# get-ledgar--io--en.pages.dev — SUSPICIOUS > get-ledgar--io--en.pages.dev is a crypto drainer impersonating Ledger Live — 0/95 VirusTotal detections. Verify on PhishDestroy before entering credentials. ## Summary PhishDestroy identifies get-ledgar--io--en.pages.dev as an active crypto drainer impersonating Ledger Live, a widely used hardware wallet platform. This domain leverages Cloudflare Pages to host a fraudulent interface designed to trick users into connecting their wallets and authorizing malicious transactions. The page is still in its early stages, as indicated by its lack of detections on VirusTotal (0/95), suggesting it has evaded traditional security tools thus far. The infrastructure relies on Google Trust Services for SSL certificates and resolves to IP 188.114.97.3, which may correlate with other low-reputation hosting environments. This domain was flagged on Cloudflare Pages, a legitimate service often exploited for phishing due to its fast deployment and legitimate SSL certificates. The absence of detections (0/95) on VirusTotal reflects its novelty or targeted nature, making it particularly dangerous for users who may not rely on signature-based detection. With no confirmed blocklist entries at the time of analysis, the domain remains accessible to potential victims. The combination of a credible SSL certificate and rapid deployment through Cloudflare Pages lowers user suspicion, increasing the likelihood of successful compromise for individuals seeking to access Ledger Live services. If you accessed or entered any information on this domain, disconnect your wallet immediately and revoke any unauthorized permissions through your wallet’s interface or a dedicated revocation tool such as revoke.cash. Do not interact with any transactions you did not initiate. Report the domain to PhishDestroy and review your wallet’s transaction history for suspicious outbound transfers. Avoid using this domain or any linked pages; verify official Ledger Live endpoints through trusted sources like ledger.com. Users should also enable transaction alerts and consider using hardware wallet-only mode for sensitive operations to mitigate future risks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/851af14e-415b-483b-81f5-95aed4500c4d - PhishDestroy: https://phishdestroy.io/domain/get-ledgar--io--en.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/get-ledgar--io--en.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/get-ledgar--io--en.pages.dev/ Last updated: 2026-03-22