# ledger-livedesktopus.pages.dev — SUSPICIOUS

> ledger-livedesktopus.pages.dev is a malicious domain impersonating Ledger to spread a crypto drainer. Verify safety on PhishDestroy, which flagged it with 0/95.

## Summary
PhishDestroy identifies ledger-livedesktopus.pages.dev as a currently active domain engaged in brand impersonation, specifically targeting Ledger cryptocurrency wallet users.

This domain was flagged by 0 of 95 VirusTotal vendors, is registered through Cloudflare Inc., and resolves to IP address 172.66.44.126. Its SSL certificate is issued by Google Trust Services, and while creation date is not listed, the domain remains unblocked by major threat intelligence feeds.

Until further analysis is completed, treat this domain as actively malicious. Avoid all interactions and block both the domain and its resolved IP. Users should verify any suspected Ledger-related domains through PhishDestroy before proceeding with downloads or logins. Monitor network traffic for connections to 172.66.44.126 and inspect TLS certificates issued by Google Trust Services for this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.126

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/ledger-livedesktopus.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/ledger-livedesktopus.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-livedesktopus.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-livedesktopus.pages.dev/
Last updated: 2026-04-05