# live-web-ledgr.pages.dev — SUSPICIOUS > live-web-ledgr.pages.dev is a crypto drainer impersonating a ledger wallet. VirusTotal shows 0/95 detections. ## Summary PhishDestroy identifies live-web-ledgr.pages.dev as an active crypto drainer designed to steal cryptocurrency from unsuspecting users. This fraudulent site masquerades as a legitimate Ledger wallet interface, tricking visitors into connecting their wallets and approving malicious transactions. The threat actor leverages cloud-based infrastructure through Cloudflare to host the phishing page, further complicating detection and takedown efforts. While the domain resolves to IP 172.66.44.97 and utilizes a valid SSL certificate from Google Trust Services, these superficial trust signals are intentionally used to deceive users into lowering their guard. This domain was flagged with 0/95 VirusTotal detections as of the latest scan, indicating no antivirus or security vendor has yet classified it as malicious. The domain is registered through Cloudflare, Inc., a common tactic among threat actors seeking to obscure their true hosting infrastructure. While the exact creation date is not publicly available, the domain's recent activity and lack of detection history suggest it is part of a newly deployed campaign. Users should treat this domain with extreme caution, as its primary objective is to drain cryptocurrency assets from connected wallets without the victim's knowledge. If you have visited live-web-ledgr.pages.dev, disconnect your wallet immediately and revoke any permissions granted to the site. Check your transaction history for unauthorized transfers and report any suspicious activity to your wallet provider or exchange. Use reputable security tools to scan for malware and consider rotating your wallet addresses and private keys as a precaution. Avoid interacting with any prompts or buttons on the site, as these may trigger silent crypto transfers. For future protection, bookmark official wallet URLs and verify all links before entering sensitive information. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.97 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/live-web-ledgr.pages.dev - PhishDestroy: https://phishdestroy.io/domain/live-web-ledgr.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/live-web-ledgr.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/live-web-ledgr.pages.dev/ Last updated: 2026-04-09