# feedback-iseg-code-camp.pages.dev — SUSPICIOUS

> New phishing domain feedback-iseg-code-camp.pages.dev linked to active credential harvesting. 0/95 detections on VirusTotal. Review the full report.

## Summary
PhishDestroy identifies feedback-iseg-code-camp.pages.dev as a live credential-harvesting phishing site masquerading as an ISEG code-camp feedback portal. The single-page HTML lure prompts users to enter Microsoft or Google account credentials under the guise of “finalizing registration,” exfiltrating data to a backend collector hosted elsewhere. SSL is provisioned via Google Trust Services, giving the page an air of legitimacy at first glance, while Cloudflare Pages hosts the payload to evade traditional network-layer blocking.


Investigative pivot shows the domain resolves to 188.114.96.3 and currently sits at 0/95 on VirusTotal with zero vendor flags, indicating a fresh campaign still under the radar. Registrant details are cloaked behind Cloudflare Registrar privacy, and the Cloudflare Pages site was instantiated only days ago; despite its youth, it remains unlisted on any public blocklist we queried. The combination of a trustworthy SSL issuer, rapid provisioning via a reputable hosting partner, and the absence of AV coverage creates a potent blend for successful compromise.


If you or any user in your environment visited feedback-iseg-code-camp.pages.dev, immediately rotate passwords for any account entered on the page and enable multi-factor authentication where available. Review authentication logs for anomalous sign-ins from unfamiliar IP ranges, especially around the time of first contact. Block the naked IP 188.114.96.3 and the FQDN at DNS and perimeter layers; if your stack supports JA3 fingerprinting, add the Google Trust Services leaf certificate fingerprint to decryption rules to catch follow-on variants. Finally, force a password-reset campaign for any corporate accounts that may have been exposed and conduct a phishing-awareness refresh to curb further exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4cbbaf59-b956-4675-9e42-777e560913c1
- PhishDestroy: https://phishdestroy.io/domain/feedback-iseg-code-camp.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/feedback-iseg-code-camp.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/feedback-iseg-code-camp.pages.dev/
Last updated: 2026-03-25