# ledger-lonedy.pages.dev — SUSPICIOUS

> ledger-lonedy.pages.dev is an active crypto-drainer phishing site detected by 3/95 VirusTotal scanners. Check the full report.

## Summary
PhishDestroy identifies ledger-lonedy.pages.dev as an active crypto-draining phishing site operating at elevated risk. This domain is designed to trick cryptocurrency users into connecting wallets and signing malicious transactions that drain assets into attacker-controlled addresses. The threat is confirmed through observed behavior, infrastructure alignment with known drainers, and multiple detection flags from security vendors.  

This domain was flagged by 3 out of 95 VirusTotal security vendors, indicating limited but significant detection coverage. It resolves to IP 188.114.97.3 via Cloudflare, Inc., leveraging Google Trust Services for SSL certificates to appear legitimate. The domain is hosted on Cloudflare Pages, a platform often abused by threat actors to rapidly deploy phishing and malware distribution sites. While creation date and blocklist status are not provided, the combination of low VirusTotal detection, active SSL certificate, and association with crypto-draining operations strongly indicates a malicious campaign in progress.  

Users should immediately block ledger-lonedy.pages.dev at the network level and avoid visiting the site. Cryptocurrency holders are advised to verify all wallet connection prompts and never sign transactions from untrusted sources. Enable transaction simulation tools when possible and monitor wallet addresses for unauthorized outflows. Report this domain to security teams and threat intelligence platforms to aid in takedown efforts.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 3 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/797ce444-65a8-4fc3-aeac-68a07ff2ce55
- PhishDestroy: https://phishdestroy.io/domain/ledger-lonedy.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-lonedy.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-lonedy.pages.dev/
Last updated: 2026-03-22