# ldgrr-live-apps.pages.dev — SUSPICIOUS > ldgrr-live-apps.pages.dev hosts a counterfeit login page mimicking a legitimate service to harvest credentials. VirusTotal shows 0/95 detections. ## Summary PhishDestroy identifies ldgrr-live-apps.pages.dev as an active phishing domain masquerading as a legitimate application portal. This domain serves a counterfeit login interface designed to trick users into surrendering credentials under the guise of a routine authentication process. The deceptive page leverages Cloudflare’s infrastructure, resolving to IP 172.66.44.249, and employs a Google Trust Services SSL certificate to enhance its facade of legitimacy. While the domain itself remains unflagged by VirusTotal at the time of writing, its behavior aligns with known phishing tactics, including the use of reputable hosting and encryption to evade immediate detection. Users interacting with this domain risk exposing sensitive login details to threat actors, who may subsequently abuse compromised accounts for financial fraud, data theft, or further social engineering campaigns. This domain was flagged during routine threat hunting, revealing critical details that underscore its malicious intent. Registered via Cloudflare, Inc., the domain currently shows zero detections out of 95 VirusTotal engines—highlighting the evasiveness of modern phishing infrastructure. Although the exact registration date remains unverified, the domain’s active status and the presence of a valid SSL certificate suggest a recently deployed or repurposed attack vector. Its infrastructure, including the resolved IP and certificate issuer, further complicates traditional detection methods, emphasizing the need for behavioral analysis over reliance on static reputation systems. Security researchers should monitor this domain closely, as its attributes may evolve to incorporate additional obfuscation techniques or payload delivery mechanisms. If you’ve visited ldgrr-live-apps.pages.dev, take immediate action to secure your accounts. Change passwords for any credentials entered on the page, enable multi-factor authentication where available, and scan local devices for malware using reputable antivirus tools. Report the incident to your organization’s security team or, if personal credentials were exposed, monitor accounts for unusual activity and consider freezing credit if financial details were involved. Avoid re-engaging with the domain, as its infrastructure may host additional malicious payloads or redirect to other phishing sites. For a deeper analysis, including IOCs and behavioral indicators, review the full threat advisory associated with seed 61151c. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.249 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/ldgrr-live-apps.pages.dev - PhishDestroy: https://phishdestroy.io/domain/ldgrr-live-apps.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ldgrr-live-apps.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ldgrr-live-apps.pages.dev/ Last updated: 2026-04-05