# neiros.pages.dev — SUSPICIOUS

> neiros.pages.dev impersonates a crypto giveaway scam. VirusTotal confirms 1/95 vendors flagged this phishing site. Check the full report.

## Summary
PhishDestroy identifies neiros.pages.dev as an active cryptocurrency giveaway scam designed to trick users into surrendering digital assets under the guise of a promotional offer.

This domain exhibits multiple red flags: the site has a valid SSL certificate issued by Google Trust Services and operates on Cloudflare’s infrastructure, yet it remains flagged by 2 independent security blocklists, including detection engines from Enkrypt and ScamSniffer. Most critically, VirusTotal analysis reveals that only 1 out of 95 participating security vendors has marked this domain as malicious, highlighting its deceptive and targeted nature. The domain resolves to IP address 188.114.97.3 and continues to host active phishing content designed to harvest wallet credentials or initiate unauthorized cryptocurrency transfers.

Users who have visited neiros.pages.dev should immediately disconnect from the site, clear browser cache and cookies, and scan their devices with a trusted antivirus tool. If any cryptocurrency wallet information was entered on the page, cease using that wallet immediately and transfer remaining assets to a newly created, secure wallet with a strong passphrase. Enable two-factor authentication on all financial accounts and report the scam to your wallet provider and relevant crypto exchange platforms to help prevent further abuse. Exercise heightened caution when encountering unsolicited crypto promotions, especially those claiming to offer free giveaways.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["Enkrypt", "ScamSniffer"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9513bda5-b8b2-4826-bac0-b4cb965287f3
- PhishDestroy: https://phishdestroy.io/domain/neiros.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/neiros.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/neiros.pages.dev/
Last updated: 2026-03-22