# landing-purefi-io-safari.pages.dev — SUSPICIOUS

> landing-purefi-io-safemode.pages.dev is a generic phishing page hosted on Cloudflare, resolving to 172.66.47.102.

## Summary
PhishDestroy identifies landing-purefi-io-safemode.pages.dev as an active generic phishing domain designed to deceive users into divulging sensitive information under false pretenses. The page mimics legitimate service interfaces, leveraging Cloudflare Pages hosting to obfuscate its malicious infrastructure. Threat actors commonly deploy such domains in widespread credential harvesting campaigns, often masquerading as financial, tech, or support portals to lure victims.  This domain was flagged through automated threat intelligence pipelines, revealing key technical indicators for security teams. It resolves to IP address 172.66.47.102 via Cloudflare, Inc., a common hosting provider for both benign and malicious content due to its privacy-preserving features. Current VirusTotal analysis shows 0 out of 95 security engines detecting the sample, indicating a newly emerged or actively evolving threat that has evaded signature-based detection. The use of Cloudflare Pages, a legitimate platform, further complicates takedown efforts and enhances operational security for attackers.  Users who have encountered this domain should immediately cease any interaction and avoid entering personal or credential information. If credentials were submitted, change passwords immediately and enable multi-factor authentication on all related accounts. Report the domain to your security team or via platforms like PhishDestroy’s threat submission portal. Network defenders are advised to block the resolved IP 172.66.47.102 and monitor for outbound connections to this host. Given the low detection rate, proactive blocking at the DNS or firewall level is recommended to mitigate potential compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.102

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- PhishDestroy: https://phishdestroy.io/domain/landing-purefi-io-safari.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/landing-purefi-io-safari.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/landing-purefi-io-safari.pages.dev/
Last updated: 2026-03-26