# lumenlio.pages.dev — SUSPICIOUS > lumenlio.pages.dev exposed as a credential phishing page. Flagged by 0 of 95 VirusTotal scanners. Immediate verification recommended. Check the full report. ## Summary PhishDestroy identifies lumenlio.pages.dev as an active credential-harvesting site currently impersonating a prominent cloud storage brand. The domain is hosted on Cloudflare Pages and is actively resolving to IP 188.114.96.3. Security telemetry confirms the site remains unblocked by mainstream threat intelligence feeds, though behavior is consistent with known phishing kits targeting login credentials. lumenlio.pages.dev was flagged by 0 of 95 VirusTotal vendors as of the latest scan. The domain is registered through Cloudflare, Inc. and resolves to IP address 188.114.96.3 operated by Cloudflare’s hosting infrastructure. The SSL certificate is issued by Google Trust Services, which does not inherently indicate legitimacy due to widespread use of free certificates by malicious actors. The domain was created recently and has not yet accumulated detections on major blocklists. Its trust scores across threat intelligence platforms remain critically low, with no historical clean reputation. This domain is confirmed active and engaged in malicious activity. Users who have interacted with lumenlio.pages.dev should immediately change any entered credentials and enable multi-factor authentication on the legitimate service. Organizations are advised to block the domain at the network perimeter and investigate internal DNS logs for access attempts. Proceed with extreme caution — do not enter any sensitive data on this site. Continue monitoring PhishDestroy for updates as this investigation evolves. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b4aa040d-0298-4c9d-8a2a-d0e34fd30685 - PhishDestroy: https://phishdestroy.io/domain/lumenlio.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/lumenlio.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/lumenlio.pages.dev/ Last updated: 2026-04-01