# usa-en-ledgr.pages.dev — SUSPICIOUS

> usa-en-ledgr.pages.dev poses as a fake Ledger cryptocurrency wallet login. Hosted on Cloudflare, it’s 0/95 on VirusTotal.

## Summary
PhishDestroy identifies usa-en-ledgr.pages.dev as an active credential-harvesting domain designed to mimic Ledger’s official login portal. The threat type is generic phishing, targeting users of the Ledger cryptocurrency wallet through a visually deceptive interface. Current assessments place the risk level as under_investigation, but active monitoring is strongly advised due to the high potential for financial loss if credentials are compromised.


PhishDestroy’s analysis reveals the following technical indicators: the domain carries a Google Trust Services SSL certificate, has no VirusTotal detections (0/95), resolves to IP 188.114.96.3, and is registered through Cloudflare, Inc. No blocklist entries or public takedown reports are currently associated with this domain, and the creation date remains unlisted in major WHOIS databases. The absence of detections suggests either a recently deployed campaign or an evasive infrastructure designed to bypass early-stage detection engines.


To mitigate exposure, users are advised to avoid accessing or interacting with usa-en-ledgr.pages.dev. If credentials were entered, immediately revoke access via the official Ledger account dashboard and enable two-factor authentication. Report the domain to PhishDestroy and local cybersecurity authorities to aid in rapid takedown. Additionally, verify all wallet-related URLs against Ledger’s official communications and use bookmarks or saved links instead of search engines or unsolicited links.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.96.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/4dc64368-1ba9-47ae-a350-d33039c4f5df
- PhishDestroy: https://phishdestroy.io/domain/usa-en-ledgr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/usa-en-ledgr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/usa-en-ledgr.pages.dev/
Last updated: 2026-03-22