# ledgerlive-desktop-doc.pages.dev — SUSPICIOUS > PhishDestroy identifies ledgerlive-desktop-doc.pages.dev as a Ledger brand impersonation site hosting a crypto drainer. ## Summary PhishDestroy has identified ledgerlive-desktop-doc.pages.dev as an active crypto drainer leveraging Ledger brand impersonation to deceive users. The domain is currently under investigation but remains accessible, posing a direct threat to cryptocurrency holders seeking legitimate Ledger Live Desktop documentation or software. The domain resolves to IP address 188.114.96.3 and is registered through Cloudflare, Inc. It utilizes a Google Trust Services SSL certificate but has not yet been flagged by any of the 95 VirusTotal vendors as of this assessment. This lack of detection indicates a low current-blocklist profile, despite the domain's malicious intent. The domain is hosted on Cloudflare Pages, a platform often exploited by attackers to rapidly deploy and hide malicious infrastructure. Given the absence of VirusTotal detections and the domain's active status, users are strongly advised to exercise extreme caution. Legitimate Ledger Live Desktop documentation and software are exclusively available through ledger.com or verified Ledger domains. Avoid downloading or interacting with any content from ledgerlive-desktop-doc.pages.dev. Users should verify domain authenticity by checking the official Ledger website and using bookmarked links or direct HTTPS connections. Report any encounters with this domain to PhishDestroy or relevant cybersecurity authorities for further analysis and takedown. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/92a94550-b928-4ed7-a76c-085358dde8bf - PhishDestroy: https://phishdestroy.io/domain/ledgerlive-desktop-doc.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledgerlive-desktop-doc.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledgerlive-desktop-doc.pages.dev/ Last updated: 2026-03-26