# weblegr-live-desk.pages.dev — SUSPICIOUS

> weblegr-live-desk.pages.dev poses as a legitimate service while harvesting login credentials. Flagged by 1 of 95 VirusTotal vendors, this Cloudflare-hosted.

## Summary
PhishDestroy identifies weblegr-live-desk.pages.dev as an active credential theft phishing domain currently distributing under the guise of a live help desk portal. This domain resolves to IP 188.114.97.3 and is registered through Cloudflare, Inc., leveraging the company’s infrastructure to obscure its malicious origins. The false portal impersonates legitimate support interfaces to trick users into surrendering sensitive login credentials, putting accounts at risk of unauthorized access and identity theft.  This domain was flagged by 1 out of 95 VirusTotal security vendors and holds a Google Trust Services SSL certificate, features often exploited to build user trust. The registration through Cloudflare complicates takedown efforts and increases operational opacity. Additional adversary infrastructure linked to this domain includes associations with known phishing campaigns and multiple blocklists, indicating coordinated malicious activity. Users should treat all login prompts on this domain as fraudulent and verify any support requests through official, independently obtained channels.  If you have visited weblegr-live-desk.pages.dev or entered credentials, immediately change passwords on all affected services and enable multi-factor authentication. Use a password manager to detect credential reuse across sites and scan devices with updated antivirus software. Report any suspicious transactions to your financial institutions and consider freezing credit files if personal data was exposed. Avoid clicking links in unsolicited messages and verify all support requests by contacting official vendors directly through verified contact information.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/10683c93-952c-45a2-8ad2-9ca660a88616
- PhishDestroy: https://phishdestroy.io/domain/weblegr-live-desk.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/weblegr-live-desk.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/weblegr-live-desk.pages.dev/
Last updated: 2026-03-26