# mova-bridge.pages.dev — SUSPICIOUS

> The domain mova-bridge.pages.dev is actively engaged in generic phishing, specifically credential harvesting.

## Summary
PhishDestroy identifies mova-bridge.pages.dev as a domain currently under investigation for credential harvesting phishing activity. The site remains active and poses an immediate risk to unsuspecting users who may input sensitive information.  This domain was flagged by 0 of 95 VirusTotal vendors, indicating a low detection rate at the time of analysis. It is registered through Cloudflare, Inc., resolves to IP 172.66.47.202, and operates under a Google Trust Services SSL certificate. No additional blocklist data or trust scores were available for further context.  As the investigation is ongoing, users are strongly advised to avoid accessing mova-bridge.pages.dev or any linked content. Organizations should consider blocking the domain at the DNS or firewall level. If any interaction has occurred, users must reset credentials immediately, enable multi-factor authentication, and report the incident to relevant security teams for further action.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.202

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5ff81103-5c60-4919-9295-ffe1907aab8d
- PhishDestroy: https://phishdestroy.io/domain/mova-bridge.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/mova-bridge.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/mova-bridge.pages.dev/
Last updated: 2026-03-27