# en-live-le-dgr--us.pages.dev — SUSPICIOUS

> PhishDestroy flags en-live-le-dgr--us.pages.dev for fake login page scam. Only 2/95 security vendors detected. Check the full report.

## Summary
PhishDestroy identifies en-live-le-dgr--us.pages.dev as an active fake login page domain hosting a phishing scam designed to harvest credentials. Threat analysts classify this as an elevated-risk domain with confirmed malicious intent, operating under the guise of legitimate content to deceive users. The page mimics trusted login interfaces to trick victims into surrendering sensitive login credentials, payment details, or personal data. Technical telemetry confirms the domain is live and engaged in active phishing operations, posing immediate risk to unsuspecting visitors.  This domain was flagged by PhishDestroy with an elevated risk level based on confirmed indicators. VirusTotal analysis shows only 2 out of 95 security vendors have flagged the domain, indicating low detection coverage despite clear malicious intent. It is registered through Cloudflare, Inc., leveraging Cloudflare’s infrastructure for anonymity and evasion. The domain resolves to IP address 188.114.96.3 and operates under a Google Trust Services SSL certificate, which may lend false credibility to users. The infrastructure and certificate choice suggest an attempt to appear legitimate while hosting fraudulent content. The domain’s recent creation and minimal detection underscore the sophistication of modern phishing campaigns.  To mitigate risk, users should immediately avoid interacting with en-live-le-dgr--us.pages.dev and report the domain to their security teams or browser vendors. Organizations should block the IP 188.114.96.3 and domain at the network perimeter using DNS filtering or firewall rules. Since the threat involves fake login pages, enable multi-factor authentication (MFA) on all accounts and educate users to verify URLs before entering credentials. Report the domain to abuse channels at Cloudflare and Google Trust Services to expedite takedown. Regular monitoring of DNS and SSL certificate changes can help detect similar evasive tactics used by threat actors.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5c392a77-8edb-4d2f-b81f-fa95a1b757a9
- PhishDestroy: https://phishdestroy.io/domain/en-live-le-dgr--us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/en-live-le-dgr--us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/en-live-le-dgr--us.pages.dev/
Last updated: 2026-03-21