# sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev — MALICIOUS

> Avoid sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev. This high-risk phishing site is active and poses significant security threats.

## Summary
PhishDestroy identifies sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev as a high-risk generic phishing domain. Registered on March 3, 2026, through Cloudflare, Inc., the domain is designed to impersonate legitimate services and harvest sensitive user information. The classification as generic phishing arises from its lack of a specific brand targeting, instead casting a wide net to deceive unsuspecting users.

Technical analysis reveals that the domain resolves to IP address 188.114.96.3, a known hosting point often associated with malicious activity. VirusTotal scans show that 10 out of 95 security vendors have flagged this domain, indicating a moderate but significant consensus on its malicious intent. The use of Cloudflare's platform suggests an attempt to leverage reputable infrastructure to mask the domain’s true purpose and evade detection. The domain’s complex and randomized naming pattern further supports its use in automated phishing campaigns.

Currently, sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev remains active and continues to pose a threat to users. PhishDestroy recommends immediate blocking and monitoring of any traffic to this domain. Users should be cautious and avoid clicking any links or providing personal or financial information. Ongoing surveillance and collaboration with hosting providers are essential to disrupt the domain’s operations and prevent further victimization.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-03 01:00:02
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: brady.ns.cloudflare.com ximena.ns.cloudflare.com
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 10 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "CyRadar", "DNS8", "Emsisoft", "G-Data", "Gridinsoft", "Netcraft", "Sophos", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb10e-2022-7662-a8aa-ac5a10282989.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/01411f6c-b6bd-42cf-b1cb-f59944bb8bd4
- Wayback Machine: https://web.archive.org/web/https://sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sarvo-rixan-biz-paxru-zxid22526e-glanex.pages.dev/
Last updated: 2026-03-19