# us-desktop-live-en.pages.dev — SUSPICIOUS

> us-desktop-live-en.pages.dev impersonates a Microsoft desktop login page to steal credentials. Blocked by 0/95 VirusTotal engines. Do not enter any details.

## Summary
PhishDestroy identifies us-desktop-live-en.pages.dev as a live phishing site mimicking a Microsoft desktop login portal. The domain serves a spoofed interface on IP 172.66.47.102 to harvest user credentials under the guise of a routine sign-in process. Attackers leverage Cloudflare’s free tier to rapidly cycle domains while hiding behind Google Trust Services SSL certificates, tricking victims into surrendering sensitive login data.

This domain was flagged with 0 detections out of 95 VirusTotal engines and remains unlisted on major blocklists. Registered through Cloudflare, Inc., it benefits from Cloudflare’s infrastructure to evade traditional takedown mechanisms. The use of the .pages.dev TLD, part of Cloudflare Pages, enables quick deployment and rotation, making it a low-cost, high-reward tool for credential theft. The SSL certificate issued by Google Trust Services further enhances its legitimacy, lowering user suspicion during credential entry.

If you visited us-desktop-live-en.pages.dev and entered any login details, immediately change your Microsoft account password and enable multi-factor authentication. Scan your device with reputable antivirus software and review account login activity for unauthorized access. Report the domain to Cloudflare via their abuse portal and file a report with the FBI’s IC3 (Internet Crime Complaint Center) if financial or sensitive data was exposed. Avoid using saved credentials and clear browser caches to prevent session hijacking. Remain vigilant for follow-up phishing attempts leveraging stolen credentials.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.102

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/us-desktop-live-en.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/us-desktop-live-en.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/us-desktop-live-en.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/us-desktop-live-en.pages.dev/
Last updated: 2026-04-10