# retikmiown.pages.dev — SUSPICIOUS > retikmiown.pages.dev is a crypto-draining site detected scanning 0/95 engines. Verify suspicious links on PhishDestroy to avoid wallet theft. ## Summary PhishDestroy identifies retikmiown.pages.dev as an active crypto-draining website impersonating a wallet giveaway scam designed to trick users into connecting cryptocurrency wallets and approve malicious token transfers. The site presents itself as a legitimate airdrop or reward campaign, often promoted through social media advertisements or phishing messages, but its real purpose is to drain digital assets from connected wallets through deceptive smart contract approvals and transaction manipulations. Users who interact with the fraudulent interface risk losing their crypto holdings without any recovery option, as blockchain transactions are irreversible. This domain was flagged with zero detections out of 95 VirusTotal engines as of seed 1589f9, indicating it has evaded detection by most antivirus platforms. It resolves to IP 172.66.44.134 and is hosted on Cloudflare, registered through Google Trust Services, leveraging cloud infrastructure to remain operational and difficult to trace. The domain uses the .pages.dev TLD, which is associated with Vercel’s static site hosting, often abused by threat actors to quickly deploy spoofed landing pages for cryptocurrency fraud campaigns. If you visited retikmiown.pages.dev, immediately disconnect your wallet from the site, revoke any suspicious token approvals using tools like revoke.cash or Etherscan’s approval checker, and transfer remaining assets to a new, secure wallet. Report the domain to PhishDestroy and your wallet provider to help prevent further attacks. Avoid re-engaging with the site, as it may alter its behavior to evade detection or deploy additional malicious scripts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.134 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/retikmiown.pages.dev - PhishDestroy: https://phishdestroy.io/domain/retikmiown.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/retikmiown.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/retikmiown.pages.dev/ Last updated: 2026-04-09