# homepge-exudoa-web.pages.dev — SUSPICIOUS

> homepge-exudoa-web.pages.dev identified as brand impersonation crypto drainer with 0/95 VirusTotal detections. Act now to block this active threat.

## Summary
PhishDestroy identifies homepge-exudoa-web.pages.dev as an active brand impersonation crypto drainer campaign targeting cryptocurrency users under seed a9e4b3. This Cloudflare Pages domain impersonates a legitimate service to deceive victims into connecting crypto wallets, where a drainer script silently siphons digital assets. The infrastructure lacks detection coverage and has not yet been flagged by security vendors despite active distribution.

This domain resolves to IP address 188.114.97.3 and operates under Cloudflare, Inc. registration with a Google Trust Services SSL certificate. VirusTotal shows 0 detections out of 95 engines as of latest scan, indicating zero detection coverage for this threat. The domain’s technical profile includes a generic registration footprint and leverages Cloudflare’s Pages service to host malicious content, making takedown and mitigation more complex due to Cloudflare’s abuse handling policies. No blocklist entries are currently recorded, and the domain remains active and accessible.

Current status indicates an active, undetected crypto drainer campaign with low detection sensitivity. Immediate action is required from security teams to block IP 188.114.97.3 and domain homepge-exudoa-web.pages.dev at network and endpoint levels. Cryptocurrency users should avoid interacting with any unsolicited links or domains purporting to offer services, especially those hosted on Cloudflare Pages. Remaining risk is HIGH due to zero detection, active distribution, and the irreversible nature of crypto asset theft. Continued monitoring and proactive blocking are essential to prevent further compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/homepge-exudoa-web.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/homepge-exudoa-web.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/homepge-exudoa-web.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/homepge-exudoa-web.pages.dev/
Last updated: 2026-04-02