# home-ledgre-us.pages.dev — SUSPICIOUS

> home-ledgre-us.pages.dev operates a crypto drainer phishing site, flagged by none of 95 VirusTotal vendors. URL risks theft of digital assets.

## Summary
PhishDestroy identifies a live crypto drainer phishing domain named home-ledgre-us.pages.dev, currently under investigation and active in the threat landscape.

This domain exhibits characteristics consistent with a sophisticated crypto-draining campaign, as it has been observed mimicking legitimate LEDger hardware wallet services. Analysis confirms the domain resolves to IP 188.114.97.3, which is associated with Cloudflare’s hosting infrastructure. Notably, despite zero detections among 95 VirusTotal vendors and a benign Google Trust Services SSL certificate, the domain remains active and unblocked across multiple security platforms. There are currently no known entries in mainstream threat intelligence blocklists, indicating a potential gap in proactive detection coverage.

Given the absence of vendor flags and the abuse of Cloudflare’s Pages.dev platform, the risk to users remains elevated. Unsuspecting visitors may be tricked into connecting cryptocurrency wallets, resulting in unauthorized fund transfers to attacker-controlled addresses. At this time, it is recommended to fully block the domain at the network perimeter using DNS sinkholing or firewall rules. Users are advised to verify wallet websites via official channels, avoid clicking on shortened or unfamiliar URLs, and enable hardware wallet verification for all transactions. Network defenders should audit outbound SSL/TLS traffic toward 188.114.97.3 and update threat intelligence feeds accordingly.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/home-ledgre-us.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/home-ledgre-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/home-ledgre-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/home-ledgre-us.pages.dev/
Last updated: 2026-04-02