# app-lrdgelive-eng.pages.dev — SUSPICIOUS

> PhishDestroy identifies app-lrdgelive-eng.pages.dev as a Google Trust Services-validated phishing domain resolving to IP 188.114.96.

## Summary
PhishDestroy flagged app-lrdgelive-eng.pages.dev as a Google-baiting phishing domain deploying a generic draina kit, leveraging Cloudflare Pages hosting to impersonate legitimate Google services. The infrastructure relies on Google Trust Services SSL certificate (CN *.pages.dev) to deceive visitors while resolving to IP 188.114.96.3 via Cloudflare network. While currently undetected by VirusTotal (0/95 engines), the site is an active campaign designed to harvest credentials under the guise of Google authentication flows.

Technical indicators confirm zero detection on VirusTotal (0/95), registration through Cloudflare, Inc., and an SSL certificate issued by Google Trust Services. The domain resolves to infrastructure IP 188.114.96.3 and operates under Cloudflare Pages hosting, leveraging the pages.dev wildcard to simulate authenticity. With no documented brand-specific draina kit identified at this stage and zero detections to date, the site remains unblocked by Safe Browsing or major blocklists.

Current status shows active operation with zero VirusTotal coverage despite clear Google Trust Services certificate which may reduce user suspicion. Immediate response includes avoiding interaction, blocking the IP 188.114.96.3 at network level, and reporting via Google Safe Browsing and Cloudflare abuse channels. Remaining risk is moderate due to certificate legitimacy and Cloudflare hosting, warranting heightened caution from users expecting Google-branded services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/app-lrdgelive-eng.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/app-lrdgelive-eng.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/app-lrdgelive-eng.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/app-lrdgelive-eng.pages.dev/
Last updated: 2026-04-03