# home--sso--eigeenlyer.gitbook.io — SUSPICIOUS > home--sso--eigeenlyer.gitbook.io is a crypto drainer scam mimicking SSO portals. Currently undetected by security tools, verify its safety on PhishDestroy. ## Summary PhishDestroy is investigating the domain home--sso--eigeenlyer.gitbook.io under the threat classification of a generic phishing attack with a focus on crypto draining activities. This domain is currently marked as active and poses a credible risk to users who may unknowingly interact with it. While the domain itself has not yet been widely flagged by security vendors, its use case and infrastructure warrant immediate scrutiny due to the potential for credential theft and financial loss. This domain resolves to the IP address 104.18.40.47 and shows a concerning lack of detection, sitting at 0 out of 95 detections on VirusTotal as of the latest scan. The domain was registered through Cloudflare, Inc. on March 30, 2014, suggesting a potentially long-standing presence that may have been repurposed for malicious intent. Despite the age of the domain, no current blocklist entries or reputation scores have been recorded, leaving users vulnerable to oversight. The SSL certificate is issued by Google Trust Services, which, while legitimate, does not inherently validate the domain's purpose or safety. This combination of factors—zero vendor detections, a benign registrar, and an aging domain—creates a deceptive facade that malicious actors often exploit to evade scrutiny. To mitigate the risks associated with home--sso--eigeenlyer.gitbook.io, users should avoid interacting with the domain entirely, especially if it is promoting SSO login pages or financial-related services. Given the domain's undetected status and the lack of telemetry, it should be treated as highly suspicious until further intelligence emerges. Enterprises and individuals are advised to cross-reference any encountered links or domains against trusted threat intelligence platforms like PhishDestroy. For domains suspected of impersonating login portals or financial services, employ additional verification measures such as checking the URL structure, domain age, and SSL certificate issuer. If this domain is encountered in the wild, report it immediately to PhishDestroy or relevant security teams to prevent further exploitation. Proactive monitoring and user awareness remain critical defenses against such evolving threats. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2014-03-30 06:09:09 - Registrar: Cloudflare, Inc - IP: 104.18.40.47 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/home--sso--eigeenlyer.gitbook.io - PhishDestroy: https://phishdestroy.io/domain/home--sso--eigeenlyer.gitbook.io/ - LLM endpoint: https://phishdestroy.io/domain/home--sso--eigeenlyer.gitbook.io/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/home--sso--eigeenlyer.gitbook.io/ Last updated: 2026-04-10