# connect-en-ledger-live.pages.dev — SUSPICIOUS

> connect-en-ledger-live.pages.dev is a Ledger brand impersonation site flagged by 2 of 95 VirusTotal vendors. Avoid entering crypto wallet details here.

## Summary
PhishDestroy identifies connect-en-ledger-live.pages.dev as a live brand impersonation page masquerading as Ledger Live, a popular cryptocurrency wallet service. This fraudulent site was designed to trick users into entering their recovery phrases or private keys by mimicking the official Ledger interface and domain structure. Once credentials are submitted, the attackers can drain cryptocurrency funds directly from victims’ wallets. There are no legitimate purposes for this domain, and any interaction increases the risk of financial loss.  This domain was flagged by 2 out of 95 VirusTotal security vendors and is hosted on Cloudflare’s infrastructure resolving to IP 172.66.47.127. The site uses a Google Trust Services SSL certificate to appear legitimate. It was likely created recently under Cloudflare Pages to evade traditional domain-based detection. The impersonation is highly specific, targeting users expecting to access Ledger’s official platform.  If you visited this site or entered any information, stop using the affected wallet immediately. Disconnect any connected devices, revoke any permissions granted, and transfer remaining assets to a new, secure wallet. Report the incident to Ledger support and monitor your accounts for unauthorized transactions. Avoid clicking any links claiming to be from Ledger unless they come directly from the official ledger.com domain or a verified source.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.127

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/fd481d04-f94a-459a-80f7-140550139944
- PhishDestroy: https://phishdestroy.io/domain/connect-en-ledger-live.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/connect-en-ledger-live.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/connect-en-ledger-live.pages.dev/
Last updated: 2026-03-22