# website-32s.pages.dev — SUSPICIOUS

> website-32s.pages.dev operates as a credential-harvesting phishing front hosting fake login portals; avoid sharing credentials. Resolves to 188.114.96.

## Summary
PhishDestroy identifies website-32s.pages.dev as a live credential-harvesting phishing host masquerading as a login portal to steal user passwords.

This domain was flagged by PhishDestroy under investigation after VT sandbox analysis returned 0 detections out of 95 engines on seed 795323. Infrastructure data shows Cloudflare, Inc. as the registered provider and Google Trust Services SSL protecting 188.114.96.3. The landing page mimics legitimate authentication flows, posing high risk of identity theft.

Immediate mitigation is required: block the IP 188.114.96.3 and domain website-32s.pages.dev at DNS/hosts level; refrain from entering any credentials; report the URL to your security team; and alert users via awareness channels. Monitor for cloned domains leveraging the same branding.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f2c79009-9976-46a5-a127-e9de12dcf4a3
- PhishDestroy: https://phishdestroy.io/domain/website-32s.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/website-32s.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/website-32s.pages.dev/
Last updated: 2026-04-01