# auth-ledger-live-wallet-eng-us.pages.dev — SUSPICIOUS > PhishDestroy identifies auth-ledger-live-wallet-eng-us.pages.dev as a Ledger-brand impersonation domain (0/95 VirusTotal detections). Action: Avoid interactions. ## Summary PhishDestroy flags auth-ledger-live-wallet-eng-us.pages.dev as an active brand impersonation site targeting Ledger users. This fraudulent domain leverages Ledger’s reputation to deceive visitors into divulging sensitive wallet credentials or installing malicious software. The threat level remains under investigation pending further behavioral analysis, but indicators strongly suggest intent to siphon cryptocurrency via fake Ledger Live interfaces or drainer scripts. This domain resolves to IP 188.114.97.3 and is registered through Cloudflare, Inc. The SSL certificate is issued by Google Trust Services, which may lend an air of legitimacy, though issuance alone does not confirm trustworthiness. VirusTotal currently shows 0 detections out of 95 engines as of seed 45b680. The domain uses a Cloudflare Pages.dev subdomain structure, a common tactic to bypass traditional domain-based filtering. While no confirmed inclusion on major blocklists has been observed at this time, the recent registration and active status raise immediate concern for crypto users seeking legitimate Ledger services. Mitigation against Ledger brand impersonation involves verifying all URLs against Ledger’s official domains (e.g., ledger.com or ledger-live.com) and ensuring downloads originate from verified sources like the Ledger Live app store. Always use hardware wallet verification steps and beware of unsolicited links claiming to be ‘Ledger Live Wallets’ or ‘Auth Portals.’ Enable transaction simulation tools on the device and cross-check addresses in a separate, air-gapped environment when prompted by unverified interfaces. Report impersonation domains to Ledger’s fraud team immediately and avoid entering seed phrases or private keys on any page hosted outside official channels. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/931d2953-9a23-4c58-8c6b-8213a4b471a8 - PhishDestroy: https://phishdestroy.io/domain/auth-ledger-live-wallet-eng-us.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/auth-ledger-live-wallet-eng-us.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/auth-ledger-live-wallet-eng-us.pages.dev/ Last updated: 2026-03-22