into connecting wallets or revealing seed phrases under the guise of token claims or airdrops. The domain’s infrastructure and operational patterns align with established drainer-as-a-service schemes observed in recent threat campaigns, where victims’ digital assets are systematically siphoned to attacker-controlled wallets.

This domain was flagged by 16 out of 95 VirusTotal security vendors, indicating partial but significant detection coverage. It resolves to IP address 188.114.96.3 and is registered through Cloudflare, Inc. The site uses a Google Trust Services SSL certificate, which may lend an air of legitimacy but is commonly leveraged by threat actors to encrypt malicious traffic. While no public creation date is available, the domain’s association with a known seed (55058f) suggests it is part of a coordinated campaign targeting crypto users. It has not yet been widely listed on major blocklists, underscoring the importance of proactive detection.

To mitigate exposure to this crypto drainer, users should avoid interacting with any pages.dev subdomains claiming to offer Pepe-themed tokens, airdrops, or wallet claims. Always verify URLs through official project websites or trusted blockchain explorers. Use hardware wallets or reputable software wallets with built-in phishing protections. Enable transaction simulation features where available and revoke any suspicious smart contract approvals immediately. Report such domains to your wallet provider and relevant threat intelligence platforms to help disrupt ongoing campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 16 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/44fc4e0c-6b92-4569-ae4e-a84428fe65c1
- PhishDestroy: https://phishdestroy.io/domain/pepeunchained2-claims.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/pepeunchained2-claims.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pepeunchained2-claims.pages.dev/
Last updated: 2026-03-30