# lastaml2.pages.dev — SUSPICIOUS > lastaml2.pages.dev is a credential harvesting phishing domain detected by PhishDestroy. Resolves to 188.114.96.3 with 0/95 VirusTotal detections. ## Summary PhishDestroy identifies lastaml2.pages.dev as an active credential harvesting phishing domain currently under investigation. This cloud-hosted page masquerades as a legitimate service to steal user credentials, posing an immediate risk to unwary visitors. This domain was flagged with a risk level marked as 'under_investigation' but remains actively malicious. Intelligence reveals it is registered via Cloudflare, Inc., leveraging a Google Trust Services SSL certificate for a false sense of security. VirusTotal currently shows 0/95 detections, suggesting evasion of traditional antivirus tools. It resolves to IP 188.114.96.3, a Cloudflare-hosted address linked to dynamic phishing infrastructures. The seed identifier (245c78) links it to a broader campaign tracked by SOC teams. Organizations and users should treat lastaml2.pages.dev as a high-priority threat. Block the domain at DNS and firewall levels using the FQDN and associated IP. Warn employees and customers to avoid clicking links from unsolicited messages referencing this domain or similar patterns. Enable multi-factor authentication (MFA) across all services to mitigate credential theft impact. Report any observed interactions with the domain to your security team or PhishDestroy for further analysis. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/a5cc206d-3d21-4320-aa33-464f5ce30bdd - PhishDestroy: https://phishdestroy.io/domain/lastaml2.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/lastaml2.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/lastaml2.pages.dev/ Last updated: 2026-03-22