# ledgerlive-run.pages.dev — MALICIOUS

> ledgerlive-run.pages.dev impersonates Ledger in brand impersonation scam. 5 of 95 vendors flag it. Check the full report for details.

## Summary
ledgerlive-run.pages.dev poses a serious risk by impersonating the Ledger brand, a well-known cryptocurrency hardware wallet provider. This domain attempts to deceive users into trusting it as an official Ledger service, potentially aiming to steal sensitive information such as login credentials or private keys. The threat is categorized as brand impersonation, which can lead to financial loss and compromised digital assets if users are tricked into interacting with the fake site.

This domain has been flagged by 5 out of 95 security vendors on VirusTotal, indicating a significant level of threat recognition within the cybersecurity community. The domain resolves to the IP address 172.66.47.78 and is registered through Cloudflare, Inc., a common registrar for cloud services and content delivery. Additionally, the domain uses an SSL certificate issued by Google Trust Services, which may lend it a misleading appearance of legitimacy to unsuspecting users. These technical indicators combined with the detection count underscore the elevated risk level of this site.

If you have visited ledgerlive-run.pages.dev, it is crucial to immediately stop any interaction with the site and avoid supplying any personal or financial information. Users who may have entered credentials should change their passwords on all related accounts and enable two-factor authentication if available. It is also advisable to monitor cryptocurrency wallets and financial accounts for any unauthorized activity. Reporting the domain to security teams or using browser security tools to block it can help protect others from falling victim to this brand impersonation scam.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.78

## Detection Status
- VirusTotal: 5 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/26f14df3-27d2-4fa8-bd1e-7ed568a16861
- PhishDestroy: https://phishdestroy.io/domain/ledgerlive-run.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgerlive-run.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgerlive-run.pages.dev/
Last updated: 2026-03-30