# ledjer-com-strts-eqg.pages.dev — SUSPICIOUS

> PhishDestroy identifies ledjer-com-strts-eqg.pages.dev as a fake Ledger wallet phishing site. VirusTotal flags 2/95 vendors. Full investigation report available.

## Summary
PhishDestroy identifies ledjer-com-strts-eqg.pages.dev as a sophisticated fake Ledger wallet phishing scam actively distributing fraudulent cryptocurrency wallet login pages. This domain impersonates the legitimate Ledger hardware wallet ecosystem to harvest seed phrases and private keys from unsuspecting cryptocurrency users. The attackers leverage Cloudflare's Pages.dev infrastructure to host dynamic phishing content that adapts to user input, increasing the likelihood of credential theft. Security researchers note that these fake Ledger pages often appear in phishing emails claiming unauthorized transactions or firmware updates, creating urgency to bypass user skepticism.  This domain was flagged by PhishDestroy with elevated risk status after VirusTotal analysis revealed 2 out of 95 security vendors detected malicious content, indicating partial but insufficient detection coverage. Registered through Cloudflare, Inc. on recently created infrastructure, the domain resolves to IP address 188.114.97.3 which hosts multiple known phishing campaigns. The combination of low detection rates, recent registration, and hosting on a reputable CDN service demonstrates the sophistication of this threat actor's evasion techniques. Blocklist aggregators currently show minimal coverage for this specific domain despite its active distribution.  Users who visited ledjer-com-strts-eqg.pages.dev should immediately revoke any credentials entered on the site and check their cryptocurrency wallets for unauthorized transactions. Ledger hardware wallet users should verify they're using genuine Ledger Live software directly from ledger.com. Cryptocurrency holders should enable multi-factor authentication on all exchanges and wallets, and consider transferring funds to cold storage if any interaction occurred. Monitor financial accounts closely for suspicious activity and report any unauthorized transactions immediately. Consider using hardware wallet verification tools to confirm legitimate Ledger domains before entering credentials.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4c0e4d6a-ef34-42b1-a979-1890f575087e
- PhishDestroy: https://phishdestroy.io/domain/ledjer-com-strts-eqg.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledjer-com-strts-eqg.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledjer-com-strts-eqg.pages.dev/
Last updated: 2026-03-22