# web-ledger--login.pages.dev — SUSPICIOUS

> PhishDestroy identifies web-ledger--login.pages.dev as a crypto drainer impersonating legitimate services. Resolving to 188.114.96.

## Summary
PhishDestroy has identified web-ledger--login.pages.dev as an active crypto drainer domain under investigation for theft of cryptocurrency assets. This threat specifically targets users by impersonating legitimate login portals, luring victims into connecting their crypto wallets to drain funds directly. The domain remains undetected by security engines despite its malicious activity, raising concerns about its evasion techniques and potential for widespread compromise.  This domain was flagged by PhishDestroy with a risk level categorized as under_investigation. Intelligence reveals it resolves to IP 188.114.96.3 and is registered through Cloudflare, Inc. Virustotal shows zero detections out of 95 engines (0/95), indicating a stealthy operation. The domain operates under Google Trust Services’ SSL certificate, leveraging false legitimacy to bypass browser warnings. No current blocklist entries or trust score penalties have been recorded, further highlighting the need for proactive monitoring.  Mitigation against crypto drainer threats like web-ledger--login.pages.dev requires immediate user action. Users must avoid entering wallet credentials or connecting wallets to unverified domains. Enable hardware wallet authentication and transaction approvals for all crypto transactions. Report suspicious domains to PhishDestroy and monitor wallet activity for unauthorized transfers. Organizations should implement DNS filtering to block known malicious domains and educate users on recognizing crypto drainer lures. Always verify domain URLs and use official app stores or verified links for crypto services.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/59350162-4711-4d95-bf3c-c0ec5ded5e42
- PhishDestroy: https://phishdestroy.io/domain/web-ledger--login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/web-ledger--login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/web-ledger--login.pages.dev/
Last updated: 2026-03-22