# learn-start-legdgr.pages.dev — SUSPICIOUS > learn-start-legdgr.pages.dev (generic phishing) hosts a crypto-draining fake Ledger Live clone; 0/95 VT detections. Avoid entering seed phrases. Run a scan. ## Summary PhishDestroy identifies learn-start-legdgr.pages.dev as an active crypto-draining phishing page impersonating the Ledger hardware wallet ecosystem. Potential victims are lured into entering seed phrases or private keys, enabling immediate theft of cryptocurrency assets. Due to the high financial stakes involved, this domain is classified as Under Investigation while further behavior is analyzed. Users should treat any transaction prompts originating from this domain as malicious. This generic phishing domain was flagged by PhishDestroy with 0 of 95 VirusTotal engines detecting the threat as of seed aa3e3a. The domain is registered through Cloudflare, Inc. and resolves to IP 172.66.47.172 under a Google Trust Services SSL certificate. No current listings on major blocklists were observed at the time of analysis. The infrastructure is hosted on Cloudflare Pages, a legitimate service leveraged by threat actors to rapidly deploy and hide malicious sites behind CDN protections. To mitigate exposure to this crypto-draining scam, users must avoid interacting with any page on this domain, especially prompts requesting seed phrases or private keys. Always verify URLs against official sources and use hardware wallet backups in offline environments. If a device has been used with this domain, immediately transfer remaining assets to a new wallet with a freshly generated seed phrase. Report the domain to PhishDestroy and enable transaction monitoring on all linked wallets. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.172 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/567a9fcc-5385-4450-9ff3-6b82fe336720 - PhishDestroy: https://phishdestroy.io/domain/learn-start-legdgr.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/learn-start-legdgr.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/learn-start-legdgr.pages.dev/ Last updated: 2026-03-31