# leedzer-live-learn.pages.dev — SUSPICIOUS

> Domain leedzer-live-learn.pages.dev impersonates Ledger with 0/95 VirusTotal detections. Avoid wallet verification scams on this active phishing page hosted.

## Summary
PhishDestroy identifies a recently activated phishing campaign using the domain leedzer-live-learn.pages.dev to impersonate the legitimate Ledger cryptocurrency wallet brand. Hosted on Cloudflare Pages with IP 172.66.45.14, the page mimics Ledger’s official site to deceive visitors into entering recovery phrases or wallet credentials. This mimics real Ledger services, increasing the risk of financial theft.  This domain was flagged with a current VirusTotal score of 0 detections out of 95 scanners, indicating it has not yet been widely recognized as malicious. Registered through Cloudflare, Inc. and secured with a Google Trust Services SSL certificate, it appears professionally constructed to evade initial detection. The campaign is assessed as active and poses a credible threat to users seeking wallet management or recovery services.  If you visited leedzer-live-learn.pages.dev: immediately disconnect from the site, do not enter any seed phrases, passwords, or private keys. Scan your connected devices with an updated antivirus tool. If you entered credentials on the page, revoke access to your Ledger wallet via the official app, transfer funds to a new wallet, and report the incident to Ledger support and local cybercrime authorities if financial loss is suspected. Always verify website domains and use only official Ledger URLs ending in ledger.com

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.45.14

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/3c2b21f6-3a29-4d27-b214-2bc800e90839
- PhishDestroy: https://phishdestroy.io/domain/leedzer-live-learn.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leedzer-live-learn.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leedzer-live-learn.pages.dev/
Last updated: 2026-04-12