# ledgerr-com-starte.pages.dev — SUSPICIOUS

> ledgerr-com-starte.pages.dev is a crypto drainer impersonating Ledger. VirusTotal flags 0/95. Verify safety on PhishDestroy before interacting.

## Summary
PhishDestroy identifies ledgerr-com-starte.pages.dev as an active crypto drainer impersonating the Ledger hardware wallet brand. This domain lures users into connecting cryptocurrency wallets under the false pretense of account verification or transaction signing, with the malicious intent of draining digital assets. Security researchers note that the page operates as a classic crypto drainer, executing unauthorized blockchain transactions once wallet permissions are granted.  This domain was flagged through PhishDestroy's seed-based analysis system, revealing a high-risk threat with zero detections on VirusTotal (0/95 scanners). Registered via Cloudflare, Inc., the domain resolves to IP address 172.66.47.203 and operates under a Google Trust Services SSL certificate, likely leveraging legitimate infrastructure to evade detection. As of this report, it remains active and unlisted on major blocklists, indicating a rapidly evolving threat vector.  Users who visited ledgerr-com-starte.pages.dev should immediately disconnect their wallet from the site, revoke any granted permissions using tools like Revoke.cash, and transfer remaining funds to a secure wallet not exposed to this domain. Scan devices for malware and monitor blockchain transactions for unauthorized activity. Report this domain to PhishDestroy for community protection and avoid future interactions with any Ledger-branded domains not originating from ledger.com.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.203

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/aae744a4-f1f8-42df-add5-c220ad75fcfc
- PhishDestroy: https://phishdestroy.io/domain/ledgerr-com-starte.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgerr-com-starte.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgerr-com-starte.pages.dev/
Last updated: 2026-03-22