# xdu-web-welet-us-en.pages.dev — SUSPICIOUS

> xdu-web-welet-us-en.pages.dev is flagged for phishing risks. Learn more about its activity and stay protected. Avoid interacting with this domain.

## Summary
PhishDestroy identifies xdu-web-welet-us-en.pages.dev as a domain engaged in generic phishing activities. This domain is categorized under medium risk due to its suspicious behavior and potential to deceive users through fraudulent schemes.

The domain is registered via Cloudflare, Inc. and resolves to the IP address 172.66.46.243. It has appeared on two separate security blocklists, highlighting its presence in multiple threat intelligence feeds. The use of Cloudflare's infrastructure indicates attempts to obscure the hosting environment, complicating direct tracing efforts.

Currently, xdu-web-welet-us-en.pages.dev remains active and continues to pose a threat to users. PhishDestroy recommends avoiding any interaction with this domain and urges organizations to update their blocking policies accordingly to mitigate potential phishing attacks associated with this site.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-04 23:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.46.243
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: etta.ns.cloudflare.com uriah.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 2 vendors flagged
  Vendors: ["ChainPatrol", "Phishing Database"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "MetaMask"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbaed-0ec4-70b1-9029-efb3dae0e8fc.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/xdu-web-welet-us-en.pages.dev
- Wayback Machine: https://web.archive.org/web/https://xdu-web-welet-us-en.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/xdu-web-welet-us-en.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/xdu-web-welet-us-en.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/xdu-web-welet-us-en.pages.dev/
Last updated: 2026-03-19