login-ledgger-load-io-ios.vercel[.]app
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of login-ledgger-load-io-ios.vercel[.]app
This website appears to present itself as a Ledger-related page, using the title "Ledger Live" and showing Ledger-branded hardware wallet products such as Ledger Stax, Ledger Flex, Ledger Nano S & Plus, and Ledger Nano X. Based on the screenshot and page elements, it seems designed to imitate an official cryptocurrency wallet support or device-selection interface rather than functioning as a general informational website.
The domain is hosted on a Vercel subdomain rather than on Ledger's primary brand domain, and its hostname includes a misspelled brand-like string ("ledgger") along with additional login-related wording. That naming pattern, combined with the phishing-related categorizations in the scan data, suggests the page may be attempting to attract users looking for Ledger account access, wallet setup, or support assistance.
No clear evidence in the provided scan indicates that this page is operated by the legitimate Ledger organization. Based on the available data, it appears more likely to be a third-party page that imitates Ledger branding and cryptocurrency wallet workflows.
Safety Assessment for login-ledgger-load-io-ios.vercel[.]app
Multiple web-classification providers categorized this domain as phishing or fraud-related, and 14 out of 92 security engines flagged it at the time of this scan. The page content also closely resembles Ledger branding while using a Vercel subdomain with a misspelled brand reference, which may indicate a look-alike website intended to mimic a well-known cryptocurrency hardware wallet brand.
Although the malware scan did not report confirmed malicious files, it did assign a generic suspicious label to the domain and several internal resources. In addition, one blacklist source showed a listing while several others remained clean. This mixed pattern can occur with phishing pages, which may rely more on deceptive branding and credential harvesting than on traditional malware delivery.
The strongest concern here is not executable malware but the apparent impersonation of a recognized cryptocurrency brand in a login/support context. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site is hosted on Vercel infrastructure and resolves to IP address 64.29.17.131 in the United States. It uses a valid TLS certificate issued by a mainstream certificate authority, with expiry shown as 2026-07-27. A valid certificate indicates encrypted transport, but it does not verify that the site is legitimately affiliated with the brand it appears to reference.
DNSSEC is unsigned, which is common but provides no additional DNS integrity protection. The domain uses Vercel nameservers and loads common third-party assets such as Bootstrap, icon libraries, and a chat widget. From a technical standpoint, the main concern is the brand-like subdomain naming and hosted phishing-style presentation rather than any advanced server-side misconfiguration visible in this scan.
Share your experience with this website. Was it safe? Did you encounter any issues?