# sso-ledger-livee.pages.dev — SUSPICIOUS > PhishDestroy identifies sso-ledger-livee.pages.dev as a Ledger brand impersonation site with 0/95 VirusTotal detections. Avoid entering credentials here. ## Summary PhishDestroy identifies sso-ledger-livee.pages.dev as an active Ledger brand impersonation site designed to harvest user credentials. This fake SSO portal mimics Ledger’s legitimate authentication interface, tricking victims into revealing private keys or login details. The threat actor leverages Cloudflare’s Pages.dev subdomain to host the phishing page—registered under Cloudflare, Inc.—while concealing infrastructure behind Google Trust Services’ SSL certificate for deceptive legitimacy. Users accessing 188.114.96.3 (resolved by this domain) risk direct exposure to credential theft due to the high-fidelity impersonation. This domain exhibits minimal detection despite clear malicious intent, with VirusTotal currently showing 0/95 detections. PhishDestroy flags this as an emerging threat due to its use of a reputable SSL issuer (Google Trust Services) and Cloudflare’s subdomain service—common tactics to bypass traditional blocklists. The lack of detection underscores the challenge of proactive phishing identification, as threat actors continuously adapt hosting methods to evade automated scanners. As of this report, the domain remains unflagged by most security vendors, increasing exposure risk for unsuspecting users. If you visited sso-ledger-livee.pages.dev, cease use immediately and inspect browser extensions or stored credentials linked to Ledger. Disconnect any active sessions, revoke exposed API keys or passwords, and run a full malware scan on your device. Report the domain to Ledger’s official support (support@ledger.com) and submit it to PhishDestroy or your email provider for blocklist inclusion. Always verify URLs via official Ledger channels (ledger.com/support) before entering sensitive data, and enable multi-factor authentication on all cryptocurrency-related accounts. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) - Target brand: Ledger ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/03d20d7e-1acf-4a1b-a1ea-0bb74185a253 - PhishDestroy: https://phishdestroy.io/domain/sso-ledger-livee.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/sso-ledger-livee.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/sso-ledger-livee.pages.dev/ Last updated: 2026-03-22