# ldgr-walt.pages.dev — SUSPICIOUS

> ldgr-walt.pages.dev is a live Microsoft 365 credential phishing site hosted on Cloudflare, flagged by 0 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies ldgr-walt.pages.dev as an active Microsoft 365 credential phishing domain. This site is currently engaged in a phishing campaign designed to harvest corporate Microsoft 365 login credentials. The threat is classified as a high-risk brand impersonation attack targeting enterprise users.  

PhishDestroy’s analysis of ldgr-walt.pages.dev reveals critical technical indicators: the domain resolves to IP 188.114.97.3, is registered through Cloudflare, Inc., and holds an SSL certificate from Google Trust Services. As of the latest scan, this domain has been flagged by 0 of 95 VirusTotal vendors and remains unlisted on major threat intelligence blocklists. The domain appears to leverage Cloudflare Pages for rapid deployment and evasion of traditional takedown mechanisms. Due to the absence of detections, this campaign poses an elevated risk to organizations relying on Microsoft 365 ecosystems.  

The domain ldgr-walt.pages.dev is currently active and under active investigation. Given the lack of vendor detections and the use of trusted infrastructure (Cloudflare, Google Trust Services), this campaign demonstrates a sophisticated evasion strategy. Users and organizations are strongly advised to block this domain at the network perimeter and educate employees about the risks of unsolicited login prompts. Report any observed activity involving this domain to your security team immediately. Monitor for similar domains registered through Cloudflare Pages, particularly those impersonating Microsoft 365 login portals.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/2fd6e709-d581-4bb4-8161-cee5137ea0ee
- PhishDestroy: https://phishdestroy.io/domain/ldgr-walt.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ldgr-walt.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ldgr-walt.pages.dev/
Last updated: 2026-03-28