# pawfuryweb.pages.dev — MALICIOUS

> Discover the high-risk phishing threat from pawfuryweb.pages.dev. Learn why this domain was taken offline after multiple security flags.

## Summary
PhishDestroy identifies pawfuryweb.pages.dev as a high-risk generic phishing domain. Registered recently on February 21, 2026, this domain was designed to deceive users by mimicking legitimate services. Its classification as phishing is supported by multiple security detections and blocklist appearances.

The domain resolves to IP address 172.66.44.77 and was registered through Cloudflare, Inc., a popular registrar often abused for malicious purposes. According to VirusTotal, 15 out of 95 security vendors have flagged this domain, confirming its malicious intent. Additionally, it appears on seven distinct security blocklists, reinforcing its threat status within the cybersecurity community.

Currently, pawfuryweb.pages.dev has been taken offline to prevent further exploitation. The page title retrieved from Cloudflare indicates a suspected phishing site warning, which aligns with the domain's risk profile. PhishDestroy recommends ongoing monitoring of domains with similar characteristics and urges caution when encountering unfamiliar Cloudflare-registered sites with recent creation dates.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.77
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["meadow.ns.cloudflare.com", "denver.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "ArcSight Threat Intelligence", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 7 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "Polkadot", "SEAL", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019a816d-8042-717a-a13b-bf05ba218050.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/9b80e5ba-f0e4-4633-9a1f-cc8386fc6251
- PhishDestroy: https://phishdestroy.io/domain/pawfuryweb.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/pawfuryweb.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pawfuryweb.pages.dev/
Last updated: 2026-03-19