# ledgee-livedesk.pages.dev — SUSPICIOUS

> ledgee-livedesk.pages.dev is an ACTIVE crypto drainer posing as a login portal. 2 of 95 VirusTotal engines flag it. Verify on PhishDestroy NOW.

## Summary
ledgee-livedesk.pages.dev is hosting a crypto drainer that mimics a legitimate login page, tricking visitors into connecting crypto wallets and approving malicious transactions. The page is designed to harvest credentials or directly drain tokens once a victim enters wallet details or signs a transaction. Security vendors already recognize its malicious purpose, with 2 out of 95 engines on VirusTotal having flagged it as harmful. The domain resolves to IP 188.114.96.3 and uses a Google Trust Services SSL certificate, giving it a false appearance of legitimacy.  PhishDestroy identifies this domain as a recent creation, registered through Cloudflare, Inc., which obscures the true registrant. The low detection rate on VirusTotal (2/95) suggests it may still be flying under the radar for many users, making it especially dangerous for those unfamiliar with crypto-scams. The site’s use of Cloudflare’s Pages.dev service further adds to its deceptive nature, as this platform is often abused to host quick, disposable phishing pages.  If you visited ledgee-livedesk.pages.dev, immediately revoke any wallet connections or transactions you authorized on the site. Disconnect the site from your wallet, revoke suspicious token approvals via blockchain explorers, and scan your device for malware. Report the domain to PhishDestroy for verification and block it in your browser and wallet settings. Do not interact with any prompts or requests from this page, as they are designed to steal your assets.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/82a8c364-e639-41cd-b844-30510a64017a
- PhishDestroy: https://phishdestroy.io/domain/ledgee-livedesk.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgee-livedesk.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgee-livedesk.pages.dev/
Last updated: 2026-03-26