# un-ico.pages.dev — SUSPICIOUS

> un-ico.pages.dev impersonates UN/NGO investment offers, hosted on Cloudflare with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies un-ico.pages.dev as an active phishing domain masquerading as a United Nations or NGO investment scheme, targeting users with false promises of financial returns. This site leverages Google Trust Services SSL certificates and Cloudflare infrastructure to appear legitimate, resolving to IP 188.114.96.3. While currently undetected by 95 VirusTotal scanners, its use of a reputable CDN and SSL provider highlights the sophistication of modern phishing tactics.  This domain was flagged by PhishDestroy with 0 detections on VirusTotal as of seed e7aa2d, indicating its recent emergence or low detection rate by security tools. Registered via Cloudflare, Inc., it exploits the trust associated with legitimate services to bypass email filters and browser warnings. The IP address 188.114.96.3 is linked to Cloudflare’s infrastructure, a common tactic to obscure the true hosting location of malicious sites.  If you visited un-ico.pages.dev, do not enter any personal or financial information. Disconnect from the internet if you downloaded files or entered credentials, then run a full antivirus scan. Report the domain to your email provider or browser, and change passwords for affected accounts using a separate, secure device. Monitor bank statements for unusual transactions and consider enabling multi-factor authentication where possible.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/23adfbe8-f4b2-4eab-9e45-0dd87829bb6f
- PhishDestroy: https://phishdestroy.io/domain/un-ico.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/un-ico.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/un-ico.pages.dev/
Last updated: 2026-03-22