# pages-ldgrelog.pages.dev — MALICIOUS

> PhishDestroy warns that pages-ldgrelog.pages.dev is a crypto drainer impersonating legitimate services. 12/95 security vendors flag this domain.

## Summary
PhishDestroy identifies pages-ldgrelog.pages.dev as an active crypto drainer posing as a legitimate service. This domain is designed to deceive users into connecting cryptocurrency wallets under false pretenses, enabling unauthorized asset transfers. The threat actor leverages Cloudflare Pages to host malicious content, which is then distributed through phishing campaigns targeting crypto investors. Once a user interacts with the fraudulent page, the drainer silently initiates unauthorized transactions, draining funds without consent. This domain represents a high-risk threat to cryptocurrency users, as it operates under the guise of legitimacy while executing malicious financial theft.  Evidence supporting the elevated risk of this domain includes its detection by 12 out of 95 security vendors on VirusTotal, indicating partial but widespread recognition of its malicious nature. Registered through Cloudflare, Inc., the domain resolves to IP address 188.114.97.3 and holds an SSL certificate issued by Google Trust Services, which may lend an air of authenticity to unsuspecting users. The combination of a reputable registrar, cloud hosting, and a legitimate SSL certificate creates a deceptive facade that masks its true intent. Additionally, the domain's association with a known phishing infrastructure further underscores its malicious purpose.  Users who have visited pages-ldgrelog.pages.dev should immediately disconnect any connected cryptocurrency wallets and revoke permissions for unknown or suspicious applications. It is critical to scan all devices for malware and review wallet transaction histories for unauthorized activity. PhishDestroy advises reporting this domain to relevant cybersecurity platforms and avoiding any further interaction to prevent potential financial loss. Proactive verification of URLs and domains before engagement is strongly recommended to mitigate exposure to such threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/6c25818e-1a28-4711-9878-96e607dd0c36
- PhishDestroy: https://phishdestroy.io/domain/pages-ldgrelog.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/pages-ldgrelog.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pages-ldgrelog.pages.dev/
Last updated: 2026-03-25