# decentralizemainnet.pages.dev — MALICIOUS

> PhishDestroy identifies decentralizemainnet.pages.dev as a crypto wallet drainer phishing site, flagged by 13/95 security vendors. Check the full report.

## Summary
PhishDestroy identifies decentralizemainnet.pages.dev as an active cryptocurrency wallet drainer phishing site designed to deceive users into connecting malicious wallets. This domain mimics legitimate decentralized finance (DeFi) platforms, tricking victims into authorizing fraudulent transactions that drain cryptocurrency funds. The threat operates under the guise of a 'decentralized mainnet' portal, exploiting trust in blockchain-related services to propagate financial theft. No specific drainer kit details were disclosed in available intelligence, but the domain's infrastructure aligns with known cryptocurrency scam operations.  

This domain was flagged by 13 out of 95 security vendors on VirusTotal, indicating elevated risk despite not achieving a majority detection rate. It was registered through Cloudflare, Inc., resolving to IP address 188.114.96.3, and secured with a Google Trust Services SSL certificate. While the exact creation date is undisclosed, the domain’s Google Safe Browsing (GSB) status remains unconfirmed in public records, suggesting potential gaps in real-time threat blocking. The low blocklist count implies this threat may be newly emergent or narrowly targeted, complicating widespread mitigation.  

As of the latest analysis, decentralizemainnet.pages.dev remains active, posing an ongoing risk to users interacting with DeFi platforms. Security researchers recommend immediate avoidance and blocking of this domain at the network level. Users who may have engaged with the site should revoke any wallet connections via blockchain explorers or official wallet interfaces and monitor for unauthorized transactions. The elevated risk persists due to the domain’s use of legitimate infrastructure (Cloudflare hosting, Google SSL) to evade detection, requiring heightened vigilance from cryptocurrency holders.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/decentralizemainnet.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/decentralizemainnet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/decentralizemainnet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/decentralizemainnet.pages.dev/
Last updated: 2026-04-09