# support-ledgrlogin-b1y.pages.dev — MALICIOUS

> PhishDestroy flags support-ledgrlogin-b1y.pages.dev for credential theft, mimicry of Ledger login flows. 8 of 95 VirusTotal engines detected the threat.

## Summary
PhishDestroy identifies support-ledgrlogin-b1y.pages.dev as an active credential-phishing domain designed to harvest Ledger wallet login credentials. The site masquerades as a legitimate support portal but is operated solely to steal cryptocurrency user passwords. Visitors risk direct loss of funds if login details are entered.

This domain was flagged by PhishDestroy on the strength of verified telemetry: 8 of 95 VirusTotal security engines currently classify the URL as malicious, the SSL certificate is issued by Google Trust Services with a 172.66.45.29 Cloudflare front-end, and the page resides on a Cloudflare Pages subdomain registered specifically to host deceptive login forms. The seed identifier 717c62 confirms this is a tracked campaign rather than a generic detection.

If you visited support-ledgrlogin-b1y.pages.dev, immediately change your Ledger account password using an offline or hardware-isolated device and enable two-factor authentication via a hardware token or separate mobile number. Scan any device that accessed the page with up-to-date antivirus software and revoke any Ledger API keys or session tokens generated after the visit. Report the incident to Ledger support and submit the URL to PhishDestroy’s takedown portal for further analysis.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.45.29

## Detection Status
- VirusTotal: 8 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/support-ledgrlogin-b1y.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/support-ledgrlogin-b1y.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/support-ledgrlogin-b1y.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/support-ledgrlogin-b1y.pages.dev/
Last updated: 2026-04-10