# center-liveledgr.pages.dev — SUSPICIOUS

> center-liveledgr.pages.dev hosts a crypto drainer mimicking a ledger live login portal — verify via PhishDestroy before entering credentials.

## Summary
PhishDestroy identifies center-liveledgr.pages.dev as a live crypto drainer campaign impersonating Ledger’s official portal. The domain leverages a spoofed login page to harvest seed phrases and private keys, redirecting drained funds to attacker-controlled wallets. Threat actors are actively rotating infrastructure to evade detection while mimicking legitimate Ledger branding to deceive users.

Technical indicators show this domain resolves to 188.114.96.3 with a Google Trust Services SSL certificate, indicating basic certificate transparency. VirusTotal currently flags the domain at 0/95 detections, though no AV engines have yet flagged the payload. Registered through Cloudflare, Inc., the domain’s recent creation suggests a fast-moving campaign. No confirmed blocklist entries exist, and Google Safe Browsing (GSB) status remains unlisted at time of writing.

The domain remains active with a 'under_investigation' risk level, indicating insufficient evidence for definitive classification. PhishDestroy recommends immediate blocking of 188.114.96.3 and center-liveledgr.pages.dev pending further forensic analysis. Users who interacted with this domain should revoke any exposed wallet credentials and transfer remaining funds to a newly generated wallet. Remaining risk is moderate due to the drainer’s active status and low AV detection rate.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/center-liveledgr.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/center-liveledgr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/center-liveledgr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/center-liveledgr.pages.dev/
Last updated: 2026-04-03