# ask-live-ledgor.pages.dev — SUSPICIOUS

> ask-live-ledgor.pages.dev is a phishing site hosted on Cloudflare's Pages platform. One vendor flagged this domain, which spoofs legitimate services to steal.

## Summary
PhishDestroy identifies ask-live-ledgor.pages.dev as an active phishing landing page delivering elevated risk to potential victims. This domain leverages Cloudflare Pages hosting to impersonate legitimate web services, tricking users into disclosing sensitive information such as login credentials or financial data.


This domain was flagged by 1 out of 95 VirusTotal security vendors during analysis. It resolves to IP 172.66.47.21 and is registered through Cloudflare, Inc. The SSL certificate is issued by Google Trust Services, indicating an attempt to appear legitimate through trusted infrastructure. While the domain is relatively new and not broadly blacklisted, the low detection rate (1/95) and active hosting on a reputable CDN suggest a targeted or recently deployed campaign. The combination of low detection and trusted SSL issuance increases the risk of successful deception.


Users must avoid interacting with this domain to prevent credential theft or malware exposure. Organizations should block ask-live-ledgor.pages.dev at DNS and network levels using firewall rules or endpoint protection platforms. Security teams should also inspect outbound traffic from endpoints for connections to IP 172.66.47.21. Users who suspect exposure should immediately rotate passwords, enable MFA on all accounts, and monitor for signs of compromise such as unexpected login attempts or data exfiltration. Given the use of Cloudflare Pages, future variants may emerge rapidly—continuous monitoring and proactive threat hunting are recommended to mitigate this evolving threat.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.21

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/7862ad92-31ed-46c7-80f1-4e6b2fb6e425
- PhishDestroy: https://phishdestroy.io/domain/ask-live-ledgor.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ask-live-ledgor.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ask-live-ledgor.pages.dev/
Last updated: 2026-04-01