# homepage-en-ledg--r-us.pages.dev — SUSPICIOUS

> homepage-en-ledg--r-us.pages.dev hosts a fake Ledger login portal, only 0/95 VirusTotal engines detect it—check full report now.

## Summary
PhishDestroy identifies homepage-en-ledg--r-us.pages.dev as an active phishing page impersonating the legitimate Ledger hardware wallet login portal. This deceptive site attempts to trick visitors into entering their 24-word recovery phrase or wallet password, which are then harvested by the attackers to drain cryptocurrency funds directly from the victim’s wallet.  This domain was flagged on 2024-06-05 after automated detection systems observed it redirecting to a spoofed Ledger account login page. The domain is hosted on Cloudflare Pages (via IP 172.66.44.238) and leverages a Google Trust Services SSL certificate to appear legitimate. According to VirusTotal analysis dated 2024-06-06, 0 out of 95 antivirus engines have detected or blocked this threat as of this report. This low detection rate suggests the phishing infrastructure is either new or highly evasive.  If you visited homepage-en-ledg--r-us.pages.dev or entered any credentials or recovery phrases, immediately stop using that wallet and transfer all remaining assets to a newly created, secure wallet. Then, perform a full device malware scan using reputable security software. Report the incident to Ledger support and change passwords on all related accounts. Do not trust any pop-up messages or unsolicited communications claiming to help recover lost funds—they are likely part of the same campaign.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.238

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/5756dd73-0c2b-4f0f-b02b-ac890e58012f
- PhishDestroy: https://phishdestroy.io/domain/homepage-en-ledg--r-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/homepage-en-ledg--r-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/homepage-en-ledg--r-us.pages.dev/
Last updated: 2026-03-22