# strrt-en-ledg-us.pages.dev — SUSPICIOUS

> strrt-en-ledg-us.pages.dev hosts an active generic phishing page that mimics a financial ledger portal.

## Summary
PhishDestroy identifies strrt-en-ledg-us.pages.dev as an actively hosted generic phishing domain leveraging Cloudflare Pages to impersonate a financial ledger service. The page is designed to harvest user login credentials under the guise of transaction verification. No specific brand or drainer kit has been confirmed at this stage; however, the generic nature of the content suggests opportunistic credential theft rather than a targeted brand impersonation.  

This domain resolves to IP 188.114.96.3 and is registered through Cloudflare, Inc. PhishDestroy confirms the SSL certificate is issued by Google Trust Services, which does not indicate legitimacy. The domain remains undetected on VirusTotal with a score of 0/95, and no entries in the Google Safe Browsing (GSB) database have been recorded. Further blocklist correlation is pending, as the current dataset does not include domain creation date or additional IOCs.  

The campaign is classified as active with a risk level of under_investigation, based on seed hash fc6f08. Users are advised to avoid interacting with this domain or submitting any credentials. Security teams should block the IP 188.114.96.3 and monitor for related TLS certificate issuances. Remaining risk includes potential escalation if the domain is weaponized against specific brands or integrated into a drainer kit. Immediate safe browsing and credential hygiene remain critical.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/dbe3b7cc-e7de-4cbe-92a3-b0d594bcff5f
- PhishDestroy: https://phishdestroy.io/domain/strrt-en-ledg-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/strrt-en-ledg-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/strrt-en-ledg-us.pages.dev/
Last updated: 2026-03-30