# welcome-ledge-live-io.pages.dev — SUSPICIOUS

> welcome-ledge-live-io.pages.dev hosts a fake login phishing page mimicking a legitimate site. VT score 0/95, IP 188.114.97.3. Check the full report.

## Summary
PhishDestroy identifies welcome-ledge-live-io.pages.dev as a live phishing page designed to harvest user credentials under the guise of a legitimate login portal. The domain mimics a plausible service interface, likely targeting unsuspecting users with a spoofed authentication prompt. No specific brand or drainer kit has been publicly disclosed at this stage, though the page structure suggests a generic credential-harvesting campaign aimed at capturing login details for potential reuse in identity theft or account takeover. The threat is currently classified as a fake login page phishing operation, leveraging deceptive UI to trick visitors into submitting sensitive information.


Technical indicators confirm this domain is a recent and stealthy threat. VirusTotal reports 0 out of 95 security engines flagged the page as malicious at the time of analysis, indicating low detection coverage despite active abuse. The domain is registered through Cloudflare, Inc., resolving to IP address 188.114.97.3 and secured with a Google Trust Services SSL certificate, which may help it evade network-level filters. The exact creation date is not publicly available due to Cloudflare’s privacy protection, and Google Safe Browsing (GSB) has not yet blacklisted the domain. As of this assessment, the page remains unblocked across major security platforms, with no confirmed listings in public threat intelligence feeds like OpenPhish or PhishTank.


The domain is currently active and under continuous monitoring. Immediate response actions include network-level blocking of the IP and domain, user awareness campaigns highlighting the fake login lure, and submission to GSB and browser vendors for takedown. While the current risk is classified as under investigation, the combination of low detection, active hosting, and SSL usage elevates the potential for successful compromise. Users are strongly advised to avoid interacting with this domain, verify URLs before entering credentials, and report any suspicious login prompts. Remaining risk remains moderate until the phishing kit is fully dismantled and the domain is globally blacklisted.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/f6f9b6c9-b036-42c8-a61d-69f12d06df02
- PhishDestroy: https://phishdestroy.io/domain/welcome-ledge-live-io.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/welcome-ledge-live-io.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/welcome-ledge-live-io.pages.dev/
Last updated: 2026-04-12