# un-ledjer-com-satrt.pages.dev — SUSPICIOUS

> un-ledjer-com-satrt.pages.dev poses as a crypto ledger login page to steal credentials. Detected on VirusTotal with 0/95 detections.

## Summary
PhishDestroy identifies un-ledjer-com-satrt.pages.dev as an active cryptocurrency drainer phishing domain. The page mimics a legitimate ledger login interface to trick users into surrendering wallet credentials or private keys. No known brand abuse is detected at this time, but the threat actor leverages a generic drainer kit commonly distributed via phishing campaigns targeting Web3 users.    This domain was flagged through behavioral analysis and flagged by PhishDestroy engines. Technical indicators include a VirusTotal detection score of 0/95, registered via Cloudflare (Inc.), resolving to IP 172.66.44.144, and operating under a Google Trust Services SSL certificate. Current WHOIS data indicates recent registration, though exact creation date is obscured by Cloudflare’s privacy protection. The domain has not yet been flagged by Google Safe Browsing (GSB), and current blocklist aggregations show no detections across major threat feeds as of seed 3ae499.    The domain remains active and unblocked by default security stacks. Users are advised to avoid interaction and report the domain to their security teams. Remaining risk is moderate due to untracked propagation and low initial detection. Immediate blocking at network and DNS levels is recommended to prevent user exposure and credential theft. Ongoing monitoring is in progress under investigation status.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.144

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8121a3ca-6ae6-413a-a100-1dcae2465965
- PhishDestroy: https://phishdestroy.io/domain/un-ledjer-com-satrt.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/un-ledjer-com-satrt.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/un-ledjer-com-satrt.pages.dev/
Last updated: 2026-03-22