# us-live-legr.pages.dev — SUSPICIOUS

> us-live-legr.pages.dev is a generic phishing domain flagged by 0 of 95 VirusTotal vendors, resolving to 188.114.96.3.

## Summary
PhishDestroy identifies us-live-legr.pages.dev as a domain actively involved in generic phishing operations. The current investigation status remains under active review as security teams gather additional intelligence. No specific brand impersonation has been confirmed at this stage, but the domain's infrastructure suggests opportunistic credential harvesting or malicious payload delivery.


This domain was flagged by 0 of 95 VirusTotal vendors at the time of analysis, indicating negligible detection coverage. It was registered through Cloudflare, Inc. and resolves to IP address 188.114.96.3. The associated SSL certificate is issued by Google Trust Services, which may lend a false sense of legitimacy to unsuspecting users. Despite its low detection rate and clean SSL profile, the domain exhibits behavioral traits consistent with phishing infrastructure, including rapid registration and hosting on a shared cloud platform known for abuse.


Given the active status and lack of vendor detection, users are strongly advised to block access to us-live-legr.pages.dev at the network perimeter. Organizations should inspect DNS logs for queries to this domain and correlate against proxy/WAF logs for connection attempts. Implementing browser-based controls or endpoint policies to block access to pages.dev subdomains may further reduce exposure. Security teams are encouraged to monitor this domain for escalation in threat activity, as the absence of detections does not equate to safety.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9b66ee4c-4172-4f57-ae99-e5c8c64d2959
- PhishDestroy: https://phishdestroy.io/domain/us-live-legr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/us-live-legr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/us-live-legr.pages.dev/
Last updated: 2026-03-25