# ledgercomstart.dream.space — SUSPICIOUS

> PhishDestroy identifies ledgercomstart.dream.space as a Ledger brand impersonation site. Detected as brand impersonation, check the full report.

## Summary
PhishDestroy identifies ledgercomstart.dream.space as an active brand impersonation domain targeting Ledger. The domain was registered on November 08, 2024, through GoDaddy.com, LLC, and is hosted on IP 104.18.21.20. While VirusTotal currently shows 0/95 detections, this domain remains under investigation for its deceptive resemblance to Ledger's official channels. The domain leverages a Google Trust Services SSL certificate to appear legitimate, increasing the risk of user deception in phishing schemes.  This domain exhibits multiple red flags: it was created on 2024-11-08, has an SSL certificate issued by Google Trust Services, and remains unresolved by major blocklists despite its suspicious nature. The exact phishing vector remains under analysis, but the mimicry of Ledger’s branding suggests an attempt to harvest credentials or cryptocurrency wallet details. The domain resolves to IP 104.18.21.20, a shared hosting environment frequently exploited for malicious activity. There are no confirmed associations with known drainer kits at this time, but the setup aligns with typical phishing infrastructure.  Current status: Active and under investigation as a Ledger impersonation. No takedown has been executed yet, and VirusTotal continues to miss this domain despite its high-risk characteristics. Users should avoid interacting with ledgercomstart.dream.space and report it to Ledger’s official fraud channels. The remaining risk is classified as high due to the domain’s active status, SSL certificate, and minimal detection coverage. PhishDestroy recommends blocking the IP 104.18.21.20 and monitoring for further impersonation campaigns.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Ledger

## Domain Intelligence
- Registered: 2024-11-08 11:42:24
- Registrar: GoDaddy.com, LLC
- IP: 104.18.21.20

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4c790a9a-d8a2-4b07-baae-6cdf4f234253
- PhishDestroy: https://phishdestroy.io/domain/ledgercomstart.dream.space/
- LLM endpoint: https://phishdestroy.io/domain/ledgercomstart.dream.space/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgercomstart.dream.space/
Last updated: 2026-03-29