# levva-fi.com — SUSPICIOUS

> Levva-fi.com is currently under review for possible phishing risks. Learn what is known about its setup and how to stay safe online.

## Summary
PhishDestroy identifies levva-fi.com as a domain under investigation for generic phishing activity. While no security vendors have flagged it yet, the potential risk lies in deceptive attempts to steal personal data.

The domain was registered recently on June 17, 2025, through Ultahost, Inc., and resolves to IP 172.67.191.155. Despite zero VirusTotal detections, its new registration and hosting details warrant caution.

Users are advised to avoid interacting with levva-fi.com until further analysis is complete. Exercise vigilance by not providing sensitive information or clicking unknown links associated with this domain.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 200)
- Page title: openmediavault Workbench

## Domain Intelligence
- Registered: 2025-06-17 21:58:25
- Registrar: Ultahost, Inc.
- Country: US
- IP: 172.67.191.155
- Nameservers: dahlia.ns.cloudflare.com damian.ns.cloudflare.com

## Detection Status
- VirusTotal: 0 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://i.ibb.co/9kySCZTs/3e060b8a6ca7.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1fd859ce-b316-4f77-8956-e964e4fc6d60
- PhishDestroy: https://phishdestroy.io/domain/levva-fi.com/
- LLM endpoint: https://phishdestroy.io/domain/levva-fi.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/levva-fi.com/
Last updated: 2026-03-19