# ledger-com-us.pages.dev — MALICIOUS

> Avoid ledger-com-us.pages.dev, a high-risk phishing domain impersonating Ledger. The site is offline but remain cautious of related scams.

## Summary
PhishDestroy identifies ledger-com-us.pages.dev as a brand impersonation threat targeting Ledger users. Classified as a phishing domain, it aims to deceive victims by mimicking Ledger’s branding to steal credentials.

The domain was created on February 21, 2026, and registered through Cloudflare, Inc. It resolved to IP 172.66.45.39 and was flagged by 14 out of 95 VirusTotal security scanners. It also appeared on one security blocklist, with a page title indicating suspicion of phishing activity hosted via Cloudflare.

Currently, ledger-com-us.pages.dev is offline following detection and takedown efforts. Users are advised to avoid interaction with this domain and remain vigilant against similar impersonation attempts.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Ledger
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.45.39
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["ophelia.ns.cloudflare.com", "harvey.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bd3c6-7bb3-77b1-80ba-96dc8e6f4877.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/08f69db6-8390-484e-8479-434809e04f9a
- PhishDestroy: https://phishdestroy.io/domain/ledger-com-us.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-com-us.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-com-us.pages.dev/
Last updated: 2026-03-19