# azuredex.pages.dev — SUSPICIOUS

> PhishDestroy flags azuredex.pages.dev as a live Microsoft 365 credential phishing page (1/95 VT detections). Check the full report.

## Summary
PhishDestroy identifies azuredex.pages.dev as an active phishing domain currently distributing Microsoft 365 credential harvesting pages. The site is live and actively engaging with potential victims, prompting immediate defensive action to block access and inspect endpoints for compromise.

This domain was flagged by only 1 of 95 VirusTotal vendors at the time of analysis, indicating a low but present detection gap that threat actors frequently exploit to evade early warning systems. Registered through Cloudflare, Inc., azuredex.pages.dev resolves to 172.66.44.126 and is served via a Google Trust Services SSL certificate, leveraging trusted infrastructure to enhance credibility. Despite its recent appearance on the threat landscape, the domain has not yet been added to major blocklists, providing adversaries with a fresh platform for social engineering and data exfiltration campaigns.

Given the active status and low detection coverage, organizations and individuals should treat azuredex.pages.dev as a high-risk indicator of compromise. Immediate actions include blocking the domain at DNS and network levels, inspecting email and web traffic for access attempts, and verifying credentials exposed to any linked landing pages. Users who may have entered information should change passwords immediately and enable multi-factor authentication wherever possible. Continuous monitoring of this domain’s infrastructure is advised due to its potential to escalate in sophistication or pivot to related malicious activities.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.126

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/36e46eac-0d8c-49eb-831e-406e41e68958
- PhishDestroy: https://phishdestroy.io/domain/azuredex.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/azuredex.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/azuredex.pages.dev/
Last updated: 2026-03-22