# en-ledgr-login-live.pages.dev — MALICIOUS > PhishDestroy identifies en-ledgr-login-live.pages.dev as a credential theft page mimicking Ledger. 6/95 VirusTotal vendors flag this active threat. ## Summary PhishDestroy has identified the domain en-ledgr-login-live.pages.dev as a high-risk credential theft page that masquerades as a legitimate Ledger login portal. This fraudulent site is designed to trick users into entering their sensitive credentials, such as email addresses, passwords, or recovery phrases, which are then harvested by attackers for unauthorized access to cryptocurrency wallets or other sensitive accounts. The domain leverages deceptive branding and a familiar page structure to lower user suspicion, making it a particularly effective tool for credential harvesting. This domain was flagged by PhishDestroy after security vendors detected its malicious nature. VirusTotal analysis shows that 6 out of 95 security vendors have marked this domain as malicious, indicating a high likelihood of harmful activity. The domain is registered through Cloudflare, Inc., a common choice for threat actors due to its privacy protections and rapid deployment capabilities. Additionally, the SSL certificate is issued by Google Trust Services, which may further lend an air of legitimacy to unsuspecting users. These technical indicators, combined with the domain's active status, highlight its elevated risk to potential victims. If you have visited this domain or entered any credentials, act immediately to secure your accounts. Change passwords for Ledger and any other accounts using the same credentials, enable multi-factor authentication where possible, and scan your devices for malware. Report the incident to Ledger's official support channels and consider revoking any exposed API keys or recovery phrases. Stay vigilant for further suspicious activity and avoid interacting with domains that mimic legitimate services without verification. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.97.3 ## Detection Status - VirusTotal: 6 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/4cf8bd34-eb49-4ad9-97c5-416f1be89672 - PhishDestroy: https://phishdestroy.io/domain/en-ledgr-login-live.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/en-ledgr-login-live.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/en-ledgr-login-live.pages.dev/ Last updated: 2026-03-26