# live-leedger-learns.pages.dev — SUSPICIOUS > PhishDestroy identifies live-leedger-learns.pages.dev as a crypto drainer impersonating Ledger. VirusTotal shows 0/95 detections. Block now. ## Summary PhishDestroy identifies live-leedger-learns.pages.dev as a crypto drainer targeting cryptocurrency users by impersonating Ledger’s official learning portal. This domain leverages Cloudflare Pages to host a fraudulent interface that harvests wallet credentials and private keys under the guise of educational content. The infrastructure relies on Google Trust Services for SSL certificates, adding a veneer of legitimacy, while resolving to IP 188.114.97.3—a known hosting range frequently associated with malicious campaigns. Given the absence of detections on VirusTotal (0/95 scans), this threat remains undetected by conventional security tools, posing a significant risk to unsuspecting users seeking Ledger support or educational resources. This domain was flagged by PhishDestroy’s automated pipeline due to its high-risk indicators, including zero detections on VirusTotal as of the latest scan, despite active hosting on Cloudflare Pages. The SSL certificate, issued by Google Trust Services, provides a false sense of security, while the IP address 188.114.97.3 has been linked to multiple crypto drainer campaigns. The domain’s recent creation and lack of historical data further suggest a hastily deployed operation aimed at exploiting user trust in legitimate brands. Current blocklist counts remain low, increasing the likelihood of successful user engagement. Users who visited live-leedger-learns.pages.dev should immediately disconnect any connected wallets, revoke any exposed credentials, and scan their devices for malware using trusted security software. If cryptocurrency assets were accessed or transferred, report the incident to the relevant blockchain explorer and consider engaging cybersecurity incident response teams. Avoid interacting with this domain or any links associated with it, and report the URL to PhishDestroy’s threat intelligence platform for further analysis. Users should also verify the authenticity of any Ledger-related domains by cross-referencing official channels before engaging. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/26abbc20-12e4-40f9-8b40-76a3ca76f726 - PhishDestroy: https://phishdestroy.io/domain/live-leedger-learns.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/live-leedger-learns.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/live-leedger-learns.pages.dev/ Last updated: 2026-03-29