# leedger-us-com-start-dsh.pages.dev — SUSPICIOUS

> PhishDestroy identifies this site as a crypto wallet phishing scam impersonating Ledger. Check the full report for risk details and security steps.

## Summary
PhishDestroy identifies leedger-us-com-start-dsh.pages.dev as an active crypto wallet theft scam targeting victims with fraudulent Ledger hardware wallet login pages. The domain employs a high-risk strategy to harvest private keys or seed phrases by mimicking legitimate onboarding flows, specifically through a spoofed 'start dashboard' interface. This deception is designed to trick cryptocurrency users into surrendering access credentials to their digital assets. The elevated risk level reflects both the immediacy of financial loss and the domain’s observed activity in live phishing campaigns.


This domain was flagged with a 2/95 detection ratio on VirusTotal as of seed 7285b5, indicating limited but confirmed malicious intent across security vendor engines. It is registered through Cloudflare, Inc. and resolves to IP address 188.114.97.3 via Google Trust Services SSL certificates. While the hosting infrastructure leverages reputable services (Cloudflare, Google Trust), the deceptive naming convention—interleaving 'ledger', 'us', and 'start'—clearly aims to exploit brand recognition and user trust in legitimate crypto platforms.


Immediate mitigation steps include blocking access to leedger-us-com-start-dsh.pages.dev and reporting the domain to your DNS provider, browser, or security tools. Users who may have entered credentials should revoke any exposed seed phrases or private keys and transfer remaining assets to a new, verified wallet. Always verify URLs directly via official channels (e.g., ledger.com) and avoid clicking links in unsolicited emails or ads. Enable multi-factor authentication on crypto accounts and use hardware wallets for storage. Educate stakeholders to recognize social engineering tactics, especially those mimicking financial onboarding flows.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4cc4f809-6d2a-412c-a85c-55586a4e6ae5
- PhishDestroy: https://phishdestroy.io/domain/leedger-us-com-start-dsh.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leedger-us-com-start-dsh.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leedger-us-com-start-dsh.pages.dev/
Last updated: 2026-03-30