# en-download-hub.pages.dev — SUSPICIOUS

> en-download-hub.pages.dev is a fake software download phishing domain with 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies active fake software download phishing activity on en-download-hub.pages.dev with unknown brand impersonation and no confirmed drainer kit integration. The domain leverages Cloudflare Pages hosting to distribute malicious payloads disguised as legitimate software downloads, targeting users seeking free or cracked software. Technical analysis remains ongoing to determine the specific lures or exploit kits involved.  This domain was flagged with a VirusTotal detection score of 0/95 as of the latest scan, indicating no antivirus or security vendor has flagged it. It is registered through Cloudflare, Inc., resolving to IP address 188.114.96.3 under Google Trust Services SSL certification. Creation date and blocklist inclusion status are currently under investigation; no current entries in Google Safe Browsing (GSB) or major threat intelligence blocklists were found at this stage.  The campaign remains active as of this report. Immediate response actions include domain takedown requests to Cloudflare and monitoring for shifts in detection status or payload delivery. Remaining risk is classified as under investigation due to low detection rates and unconfirmed exploit methods. Users are advised to avoid downloading software from untrusted domains and verify sources through official channels.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b38a97b7-54e7-4f89-be35-271ebbab32cd
- PhishDestroy: https://phishdestroy.io/domain/en-download-hub.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/en-download-hub.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/en-download-hub.pages.dev/
Last updated: 2026-03-22