# evmsbitnode.pages.dev — MALICIOUS

> Explore if evmsbitnode.pages.dev is safe to visit. Find out its phishing risks and protection tips to keep your data secure.

## Summary
PhishDestroy identifies evmsbitnode.pages.dev as a generic phishing threat with a medium risk level, targeting users through deceptive social engineering tactics. This domain poses risks by attempting to trick visitors into revealing sensitive information or credentials, which could result in identity theft or financial loss.

The domain evmsbitnode.pages.dev resolves to an IP address associated with Cloudflare's infrastructure, specifically 172.66.47.47. It was registered via Cloudflare, Inc., which is commonly used by both legitimate and malicious actors for content delivery and protection. Google Safe Browsing flags this domain for social engineering, and a minority of security vendors (4 out of 95) have marked it as suspicious, signaling active and ongoing phishing activity.

Users are advised to avoid interacting with evmsbitnode.pages.dev and refrain from entering any personal or login information if encountered. Employing browser phishing filters, keeping security software up to date, and verifying URLs before submitting data are recommended best practices. Reporting suspicious domains like this to platforms such as PhishDestroy can help protect others from falling victim to phishing scams.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP ?)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-06 11:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.47
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: nena.ns.cloudflare.com thomas.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ADMINUSLabs", "CyRadar", "Ermes", "ESET", "Emsisoft", "Fortinet", "Google Safebrowsing", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cc28d-7fb5-73ab-bfb1-b78946e9dda1.png
- Wayback Machine: https://web.archive.org/web/https://evmsbitnode.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/evmsbitnode.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/evmsbitnode.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/evmsbitnode.pages.dev/
Last updated: 2026-03-19