# decentralised-exoweb3.pages.dev — MALICIOUS

> Caution advised: decentralised-exoweb3.pages.dev is under investigation for phishing activity. Avoid sharing personal info until verified safe.

## Summary
PhishDestroy identifies decentralised-exoweb3.pages.dev as a potentially malicious domain classified under generic phishing. Although it currently lacks explicit detection signatures from major antivirus engines, its suspicious nature is implied by its 'Suspected phishing site' page title as found on Cloudflare, signaling ongoing scrutiny. The domain’s affiliation with decentralized and Web3 terminology may attempt to lure users seeking crypto or blockchain services.

Technical indicators include the domain resolving to IP address 188.114.97.3 and registration through Cloudflare, Inc., a common provider that also operates content delivery and security services. The domain is hosted on a Cloudflare Pages subdomain, which facilitates static site deployment but has been increasingly exploited by threat actors to quickly spin up phishing sites. Despite zero detections on VirusTotal, the domain’s infrastructure and naming conventions suggest it could be used for credential harvesting or other fraudulent activities.

Currently, decentralised-exoweb3.pages.dev remains active and under investigation by security analysts. Users are urged to exercise caution and refrain from entering sensitive information on this site. PhishDestroy continues to monitor the domain’s status and any emerging intelligence to update risk assessments accordingly.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-09 13:07:02
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: carrera.ns.cloudflare.com hugh.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 10 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Lionic", "Phishing Database", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cd26d-78b8-73d9-9438-2ffd12d4d138.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/2f290435-da54-4f33-b02c-638556c1ef68
- PhishDestroy: https://phishdestroy.io/domain/decentralised-exoweb3.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/decentralised-exoweb3.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/decentralised-exoweb3.pages.dev/
Last updated: 2026-03-19