# web-archai.pages.dev — SUSPICIOUS

> web-archai.pages.dev is a phishing site hosting a generic drainer kit. It currently has zero VirusTotal detections despite active hosting on Cloudflare IP 188.

## Summary
PhishDestroy identifies web-archai.pages.dev as a recently activated domain flagged for hosting a generic phishing drainer kit. The page is registered under Cloudflare’s infrastructure and resolves to IP 188.114.97.3 via a Google Trust Services SSL certificate. At present, this domain remains under investigation with zero VirusTotal detections recorded, indicating unflagged malicious content awaiting broader recognition.  

 Technical indicators confirm minimal defensive coverage: VirusTotal reports 0/95 detections, Cloudflare, Inc. serves as the registrar, and the IP address points to a known Cloudflare node. The domain leverages Google Trust Services for SSL issuance and has yet to be included in major blocklists. These attributes suggest a newly deployed campaign relying on trusted hosting and encryption to evade detection.  

 As of this assessment, web-archai.pages.dev remains active and unblocked by major security vendors. No coordinated takedown or blocklisting response has been observed, maintaining exposure risk for users. While the current threat is classified as generic and low-coverage, users are strongly advised to avoid interaction and report the domain. Remaining risk is moderate due to ongoing investigation and potential escalation into broader phishing campaigns.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/caa8ab43-65b0-4f48-81f2-6b4c0bedcc4a
- PhishDestroy: https://phishdestroy.io/domain/web-archai.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/web-archai.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web-archai.pages.dev/
Last updated: 2026-03-25