# leger-com-start-us-app.pages.dev — SUSPICIOUS

> PhishDestroy identifies leger-com-start-us-app.pages.dev as a Ledger phishing page hosted on Cloudflare Pages. 0 of 95 VirusTotal engines flagged it yet.

## Summary
PhishDestroy has flagged the domain leger-com-start-us-app.pages.dev as an active credential-phishing page impersonating the legitimate Ledger cryptocurrency wallet site. The page is designed to trick visitors into entering their 24-word recovery phrase or Ledger account password by presenting a convincing replica of the real Ledger login portal. When users submit their credentials, the information is immediately exfiltrated to attacker-controlled servers, putting their crypto assets at direct risk of theft.  This domain was flagged on 1989fb seed data that shows it was registered through Cloudflare, Inc. using Cloudflare Pages hosting, which provides free HTTPS certificates via Google Trust Services. At time of writing, VirusTotal scanning engines—0 out of 95—have not yet generated detections against the site’s URL or infrastructure IP 172.66.44.232. The domain resolves to that single Cloudflare edge IP and remains active as of today.  If you visited or entered any information on leger-com-start-us-app.pages.dev, immediately revoke the exposed credentials in your Ledger Live app or dashboard, enable two-factor authentication on all associated accounts, and move any stored cryptocurrency to a newly generated wallet address. Scan local devices with up-to-date antivirus and consider a full password reset across email, exchange, and wallet accounts that share any reused passwords. Report the incident to Ledger support and file a complaint with your national cyber-crime unit. Do not trust any future links claiming to be from Ledger until you have independently verified the domain through official communication channels.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.232

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/leger-com-start-us-app.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/leger-com-start-us-app.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leger-com-start-us-app.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leger-com-start-us-app.pages.dev/
Last updated: 2026-04-04