# ledhfygugu.pages.dev — MALICIOUS > PhishDestroy identifies ledhfygugu.pages.dev as a crypto drainer impersonating a brand. 10/95 security vendors flag this domain. Avoid clicking suspicious links. ## Summary PhishDestroy identifies ledhfygugu.pages.dev as an active crypto drainer posing as a legitimate service. This domain is designed to trick users into connecting cryptocurrency wallets under the false pretense of rewards, giveaways, or legitimate transactions. Once connected, the drainer silently siphons funds from the victim’s wallet without requiring additional authorization. These attacks are particularly dangerous because they exploit the irreversible nature of blockchain transactions, leaving victims with no recourse for recovery once funds are stolen. This domain was flagged by 10 out of 95 security vendors on VirusTotal, indicating widespread recognition of its malicious intent. It was registered through Cloudflare, Inc., resolving to the IP address 188.114.96.3 with a Let's Encrypt SSL certificate, which is commonly used to lend an air of legitimacy to fraudulent sites. The domain’s creation and hosting infrastructure further suggest a coordinated effort to deceive users, as Cloudflare’s Pages service is often abused for short-lived phishing campaigns due to its ease of deployment and low cost. If you visited ledhfygugu.pages.dev, disconnect your wallet from the site immediately and revoke any unauthorized permissions granted to it through your wallet’s settings. Monitor your wallet transactions closely for any unauthorized transfers. Use a reputable antivirus or security tool to scan your device for malware that may have been installed during the visit. Report the domain to your wallet provider and relevant cybersecurity authorities to help prevent others from falling victim to this scam. Always verify the authenticity of websites, especially those offering crypto-related services, by cross-checking URLs and using official channels for communication. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 10 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/89fe90c6-8d27-4d8c-9d30-9f1c7801f34a - PhishDestroy: https://phishdestroy.io/domain/ledhfygugu.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledhfygugu.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledhfygugu.pages.dev/ Last updated: 2026-04-01