# ledger-comstart-en.pages.dev — MALICIOUS

> High-risk phishing domain ledger-comstart-en.pages.dev impersonates Ledger. Avoid interaction; site now offline for your protection.

## Summary
PhishDestroy identifies ledger-comstart-en.pages.dev as a high-risk brand impersonation threat targeting Ledger users. This domain was flagged to deceive victims into revealing sensitive information.

Evidence includes its recent creation date on February 21, 2026, registration via Cloudflare, and resolutions to IP 172.66.44.195. It appeared on one security blocklist, and 14 of 95 VirusTotal vendors flagged it as suspicious. The page title itself indicated phishing activity.

The domain is currently offline, reducing immediate risk. Users should avoid this domain entirely. PhishDestroy recommends vigilance against similar impersonation attempts and verifying official Ledger communication channels.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Ledger
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.44.195
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["holly.ns.cloudflare.com", "yoxall.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ab518-13dc-735a-a8a8-c630448e7590.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/70036ee7-2ad9-4119-be3b-571410ceac17
- PhishDestroy: https://phishdestroy.io/domain/ledger-comstart-en.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledger-comstart-en.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger-comstart-en.pages.dev/
Last updated: 2026-03-19