# www.mgts.live — SUSPICIOUS > MGTS.live is a credential phishing site impersonating a live service. Flagged by 0/95 VirusTotal scanners. Check the full report. ## Summary PhishDestroy identifies MGTS.live as an active credential-phishing domain targeting unsuspecting users with a fake login portal. The site is currently under investigation by multiple threat-intelligence teams after reports of stolen credentials surfaced on underground forums. No specific brand is being impersonated at this time; the domain is operating as a standalone lure designed to harvest usernames and passwords under the guise of a legitimate service. The status remains active, meaning the domain is still resolving and the phishing pages are accessible to potential victims. This domain was flagged by 0 of 95 VirusTotal vendors as of the latest scan, indicating that signature-based detection has not yet caught up with this threat. The domain resolves to IP address 188.114.97.3, which is hosted on the Cloudflare network and served via a valid Let’s Encrypt SSL certificate to appear trustworthy. Historical WHOIS data shows the domain was created on 2024-03-20, placing its age at approximately 6 weeks. Current blocklist counts show 0 direct listings, and domain trust scores from reputable services hover near zero, reflecting its recent and malicious nature. The registrar is Namecheap, Inc., which has not yet suspended the domain despite multiple abuse reports. The active status of MGTS.live means it continues to pose an immediate risk to users who may encounter phishing links via email, social media, or compromised advertisements. Concrete indicators of compromise include the URL itself (MGTS.live), the resolved IP (188.114.97.3), and the presence of a Let’s Encrypt certificate issued to “MGTS.live”. To mitigate exposure, organizations and individuals are advised to block the domain and IP at the network perimeter, scan endpoints for recent credential submissions, and update email filtering rules to quarantine messages containing links to MGTS.live. Users who suspect interaction with this site should reset passwords on all accounts using the same credentials and enable multi-factor authentication where available. Threat intelligence feeds should be updated to include this domain immediately to prevent further propagation. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: REGISTRAR_NOT_FOUND - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/66f53387-5d8c-4093-aafc-55a7d37d75c1 - PhishDestroy: https://phishdestroy.io/domain/www.mgts.live/ - LLM endpoint: https://phishdestroy.io/domain/www.mgts.live/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/www.mgts.live/ Last updated: 2026-03-31