# ssoledgrcomstart.wixstudio.com — SUSPICIOUS

> PhishDestroy confirms ssoledgrcomstart.wixstudio.com is a credential-harvesting site with 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies ssoledgrcomstart.wixstudio.com as an active credential-harvesting site impersonating Microsoft Online services. The domain leverages WixStudio’s hosting infrastructure and a Let’s Encrypt SSL certificate to mimic legitimacy, with a drainer kit designed to exfiltrate Microsoft 365 authentication credentials. The campaign follows a generic but increasingly common pattern targeting enterprise users via deceptive login prompts.


Technical indicators reveal a VirusTotal detection score of 0/95, indicating no current blacklist coverage by major scanners despite active phishing operations. The domain resolves to IP 34.144.206.118 via Google Cloud Platform, with registration details obscured through privacy protection. The site was likely created recently, as no historical WixStudio subdomain records predate May 2024. Google Safe Browsing (GSB) has not yet flagged the domain, and blocklist aggregator counts remain at zero, prolonging exposure time for potential victims.


The domain remains active and unblocked, with no takedown action observed at this time. PhishDestroy urges immediate network-level blocking of 34.144.206.118 and domain quarantine due to confirmed credential theft intent. Remaining risk is high, as the lack of detections and SSL trust allows continued phishing success. Users should avoid interacting with the site and report to Microsoft’s Office 365 phishing portal.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 34.144.206.118

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/d67323f6-22e4-4e13-bbee-b5f46d3f3717
- PhishDestroy: https://phishdestroy.io/domain/ssoledgrcomstart.wixstudio.com/
- LLM endpoint: https://phishdestroy.io/domain/ssoledgrcomstart.wixstudio.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ssoledgrcomstart.wixstudio.com/
Last updated: 2026-03-23