# emaar123.pages.dev — SUSPICIOUS

> emaar123.pages.dev is hosting a fake Emaar Properties phishing page. VirusTotal reports 0/95 detections so far. Check the full report.

## Summary
PhishDestroy identifies emaar123.pages.dev as a currently active phishing domain impersonating Emaar Properties, a major real estate developer. This fraudulent site exploits the brand’s reputation to deceive visitors into surrendering sensitive credentials or payment details. The domain resolves to IP 172.66.47.143 and leverages Cloudflare’s infrastructure for anonymity, while its SSL certificate from Let’s Encrypt lends a false appearance of legitimacy. As of the latest scan, VirusTotal shows zero detections out of 95 security engines, indicating this threat remains largely undetected by automated defenses.

This domain was flagged under investigation due to its use of the Cloudflare Pages platform and recent registration through Cloudflare, Inc., which complicates takedown efforts. The lack of blocklist entries and low detection rate suggest this phishing campaign is still in early deployment, increasing the risk of exposure to unsuspecting users. The threat actor’s choice of a Let’s Encrypt certificate further underscores their attempt to appear authentic, targeting individuals seeking property-related services or financial transactions.

If you have visited emaar123.pages.dev, immediately cease any interaction with the site and avoid entering personal, financial, or login credentials. Scan your device with updated antivirus software and review financial statements for unauthorized transactions. Report the domain to your IT security team or the legitimate Emaar Properties platform to aid in its removal. Stay vigilant for phishing emails or messages referencing Emaar Properties, as this campaign may expand through social engineering tactics.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.143

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f52b1c4c-f9a3-488e-b11c-d1e77b7324e2
- PhishDestroy: https://phishdestroy.io/domain/emaar123.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/emaar123.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/emaar123.pages.dev/
Last updated: 2026-03-21