# official-exos.pages.dev — SUSPICIOUS

> official-exos.pages.dev is flagged for brand impersonation phishing with a crypto drainer. Only 1 of 95 VirusTotal vendors detected this scam.

## Summary
PhishDestroy identifies official-exos.pages.dev as a live brand impersonation site actively distributing a crypto drainer. This domain mimics a legitimate service to trick users into connecting wallets and transferring funds to attacker-controlled addresses. The page leverages Cloudflare Pages hosting and a valid Google Trust Services SSL certificate to appear authentic, but its true nature is exposed by extremely low detection rates across security vendors. Avoid interacting with this domain and treat any unsolicited links claiming to lead here as malicious.  This domain was flagged by PhishDestroy after VirusTotal reported only 1 of 95 security vendors detected the threat as of the last scan. It resolves to IP 188.114.97.3 and is registered through Cloudflare, Inc., which obscures the true ownership and location of the operators. The site uses a Google Trust Services SSL certificate to mimic legitimate infrastructure, a common tactic in modern phishing campaigns to bypass browser warnings and gain user trust.  If you visited official-exos.pages.dev or entered any information, immediately disconnect your wallet from the site, revoke any unauthorized connections in your wallet settings, and transfer remaining assets to a secure, offline wallet. Report the domain to your antivirus provider and avoid reusing passwords or seed phrases. Consider enabling wallet protection features like transaction simulation and hardware wallet isolation to prevent future attacks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3423244b-18fe-4776-a6cf-498da5a9bb13
- PhishDestroy: https://phishdestroy.io/domain/official-exos.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/official-exos.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/official-exos.pages.dev/
Last updated: 2026-03-22