# ledger-com-login.pages.dev — SUSPICIOUS

> PhishDestroy identifies ledger-com-login.pages.dev as a Ledger impersonation site. Google Safe Browsing flags it for social engineering.

## Summary
PhishDestroy identifies ledger-com-login.pages.dev as an active brand impersonation domain targeting Ledger users. This fraudulent site leverages the trusted Ledger brand to deceive visitors into disclosing sensitive credentials or financial information. The domain mimics Ledger’s official login interface, creating a credible but malicious replica designed to harvest user data under false pretenses.  This domain was flagged by multiple threat intelligence sources, including VirusTotal where only 1 out of 95 security vendors currently detect it, and Google Safe Browsing, which has classified it under SOCIAL_ENGINEERING. It is registered through Cloudflare, Inc., resolving to IP address 172.66.44.92, and operates under a Google Trust Services SSL certificate to enhance its appearance of legitimacy. These technical indicators underscore elevated risk, as the domain actively evades detection while impersonating a well-known cryptocurrency hardware wallet brand.  If you have visited ledger-com-login.pages.dev, immediately cease inputting any credentials or personal information. Disconnect from the site and clear your browser cache. Run a full antivirus scan and consider changing passwords for Ledger and related accounts from a separate, trusted device. Report the domain to Google Safe Browsing and your local cybersecurity authority. Always verify URLs via official channels before engaging with login pages.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.92

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: FLAGGED
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/b2f0eb35-a709-41e9-ac84-3d10fccc28a3
- PhishDestroy: https://phishdestroy.io/domain/ledger-com-login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-com-login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-com-login.pages.dev/
Last updated: 2026-03-22