# auth-zeddex-swaap-io-us.pages.dev — SUSPICIOUS

> PhishDestroy identifies auth-zeddex-swaap-io-us.pages.dev as a live credential theft domain with 0/95 VirusTotal detections.

## Summary
PhishDestroy identifies the active domain auth-zeddex-swaap-io-us.pages.dev as a generic phishing host engaged in credential theft operations. The campaign exhibits no overt branding alignment, suggesting a drainer kit deployment targeting unsuspecting users through deceptive login prompts. Hosted via Cloudflare Pages, the domain masquerades as a legitimate authentication portal to harvest credentials for subsequent misuse.  This domain resolves to IP 188.114.97.3 and possesses a Google Trust Services SSL certificate. VirusTotal currently flags the domain with a 0/95 detection score, indicating minimal antivirus coverage. Registered through Cloudflare, Inc., the domain remains under investigation with no confirmed blocklist entries as of this analysis. The technical indicators confirm the infrastructure leverages reputable services to enhance credibility while evading detection.  The campaign remains active with status under investigation. Users should block the domain and IP 188.114.97.3 at the network perimeter. Immediate reporting to security teams is advised to mitigate credential harvesting risks. Remaining risk is assessed as moderate due to the domain’s live status and low detection coverage, warranting heightened vigilance.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/auth-zeddex-swaap-io-us.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/auth-zeddex-swaap-io-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/auth-zeddex-swaap-io-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/auth-zeddex-swaap-io-us.pages.dev/
Last updated: 2026-04-10