# en-web-exods-web.pages.dev — SUSPICIOUS > PhishDestroy identifies en-web-exods-web.pages.dev hosting a fake web app phishing scam. 3/95 security vendors flag this domain. Check the full report. ## Summary PhishDestroy identifies an active phishing campaign hosted at en-web-exods-web.pages.dev, a malicious web application impersonating a legitimate online service. This domain leverages Cloudflare Pages to deploy a convincing replica of a web-based platform, tricking users into entering sensitive credentials under the guise of a routine login or verification process. The threat actor behind this campaign uses the domain to harvest login details, session tokens, or other personal data, which are then exploited for unauthorized access to user accounts or further malicious activities. Users who encounter this domain should treat all interactions as suspicious and avoid entering any credentials or personal information. This domain was flagged by 3 out of 95 security vendors on VirusTotal, indicating a high-risk classification despite its low detection rate. Registered through Cloudflare, Inc., the domain resolves to IP address 172.66.44.70 and is secured with a Google Trust Services SSL certificate, adding a veneer of legitimacy to its malicious operations. The combination of Cloudflare’s infrastructure and a trusted SSL certificate makes this phishing campaign particularly deceptive, as users may overlook warning signs due to the domain’s professional appearance. The elevated risk level underscores the urgency of awareness and proactive measures to block or avoid this domain. If you have visited en-web-exods-web.pages.dev or interacted with its content, immediately cease all further engagement and assess any accounts accessed via this domain. Check for unauthorized login attempts or suspicious activity in connected accounts, such as email or financial services. Use a reputable password manager to audit stored credentials and enable multi-factor authentication (MFA) wherever possible. Report the domain to your organization’s security team or to relevant authorities, such as the Anti-Phishing Working Group (APWG), to aid in broader takedown efforts. Avoid reusing passwords across platforms to minimize the risk of credential stuffing attacks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.70 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/5e3c942c-6345-44ea-a011-ba460e343d9c - PhishDestroy: https://phishdestroy.io/domain/en-web-exods-web.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/en-web-exods-web.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/en-web-exods-web.pages.dev/ Last updated: 2026-03-22