# testingboy.pages.dev — SUSPICIOUS

> PhishDestroy identifies testingboy.pages.dev as a credential-harvesting domain. 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy’s automated pipeline has flagged testingboy.pages.dev as an active credential-harvesting domain. The URL is currently under investigation and remains unblocked by most filters, placing it in a heightened-risk category that requires immediate scrutiny.  This domain resolves to IP address 188.114.96.3 and is served over HTTPS with a Google Trust Services SSL certificate, a combination that can mask malicious intent behind legitimate-looking infrastructure. The domain is registered through Cloudflare, Inc. and is hosted on Cloudflare Pages, while VirusTotal shows zero detections across 95 security engines. As of this report, the domain has not yet appeared on any major blocklists, though its SSL certificate and Cloudflare infrastructure may delay detection and takedown.  To mitigate credential-harvesting risks, organizations and individuals should block traffic to testingboy.pages.dev at the network perimeter and instruct users not to enter credentials on any page hosted at this domain. If engagement has already occurred, users should immediately rotate the exposed passwords and enable multi-factor authentication. Security teams are advised to inspect DNS logs for connections to 188.114.96.3 and to monitor for follow-on phishing campaigns leveraging harvested credentials.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/044e7855-e964-4b9b-9d5c-4aee71b8ae84
- PhishDestroy: https://phishdestroy.io/domain/testingboy.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/testingboy.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/testingboy.pages.dev/
Last updated: 2026-03-27