# ledgercom-en.pages.dev — MALICIOUS

> ledgercom-en.pages.dev was flagged as a high-risk phishing site mimicking Ledger. Learn about the threat, current offline status, and protection tips.

## Summary
PhishDestroy identifies ledgercom-en.pages.dev as a high-risk phishing domain impersonating the Ledger brand. The site was designed to deceive users into trusting a fake platform that mimics a legitimate cryptocurrency wallet service.

This phishing tactic tricks users by mimicking Ledger’s appearance and messaging to steal sensitive data like login credentials and private keys. The domain was created recently, flagged by multiple security systems, and hosted via Cloudflare before being taken offline.

If you visited this site, avoid entering any personal information and run a comprehensive security scan on your devices. Always access Ledger services from official channels to prevent future exposure to similar threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Ledger
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.46.249
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["kayleigh.ns.cloudflare.com", "terin.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["alphaMountain.ai", "ArcSight Threat Intelligence", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ba3a0-a383-755d-9392-a77da27d73e2.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/89bc7567-cb90-4930-9d74-a81e3b2f0c01
- PhishDestroy: https://phishdestroy.io/domain/ledgercom-en.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgercom-en.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgercom-en.pages.dev/
Last updated: 2026-03-19