# secure-ledger-loiginn-liv.pages.dev — MALICIOUS

> secure-ledger-loiginn-liv.pages.dev is a crypto drainer phishing site flagged by 12 of 95 VirusTotal vendors. Avoid this fraudulent domain immediately.

## Summary
PhishDestroy identifies the domain secure-ledger-loiginn-liv.pages.dev as an active crypto drainer scam posing as a legitimate ledger login portal. This fraudulent website is designed to trick users into connecting cryptocurrency wallets under the false pretense of secure transactions, ultimately siphoning digital assets without authorization. The threat actor behind this campaign is actively leveraging this domain to harvest private keys, seed phrases, or approve malicious token transfer permissions, resulting in irreversible financial losses for victims. Security researchers strongly recommend treating this domain as high-risk and refraining from any interaction with its content or associated links.

This domain was flagged by 12 of 95 VirusTotal security vendors, indicating elevated malicious activity. It resolves to IP address 172.66.44.138 and is registered through Cloudflare, Inc., with an SSL certificate issued by Google Trust Services. The domain is hosted on Cloudflare Pages, a legitimate platform often abused by threat actors to deploy phishing infrastructure due to its free tier and fast global distribution. While the exact creation date is not publicly disclosed, the presence of a Google-issued SSL certificate and Cloudflare hosting suggests recent deployment aimed at exploiting trust in well-known infrastructure providers.

Given the elevated risk posed by this crypto drainer, PhishDestroy advises users to immediately block this domain at the network and DNS levels. Organizations should update firewall rules, SIEM signatures, and email security policies to detect and prevent access to secure-ledger-loiginn-liv.pages.dev. End users are urged to verify website URLs manually, avoid clicking unverified links, and use hardware wallets for cryptocurrency transactions. Always cross-check domains against official brand websites and never input sensitive credentials or connect wallets to suspicious web interfaces.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.138

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7efec62b-9417-4002-8f4f-2a60d416262b
- PhishDestroy: https://phishdestroy.io/domain/secure-ledger-loiginn-liv.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/secure-ledger-loiginn-liv.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/secure-ledger-loiginn-liv.pages.dev/
Last updated: 2026-03-22