MalwareTips
Security Review

Is rewards-powergacha.com legit or a scam?

Our verdict:Dangerous· 6/100

Fake MetaMask airdrop scam designed to steal cryptocurrency from connected wallets; 9-day-old domain flagged by multiple blocklists and phishing databases.

Top reasons
Domain registered only 9 days ago via privacy-protected registrar in Cyprus — hallmark of disposable fraud infrastructure.Impersonates MetaMask on a non-official domain; page design and messaging mimic the legitimate wallet service.Prominent 'CONNECT WALLET' call-to-action button solicits direct wallet connection — a known credential-harvesting vector for wallet-drainer attacks.
rewards-powergacha.comScanned 2h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 0·MT 8
Category tags
crypto fraudphishingwallet drainer#Airdrop Drainer#Crypto Drainer#Phishing#Clone Site98% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

Wallet-drainer patterns detected

This page uses language and API references consistent with modern crypto wallet-drainer kits. If you connected your wallet or signed a transaction on this site, assume your wallet is compromised — revoke approvals, move funds to a fresh wallet with a new seed phrase, and treat the original as burned.

  • ·"Connect wallet" paired with a high-urgency action ("claim", "migrate", "revalidate", "verify", "sync").
  • ·WalletConnect prompt surfaced alongside an airdrop / giveaway claim.
Revoke token approvalsFile FBI IC3 report
View density

Analysis Summary

Threat Intelligence
3/91
Engines flagged this URL
Domain Age
9 days old
Registered May 30, 2026
MT Intelligence
Dangerous
Critical likelihood · 98% confidence
DANGEROUS

Crypto scam / wallet-drainer

Domain was registered only 9 days ago — brand-new sites are higher-risk by default. Signals match fake investment platforms and wallet drainers. Never connect a wallet, paste a seed phrase, or deposit crypto here.

Website Preview

Screenshot of rewards-powergacha.com
LIVE RENDER
rewards-powergacha.com
1Impersonates MetaMask2Visual risk score 82/100

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

82
/ 100
Critical visual risk

Visual red flags detected in the screenshot

The page exhibits multiple high-risk patterns associated with crypto wallet-drainer airdrop scams: a prominent wallet-connection CTA, live urgency signaling, and a flow designed to get users to connect and authorize wallet transactions for an unverified token.

Visual risk82/100

What our vision model saw

6 signals

Prominent 'CONNECT WALLET' call-to-action button in the navigation bar solicits wallet connection, a common vector for wallet-drainer attacks

Live urgency indicator 'AIRDROP PHASE 1 — LIVE NOW' with a pulsing dot creates artificial time pressure to prompt impulsive wallet connections

Page instructs users to 'Connect your wallet, verify eligibility, and receive your $GACHA allocation instantly' — a classic crypto airdrop phishing flow

Unverified token '$GACHA' with no visible association to any established blockchain project or exchange listing

Placeholder-style avatar (initials 'PG' in a circle) used as the project's representative image, suggesting low-effort or hastily assembled site

Navigation includes 'TOKENOMICS' and 'HOW TO CLAIM' sections typical of fraudulent token airdrop sites designed to appear legitimate

Brand Impersonation

medium confidence

The page mentions or styles itself as MetaMask, but is hosted on a domain that is not an official MetaMask property.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust8/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The domain rewards-powergacha.com is a confirmed wallet-drainer scam targeting cryptocurrency users. It impersonates MetaMask on a non-official domain and uses a classic airdrop-phishing flow: a fake $GACHA token, urgent 'PHASE 1 LIVE NOW' messaging, and a prominent 'CONNECT WALLET' button designed to harvest wallet credentials. The site was registered only 9 days ago via a privacy-protected registrar in Cyprus, a common pattern for disposable fraud infrastructure. Kaspersky flagged it as phishing, and independent phishing-intelligence databases have listed it in 4 public blocklists (MetaMask, ScamSniffer, PhishDestroy, SEAL) with a threat score of 65/100. The page contains zero legitimate business contact information, no verifiable project association, and matches a known wallet-connect-drainer template. The $GACHA token itself exists as a legitimate Solana project, but this domain is not affiliated with it — the scammers are using the name to appear credible.
Full dossier
Analysis complete

Page Content

The page presents itself as an official $GACHA Token Airdrop portal with a three-step claim process: connect wallet, verify eligibility, and claim tokens. The body text explicitly instructs users to 'Connect your wallet, verify eligibility, and receive your $GACHA allocation instantly' — a textbook credential-harvesting flow. Navigation includes sections on Tokenomics and How To Claim, designed to mimic legitimate token projects. No legitimate business contact, team information, or verifiable project details are present.

Infrastructure

The domain is hosted on IP 104.21.15.41 (Cloudflare) with a valid Let's Encrypt SSL certificate expiring in 80 days. The registrar is NICENIC INTERNATIONAL GROUP CO., LIMITED, with registrant details redacted to Germasogeia, Cyprus. Name servers are on Cloudflare. The IP has zero abuse reports and a clean reputation score, indicating the scammers are using legitimate hosting infrastructure to evade initial detection.

Domain History

Registered on 2026-05-31, the domain is only 9 days old at the time of scan. This extreme youth, combined with zero traffic ranking and immediate phishing-campaign deployment, is a hallmark of disposable fraud infrastructure. The domain is not indexed in global traffic databases.

Web Reputation

Kaspersky flagged the domain as phishing. Independent phishing-intelligence sources have listed it in 4 public blocklists (MetaMask, ScamSniffer, PhishDestroy, SEAL) with a confirmed threat score of 65/100. PhishDestroy explicitly describes it as a 'confirmed phishing/scam operation' and 'associated with a known phishing campaign.' No positive reviews, business registrations, or legitimate project associations were found.

Risk Factors
7
  • Domain registered only 9 days ago via privacy-protected registrar in Cyprus — hallmark of disposable fraud infrastructure.
  • Impersonates MetaMask on a non-official domain; page design and messaging mimic the legitimate wallet service.
  • Prominent 'CONNECT WALLET' call-to-action button solicits direct wallet connection — a known credential-harvesting vector for wallet-drainer attacks.
  • Artificial urgency messaging ('AIRDROP PHASE 1 — LIVE NOW' with pulsing indicator) designed to bypass user caution and prompt impulsive wallet connections.
  • Kaspersky flagged as phishing; listed in 4 public blocklists (MetaMask, ScamSniffer, PhishDestroy, SEAL) with threat score 65/100.
  • Zero contact information, no verifiable business entity, no team details, and no legitimate project association — all red flags for a contactless scam operation.
  • Matches known wallet-connect-drainer template and airdrop-drainer scam family; scam-network fingerprint score 100/100.
Positive Signals
3
  • Valid SSL certificate issued by Let's Encrypt.
  • Hosting IP (104.21.15.41) has zero abuse reports and clean reputation score.
  • No malware detected in our sandbox analysis.
AI Recommendation
Do not visit this site or connect your wallet to it. If you have already connected your wallet, immediately transfer all assets to a new wallet and revoke all token approvals from the compromised wallet address. Report the domain to MetaMask, your wallet provider, and phishing-intelligence databases.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for rewards-powergacha.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
9 days
Registered May 2026
Business registration
Not found · Cyprus
Clone check
Clones metamask.io
The page impersonates a well-known brand's site.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
3 scam reports · 1 complaint
Key findings
7 headline facts from open-web research
  • Domain registered on 2026-05-31 (9 days old as of scan), via NICENIC INTERNATIONAL, name servers on Cloudflare, contacts in Cyprus.
  • Site title and description promote "$GACHA Token Airdrop" with instructions to "Connect your wallet, verify eligibility, and receive your $GACHA allocation instantly."
  • Flagged as phishing by PhishDestroy on Jun 07 2026; listed in 4 blocklists including MetaMask and ScamSniffer; threat score 65/100.
  • Explicitly described as "confirmed phishing/scam operation" and "associated with a known phishing campaign" by PhishDestroy.
  • Matches detected scam family of Airdrop / Wallet Drainer; no positive reviews, business records, or legitimate project association found.
  • PowerGacha (GACHA) exists as a legitimate Solana token, but this domain is not affiliated with it based on available reports.
  • No mentions on Reddit; no independent complaints or reviews located beyond the PhishDestroy intelligence report.
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • PhishDestroyopen

    "The domain rewards-powergacha.com is a confirmed phishing/scam operation with an elevated threat score of 65/100."

  • PhishDestroyopen

    "This domain has been flagged as malicious. ... associated with a known phishing campaign. ... using a suspiciously similar name to legitimate services."

  • PhishDestroyopen

    "Listed in 4 public blocklists: MetaMask, ScamSniffer, PhishDestroy, SEAL. First Detected: Jun 07, 2026."

Business registration
Status: not found · Cyprus

Registered via NICENIC INTERNATIONAL GROUP CO., LIMITED; registrant details redacted to Germasogeia, CY; no verifiable business entity found

Impersonation / typosquat
Clone of metamask.io

Page promotes $GACHA Token Airdrop requiring wallet connection; detected MetaMask impersonation/clone attempt; typical wallet drainer pattern

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Independent phishing-intelligence databases confirm this domain as a wallet-drainer scam. PhishDestroy flagged it as a 'confirmed phishing/scam operation' with a threat score of 65/100 and listed it in 4 public blocklists: MetaMask, ScamSniffer, PhishDestroy, and SEAL. The domain is explicitly associated with a known phishing campaign using a suspiciously similar name to legitimate services. No positive reviews, business registrations, or legitimate project associations exist. The $GACHA token itself is a legitimate Solana project, but this domain is not affiliated with it.

Scam Network Intelligence

Cross-site correlation

This site shares signals with a broader cluster

Critical cluster

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (5)
  • Evidence confirms this site is a clone of metamask.io.
  • Airdrop / wallet-drainer template detected on the page.
  • Zero contact info, crypto/gambling content, and the domain is only 9 days old — hallmark of a drainer farm.
  • Matches a known scam-template fingerprint (wallet-connect-drainer).
  • Domain is only 9 days old and already carries multiple network-level red flags.
Linked signals (4)
Clone of metamask.ioTemplate · Airdrop DrainerPattern · Contactless Crypto NEW DomainTemplate · Wallet Connect Drainer

Antivirus Engines

Detection matrix · live
3 engines flagged this URL

We cross-check every URL against our antivirus network of 91 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

1Malicious2Suspicious55Harmless91Engines
0
of 91
Kaspersky
Malicious· phishing
alphaMountain.ai
Suspicious· suspicious
Fortinet
Suspicious· spam

3 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.
  • Page impersonates MetaMask on a non-official domain.
  • Scam family match: Airdrop / Wallet Drainer.

Domain & Encryption

Domain History
Age9 days old
RegistrarNICENIC INTERNATIONAL GROUP CO., LIMITED
RegisteredMay 30, 2026
ExpiresMay 30, 2027
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · YE1
ExpiresAug 28, 2026 (80d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS
Web servercloudflare

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://rewards-powergacha.com/
  • 2200https://rewards-powergacha.com/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Scam-Type Likelihood

3 scam-type patterns detected
Scam-Type Likelihood

3 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Crypto Fraud
Crypto Fraud
High likelihood
100/100
  • Fake-airdrop / wallet-drainer pattern detected on the page.
  • AI analyst tagged this as crypto fraud / wallet-drainer.
  • AI analyst tagged this as an airdrop / drainer.
  • Wallet-connect prompt paired with a crypto-scam pattern.
  • +2 more signals
Brand Impersonation
High likelihood
75/100
  • Page claims to be MetaMask.
  • AI analyst tagged this as a brand / clone-site impersonation.
  • Clustered with known brand-impersonation infrastructure.
Fake Giveaway
Moderate likelihood
37/100
  • Airdrop / drop-in pattern detected.
  • AI analyst tagged this as a giveaway / airdrop / lottery scam.
  • Giveaway framed as MetaMask.

Crypto scam / wallet-drainer indicators

The page shows patterns common to crypto-investment scams, fake airdrops, and wallet drainers.

  • Do not interact with rewards-powergacha.com

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Never paste your seed phrase anywhere

    Legitimate wallets, exchanges and support staff will never ask for your 12/24-word recovery phrase. Typing it into any website — even one that looks real — gives attackers full access to your funds.

  • If you already connected a wallet

    Revoke token approvals immediately using revoke.cash or Etherscan's Token Approvals tool. Move remaining funds to a fresh wallet (new seed phrase). Assume the original wallet is compromised.

  • Report the wallet and URL

    File a report at IC3 (FBI Internet Crime Complaint Center) or your country's cybercrime portal. Recovery is unlikely, but reports help law enforcement map the network.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

fonts.googleapis.comstatic.cloudflareinsights.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags rewards-powergacha.com as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — rewards-powergacha.com scored 6/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. rewards-powergacha.com presents a valid TLSv1.3 certificate issued by Let's Encrypt · YE1, expiring in 80 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • rewards-powergacha.com is 9 days old, registered on 5/30/2026 through NICENIC INTERNATIONAL GROUP CO., LIMITED. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • 3 out of 91 antivirus engines in our malware network flagged rewards-powergacha.com as malicious or suspicious (1 outright malicious). Even one detection is a meaningful signal.
  • No. rewards-powergacha.com is not currently listed on the major browser blocklist feeds that modern browsers use.
  • rewards-powergacha.com resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 9, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around rewards-powergacha.com have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·rewards-powergacha.com
DANGEROUS

This is a wallet-drainer scam impersonating MetaMask, registered only 9 days ago. It falsely promises $GACHA token airdrops to trick users into connecting their crypto wallets — a known theft vector. Do not connect your wallet or visit this site.

Do not visit this site or connect your wallet to it. If you have already connected your wallet, immediately transfer all assets to a new wallet and revoke all token approvals from the compromised wallet address. Report the domain to MetaMask, your wallet provider, and phishing-intelligence databases.

AV engines
91
MT passes
2
Net signals
4
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust22
olymptrade-lid.id
20m ago
Read the review
Dangeroustrust32
porn-xp.eu
20m ago
Read the review
Dangeroustrust1
ty691.com
22m ago
Read the review
Dangeroustrust1
lifeandhope.ec
22m ago
Read the review
Dangeroustrust1
confirmtx.net
25m ago
Read the review
Dangeroustrust1
owa.donationsnonprofit.com
26m ago
Read the review
Dangeroustrust1
docusign-secure-login.com
28m ago
Read the review
Dangeroustrust1
webmail.sendpicz.com
29m ago
Read the review
Dangeroustrust29
futbol-libres.su
30m ago
Read the review
Dangeroustrust1
shopee-tbk489.blogspot.com
31m ago
Read the review
Dangeroustrust1
facebook-login-clone-nine.vercel.app
31m ago
Read the review
Dangeroustrust1
ssl.secureinvestingonline.com
33m ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.