# eu-ledger-live-io.pages.dev — SUSPICIOUS

> eu-ledger-live-io.pages.dev mimics Ledger to deploy a crypto drainer kit with 0/95 VirusTotal detections. Verify this domain on PhishDestroy before interacting.

## Summary
PhishDestroy identifies eu-ledger-live-io.pages.dev as an active brand-impersonation domain currently under investigation for distributing a cryptocurrency drainer kit targeting Ledger users. The domain uses Cloudflare Pages hosting and a Google Trust Services SSL certificate to appear legitimate, while resolving to IP 172.66.47.170. The threat is classified as a high-risk impersonation due to its direct mimicry of Ledger’s official branding and infrastructure designed to deceive cryptocurrency holders.

Technical indicators confirm this domain remains undetected by 95 security vendors according to VirusTotal, indicating low detection coverage despite clear malicious intent. Registered through Cloudflare, Inc., it leverages Google Trust Services for SSL authentication, adding perceived legitimacy. The domain’s IP address 172.66.47.170 correlates with known phishing infrastructure, and while the exact registration date is not disclosed, its active status suggests recent deployment. Current blocklist counts remain unspecified, but the absence of detections highlights a gap in threat intelligence coverage.

This domain is currently active and flagged as under investigation, with no confirmed takedown as of the latest analysis. Security teams are advised to monitor for associated wallet addresses and drainer signatures. Users are strongly urged to verify this domain via PhishDestroy before engaging, as the combination of zero detections, Ledger impersonation, and crypto-focused lures poses a severe risk to cryptocurrency assets. Remaining risk is classified as high due to the drainer’s potential to execute unauthorized transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.170

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/eu-ledger-live-io.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/eu-ledger-live-io.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/eu-ledger-live-io.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eu-ledger-live-io.pages.dev/
Last updated: 2026-04-11