# us-ledgerr-live-login.pages.dev — SUSPICIOUS

> us-ledgerr-live-login.pages.dev is a crypto drainer phishing site with 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies us-ledgerr-live-login.pages.dev as an active crypto drainer phishing domain designed to steal cryptocurrency from unsuspecting users. This fraudulent site masquerades as a legitimate crypto ledger login portal, tricking victims into entering their private keys or connecting wallets. Once credentials or wallet access is granted, the attackers immediately drain funds, leaving victims with irreversible losses.  This domain was flagged as a crypto drainer with 0 out of 95 VirusTotal detections at the time of analysis, meaning no antivirus or security tool has yet recognized its malicious nature. Registered through Cloudflare, Inc., the domain resolved to IP address 188.114.97.3 and operated under a Google Trust Services SSL certificate, adding a false sense of legitimacy to deceive users. The site’s infrastructure leverages Cloudflare Pages to host phishing pages quickly and evade detection.  If you visited us-ledgerr-live-login.pages.dev, disconnect your wallet immediately and revoke any connected permissions through your wallet’s settings. Transfer remaining assets to a secure wallet not previously connected to the site. Run a full antivirus scan on your device to check for malware. Report the domain to your antivirus provider and relevant crypto platforms to help block further attacks. Always verify URLs manually and use hardware wallets for high-value transactions to prevent falling victim to crypto drainers.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/fd85a615-60b2-4b1e-8cdf-74eba0be5389
- PhishDestroy: https://phishdestroy.io/domain/us-ledgerr-live-login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/us-ledgerr-live-login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/us-ledgerr-live-login.pages.dev/
Last updated: 2026-03-22