# cexrpcresolution.pages.dev — SUSPICIOUS

> PhishDestroy warns of low-risk phishing at cexrpcresolution.pages.dev. Site now offline. Stay cautious and avoid interacting with this domain.

## Summary
PhishDestroy identifies cexrpcresolution.pages.dev as a low-risk generic phishing threat. While the threat level is currently assessed as low, the domain was involved in social engineering tactics aimed at deceiving users. This domain's intent and classification as phishing warrant caution for users and security professionals alike.

Supporting intelligence reveals that cexrpcresolution.pages.dev has appeared on three distinct security blocklists and is flagged by Google Safe Browsing for social engineering. VirusTotal analysis reports that 2 out of 95 security vendors have detected suspicious activity linked to this domain. The domain resolves to IP address 188.114.97.3 and was registered through Cloudflare, Inc. Its creation date is listed as March 4, 2026, indicating it is a relatively new threat. The page title encountered during investigation is "Suspected phishing site | Cloudflare," reinforcing its malicious classification.

Currently, the domain has been taken offline, mitigating immediate risks. PhishDestroy recommends users remain vigilant against phishing attempts and avoid interacting with suspicious URLs like cexrpcresolution.pages.dev. Security teams should maintain updated blocklists and monitor for any resurgence or related domains to sustain protective measures against evolving phishing campaigns.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-04 15:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: everton.ns.cloudflare.com maleah.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["Google Safebrowsing", "Lionic"]
- Google Safe Browsing: FLAGGED
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb917-8bea-703b-bb13-c856214b89e3.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f2b7840b-2d43-4c48-8270-e6ac9bc0f99f
- Wayback Machine: https://web.archive.org/web/https://cexrpcresolution.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/cexrpcresolution.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/cexrpcresolution.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cexrpcresolution.pages.dev/
Last updated: 2026-03-19