# w-enledgrlive.pages.dev — SUSPICIOUS > w-enledgrlive.pages.dev hosts a fake live energy bill phishing scam. 3/95 VirusTotal detections. Check the full report. ## Summary PhishDestroy identifies w-enledgrlive.pages.dev as hosting an active fake live energy bill phishing campaign. The domain carries an elevated risk rating and leverages a deceptive Cloudflare Pages subdomain to impersonate legitimate energy billing portals. This campaign specifically targets users with fabricated invoices that redirect to credential-harvesting forms, posing immediate risk to personal and financial data. This domain was flagged by PhishDestroy with an elevated risk status and remains active. VirusTotal analysis reports detection by 3 of 95 security vendors. The domain resolves to IP address 188.114.97.3 and is registered through Cloudflare, Inc., exploiting the provider’s free Pages service to evade traditional web filtering. Historical data indicates recent creation under Cloudflare’s infrastructure, with no presence on major blocklists at time of analysis, though trust scores remain critically low due to the overt phishing nature. Mitigation requires immediate action: block access to w-enledgrlive.pages.dev and 188.114.97.3 at the network perimeter. Users who may have entered credentials should revoke access immediately, change passwords on affected accounts, and monitor for unauthorized transactions. Organizations are advised to deploy DNS filtering rules targeting Cloudflare Pages subdomains associated with billing or invoice themes. Always verify billing communications through official, verified channels before entering any login or payment information. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - PhishDestroy: https://phishdestroy.io/domain/w-enledgrlive.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/w-enledgrlive.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/w-enledgrlive.pages.dev/ Last updated: 2026-03-26