# first-ledger-live-login-eng-us.pages.dev — MALICIOUS

> PhishDestroy identifies first-ledger-live-login-eng-us.pages.dev impersonating Ledger with a 13/95 VirusTotal detection rate. Check the full report.

## Summary
PhishDestroy identifies first-ledger-live-login-eng-us.pages.dev as an active Ledger brand impersonation domain. This phishing site employs sophisticated spoofing tactics to deceive users into entering sensitive credentials under the guise of a legitimate Ledger Live login portal. The elevated risk level reflects the domain's malicious intent and the potential for financial harm to cryptocurrency holders.

This domain was flagged by 13 out of 95 VirusTotal security vendors, indicating widespread detection of its malicious nature. It resolves to IP address 172.66.47.177, is registered through Cloudflare, Inc., and leverages a Google Trust Services SSL certificate to enhance its authenticity. The impersonation of Ledger, a trusted name in cryptocurrency security, amplifies the threat's credibility and deceptive effectiveness.

To mitigate exposure to this Ledger impersonation scam, users should avoid interacting with first-ledger-live-login-eng-us.pages.dev or any domains mimicking Ledger's official sites. Always verify URLs for accuracy, ensure bookmarks point to the genuine Ledger domain (ledger.com), and enable multi-factor authentication on Ledger accounts. Organizations should update blocklists to include this domain and its IP (172.66.47.177) to prevent access within corporate networks. Report suspicious domains to PhishDestroy or Ledger's official fraud channels to aid in takedown efforts.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.177

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a3fd79b5-d916-4660-8728-115f5b37dbac
- PhishDestroy: https://phishdestroy.io/domain/first-ledger-live-login-eng-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/first-ledger-live-login-eng-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/first-ledger-live-login-eng-us.pages.dev/
Last updated: 2026-03-22