# lderglive-support-en.pages.dev — SUSPICIOUS > lderglive-support-en.pages.dev is a Google Pages-hosted phishing page (2/95 VT detections) mimicking tech support to steal credentials. ## Summary lderglive-support-en.pages.dev has been confirmed as an active phishing site hosted on Google Pages, leveraging Cloudflare infrastructure to impersonate technical support portals. The domain is designed to harvest sensitive user credentials through fraudulent login forms, posing an elevated risk to individuals seeking legitimate support services. No known brand or drainer kit attribution is available at this time, but the generic nature of the page suggests opportunistic credential theft rather than targeted corporate espionage. PhishDestroy identifies this as a generic phishing campaign with a specific focus on deception through Google’s trusted Pages service. Technical indicators confirm the malicious nature of this domain. VirusTotal reports 2 out of 95 security vendors flagging lderglive-support-en.pages.dev, with SSL certification issued by Google Trust Services to exploit inherent trust in Google domains. The domain is registered through Cloudflare, Inc. and resolves to IP address 172.66.47.103. As a Google Pages subdomain, the creation date is controlled by Google’s hosting platform, and its presence on Google infrastructure further complicates blocklisting by domain alone. Security telemetry suggests this site has likely evaded detection due to its use of legitimate hosting services for malicious ends. The domain remains active as of latest observation, with no confirmed takedown or remediation by hosting providers. Users are strongly advised to avoid interacting with any links or content associated with this domain. Immediate action should include reporting the domain to relevant threat intelligence platforms and local CERT teams. While Google Pages and Cloudflare may eventually respond to abuse complaints, the remaining risk is elevated due to the domain’s active status and use of reputable hosting infrastructure. Continuous monitoring is required, and organizations should consider DNS-level blocking of the IP 172.66.47.103 as a precautionary measure. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.103 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f8b05d6d-104d-4da7-b3d3-d0a0f036a941 - PhishDestroy: https://phishdestroy.io/domain/lderglive-support-en.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/lderglive-support-en.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/lderglive-support-en.pages.dev/ Last updated: 2026-03-29