# ledgerr-login.pages.dev — MALICIOUS

> ledgerr-login.pages.dev is a high-risk phishing site impersonating Ledger. Avoid this domain and protect your crypto assets. Learn more now.

## Summary
PhishDestroy identifies ledgerr-login.pages.dev as a high-risk phishing domain impersonating the well-known Ledger brand. Such sites pose serious dangers by attempting to steal sensitive information, including login credentials and wallet access details, putting users' cryptocurrency holdings at risk.

This phishing scheme tricks users by mimicking Ledger's official login page, creating a convincing but fake interface designed to capture private data. Visitors who enter their information on this site unknowingly hand it over to cybercriminals, who can then use it to compromise accounts and steal funds.

If you have visited ledgerr-login.pages.dev, it is crucial to immediately change your Ledger account passwords and enable two-factor authentication. Monitor your accounts for suspicious activity and avoid interacting with any unsolicited communications referencing this domain. Staying vigilant and using official channels is the best defense against such threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Ledger
- Page title: Suspected phishing site | Cloudflare

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 172.66.47.2
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: ["rose.ns.cloudflare.com", "yoxall.ns.cloudflare.com"]
- SSL Issuer: Google Trust Services / WE1

## Detection Status
- VirusTotal: 14 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019baec1-5008-767c-b3e2-96d2fb386fef.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/7c17ea0d-533b-4c1a-8b28-20096246fe72
- PhishDestroy: https://phishdestroy.io/domain/ledgerr-login.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgerr-login.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgerr-login.pages.dev/
Last updated: 2026-03-19