# ated.pages.dev — MALICIOUS

> Explore the phishing risks linked to ated.pages.dev. Learn why this domain was flagged and its current offline status for your online safety.

## Summary
PhishDestroy identifies ated.pages.dev as a medium-risk domain associated with generic phishing activities. This classification indicates potential attempts to deceive users into divulging sensitive information through fraudulent means. While not currently posing an immediate threat, the domain's history warrants caution due to its phishing-related behavior.

The domain ated.pages.dev was registered via Cloudflare, Inc., a common registrar for many legitimate and malicious sites alike, which complicates attribution. It resolves to the IP address 188.114.97.3, a detail useful for network defenders tracking related activities. The generic phishing tag suggests that the domain may have been used to impersonate trustworthy entities to capture credentials or personal data, although specific campaigns or targets were not identified.

Currently, ated.pages.dev is taken offline, mitigating the immediate risk to users. PhishDestroy recommends maintaining vigilance for similar domains and employing robust email and web filtering solutions to prevent exposure to phishing threats. Users encountering suspicious links resembling this domain should avoid interaction and report them to cybersecurity teams or platforms like PhishDestroy for further analysis.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Coinbase
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-03-04 15:07:01
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 188.114.97.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: leia.ns.cloudflare.com pedro.ns.cloudflare.com
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "ChainPatrol", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "Sophos", "Trustwave", "VIPRE"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cb909-09eb-725e-bae7-2468e060bf70.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7f8086e3-03b3-4f29-a142-8655a8c983d4
- Wayback Machine: https://web.archive.org/web/https://ated.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/ated.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ated.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ated.pages.dev/
Last updated: 2026-03-19