# kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev — MALICIOUS

> kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev is a high-risk phishing domain. Learn about its threats and stay protected with PhishDestroy insights.

## Summary
PhishDestroy identifies kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev as an active generic phishing domain. Classified under high risk, this domain is designed to deceive users by mimicking legitimate services to harvest sensitive information such as login credentials or financial data. The structure and naming conventions indicate an attempt to evade casual detection, often associated with phishing campaigns leveraging cloud-based hosting.

Technical analysis reveals that the domain is registered through Cloudflare, Inc., a popular provider that offers DNS and CDN services, often exploited by threat actors for quick deployment and anonymization. The domain resolves to IP address 172.66.45.23, which is consistent with Cloudflare’s infrastructure. VirusTotal detection shows 11 out of 95 security vendors flagging this domain, confirming its malicious intent. These indicators are supported by the domain’s active status and its use in ongoing phishing attacks aimed at compromising victims’ credentials.

Currently, kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev remains active and continues to pose a significant threat to users. PhishDestroy recommends immediate blocking and monitoring for related activity. Users and organizations should remain vigilant against suspicious emails or links directing to this domain. Continuous threat intelligence updates are essential to mitigate risks associated with this phishing infrastructure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-09 01:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.45.23
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: brady.ns.cloudflare.com ximena.ns.cloudflare.com
- SSL Issuer: Let's Encrypt / E8

## Detection Status
- VirusTotal: 12 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "DNS8", "Emsisoft", "G-Data", "Gridinsoft", "Lionic", "MalwareURL", "Netcraft", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/rBRpQWB/95cf734cefab.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/b8b02acd-6f33-46bc-a8ec-0f3265781f93
- Wayback Machine: https://web.archive.org/web/https://kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/kelvo-mirix-biz-punra-zxgw22526v-glavix.pages.dev/
Last updated: 2026-03-19