# ladger-login-oss.pages.dev — SUSPICIOUS

> ladger-login-oss.pages.dev is a credential phishing site mimicking a wallet login, flagged by 2/95 VirusTotal vendors. Review indicators immediately.

## Summary
This domain mimics a legitimate login page to steal cryptocurrency credentials, posing an elevated risk to users attempting to access Ledger wallets. PhishDestroy identifies this as an active credential theft campaign designed to harvest sensitive wallet information under false pretenses.


The site was flagged by 2 of 95 VirusTotal security vendors, resolving to IP 172.66.46.211 via Cloudflare’s infrastructure and leveraging a Google Trust Services SSL certificate to appear legitimate. Technical analysis confirms it impersonates a Ledger login interface, likely distributed through deceptive links or phishing emails targeting cryptocurrency holders.


If you visited this site, cease interaction immediately and do not enter any credentials or wallet information. Use a reputable antivirus scan on your device to check for compromise. Report the domain to your security team and consider rotating wallet credentials if any data was entered. Monitor accounts for unusual transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.211

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/cf91e2d7-37db-48e4-8720-48e0b8481e98
- PhishDestroy: https://phishdestroy.io/domain/ladger-login-oss.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ladger-login-oss.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ladger-login-oss.pages.dev/
Last updated: 2026-03-22