# un-leder-com-strt.pages.dev — SUSPICIOUS

> Beware of un-leder-com-strt.pages.dev, a crypto drainer impersonating Ledger wallets. 1/95 security vendors flagged this domain.

## Summary
PhishDestroy identifies un-leder-com-strt.pages.dev as an active crypto drainer targeting cryptocurrency users by impersonating Ledger wallet login pages. This fraudulent domain (un-leder-com-strt.pages.dev) leverages a deceptive subdomain structure and Google Trust Services SSL certificate to appear legitimate, luring victims into entering private key or seed phrase details under the guise of wallet authentication.  This domain was flagged by PhishDestroy due to multiple red flags, including a VirusTotal detection rate of just 1 out of 95 security vendors at the time of analysis. It resolves to IP 188.114.97.3 and is registered through Cloudflare, Inc., which is frequently abused to host malicious content while obscuring the true origin of the infrastructure. Despite its polished appearance, the domain's recent creation and minimal security vendor coverage underscore its elevated risk profile.  Users who have interacted with un-leder-com-strt.pages.dev should immediately revoke any entered credentials or private keys in a secure environment, transfer remaining assets to a trusted wallet, and scan their devices for malware using reputable antivirus software. Report this domain to PhishDestroy for further investigation and block it on all devices to prevent future exposure. Exercise caution with unsolicited links claiming to be Ledger services, and always verify URLs through official channels.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1b6caa86-e387-41ef-8e4f-2dc45c5393ca
- PhishDestroy: https://phishdestroy.io/domain/un-leder-com-strt.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/un-leder-com-strt.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/un-leder-com-strt.pages.dev/
Last updated: 2026-03-22