# get-ledgr-wllet.pages.dev — SUSPICIOUS > get-ledgr-wllet.pages.dev hosts a crypto drainer falsely claiming to be a Ledger Wallet. VirusTotal shows 0/95 detections. ## Summary PhishDestroy identifies get-ledgr-wllet.pages.dev as an active crypto drainer impersonating the legitimate Ledger Wallet, a popular hardware wallet provider for cryptocurrencies. This malicious domain employs deceptive naming to trick users into believing they are accessing an official Ledger service, specifically targeting individuals who may be seeking wallet recovery or backup solutions. The domain mimics the appearance of a secure wallet interface, but its true purpose is to steal cryptocurrency by tricking users into connecting their wallets or entering private keys, seed phrases, or recovery phrases directly into the fraudulent interface. Given the prevalence of such attacks in the crypto space, this domain represents a significant risk to users' digital assets and personal information. This domain was flagged with a high-risk assessment due to several red flags in its infrastructure and behavior. Registered through Cloudflare, Inc., the domain resolves to the IP address 172.66.45.17 and utilizes a Google Trust Services SSL certificate to appear legitimate. VirusTotal currently shows 0 detections out of 95 security vendors, meaning no antivirus or security tool has yet flagged it as malicious, increasing the risk of successful exploitation. The domain is hosted on Cloudflare Pages, which is commonly abused for phishing and malicious campaigns due to its legitimate appearance and masking of the true origin. While the exact creation date of the domain is not specified in the available data, its active status and the lack of detections suggest it is a relatively new but already operational threat. The absence of blocklist entries at this time further highlights the need for proactive user vigilance, as traditional security measures may not yet recognize this domain as malicious. If you have visited get-ledgr-wllet.pages.dev, cease all interactions with the site immediately and disconnect any connected cryptocurrency wallets or devices. Do not enter any private keys, seed phrases, recovery phrases, or wallet credentials into the site. If you have already entered sensitive information, transfer your remaining cryptocurrency assets to a new, secure wallet as soon as possible and revoke any wallet connections made through the fraudulent site. Monitor your accounts closely for unauthorized transactions. Report the domain to PhishDestroy for further investigation and to help prevent others from falling victim to this scam. Always verify the legitimacy of websites claiming to offer cryptocurrency services by checking for official domains, secure connections, and independent reviews before engaging. Use hardware wallet manufacturers' official websites and support channels for any legitimate wallet recovery processes. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.45.17 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2eeea3b1-283e-4572-946b-a8e65bbc2063 - PhishDestroy: https://phishdestroy.io/domain/get-ledgr-wllet.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/get-ledgr-wllet.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/get-ledgr-wllet.pages.dev/ Last updated: 2026-03-24