# meta-assembler.pages.dev — MALICIOUS

> meta-assembler.pages.dev is flagged for phishing and currently offline. Avoid interaction to protect your data from fraud attempts.

## Summary
PhishDestroy identifies meta-assembler.pages.dev as a high-risk generic phishing domain. This classification is based on strong indicators of fraudulent intent aimed at deceiving users into divulging sensitive information. The threat level is rated high due to the domain's phishing nature, which poses significant risks to user privacy and security.

Analysis reveals that meta-assembler.pages.dev resolves to IP address 172.66.47.29 and is registered through Cloudflare, Inc., a common platform exploited for hosting malicious sites. The domain was created recently on February 21, 2026, which is typical of phishing operations that leverage newly registered domains to evade detection. VirusTotal flags the domain by 14 out of 95 security vendors, and it appears on at least one security blocklist, reinforcing the classification as a phishing threat.

Mitigation efforts have resulted in the domain being taken offline, preventing further exposure to potential victims. Users are advised not to visit or interact with meta-assembler.pages.dev, as it may attempt to steal credentials or deploy malware. Organizations should update their internal blocklists and monitor for related phishing campaigns to maintain security posture. PhishDestroy continues to track the domain’s status to inform the community of any changes.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.29
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["asa.ns.cloudflare.com", "elmo.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bbb7f-0153-758b-9ec1-c2871d339c46.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/4e2d9e47-fdec-4ca3-9c27-af72531340a0
- PhishDestroy: https://phishdestroy.io/domain/meta-assembler.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/meta-assembler.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/meta-assembler.pages.dev/
Last updated: 2026-03-19