# ledgerlive-desk-info.pages.dev — SUSPICIOUS

> Domain ledgerlive-desk-info.pages.dev hosts a crypto wallet brand impersonation scam, flagged by 2/95 VirusTotal vendors.

## Summary
PhishDestroy identifies ledgerlive-desk-info.pages.dev as an active brand impersonation domain targeting Ledger cryptocurrency wallet users. The threat level is elevated due to its malicious intent to deceive victims into divulging sensitive wallet credentials or installing fraudulent software under the guise of a legitimate Ledger service. This domain specifically mimics the Ledger Live desktop application interface to trick users into entering recovery phrases or private keys, enabling cryptocurrency theft.  This domain was flagged by 2 out of 95 security vendors on VirusTotal, indicating low but notable detection. It is registered through Cloudflare, Inc., resolving to IP address 172.66.46.254, and operates under a Google Trust Services SSL certificate. The domain leverages Cloudflare Pages for hosting, which is a common tactic to rapidly deploy and conceal malicious infrastructure. Despite its recent creation, the domain’s infrastructure and SSL certificate choice suggest an attempt to appear legitimate at first glance.  To mitigate risks, users should avoid interacting with this domain or any unsolicited links claiming to be Ledger services. Verify URLs directly through Ledger’s official website or application. Security teams should block this domain and IP at the network level, and report it to relevant threat intelligence platforms. Additionally, users who may have entered credentials or recovery phrases should immediately transfer assets to a secure wallet and revoke any unauthorized access.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.254

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/9cc07284-01ef-4108-b896-ff78aabf8460
- PhishDestroy: https://phishdestroy.io/domain/ledgerlive-desk-info.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgerlive-desk-info.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgerlive-desk-info.pages.dev/
Last updated: 2026-03-22