# ledgerlive-desk-top.pages.dev — SUSPICIOUS

> ledgerlive-desk-top.pages.dev is a Ledger-brand impersonation site distributing fake desktop apps. This domain resolves to 188.114.97.

## Summary
PhishDestroy identifies ledgerlive-desk-top.pages.dev as an active brand-impersonation scam site posing as the legitimate Ledger desktop application platform. This malicious domain specifically targets Ledger users by mimicking the official software distribution channel, potentially leading to credential theft or malware installation through fake installer packages. The threat remains in the early stages of discovery, with no detections recorded across 95 VirusTotal scanners as of the latest analysis.  

Technical indicators confirm the domain’s malicious nature and operational infrastructure. The domain was registered through Cloudflare, Inc., leveraging the provider’s free Worker pages service to host the impersonation page. The site operates under an SSL certificate issued by Google Trust Services, enhancing its credibility while resolving to IP address 188.114.97.3. Notably, it has not been listed on any major threat intelligence blocklists, which explains its current lack of detections. The domain’s recent creation and use of legitimate infrastructure demonstrate an attempt to bypass traditional security filters, increasing the risk of successful deception.  

To mitigate exposure, users must avoid interacting with this domain or downloading any software from it. Ledger users should only download desktop applications directly from the official ledger.com domain or verified app stores. Enterprises should implement DNS filtering to block access to this domain and similar impersonation sites. Security teams are advised to monitor for additional domains registered under the same infrastructure pattern and report findings to threat intelligence platforms to improve community detection rates. Immediate action is recommended given the domain’s active status and potential for rapid expansion across other delivery channels.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/274802f5-f771-4ff8-a730-7ec16b43e49f
- PhishDestroy: https://phishdestroy.io/domain/ledgerlive-desk-top.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgerlive-desk-top.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgerlive-desk-top.pages.dev/
Last updated: 2026-03-22