# openoceean-swaap-io-us.pages.dev — SUSPICIOUS

> openoceean-swaap-io-us.pages.dev flagged for fake crypto swap phishing, 0/95 VirusTotal detections. Check the full report for details.

## Summary
PhishDestroy identifies openoceean-swaap-io-us.pages.dev as a confirmed cryptocurrency swap phishing domain actively engaged in fraudulent activities. This page is currently under investigation by cybersecurity teams due to strong indicators of credential harvesting and fund misappropriation targeting unsuspecting users of decentralized finance platforms. The threat actor leverages Cloudflare’s infrastructure to obfuscate hosting origins while impersonating legitimate swap interfaces to deceive visitors into connecting wallets or entering sensitive recovery phrases.


This domain was flagged by 0 of 95 VirusTotal vendors, indicating it has yet to be detected by mainstream antivirus engines despite its malicious infrastructure. Registered through Cloudflare, Inc., the domain resolves to IP address 172.66.47.46 and is secured with a Google Trust Services SSL certificate, exploiting trust indicators to appear legitimate. While creation date and blocklist participation metrics remain unverified, the domain’s use of Pages.dev under Cloudflare’s platform suggests a rapid deployment strategy aimed at evading traditional takedown measures. The IP address is associated with known cloud hosting environments frequently abused for phishing-as-a-service operations, particularly those targeting DeFi users.


The domain remains active and poses a HIGH RISK to internet users engaging in cryptocurrency transactions. Users are advised to avoid interacting with openoceean-swaap-io-us.pages.dev and any associated links or forms. Security teams should block this domain at network and endpoint levels using DNS filtering and intrusion prevention systems. Organizations are encouraged to monitor for signs of credential compromise or unauthorized wallet connections related to this domain. Immediate reporting to cybersecurity platforms such as PhishDestroy or local CERT teams is recommended to accelerate investigation and takedown efforts. Users who have already entered credentials or connected wallets should revoke permissions immediately and transfer remaining assets to secure wallets.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.46

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/openoceean-swaap-io-us.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/openoceean-swaap-io-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/openoceean-swaap-io-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/openoceean-swaap-io-us.pages.dev/
Last updated: 2026-04-10