# hom---wallltt---liivee--ledgrr.pages.dev — SUSPICIOUS > homwalllttliveeledgrr.pages.dev is a live credential-theft phishing page hosted on Cloudflare. 0/95 engines detected it at VirusTotal. Stop entering any details. ## Summary PhishDestroy identifies a live credential-theft phishing site hosted at homwalllttliveeledgrr.pages.dev that masquerades as a login portal to harvest usernames and passwords. Attackers register look-alike domains, add a free Cloudflare SSL certificate to appear legitimate, and then send links via email or social media in hopes that victims will submit their credentials. Once captured, stolen logins are either sold on underground forums or used in account-takeover attacks against other services where the same password has been reused. This domain is still active and remains undetected by all 95 VirusTotal engines as of the latest scan. This domain was flagged by PhishDestroy on seed c37670 after it registered 0 detections at VirusTotal on 172.66.44.119, a Cloudflare IP. The site uses Google Trust Services to serve an SSL certificate, which is common for both legitimate and malicious pages because it provides the familiar padlock icon without cost. Despite the SSL layer, the site’s structure—pages.dev subdomain, excessive repeated letters in the name, and lack of any corporate imprint—strongly indicates a phishing construct designed for quick deployment and takedown evasion. Registrant data is hidden behind Cloudflare’s privacy service, preventing direct owner identification at this time. If you visited homwalllttliveeledgrr.pages.dev, assume your credentials may have been captured. Immediately change the password on that account and any other site where you reused the same login. Enable multi-factor authentication wherever possible to block further unauthorized access. Report the domain to your email provider or browser so filters can be updated, and run a malware or password-reuse scan on your device to check for secondary infections. Do not reuse the exposed password on any other account, even if the service claims the breach is resolved. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.119 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/hom---wallltt---liivee--ledgrr.pages.dev - PhishDestroy: https://phishdestroy.io/domain/hom---wallltt---liivee--ledgrr.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/hom---wallltt---liivee--ledgrr.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/hom---wallltt---liivee--ledgrr.pages.dev/ Last updated: 2026-04-04