# ledger.epifyfr.com — SUSPICIOUS

> ledger.epifyfr.com is a suspected phishing site. Avoid entering personal info and verify before interacting with this domain to stay safe online.

## Summary
PhishDestroy identifies ledger.epifyfr.com as a low-risk generic phishing domain that was registered recently, on May 11, 2025. Although VirusTotal flags only 1 out of 95 security vendors for this domain, its creation date and registration details suggest caution. Phishing sites like this often attempt to trick users into revealing sensitive information by mimicking trusted brands or services.

This domain likely operates by impersonating legitimate platforms, potentially related to cryptocurrency or financial services, given the use of "ledger" in its name. Users may be lured through deceptive links or emails to enter confidential data such as passwords, private keys, or personal identification. The registration through a popular registrar like NAMECHEAP INC combined with low detection rates often indicates a newly created phishing page still under evaluation by security systems.

If you have visited ledger.epifyfr.com, avoid submitting any personal or financial details. Immediately clear your browser cache and run a thorough malware scan on your device. Monitor your accounts for any suspicious activity and consider changing passwords on sensitive services. Reporting the site to relevant authorities or your organization's IT security team can help protect others from falling victim to similar scams.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Target brand: Ledger
- Page title: Ledger Suite Diagnostics - Hardware Wallet Testing

## Domain Intelligence
- Registered: 2026-03-06 23:07:01
- Registrar: NameCheap, Inc.
- Country: US
- IP: 68.65.123.96
- IP Country: US
- IP City: Los Angeles
- IP Org: AS22612 Namecheap, Inc.
- Nameservers: ["dns1.namecheaphosting.com", "dns2.namecheaphosting.com"]
- SSL Issuer: Sectigo Limited / Sectigo Public Server Authentication CA DV R36

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: ["Ermes"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://i.ibb.co/8nv30sGk/f07dc058ae04.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/272b187e-f9fe-4971-a91d-c253e38d674f
- Wayback Machine: https://web.archive.org/web/https://ledger.epifyfr.com
- PhishDestroy: https://phishdestroy.io/domain/ledger.epifyfr.com/
- LLM endpoint: https://phishdestroy.io/domain/ledger.epifyfr.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledger.epifyfr.com/
Last updated: 2026-03-19