# com-ledgerr-com.pages.dev — MALICIOUS

> com-ledgerr-com.pages.dev is a high-risk phishing domain impersonating Ledger. Stay alert and avoid interaction. Check safety on PhishDestroy.io.

## Summary
PhishDestroy identifies com-ledgerr-com.pages.dev as a high-risk brand impersonation phishing domain targeting Ledger users. Its intent was to deceive victims by mimicking the trusted Ledger brand.

The domain was created on February 21, 2026, registered through Cloudflare, Inc., and resolved to IP 172.66.47.64. VirusTotal flagged it by 13 out of 95 security vendors, and it appears on three security blocklists, indicating broad recognition of its malicious nature.

Currently, the domain is offline and no longer accessible, mitigating immediate risk. Users are advised to remain cautious, verify URLs carefully, and avoid any suspicious communication claiming to be from Ledger. Reporting similar domains to PhishDestroy.io strengthens collective defense.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Ledger
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.64
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["lorna.ns.cloudflare.com", "colin.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 13 vendors flagged
  Vendors: ["BitDefender", "CyRadar", "Ermes", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ccdcc-ffdc-70ff-9cd5-51831518bbad.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1aaa20e6-e76a-44fa-8569-e76e391de7e9
- PhishDestroy: https://phishdestroy.io/domain/com-ledgerr-com.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/com-ledgerr-com.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/com-ledgerr-com.pages.dev/
Last updated: 2026-03-19