# leger-lve-log-in.pages.dev — SUSPICIOUS

> leger-lve-log-in.pages.dev mimics Ledger wallet logins for credential theft. VirusTotal shows 0/95 detections. Check the full report.

## Summary
PhishDestroy identifies ledger-lve-log-in.pages.dev as an active Ledger wallet credential phishing domain. This site impersonates the official Ledger login interface to harvest private keys and recovery phrases from unsuspecting cryptocurrency users.

This domain was flagged with 0 detections out of 95 VirusTotal scanners, resolving to 172.66.47.104 via Cloudflare. The SSL certificate, issued by Google Trust Services, adds a false veneer of legitimacy. Registrant details remain obscured through Cloudflare’s privacy protections, complicating attribution efforts.

Users who visited this domain should immediately revoke any entered credentials on their Ledger device and transfer funds to a newly initialized wallet. Scan devices for malware, enable two-factor authentication, and report the domain to Ledger’s phishing team. Avoid interacting with similar domains using .pages.dev TLDs or Cloudflare fronting.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.104

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/61720798-3e1d-4bbb-baa2-c6ad333bf449
- PhishDestroy: https://phishdestroy.io/domain/leger-lve-log-in.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leger-lve-log-in.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leger-lve-log-in.pages.dev/
Last updated: 2026-03-22