# io-usa--bridge.pages.dev — SUSPICIOUS

> io-usa--bridge.pages.dev is a confirmed crypto drainer phishing site flagged by 2/95 VirusTotal security vendors. Verify its safety on PhishDestroy immediately.

## Summary
PhishDestroy identifies io-usa--bridge.pages.dev as an active crypto drainer phishing domain posing an elevated risk to users. This domain leverages the *.pages.dev subdomain structure to mimic legitimate Cloudflare Pages deployments while hosting malicious content designed to siphon cryptocurrency assets. The threat involves deceptive URLs that appear benign but redirect visitors to fraudulent wallet connection interfaces or fake KYC verification pages, enabling attackers to drain digital assets without consent.  This domain was flagged by 2 out of 95 VirusTotal security vendors, indicating limited but concerning detection. It resolves to IP 172.66.47.147 and is registered through Cloudflare, Inc., which obscures the true registrant behind privacy protections. The *.pages.dev infrastructure is exploited here to lend false legitimacy, as Cloudflare’s free tier is often misused for hosting malicious content. While the SSL certificate is issued by Google Trust Services, this does not validate the site’s safety—only the encryption in transit.  Users who have visited io-usa--bridge.pages.dev should immediately disconnect from the site, clear browser cache and cookies, and revoke any crypto wallet connections initiated from the page. Do not enter credentials or connect wallets to unknown domains. If assets were transferred or credentials were exposed, report the incident to your wallet provider, change passwords on other accounts, and scan for malware. For continued protection, verify unknown domains using PhishDestroy before interaction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.147

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7ad99e03-6015-4f6f-8c7c-0617adeccb07
- PhishDestroy: https://phishdestroy.io/domain/io-usa--bridge.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/io-usa--bridge.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/io-usa--bridge.pages.dev/
Last updated: 2026-03-22