# authenticatingconne.nesarashiftledger.live — SUSPICIOUS

> Domain authenticatingconne.nesarashiftledger.live impersonates Ledger crypto wallet. VirusTotal shows 0/95 detections. Check the full report.

## Summary
PhishDestroy identifies active brand impersonation targeting Ledger users via the domain authenticatingconne.nesarashiftledger.live. This threat poses a high risk due to its direct association with a trusted cryptocurrency brand, potentially deceiving users into divulging sensitive credentials or financial information. The domain resolves to IP 86.107.77.165 and operates under a Let's Encrypt SSL certificate, adding superficial legitimacy to its fraudulent activities.

This domain was flagged with 0/95 VirusTotal detections as of the latest scan, indicating it remains undetected by most antivirus engines. The domain is registered under an unlisted registrar, and its creation date is under investigation. No presence on major blocklists or trust score databases has been confirmed at this time. The SSL certificate, issued by Let's Encrypt, further complicates detection efforts by mimicking legitimate secure connections.

Users should immediately block the IP 86.107.77.165 and avoid interacting with this domain. For Ledger users, verify any communication claiming to be from the brand by accessing official channels directly. Report this domain to Ledger’s fraud team and relevant cybersecurity platforms like PhishDestroy for further analysis. Disable macros in email clients and enable multi-factor authentication to mitigate credential theft risks.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 86.107.77.165

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/authenticatingconne.nesarashiftledger.live
- PhishDestroy: https://phishdestroy.io/domain/authenticatingconne.nesarashiftledger.live/
- LLM endpoint: https://phishdestroy.io/domain/authenticatingconne.nesarashiftledger.live/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/authenticatingconne.nesarashiftledger.live/
Last updated: 2026-04-02