# leve-ledgr.pages.dev — SUSPICIOUS

> Leve-ledgr.pages.dev is linked to credential theft targeting Ledger users with 0/95 VT detections. Exercise caution and verify official sources.

## Summary
PhishDestroy identifies the domain leve-ledgr.pages.dev as involved in a generic phishing campaign primarily focused on credential theft. The phishing page masquerades as an official Ledger Live wallet app, a well-known cryptocurrency brand, aiming to deceive victims into surrendering sensitive authentication data. No specific drainer kit is currently identified, but the impersonation of the Ledger brand strongly suggests intent to harvest wallet credentials for unauthorized access.

Technical indicators show that leve-ledgr.pages.dev has a VirusTotal detection score of 0 out of 95, meaning it has not yet been flagged by conventional antivirus engines. The domain resolves to the IP address 188.114.96.3 and was registered through Cloudflare, Inc., a common service provider for hosting and domain privacy. The SSL certificate in use is issued by Google Trust Services, and the domain employs modern security technologies including HSTS and HTTP/3, making it appear legitimate and secure to casual observers. There is no indication of Google Safe Browsing (GSB) blocklist status or other blocklist counts reported at this time.

Currently, leve-ledgr.pages.dev remains active and under investigation with a risk level classified as under_investigation. Given the lack of detections on VirusTotal and the use of trusted security infrastructure, this domain poses a high risk of successful credential theft despite not being widely flagged yet. Users are strongly advised to avoid interacting with this domain and to verify all Ledger-related communications through official channels only. Continued monitoring and rapid takedown requests to Cloudflare are recommended to mitigate potential harm from this emerging threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Page title: Ledger Live | Easy, Secure, and Official Wallet App

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/55f0be2d-7f0c-4249-93f4-2fe3c900ef03
- PhishDestroy: https://phishdestroy.io/domain/leve-ledgr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leve-ledgr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leve-ledgr.pages.dev/
Last updated: 2026-03-24