# homepagebridge-trzor.pages.dev — SUSPICIOUS > homepagebridge-trzor.pages.dev hosts a fraudulent crypto wallet drainer kit. VT shows 0/95 detections. Check the full report. ## Summary PhishDestroy identifies homepagebridge-trzor.pages.dev as an active crypto wallet phishing domain leveraging a fake drainer scheme to steal funds. The page mimics legitimate wallet interfaces to trick users into connecting their crypto wallets and approving malicious transactions. No specific brand is being impersonated in this campaign, indicating a generic but targeted approach aimed at cryptocurrency users. The threat is classified as a drainer kit deployment site, designed to siphon digital assets via fraudulent transaction approvals. Technical indicators confirm high-risk infrastructure: the domain resolves to IP 188.114.97.3 and is registered through Cloudflare, Inc. VirusTotal analysis shows a clean scan with 0 detections out of 95 engines, suggesting recent deployment or advanced evasion tactics. The site operates under a Google Trust Services SSL certificate, enhancing its appearance of legitimacy. Cloudflare's infrastructure is being abused to host the malicious content while obscuring backend operations. No public blocklist entries were found during initial scans, but dynamic attribution suggests ongoing distribution via phishing campaigns. The current status remains active with a pending investigation flag, indicating elevated risk for unsuspecting users. No immediate takedown actions have been recorded at this time. PhishDestroy recommends immediate avoidance of this domain and all associated links. Users who may have interacted should revoke any unauthorized wallet connections, transfer funds to secure wallets, and report the domain to wallet providers and fraud databases. The residual risk remains high due to the drainer’s ability to exfiltrate credentials and assets in real time. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/4a7c8c0f-9f04-449d-ba9b-ddd3e32946c9 - PhishDestroy: https://phishdestroy.io/domain/homepagebridge-trzor.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/homepagebridge-trzor.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/homepagebridge-trzor.pages.dev/ Last updated: 2026-03-24