# ledgar-connects.pages.dev — SUSPICIOUS

> The domain ledgar-connects.pages.dev is actively hosting a credential phishing page. Flagged by 2 of 95 VirusTotal vendors. Check the full report.

## Summary
PhishDestroy identifies ledgar-connects.pages.dev as a currently active credential-phishing domain impersonating Ledger’s official connection service.

This domain was flagged by 2 of 95 VirusTotal security vendors, registered through Cloudflare, Inc., and resolves to IP 188.114.96.3. The SSL certificate is issued by Google Trust Services, indicating an attempt to appear legitimate.

Organizations should block ledgar-connects.pages.dev at DNS and firewall layers, inspect outbound traffic for TLS connections to 188.114.96.3, and review any recently captured credentials for potential compromise. Users who entered information should rotate passwords immediately and enable multi-factor authentication.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/50027357-8af4-44bb-a920-55c7a04f5c43
- PhishDestroy: https://phishdestroy.io/domain/ledgar-connects.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgar-connects.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgar-connects.pages.dev/
Last updated: 2026-03-25