# supp-ldger-wallet.pages.dev — MALICIOUS

> supp-ldger-wallet.pages.dev is a crypto drainer domain flagged by 8 of 95 security vendors. Users should avoid interaction to protect funds.

## Summary
The domain supp-ldger-wallet.pages.dev is actively involved in a crypto drainer threat campaign. Although it mimics the Ledger brand by using a similar name, there is no direct indication of an official association. The domain serves as a fraudulent site designed to steal cryptocurrency assets from victims, consistent with typical crypto drainer kit behaviors aimed at draining wallets through credential theft or unauthorized transactions.

Technical indicators for supp-ldger-wallet.pages.dev reveal a VirusTotal detection ratio of 8 out of 95 security vendors flagging the domain, indicating a moderate level of consensus on malicious activity. The domain is registered through Cloudflare, Inc., a common registrar used both for legitimate and malicious domains. It resolves to the IP address 172.66.45.38 and employs a legitimate SSL certificate issued by Google Trust Services, which may lend false credibility to users. The domain’s creation date is not explicitly stated but remains active and unblocked by Google Safe Browsing (GSB) at time of analysis, with a reported elevated risk level.

Currently, supp-ldger-wallet.pages.dev is active and poses an ongoing threat to potential victims targeting cryptocurrency holders. Incident response teams should prioritize blocking this domain at network and endpoint levels. Users are strongly advised to avoid any interactions with this domain or similar variants, especially when prompted to enter wallet credentials. Continuous monitoring and updating of blocklists are essential to mitigate the risk posed by this crypto drainer campaign, which remains an elevated threat to digital asset security.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.45.38

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/07e72006-aa49-48bb-9d46-1a53dd2a33f4
- PhishDestroy: https://phishdestroy.io/domain/supp-ldger-wallet.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/supp-ldger-wallet.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/supp-ldger-wallet.pages.dev/
Last updated: 2026-03-25