# web3-nodeprotocol.host — MALICIOUS

> web3-nodeprotocol.host is flagged for phishing and now offline. Learn what this means and how to stay protected against scams.

## Summary
PhishDestroy identifies web3-nodeprotocol.host as a high-risk phishing domain targeting unsuspecting users. Phishing threats like this manipulate individuals into divulging sensitive data, which can lead to identity theft, financial loss, and broader cybercrime. Staying informed about such dangers is critical to maintaining online safety.

This domain was registered on February 21, 2026, and quickly appeared on 7 security blocklists. Despite being registered through a dead domain channel, it attracted attention from multiple antivirus engines, with 13 out of 95 security vendors flagging it on VirusTotal. Currently, web3-nodeprotocol.host is offline, indicating it has been taken down, likely due to enforcement actions or preemptive security measures.

Users are strongly advised to avoid interacting with this domain or similar suspicious sites. Regularly updating security software, verifying URLs before submitting personal information, and using multifactor authentication can help mitigate phishing risks. Reporting suspicious domains to trusted security platforms like PhishDestroy also contributes to collective cybersecurity efforts.

## Threat Details
- Verdict: MALICIOUS
- Site status: alive (HTTP 530)
- Page title: Dapps Leading Synthetic Protocol

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- IP: 2a02:4780:2b:1876:0:34f6:565a:2
- SSL Issuer: ZeroSSL RSA Domain Secure Site CA

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Seclookup", "Sophos"]
- Google Safe Browsing: clean
- Blocklists: 7 hits
  Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "Polkadot", "SEAL", "Enkrypt", "Codeesura"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0198c6ed-c816-70ac-93e2-ab8261446c5c.png
- PhishDestroy: https://phishdestroy.io/domain/web3-nodeprotocol.host/
- LLM endpoint: https://phishdestroy.io/domain/web3-nodeprotocol.host/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web3-nodeprotocol.host/
Last updated: 2026-03-18