agentsdistributions.pages.dev
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of agentsdistributions.pages.dev
The domain agentsdistributions.pages.dev appears to host a single-page web application presented as a cryptocurrency token reward or fee-claim portal. Based on the page title "Fee Distribution," the on-page text, and the screenshot, the site claims to let holders of a "$TOKEN" connect a Solana-compatible wallet and claim a revenue share or token allocation tied to trading fees.
The site appears to be deployed on a pages.dev subdomain, which is commonly used for static hosting. No clear company identity, legal entity, or operator information is visible in the provided scan data or screenshot. The branding is generic, and the page structure resembles a promotional crypto claim interface rather than an established financial service with transparent ownership details.
Its apparent purpose is to prompt visitors to connect a wallet and initiate a claim transaction. That behavior is commonly seen on legitimate crypto microsites, but it is also frequently used by deceptive wallet-drain or phishing pages, so context and reputation signals are especially important here.
Safety Assessment for agentsdistributions.pages.dev
Several security signals raise concern for this domain at the time of this scan. It was flagged by 9 out of 91 security engines, with multiple engines classifying it as phishing or malicious. In addition, the malware scan marked the overall page as malicious and identified two flagged files, including frame.html and a JavaScript asset, which may indicate harmful or deceptive page behavior.
The screenshot also shows a wallet-connection workflow centered on claiming token rewards, with a prominent "Connect Wallet" and "Claim" flow. That pattern is commonly abused in cryptocurrency phishing campaigns, especially when the site uses generic branding, limited project identity, and urgency around claiming distributions. Although major blacklist checks shown here were clean at the time of this scan, blacklist data can lag behind newly deployed or short-lived abuse pages.
Based on these findings, this website may pose potential risks to visitors. Users should be particularly cautious about connecting cryptocurrency wallets, approving transactions, or signing messages on this page.
Technical Description
The site is hosted behind Cloudflare infrastructure on IP address 172.66.44.148 and uses a valid Let's Encrypt SSL certificate that was current at the time of the scan. The domain is a Cloudflare-hosted pages.dev subdomain rather than a standalone branded domain, which can be normal for testing or lightweight deployments but may also make attribution less clear. DNSSEC appears to be unsigned.
From a security perspective, the most notable technical concern is that the malware scan flagged two local resources as malicious, including a JavaScript file. Because wallet-connection phishing pages often rely on client-side scripts and embedded frames to drive deceptive interactions, flagged front-end assets materially increase risk even when basic transport security such as HTTPS is present.
Share your experience with this website. Was it safe? Did you encounter any issues?