# connect-ledgger-live-app.pages.dev — SUSPICIOUS > connect-ledgger-live-app.pages.dev is impersonating Ledger Live with a fake crypto wallet phishing scam. VirusTotal: 0/95 detections. Check the full report. ## Summary PhishDestroy identifies connect-ledgger-live-app.pages.dev as a phishing domain actively distributing a counterfeit Ledger Live application, posing as a legitimate cryptocurrency wallet interface. The threat level is currently under investigation, but preliminary analysis confirms malicious intent through domain structure, SSL deception, and hosting behavior. Users should avoid interacting with this site entirely, as it leverages the trusted 'pages.dev' subdomain of Cloudflare Pages to appear legitimate while hosting a fraudulent wallet interface. This is a targeted phishing campaign against cryptocurrency users, specifically mimicking Ledger's official Live application to steal credentials and funds. This domain was flagged with zero detections on VirusTotal out of 95 scanners, resolving to IP address 172.66.47.97 with a Google Trust Services SSL certificate, indicating basic certificate validation without content scrutiny. It is registered through Cloudflare, Inc., which provides no guarantee of legitimacy beyond standard CDN services. The site currently shows no history on major blocklists such as Google Safe Browsing, PhishTank, or OpenPhish, suggesting it is either newly deployed or deliberately evasive. The domain's structure ('connect-ledgger-live-app') mimics official Ledger branding ('Ledger Live') with intentional misspellings ('ledgger' instead of 'ledger') to bypass superficial checks. While the SSL certificate is issued by a trusted authority, it does not validate the authenticity of the content—only the encryption handshake. To mitigate exposure to this Ledger Live phishing scam, users should immediately block access to connect-ledgger-live-app.pages.dev via network or browser settings. Verify any cryptocurrency wallet download link by cross-referencing the official domain (ledger.com) and checking for HTTPS with correct certificate issuer (Ledger SAS, not Google Trust Services). Never enter credentials or private keys into unofficial interfaces. If you suspect interaction, revoke any permissions granted and transfer assets to a newly initialized, verified wallet. Report the domain to your antivirus provider, browser vendor, and Ledger’s official phishing reporting channel to aid in takedown efforts. Always use bookmarked official links for wallet access and enable multi-factor authentication on all crypto-related accounts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.97 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/d4b0d5c0-2ce7-4aa7-840d-5438d7aa0c8d - PhishDestroy: https://phishdestroy.io/domain/connect-ledgger-live-app.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/connect-ledgger-live-app.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/connect-ledgger-live-app.pages.dev/ Last updated: 2026-03-25