# re-verifyrpc.pages.dev — SUSPICIOUS

> re-verifyrpc.pages.dev impersonates a verification portal to steal credentials. This active credential phishing domain has a 1/95 VirusTotal detection rate.

## Summary
PhishDestroy identifies re-verifyrpc.pages.dev as an active credential-phishing site hosted on Cloudflare Pages. The domain mimics a verification portal, likely targeting users under the pretext of account reactivation or security checks. No specific brand or drainer kit has been confirmed at this time, but the infrastructure suggests a low-fidelity but functional social-engineering setup designed for mass credential harvesting.    This domain resolves to IP 188.114.97.3 and was registered via Cloudflare, Inc. It carries a VirusTotal detection score of 1 out of 95 security vendors, indicating minimal detection coverage despite active abuse. Google Safe Browsing lists the domain under the SOCIAL_ENGINEERING category, and the SSL certificate is issued by Google Trust Services — a tactic often used to lend false legitimacy to phishing pages. The domain is embedded within the pages.dev subdomain space, which has become a recurring vehicle for phishing campaigns due to its ease of deployment and short-lived nature.    As of the latest assessment, re-verifyrpc.pages.dev remains active and poses an elevated risk to users entering credentials. Immediate recommendations include blocking the domain at the DNS and network levels, and disabling access via corporate firewalls or browser policies. While current visibility shows low detection, the domain’s infrastructure and abuse patterns suggest ongoing refinement by threat actors. The primary risk remains user credential compromise across unsuspecting targets. Response teams are advised to monitor for downstream account takeover and conduct user awareness training focused on verification-themed lures.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/77d0b48a-6b75-45f0-8d47-f67868eaa5cf
- PhishDestroy: https://phishdestroy.io/domain/re-verifyrpc.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/re-verifyrpc.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/re-verifyrpc.pages.dev/
Last updated: 2026-03-21