# en-web3-exo.pages.dev — SUSPICIOUS

> Beware of en-web3-exo.pages.dev—a crypto drainer phishing site mimicking Web3 brands. VirusTotal flags 1/95 vendors; verify URLs on PhishDestroy before clicking.

## Summary
PhishDestroy identifies en-web3-exo.pages.dev as an active crypto drainer phishing domain designed to trick users into connecting fraudulent cryptocurrency wallets. This page impersonates legitimate Web3 platforms to deceive victims into authorizing malicious transactions that drain funds directly from connected wallets. The domain was registered through Cloudflare on an unspecified date and currently resolves to IP 172.66.47.159, which hosts multiple known phishing pages leveraging Google Trust Services SSL certificates to appear legitimate.  This domain carries an elevated risk profile based on multiple threat indicators. VirusTotal analysis shows only 1 out of 95 security vendors have flagged this domain, suggesting limited detection coverage despite its malicious nature. The domain operates through Cloudflare's Pages.dev platform, which provides attackers with free hosting while obscuring true infrastructure details. The SSL certificate issued by Google Trust Services adds a false veneer of legitimacy that could mislead security-conscious users. This combination of free hosting, trusted SSL provider, and low detection rate creates an effective phishing vector particularly dangerous to cryptocurrency users.  Users who have interacted with en-web3-exo.pages.dev should immediately disconnect any connected wallets and revoke any approved permissions through their wallet's security settings. Monitor connected applications and transaction history for unauthorized activity. Report this domain immediately through PhishDestroy's verification system to help block future access. Consider implementing hardware wallets and transaction simulation tools to prevent unauthorized crypto transfers. Always verify URLs through trusted sources before interacting with Web3 platforms, as malicious domains frequently mimic legitimate services to exploit user trust.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.159

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2252e785-b677-4c1e-a2ed-14ec3959bd55
- PhishDestroy: https://phishdestroy.io/domain/en-web3-exo.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/en-web3-exo.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/en-web3-exo.pages.dev/
Last updated: 2026-03-21