# auth-lezgerlogo-get-eng.pages.dev — MALICIOUS

> PhishDestroy flags auth-lezgerlogo-get-eng.pages.dev as a live credential-harvesting page hosted on Cloudflare.

## Summary
PhishDestroy identifies active credential-harvesting infrastructure at auth-lezgerlogo-get-eng.pages.dev, a Cloudflare Pages domain resolving to IP 188.114.96.3. The site masquerades as a legitimate Google authentication portal to steal entered credentials.

This domain was flagged by 12 of 95 VirusTotal security vendors, indicating moderate detection but confirmed hostile activity. Registrant data shows Cloudflare, Inc. as the hosting provider, while the site leverages a Google Trust Services SSL certificate to enhance credibility. The infrastructure is currently live and poses an elevated risk to any user who accesses the page.

Users who visited auth-lezgerlogo-get-eng.pages.dev should immediately change any submitted credentials, enable multi-factor authentication on affected accounts, and scan endpoints for compromise. Report the domain to security teams for blocking and avoid further interaction. Monitor for unusual authentication activity that could indicate credential misuse.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3e3b9f2c-7d30-4cb5-a4d2-06d76d9de51c
- PhishDestroy: https://phishdestroy.io/domain/auth-lezgerlogo-get-eng.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/auth-lezgerlogo-get-eng.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/auth-lezgerlogo-get-eng.pages.dev/
Last updated: 2026-03-30