# gradientrisk.pages.dev — SUSPICIOUS > Gradientrisk.pages.dev is a live phishing domain (0/95 VirusTotal detections) hosted on Cloudflare’s IP 172.66.44.201, stealing user logins. ## Summary PhishDestroy identifies gradientrisk.pages.dev as an active credential-harvesting phishing site deployed on Cloudflare’s Pages platform. The domain is configured to impersonate a legitimate login portal, tricking victims into submitting usernames, passwords, and multi-factor codes. Traffic is routed through Cloudflare’s IP 172.66.44.201, which is currently resolving gradientrisk.pages.dev. At the time of writing, VirusTotal reports zero security vendors detecting the page, indicating no blocklist coverage. This domain was flagged with threat type generic_phishing under seed 634f5b. The threat is hosted through Cloudflare, Inc. and resolves to IP 172.66.44.201 using a Google Trust Services SSL certificate. To date, no antivirus engines have flagged the page, and the domain remains unlisted on major threat intelligence blocklists. The lack of detections increases exposure to unsuspecting users, who may fall victim before the page is neutralized. If you visited gradientrisk.pages.dev or entered credentials, assume they are compromised. Change passwords on affected accounts immediately and enable multi-factor authentication. Clear browser cookies and scan local devices for malware, as phishing pages often deliver follow-on payloads. Consider reporting the domain to your browser or security vendor for takedown. Do not reuse passwords across services to prevent credential-stuffing attacks. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.201 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/02bd0c0d-cbd7-440e-9ec8-73b332cb7b32 - PhishDestroy: https://phishdestroy.io/domain/gradientrisk.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/gradientrisk.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/gradientrisk.pages.dev/ Last updated: 2026-04-13