# know-ledger-wallet.pages.dev — SUSPICIOUS > know-ledger-wallet.pages.dev impersonates Ledger hardware wallets to steal crypto funds. This active domain was recently flagged by just 1 of 95 VirusTotal. ## Summary PhishDestroy identifies know-ledger-wallet.pages.dev as an active brand impersonation scam targeting Ledger cryptocurrency wallet users. The domain leverages the 'Ledger' trademark to deceive visitors into revealing seed phrases and private keys, a common tactic in cryptocurrency drainer kits. This fraudulent site is designed to mimic Ledger's official branding and user interface to establish false credibility and facilitate crypto theft. The attackers are likely using social engineering or phishing campaigns to drive traffic to this malicious page, exploiting trust in the Ledger brand to increase conversion rates. No advanced drainer kit signatures have been detected in public sandboxes, but the domain's primary purpose is consistent with credential harvesting and crypto wallet draining operations. Technical analysis reveals this domain resolves to IP 172.66.47.150 and operates under a Google Trust Services SSL certificate. VirusTotal's detection engine shows a weak detection rate of just 1 positive flag out of 95 security vendors. The domain is registered through Cloudflare, Inc., which provides anonymity and protection to threat actors. With only 1 security vendor detection and Cloudflare's protective services, this domain has flown under the radar of most security systems. The use of 'pages.dev' subdomains (part of Cloudflare Pages) further obscures the malicious intent behind what appears to be legitimate web hosting infrastructure. This domain currently maintains active status with an elevated risk classification. Cloudflare has not yet taken action against this domain, despite the confirmed brand impersonation. Security researchers should block this domain at DNS and network levels due to its proven malicious intent. Users should exercise extreme caution when encountering any 'ledger' branded domains outside of ledger.com and report this URL to security teams and phishing databases. The remaining risk is elevated due to the domain's active status, low detection rate, and use of reputable infrastructure providers to host malicious content. Immediate takedown actions are recommended to prevent further exploitation of Ledger brand trust. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.150 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/88b4b515-843a-4b8a-a4c0-4d29e29d1cda - PhishDestroy: https://phishdestroy.io/domain/know-ledger-wallet.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/know-ledger-wallet.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/know-ledger-wallet.pages.dev/ Last updated: 2026-03-22