# ldeger-us-lives.pages.dev — SUSPICIOUS > ldegeR-us-lives.pages.dev impersonates Ledger to steal user credentials. This domain is not yet flagged on VirusTotal (0/95 detections). ## Summary PhishDestroy identifies ldegeR-us-lives.pages.dev as an active Ledger brand impersonation domain designed to deceive users into divulging sensitive financial or account information. This threat leverages the credibility of the legitimate Ledger brand to exploit trust, typically through phishing emails, fake login portals, or fraudulent support pages, with the end goal of harvesting credentials or installing malware. The domain resolves to IP 172.66.47.83 and operates under Cloudflare’s infrastructure, leveraging Google Trust Services for SSL encryption to appear legitimate at first glance, which increases the risk of successful deception. Users are strongly advised not to interact with or submit any personal information on this domain until further analysis confirms its safety. This domain was flagged during routine threat intelligence monitoring by PhishDestroy. VirusTotal currently shows 0 out of 95 detection engines flagging this domain as malicious, indicating it remains under the radar for many automated security tools. The domain is registered through Cloudflare, Inc., and is hosted on Cloudflare Pages, a legitimate service often abused by threat actors due to its cloud-based infrastructure and anonymizing properties. At the time of analysis, the domain has not been widely included in threat intelligence blocklists, leaving users and organizations exposed to potential attacks without prior warning. The combination of high-reputation infrastructure, low detection rates, and the specific targeting of Ledger suggests a sophisticated and evolving threat that requires immediate attention. If you have visited ldegeR-us-lives.pages.dev and entered any sensitive information such as login credentials, recovery phrases, or financial details, PhishDestroy strongly recommends the following actions immediately. First, change all passwords associated with your Ledger account and enable two-factor authentication if not already active. Second, revoke any session tokens or API keys that may have been exposed and monitor your account for unauthorized transactions. Third, perform a full scan of your device using reputable antivirus software to check for potential malware that may have been delivered alongside the phishing attempt. Finally, report the suspicious activity to Ledger’s official support and consider using a dedicated identity theft monitoring service to safeguard against further misuse. DO NOT reuse passwords across different platforms and ensure all recovery phrases or seed phrases are stored offline in a secure location. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.83 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/457fdece-9290-482f-8bf8-5550c4e95520 - PhishDestroy: https://phishdestroy.io/domain/ldeger-us-lives.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ldeger-us-lives.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ldeger-us-lives.pages.dev/ Last updated: 2026-04-11