# user-strt-ledgr.pages.dev — SUSPICIOUS > user-strt-ledgr.pages.dev is a credential harvesting portal mimicking ledgers, flagged by Google Safe Browsing and 1/95 VirusTotal vendors. ## Summary user-strt-ledgr.pages.dev is an active credential harvesting site designed to trick users into surrendering sensitive login details under the guise of a legitimate ledger service, as confirmed by Google Safe Browsing’s social engineering classification. PhishDestroy identifies this fake ledger portal as a high-effort impersonation leveraging Cloudflare’s Pages.dev infrastructure to host malicious content on 188.114.96.3. VirusTotal’s detection confirms a single security vendor flag out of 95 scans, with the domain’s SSL certificate issued by Google Trust Services to enhance credibility. The page targets financial or ledger users, likely delivered via phishing campaigns or malvertising. If you visited this domain, immediately clear your browser cookies and scan for unauthorized access to accounts. Revoke any session tokens, update passwords from a clean device, and monitor linked payment methods for fraudulent activity. Report the domain to your security team or browser vendor to accelerate takedown efforts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f1cf5bad-376d-43b9-b3e1-6b7c9c6b0282 - PhishDestroy: https://phishdestroy.io/domain/user-strt-ledgr.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/user-strt-ledgr.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/user-strt-ledgr.pages.dev/ Last updated: 2026-03-24