# web-ledgerdesk.pages.dev — SUSPICIOUS > Beware of web-ledgerdesk.pages.dev, a crypto drainer site with 0/95 VirusTotal detections. Avoid this crypto drainer domain. Check the full report. ## Summary PhishDestroy identifies web-ledgerdesk.pages.dev as an active crypto drainer domain designed to steal cryptocurrency wallet credentials and assets. This fraudulent site mimics legitimate crypto services to trick users into connecting their wallets, enabling unauthorized transactions that drain funds without direct access to private keys. Security researchers observed the domain resolving to IP 172.66.47.10, hosted under Cloudflare's infrastructure, with an SSL certificate issued by Google Trust Services to maintain a false sense of legitimacy. The domain currently shows 0 detections on VirusTotal out of 95 scanners, indicating it remains under the radar despite active malicious operations. This domain was flagged by PhishDestroy's automated analysis pipeline as part of routine threat intelligence monitoring. The domain registered through Cloudflare, Inc., is currently active, and has not been added to major blocklists despite its malicious functionality. The SSL certificate issued by Google Trust Services further complicates detection efforts, as browsers display the padlock icon while users unknowingly interact with a phishing frontend. The seed identifier d82f5e associates this domain with a cluster of related crypto drainer infrastructure observed in recent campaigns targeting decentralized finance users. If you visited web-ledgerdesk.pages.dev or connected your wallet to this domain, immediately revoke all permissions granted to connected applications using your wallet's security settings. Check transaction history for unauthorized transfers and consider moving remaining assets to a new wallet with fresh credentials. Report the domain to your organization's security team and block it at the network perimeter. Monitor financial accounts closely for unusual activity following any wallet interaction with this domain. Use wallet applications with built-in phishing detection features and verify every URL before authorizing transactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.10 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/e763c9b0-deeb-4c79-8076-ebdcd32495e0 - PhishDestroy: https://phishdestroy.io/domain/web-ledgerdesk.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/web-ledgerdesk.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/web-ledgerdesk.pages.dev/ Last updated: 2026-03-23