# eng-ledgrlivee.pages.dev — SUSPICIOUS

> eng-ledgrlivee.pages.dev is a fraudulent site impersonating Ledger to deploy crypto drainers. Verify this domain on PhishDestroy for safety alerts.

## Summary
PhishDestroy identifies eng-ledgrlivee.pages.dev as an active brand impersonation domain targeting Ledger users. This fraudulent site is designed to mimic the official Ledger platform, potentially deploying cryptocurrency drainer kits to siphon digital assets from unsuspecting victims. The domain operates under Cloudflare's infrastructure and resolves to a suspicious IP address, indicating a coordinated effort to deceive users through lookalike branding and social engineering tactics.

Technical analysis of eng-ledgrlivee.pages.dev reveals critical indicators of fraud. The domain currently shows 0 detections out of 95 on VirusTotal, suggesting it remains undetected by many security vendors. It was registered through Cloudflare, Inc., with an SSL certificate issued by Google Trust Services, which may be leveraged to establish false trust. The domain resolves to IP 188.114.96.3, a known malicious infrastructure point. While the exact creation date is not publicly available, the absence of detections and the deployment of SSL encryption imply recent activation. The domain remains unblocked across major security databases, including Google Safe Browsing, posing an elevated risk to users seeking legitimate Ledger services.

As of the latest assessment, eng-ledgrlivee.pages.dev remains an active threat under investigation, with a status classified as 'under_investigation'. PhishDestroy has flagged this domain for brand impersonation and is monitoring its activities closely. Users are strongly advised to cross-reference this domain with official sources and avoid interacting with any suspicious links. The risk level is currently assessed as elevated pending further forensic analysis. Immediate action should be taken to block this domain at the network and endpoint levels to prevent financial loss. This domain exemplifies the growing trend of sophisticated brand impersonation attacks targeting cryptocurrency holders.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/eng-ledgrlivee.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/eng-ledgrlivee.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/eng-ledgrlivee.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eng-ledgrlivee.pages.dev/
Last updated: 2026-04-09