# ledgrlive-desk.pages.dev — SUSPICIOUS

> ledgrlive-desk.pages.dev mimics Ledger’s brand to steal credentials. VirusTotal flags 2/95 vendors. Check the full report.

## Summary
PhishDestroy identifies ledgrlive-desk.pages.dev as an active brand-impersonation domain targeting cryptocurrency users by masquerading as the official Ledger hardware wallet platform.

This malicious domain resolves to 172.66.44.214 and is hosted via Cloudflare Pages, leveraging Google Trust Services SSL certificates to appear legitimate. Security vendor analysis conducted via VirusTotal reveals detection by only 2 out of 95 engines, highlighting low initial visibility despite clear malicious intent. The domain was registered through Cloudflare, Inc., and its infrastructure aligns with common phishing-as-a-service toolkits observed in recent Ledger-themed campaigns.

Users who visited this domain may have been presented with fraudulent login forms designed to harvest Ledger account credentials or seed phrases. If you entered any information on this site, immediately reset your Ledger account password, revoke any exposed API keys, and transfer funds to a newly generated wallet address using a clean device. Scan your system with updated antivirus software and consider enabling hardware wallet transaction verification for added security. Organizations should block this domain at DNS and firewall levels using the IP 172.66.44.214 and domain ledgrlive-desk.pages.dev.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.214

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c8be621f-a027-4c45-b50f-45999db81e2e
- PhishDestroy: https://phishdestroy.io/domain/ledgrlive-desk.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgrlive-desk.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgrlive-desk.pages.dev/
Last updated: 2026-03-26