# exesdeusweb.pages.dev — SUSPICIOUS

> PhishDestroy identifies exesdeusweb.pages.dev as a crypto drainer scam with 0/95 VirusTotal detections. Verify URLs before transactions to avoid fund loss.

## Summary
PhishDestroy identifies exesdeusweb.pages.dev as a crypto drainer scam actively targeting cryptocurrency users. This domain mimics legitimate crypto services to deceive victims into connecting wallets and authorizing fraudulent transactions. The threat involves malicious JavaScript embedded in the site that drains funds upon wallet connection, leveraging social engineering tactics such as fake airdrops or 'exclusive' token offers.  This domain was flagged under seed 610a72 with the following technical indicators: it resolves to IP 188.114.97.3, operates under Cloudflare’s infrastructure, and utilizes a Google Trust Services SSL certificate. VirusTotal currently shows 0/95 detections, indicating it remains undetected by most antivirus engines as of the latest scan. The domain leverages Pages.dev, a legitimate Cloudflare service, to host its malicious payload, making it harder to block at the network level.  If you visited exesdeusweb.pages.dev, disconnect your wallet immediately and revoke any unauthorized permissions via your wallet’s interface or tools like revoke.cash. Do not interact with wallet connection prompts or enter seed phrases on this site. Report the domain to your antivirus provider and relevant platforms (e.g., Google Safe Browsing) to help block its spread. Stay vigilant for similar crypto drainer domains exploiting Cloudflare Pages to evade detection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c8c3f22a-b889-4b10-890d-95854a81751b
- PhishDestroy: https://phishdestroy.io/domain/exesdeusweb.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/exesdeusweb.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/exesdeusweb.pages.dev/
Last updated: 2026-03-22