# ledjer-io-com.pages.dev — SUSPICIOUS > Ledjer-io-com.pages.dev is a crypto drainer phishing domain flagged by 2/95 VirusTotal vendors. Avoid entering credentials or crypto wallet details. ## Summary PhishDestroy identifies ledjer-io-com.pages.dev as an active crypto drainer phishing domain designed to trick users into surrendering cryptocurrency wallet credentials or authorizing malicious transactions. This domain, registered through Cloudflare, Inc., resolves to IP 172.66.44.202 and is flagged by only 2 out of 95 VirusTotal security vendors. Its SSL certificate is issued by Google Trust Services, which may lull victims into a false sense of security. While the low vendor count suggests limited detection, the presence of a crypto-related lure (implied by the domain’s naming convention) combined with its use of Cloudflare’s infrastructure and a trusted SSL issuer makes it a credible threat to unsuspecting users, particularly those active in cryptocurrency spaces. This domain poses a direct financial risk to users who interact with it. Crypto drainers like this one typically employ fake login pages mimicking legitimate services such as wallet interfaces or exchange dashboards. Upon entering credentials or connecting a wallet, victims unknowingly authorize on-chain transactions that drain funds into attacker-controlled addresses. The domain’s use of a .pages.dev subdomain under Cloudflare may be intended to bypass traditional domain-based filtering. The SSL certificate from Google Trust Services adds legitimacy, as many users associate such certificates with safety. Despite low detection by security tools, the domain’s configuration and naming suggest a targeted campaign likely aimed at users searching for or expecting to access a service called “Ledjer” or similar. If you visited ledjer-io-com.pages.dev, assume your cryptocurrency wallet or login credentials may have been compromised. Immediately disconnect any connected wallets, revoke any unauthorized transaction approvals through your wallet’s interface, and transfer remaining funds to a new wallet via a clean device. Scan your device for malware, update your passwords for all crypto-related accounts, and consider using a hardware wallet for future transactions. Report the domain to your browser’s safe browsing tools and to PhishDestroy for further analysis. Avoid interacting with any links or prompts from this domain moving forward. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.202 ## Detection Status - VirusTotal: 2 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/aed4a8a6-3aa9-43e1-8207-61ec528c6f4f - PhishDestroy: https://phishdestroy.io/domain/ledjer-io-com.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledjer-io-com.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledjer-io-com.pages.dev/ Last updated: 2026-03-22