# navietkoreeark-cqlkeuluqqvyxltkgazntngd.pages.dev — MALICIOUS

> navietkoreeark-cqlkeuluqqvyxltkgazntngd.pages.dev is a high-risk phishing domain. Avoid interaction and ensure your credentials stay safe.

## Summary
PhishDestroy has identified navietkoreeark-cqlkeuluqqvyxltkgazntngd.pages.dev as a high-risk generic phishing domain. This domain poses a significant threat to users by attempting to deceive victims into divulging sensitive information. The risk level is elevated due to its association with social engineering tactics aimed at credential theft or fraud.

Supporting evidence for this classification includes the domain's recent creation date on February 21, 2026, which aligns with common phishing infrastructure trends of using newly registered domains. It resolves to IP address 172.66.46.210 and is registered through Cloudflare, Inc., a common hosting provider that phishing actors exploit for rapid deployment. The domain has been flagged by Google Safe Browsing for social engineering, appears on one security blocklist, and VirusTotal detected malicious activity from 15 out of 95 security vendors. The page title “Suspected phishing site | Cloudflare” confirms its malicious intent.

To mitigate risks, users should avoid visiting the domain and report any suspicious communications referencing it. Network administrators are advised to block this domain and monitor for any related phishing campaigns. PhishDestroy notes that the domain is currently offline, reducing its immediate threat, but vigilance remains crucial as threat actors often cycle through alternate domains. Continuous monitoring and user education are essential to prevent compromise from similar phishing attempts.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.46.210
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["jade.ns.cloudflare.com", "lee.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "ESET", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Lionic", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c2c4f-954c-737c-9b84-bf5f350733d1.png
- PhishDestroy: https://phishdestroy.io/domain/navietkoreeark-cqlkeuluqqvyxltkgazntngd.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/navietkoreeark-cqlkeuluqqvyxltkgazntngd.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/navietkoreeark-cqlkeuluqqvyxltkgazntngd.pages.dev/
Last updated: 2026-03-19