# faq-ledgerliv.pages.dev — SUSPICIOUS > PhishDestroy flags faq-ledgerliv.pages.dev as impersonating Ledger crypto brand. VirusTotal shows 0 of 95 detections. Secure your assets now. ## Summary PhishDestroy identifies the domain faq-ledgerliv.pages.dev as an active brand impersonation site targeting Ledger users. The domain is currently under investigation but remains accessible, leveraging Cloudflare’s infrastructure to host a fraudulent replica of Ledger’s official support pages. VirusTotal analysis confirms the domain has not yet been flagged by any of the 95 participating detection engines, indicating a low but present risk of successful evasion. Registered through Cloudflare, Inc., the domain resolves to IP address 172.66.44.53 and benefits from a Google Trust Services SSL certificate, enhancing its appearance of legitimacy. No blocklist entries were detected at the time of analysis. The threat posed by faq-ledgerliv.pages.dev is elevated due to its combination of brand impersonation, cryptocurrency-related targeting, and the use of reputable registrars and hosting providers. Such domains often serve as fronts for credential theft, crypto drainers, or malicious download prompts. Cloudflare’s infrastructure and Google’s SSL certificate make the site appear trustworthy at a glance, increasing the likelihood of user engagement. As of now, the domain is active and unblocked by most security systems. Users are strongly advised to avoid interacting with faq-ledgerliv.pages.dev and verify all support channels directly via Ledger’s official website. Organizations should block the domain and IP at the network level and update endpoint detection rules to flag this indicator. Continuous monitoring is recommended due to the evolving nature of this campaign. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.53 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/faq-ledgerliv.pages.dev - PhishDestroy: https://phishdestroy.io/domain/faq-ledgerliv.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/faq-ledgerliv.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/faq-ledgerliv.pages.dev/ Last updated: 2026-04-04