# help-live-ledgr-en.pages.dev — SUSPICIOUS > The domain help-live-ledgr-en.pages.dev poses as a crypto drainer scam. Detected by VirusTotal with 0/95 scans, verify safety on PhishDestroy before interaction. ## Summary PhishDestroy identifies help-live-ledgr-en.pages.dev as a generic phishing domain currently under investigation for potential crypto drainer activity. While no specific drainer kit or branded impersonation has been confirmed, the domain’s structure and hosting context raise significant red flags. Analysis suggests it may be leveraging Cloudflare Pages to host malicious content, though its exact payload remains unverified at this stage. The observed threat aligns with common crypto drainer operations, which typically aim to trick users into approving malicious wallet transactions or exposing private keys. This domain resolves to IP 172.66.44.89 and was registered through Cloudflare, Inc., a common tactic among threat actors seeking to evade traditional takedown mechanisms. The SSL certificate, issued by Google Trust Services, provides a veneer of legitimacy, though it does not guarantee safety. VirusTotal currently reports 0 detections out of 95 scans, indicating limited visibility into its malicious nature. The domain’s creation date and blocklist status are still being verified, but its active status and lack of detection suggest it remains a low-signal threat—at least for now. The absence of detections does not equate to safety, as many drainers evolve rapidly to bypass static analysis tools. As of this advisory, help-live-ledgr-en.pages.dev is classified as active with an under-investigation status, meaning its full capabilities and intent are not yet fully understood. Users are strongly advised to avoid interaction until further analysis is complete. PhishDestroy recommends blocking the domain at the network perimeter and monitoring for associated indicators of compromise (IOCs). The remaining risk is assessed as moderate due to the domain’s active status and potential for rapid evolution. While no confirmed drainer kit or branded impersonation has been observed, the possibility of future malicious updates cannot be ruled out. Proactive verification on PhishDestroy’s platform is critical to preventing potential financial loss or credential theft. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.89 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/help-live-ledgr-en.pages.dev - PhishDestroy: https://phishdestroy.io/domain/help-live-ledgr-en.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/help-live-ledgr-en.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/help-live-ledgr-en.pages.dev/ Last updated: 2026-04-04