# cdn-desktop-en-us-ledgr-x.pages.dev — SUSPICIOUS

> Domain cdn-desktop-en-us-ledgr-x.pages.dev linked to active credential harvesting scam. 0/95 VirusTotal detections. Check the full report.

## Summary
PhishDestroy identifies cdn-desktop-en-us-ledgr-x.pages.dev as an active credential harvesting domain masquerading as a legitimate desktop application portal. The site is currently unflagged on VirusTotal with 0/95 security engines detecting malicious content, despite resolving to IP 188.114.97.3 and using Google Trust Services SSL certificates for added legitimacy.  This domain was flagged through Cloudflare Pages hosting, a common tactic for short-lived phishing operations. The infrastructure shows minimal detection resistance with zero VirusTotal flags and a clean registry record via Cloudflare, Inc. Registrar details remain obscured under standard privacy protections, preventing deeper WHOIS attribution. The page structure mimics enterprise software update interfaces, tricking users into downloading malicious payloads disguised as 'ledger' or 'ledger-x' desktop applications.  Users who visited this domain should immediately cease any interaction and check their system for unauthorized software installations. If credentials were entered, reset passwords on all related accounts and enable multi-factor authentication. Scan devices with updated antivirus tools and report the domain to security teams or browser blocklists. Cloudflare Pages hosting allows rapid takedowns, but identical domains may emerge with similar naming conventions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ce4d1f6a-cbe5-4f8c-af35-6832ccf4302a
- PhishDestroy: https://phishdestroy.io/domain/cdn-desktop-en-us-ledgr-x.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/cdn-desktop-en-us-ledgr-x.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/cdn-desktop-en-us-ledgr-x.pages.dev/
Last updated: 2026-03-24