# protect-ledgrlive-app.pages.dev — SUSPICIOUS > protect-ledgrlive-app.pages.dev impersonates Ledger Live with a phishing kit hosted via Cloudflare. VirusTotal shows 0/95 detections. Stop entering seed phrases. ## Summary PhishDestroy identifies protect-ledgrlive-app.pages.dev as a live Ledger Live phishing kit that lures cryptocurrency users into entering their 24-word seed phrases. The site presents a convincing replica of the official Ledger Live login flow, tricking victims into surrendering wallet recovery keys and handing criminals full control over their digital assets. Once the seed phrase is submitted, the thief can drain wallets within minutes, making this a high-impact threat that escalates from stolen credentials to irreversible financial loss. This domain was flagged on 03 June 2025 at 22:47 UTC. It is registered through Cloudflare, Inc. and resolves to 172.66.44.176. VirusTotal currently shows 0 detections out of 95 engines, indicating the page has flown under the radar of most antivirus scanners. The site uses a Google Trust Services SSL certificate to appear legitimate; however, the combination of Cloudflare hosting, zero detections, and an official-looking subdomain specifically targets Ledger Live users. If you visited protect-ledgrlive-app.pages.dev, assume your seed phrase has been compromised. Immediately transfer any remaining funds to a new wallet created on an air-gapped device, then revoke all app connections and enable 2FA on every exchange and service. Report the incident to Ledger support and file a police report; include the domain and timestamp. Scan your computer with multiple antivirus tools to ensure no keyloggers were installed. Finally, rotate every password you have used on the affected machine and enable hardware wallets for all future crypto operations. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.176 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7068ad42-1508-4344-a5a9-f1d298a4e24c - PhishDestroy: https://phishdestroy.io/domain/protect-ledgrlive-app.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/protect-ledgrlive-app.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/protect-ledgrlive-app.pages.dev/ Last updated: 2026-03-22