# ledger-live-ask.pages.dev — SUSPICIOUS

> ledger-live-ask.pages.dev is a brand impersonation phishing site that steals crypto via a fake Ledger Live form. Flagged by 2 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies ledger-live-ask.pages.dev as an active brand impersonation phishing domain masquerading as Ledger’s official Live service. The site leverages a deceptive domain structure to mimic legitimate Ledger infrastructure, tricking users into entering sensitive credentials or cryptocurrency wallet information. This domain is currently categorized as an elevated-threat campaign and remains accessible to users attempting to access fake Ledger services.

This domain was flagged by 2 of 95 VirusTotal security vendors, indicating low but concerning detection from the cybersecurity community. It resolves to IP address 172.66.45.10 and is hosted through Cloudflare, Inc., with an SSL certificate issued by Google Trust Services. The registration leverages Cloudflare’s Pages platform, a legitimate hosting service repurposed to deliver malicious content. While no creation date is provided in public records, the domain is actively serving a fake Ledger Live interface designed to drain user funds through social engineering and credential harvesting.

Current status for ledger-live-ask.pages.dev remains active and poses an elevated risk due to its impersonation of a high-value brand in the cryptocurrency space. Users attempting to access Ledger Live should only use the official domain ledger.com or previously verified update channels. PhishDestroy recommends blocking this domain at the network level and avoiding any interaction with this site. If you’ve entered credentials or wallet information, immediately revoke access, transfer assets to a secure wallet, and monitor for unauthorized transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.45.10

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0b470ed9-36db-4768-94af-9f348e1526ed
- PhishDestroy: https://phishdestroy.io/domain/ledger-live-ask.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-live-ask.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-live-ask.pages.dev/
Last updated: 2026-03-22