# ledgr-live--app.pages.dev — SUSPICIOUS > ledgr-live--app.pages.dev is a cryptocurrency drainer posing as Ledger Live. Verify safety on PhishDestroy before entering any details. ## Summary PhishDestroy identifies ledgr-live--app.pages.dev as a cryptocurrency drainer impersonating the official Ledger Live application. This malicious domain uses deceptive branding to trick users into connecting their crypto wallets, where funds are silently drained via smart contract interactions. The site mimics the appearance of legitimate Ledger services, often distributed through social media links or spoofed emails claiming urgent account actions. Once accessed, the page prompts victims to connect their wallet under the guise of “verification” or “security update,” triggering unauthorized transactions to attacker-controlled addresses. This tactic aligns with recent trends in Web3 phishing, where fake interfaces exploit user trust in well-known crypto platforms. This domain was flagged as a generic phishing site and is currently under investigation. It resolves to IP address 172.66.47.74 and is registered through Cloudflare, Inc., a common tactic to obscure true hosting origins. Notably, the site holds a valid SSL certificate issued by Google Trust Services, which can mislead users into believing it is legitimate. According to VirusTotal scans, 0 out of 95 security engines currently detect this domain as malicious — a common early-stage indicator that threat intelligence is still being gathered. The domain uses Cloudflare Pages for hosting, making it easy to deploy and frequently change, complicating takedown efforts. If you visited ledgr-live--app.pages.dev, immediately disconnect your wallet and revoke any unintended permissions using tools like revoke.cash or the official wallet interface. Do not enter your seed phrase, private key, or connect your wallet to any site you did not initiate. Scan your device for malware and monitor your crypto wallets for unauthorized transactions. Report the domain to PhishDestroy and consider rotating any exposed wallet addresses. Even if no funds were lost, this site may have harvested metadata or installed tracking scripts — so clear browser data, update passwords, and remain cautious of follow-up scams. Always verify URLs via official channels and use hardware wallets for critical transactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.74 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b16102ce-64c8-4cff-aa6e-605153f31094 - PhishDestroy: https://phishdestroy.io/domain/ledgr-live--app.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledgr-live--app.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledgr-live--app.pages.dev/ Last updated: 2026-03-22