# rewardspesquisa.pages.dev — SUSPICIOUS > PhishDestroy identifies rewardspesquisa.pages.dev as a fake rewards survey scam impersonating market research firms. Check the full report. ## Summary PhishDestroy identifies rewardspesquisa.pages.dev as an active generic phishing domain impersonating rewards or market research surveys. The threat level remains under investigation pending deeper behavioral analysis, but initial indicators confirm malicious intent. Users should avoid interacting with this domain due to the risk of credential harvesting and financial data compromise. This domain was flagged under seed 5272a4 for deploying a rewards-themed phishing scheme designed to trick victims into submitting sensitive information under the guise of a compensation offer. This domain was registered through Cloudflare, Inc., resolves to IP 172.66.47.146, and uses a Google Trust Services SSL certificate. VirusTotal shows 0/95 detections as of the latest scan, indicating that signature-based detection engines have not yet flagged this infrastructure. The domain was observed hosting a spoofed rewards or research participation portal, likely mimicking legitimate market research firms to lure victims into completing fraudulent surveys. No current entries were found on major threat intelligence blocklists, which suggests recent deployment or evasion tactics. Despite the absence of detections, behavioral patterns observed in similar campaigns include the collection of personally identifiable information (PII) and payment card details under false pretenses. Given the lack of detection coverage and active deployment, users and organizations should block traffic to and from 172.66.47.146 and avoid accessing rewardspesquisa.pages.dev. Implement DNS filtering to block resolution of this domain and monitor for outbound connections to its IP. If credentials were entered, immediately reset passwords across all services that share the same credentials and enable multi-factor authentication. Report this domain to your security team and threat intelligence platforms to aid in rapid takedown. Exercise heightened scrutiny for emails or messages referencing unsolicited rewards, compensation offers, or participation in research studies, as these are common lures in this phishing vector. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.146 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/748f50c8-ee8c-4973-949c-effa58ed13ff - PhishDestroy: https://phishdestroy.io/domain/rewardspesquisa.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/rewardspesquisa.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/rewardspesquisa.pages.dev/ Last updated: 2026-03-26