# rrverify.pages.dev — SUSPICIOUS

> rrverify.pages.dev is linked to active credential phishing attempts. Stay alert and avoid entering sensitive data on this site. Monitor updates at PhishDestroy.

## Summary
PhishDestroy has identified rrverify.pages.dev as an active credential phishing domain. The site uses a generic page title "Verify" to deceive users into submitting sensitive login information. While no direct detections have been recorded by major security vendors, the domain's behavior and context suggest a likely phishing intent targeting credential compromise.

The domain is registered through Cloudflare, Inc., a common registrar used by threat actors to quickly deploy and obscure phishing infrastructure. It resolves to IP address 188.114.96.3, which currently has no known malicious associations. VirusTotal analysis shows 0/95 detections, indicating that traditional signature-based detection has not flagged this domain yet. However, the use of the Cloudflare Pages platform (pages.dev) suggests attackers are leveraging trusted hosting services to increase legitimacy and evade early detection.

Currently, rrverify.pages.dev remains under investigation with an active status. Users are strongly advised not to interact with this domain or provide any credentials. Organizations should consider adding this domain to internal blocklists and increase monitoring for any related phishing attempts. Continued observation and community reporting will be essential to track any evolution in this threat's tactics or infrastructure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: Verify

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.96.3
- Nameservers: junade.ns.cloudflare.com marlowe.ns.cloudflare.com
- SSL Issuer: E7

## Detection Status
- VirusTotal: 0 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cee46-6182-759a-a4cf-29d603cc3e7a.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/a96d29f1-6479-4110-93e7-1c6bb8f8c3d5
- PhishDestroy: https://phishdestroy.io/domain/rrverify.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/rrverify.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/rrverify.pages.dev/
Last updated: 2026-03-19