# ledger-cd-en-auth-live.pages.dev — MALICIOUS

> The domain ledger-cd-en-auth-live.pages.dev is a crypto drainer masquerading as Ledger Live, flagged by 13 of 95 VirusTotal vendors.

## Summary
The domain ledger-cd-en-auth-live.pages.dev is a currently active crypto_drainer impersonating Ledger Live. 

This domain was flagged by 13 of 95 VirusTotal vendors, registered via Cloudflare, Inc., and resolves to IP 188.114.97.3. It leverages Google Trust Services SSL certificates to appear legitimate. 

Users should avoid interacting with this domain entirely. Block the domain and IP at the network perimeter, and advise customers to verify all Ledger Live communications via official channels.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/15b78524-adaf-42c2-b186-7f6f7a48f267
- PhishDestroy: https://phishdestroy.io/domain/ledger-cd-en-auth-live.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-cd-en-auth-live.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-cd-en-auth-live.pages.dev/
Last updated: 2026-03-21