# ledgr-en-ledjr.pages.dev — SUSPICIOUS

> PhishDestroy identifies ledgr-en-ledjr.pages.dev as a live crypto wallet phishing site. 0/95 VirusTotal detections. Review our full threat report now.

## Summary
PhishDestroy has flagged the domain ledgr-en-ledjr.pages.dev as an active cryptocurrency wallet phishing page designed to steal your seed phrase or private keys. The site presents a fake Ledger login or recovery interface, tricking visitors into entering sensitive wallet information that attackers then harvest to drain funds from real Ledger accounts. This is classic “fake-wallet” phishing, where the adversary impersonates a well-known brand to exploit user trust.


We established the threat level because the domain resolves to 172.66.47.105, was registered through Cloudflare, Inc., and currently shows zero detections out of 95 security engines on VirusTotal. Despite relying on Cloudflare Pages hosting and a Google Trust Services SSL certificate—both intended to appear legitimate—the page remains unflagged at the time of analysis, giving it a window of opportunity to ensnare victims. Cloudflare Pages makes it trivial to spin up new phishing subdomains under the pages.dev namespace, and the attackers are rotating domains quickly to evade takedowns.


If you visited ledgr-en-ledjr.pages.dev at any time, immediately disconnect from the internet, open your genuine wallet application or hardware device, and verify that no unauthorized transactions have occurred. Next, inspect any browser extensions for suspicious wallet-related permissions and revoke access to unknown sites. Change passwords only if you entered them on the page, and consider generating a new wallet seed outside of any browser session. Report the domain to PhishDestroy and forward any transaction IDs or wallet addresses you may have exposed so we can trace the attacker’s infrastructure. Stay vigilant: legitimate wallet vendors will never ask for your seed phrase or private key in a web form.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.105

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/a86c5ec4-998c-4aea-9e3a-7ad0c2ed5a2f
- PhishDestroy: https://phishdestroy.io/domain/ledgr-en-ledjr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgr-en-ledjr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgr-en-ledjr.pages.dev/
Last updated: 2026-04-13