# enug-ledgeir.pages.dev — SUSPICIOUS

> enug-ledgeir.pages.dev impersonates Ledger Live to deploy a crypto drainer. Flagged by 0 of 95 VirusTotal vendors. Verify on PhishDestroy.

## Summary
PhishDestroy identifies enug-ledgeir.pages.dev as an active brand impersonation phishing site targeting Ledger users. The domain hosts a fraudulent Ledger Live portal designed to deceive victims into connecting crypto wallets or entering seed phrases. Current status remains active as of the latest intelligence update.    This domain was flagged by 0 of 95 VirusTotal vendors, indicating evasion of automated detection mechanisms. It was registered through Cloudflare, Inc., resolving to IP address 188.114.97.3. The SSL certificate is issued by Google Trust Services, leveraging legitimate trust chains to enhance credibility. VirusTotal detection failure and absence from active blocklists suggest this campaign is in early deployment stages.    Immediate action is required to mitigate risk. Users encountering this domain should avoid interaction and report it via PhishDestroy’s verification system. Organizations are advised to monitor network traffic for connections to 188.114.97.3 and block the domain at DNS/gateway levels. Blocklist integration is recommended due to low initial detection rates. Further IOCs (indicators of compromise) are under analysis; updates will be provided as intelligence evolves.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP ?)
- Target brand: Ledger
- Page title: Ledger Live (Official) — Secure Bitcoin & Crypto Wallet

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4704b48f-aaa7-496a-8401-9399bcb3c2f5
- PhishDestroy: https://phishdestroy.io/domain/enug-ledgeir.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/enug-ledgeir.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/enug-ledgeir.pages.dev/
Last updated: 2026-04-12