# home-ledgrdesktop.pages.dev — SUSPICIOUS

> home-ledgrdesktop.pages.dev: Active crypto-draining scam impersonating Ledger Live. 1/95 security vendors flagged. Verify on PhishDestroy before interacting.

## Summary
PhishDestroy identifies home-ledgrdesktop.pages.dev as an active crypto-draining scam leveraging a spoofed Ledger Live interface to siphon cryptocurrency from victims. The domain resolves to a Cloudflare Pages deployment hosted on 188.114.97.3, using a Google Trust Services SSL certificate to mimic legitimate Ledger infrastructure. Threat analysis reveals a drainer kit designed to intercept wallet connections and prompt users for seed-phrase or private-key input, with no legitimate branding or functional integration beyond credential harvesting.  This domain was flagged by PhishDestroy with a VirusTotal detection ratio of 1/95 security vendors as of seed dd59f6. It is registered through Cloudflare, Inc., resolving to IP 188.114.97.3 via Cloudflare Pages infrastructure. The domain carries a Google Trust Services SSL certificate and is currently unlisted on Google Safe Browsing (GSB) with no confirmed blocklist presence. Technical telemetry suggests recent creation but sustained operational persistence, indicating ongoing campaign refinement.  Current status remains active with elevated risk due to low vendor detection and impersonation of a high-value brand. Response actions include domain takedown outreach to Cloudflare Trust & Safety and escalation to Google Safe Browsing. Despite these efforts, residual risk persists due to the transient nature of Cloudflare Pages deployments and the lack of proactive blocking by major security vendors. Users are strongly advised to verify any Ledger-related links using PhishDestroy prior to interaction.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/55005267-3668-45fb-96a6-29bf4abd1432
- PhishDestroy: https://phishdestroy.io/domain/home-ledgrdesktop.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/home-ledgrdesktop.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/home-ledgrdesktop.pages.dev/
Last updated: 2026-03-26