# auth-ladger-wallet-io.pages.dev — MALICIOUS > ALERT: auth-ladger-wallet-io.pages.dev is a live crypto drainer impersonating Ledger Wallet. Verify on PhishDestroy before interacting. VT detection: 14/95. ## Summary PhishDestroy identifies auth-ladger-wallet-io.pages.dev as an active crypto drainer deployed on Pages.dev via Cloudflare infrastructure. This domain leverages a deceptive Ledger Wallet branding to trick users into connecting wallets, triggering unauthorized crypto transfers. The threat level is elevated due to confirmed malicious behavior and broad detection telemetry. The seed value 211efa aligns with this campaign, indicating reuse across phishing kits. Users must treat this domain as HIGH RISK and avoid any interaction. This domain was flagged by PhishDestroy with a VirusTotal detection rate of 14 out of 95 security vendors, indicating substantial but not universal recognition. It is registered through Cloudflare, Inc. and resolves to IP 172.66.44.149. The domain holds an SSL certificate issued by Google Trust Services, enhancing its appearance of legitimacy. While the exact creation date is not disclosed, the Pages.dev subdomain and recent flagging suggest recent deployment. Despite the trust association with Google, the domain remains untrusted due to active misuse. To mitigate exposure to this crypto drainer, users must verify any wallet-related domain against PhishDestroy's threat intelligence feed before accessing or connecting wallets. Never enter seed phrases or private keys into unknown websites, even if presented with login or wallet connection prompts. Use hardware wallets for all crypto operations and enable transaction confirmation features. Block the IP 172.66.44.149 at the network level if feasible, and report this domain to your browser and security vendors to aid in global takedown efforts. Remain vigilant: crypto drainers often mimic legitimate services and appear suddenly via reputable hosting providers. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.149 ## Detection Status - VirusTotal: 14 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/9a157344-ed2f-47e8-a075-2d2b6d20a50b - PhishDestroy: https://phishdestroy.io/domain/auth-ladger-wallet-io.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/auth-ladger-wallet-io.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/auth-ladger-wallet-io.pages.dev/ Last updated: 2026-03-22