# daps-chain.pages.dev — MALICIOUS

> daps-chain.pages.dev was identified as a high-risk phishing domain and taken offline. Stay vigilant and avoid interacting with suspicious sites.

## Summary
PhishDestroy identifies daps-chain.pages.dev as a high-risk phishing domain that was recently created and quickly flagged by multiple security vendors and blocklists. Such phishing sites aim to deceive users by pretending to be legitimate, often to steal sensitive information like passwords or financial data. Although this domain is currently offline, the risk it posed underscores the ongoing threat from deceptive web pages.

This phishing campaign likely worked by luring victims to the domain, where they would have been prompted to enter confidential information. The use of a Cloudflare-hosted domain and the site’s brief lifespan are common tactics to evade detection and prolong the attack window. The page title “Suspected phishing site | Cloudflare” indicates that preventative measures took effect to shut down the threat.

If you visited daps-chain.pages.dev, users should immediately avoid interacting with any suspicious messages or links received from it. It is advisable to change any credentials that might have been submitted and to monitor accounts for unusual activity. Employing updated security software and exercising caution with unsolicited links remains critical for protection against similar phishing attempts.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.153
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["carrera.ns.cloudflare.com", "yisroel.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a814f-4518-733a-bd8c-f10435b77183.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b40ac76c-9ad8-42a2-b895-b05ab14dd32f
- PhishDestroy: https://phishdestroy.io/domain/daps-chain.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/daps-chain.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/daps-chain.pages.dev/
Last updated: 2026-03-19