# eng-ledgr-rjs.pages.dev — SUSPICIOUS

> eng-ledgr-rjs.pages.dev hosts a fake Ledger wallet app phishing page. 0/95 VirusTotal vendors flagged it yet. Check the full report.

## Summary
eng-ledgr-rjs.pages.dev is currently hosting a phishing page impersonating the Ledger hardware wallet application, as identified by PhishDestroy. The threat has been classified as an active Ledger wallet phishing campaign and is currently under investigation by cybersecurity researchers. This domain is designed to deceive users into entering their Ledger recovery phrases or private keys under the guise of a legitimate wallet update or verification process.

This domain was flagged by 0 of 95 VirusTotal vendors, indicating that it has not yet been widely recognized as malicious by automated security tools. The domain is registered through Cloudflare, Inc., and resolves to the IP address 172.66.44.163. The SSL certificate is issued by Google Trust Services, which may lend an initial appearance of legitimacy. The domain was recently created and has not yet been widely blocklisted, with no detections recorded in PhishDestroy’s threat intelligence database as of the latest update. Trust scores remain neutral due to the lack of widespread recognition by security vendors.

The current status of this domain is active, and users are advised to exercise extreme caution when encountering any links or advertisements promoting Ledger wallet-related services from this domain. PhishDestroy recommends avoiding interaction with eng-ledgr-rjs.pages.dev and any associated pages. Users who may have entered sensitive information on this domain should immediately transfer their assets to a new wallet using a verified Ledger device or alternative trusted hardware wallet. Additionally, enable multi-factor authentication on all cryptocurrency-related accounts and report any suspicious activity to Ledger’s official support channels. Security teams should monitor this domain for further developments and consider blocking it at the network perimeter to prevent potential phishing incidents.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.163

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/eng-ledgr-rjs.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/eng-ledgr-rjs.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/eng-ledgr-rjs.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/eng-ledgr-rjs.pages.dev/
Last updated: 2026-04-03