# leggar-live-connect.pages.dev — SUSPICIOUS

> legar-live-connect.pages.dev is a credential phishing site mimicking a login page. 0/95 VirusTotal detections as of today. Check the full report.

## Summary
PhishDestroy identifies leggar-live-connect.pages.dev as an active credential-phishing domain masquerading as a live-connection login portal. The site is currently classified as under investigation with a high-risk profile due to its clear intent to harvest user credentials. All indicators point to a targeted campaign aimed at tricking visitors into submitting sensitive login information under the guise of a legitimate service session.


This domain was flagged by PhishDestroy on seed c88c63 with a generic-phishing threat type. VirusTotal shows 0 out of 95 antivirus engines detecting the URL as malicious, the domain is registered through Cloudflare, Inc., and the SSL certificate is issued by Google Trust Services. The site resolves to IP 188.114.97.3, a Cloudflare-operated address linked to dynamic hosting environments frequently abused for short-lived phishing campaigns. No public blocklists currently list the domain, and the .pages.dev subdomain indicates a Pages.dev project, a platform often exploited for rapid deployment of spoofed login pages.


To mitigate credential-phishing exposure, avoid clicking links in unsolicited emails or messages referencing live sessions or account connections. Verify any unexpected login prompts by navigating directly to the official domain and enabling multi-factor authentication wherever possible. Report suspicious URLs immediately to your security team and consider using browser-based phishing filters or DNS-level protection to block access to this domain and similar Pages.dev-hosted lures.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e3fe815c-acf2-41da-97bf-99a91bafa8f9
- PhishDestroy: https://phishdestroy.io/domain/leggar-live-connect.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leggar-live-connect.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leggar-live-connect.pages.dev/
Last updated: 2026-03-22