# lmwxcvkmwcv.pages.dev — SUSPICIOUS

> lmwxcvkmwcv.pages.dev is a newly detected credential-harvesting site hosted on Cloudflare’s Pages.dev, undetected by VirusTotal (0/95).

## Summary
PhishDestroy identifies lmwxcvkmwcv.pages.dev as a live credential-harvesting endpoint engineered to trick users into entering sensitive credentials under false pretenses.

This domain was flagged by PhishDestroy with zero VirusTotal detections out of 95 engines as of seed 9c020e, providing early-warning advantage. The site is registered through Cloudflare, Inc. and resolves to IP address 172.66.44.90 behind a Google Trust Services SSL certificate, a combination attackers increasingly abuse to mask malicious intent.

If you visited lmwxcvkmwcv.pages.dev, assume your credentials or personal information may have been compromised. Change any passwords you entered and enable multi-factor authentication on affected accounts. Scan devices for malware, revoke any suspicious OAuth grants, and report the domain to your security team or browser vendor for immediate takedown.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.90

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/lmwxcvkmwcv.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/lmwxcvkmwcv.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/lmwxcvkmwcv.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/lmwxcvkmwcv.pages.dev/
Last updated: 2026-04-10