# ledgeer-live-cloud.pages.dev — SUSPICIOUS

> ledgeer-live-cloud.pages.dev is a credential-harvesting page hosted on Cloudflare (172.66.44.136), flagged by 2/95 VirusTotal vendors.

## Summary
ledgeer-live-cloud.pages.dev has been identified by PhishDestroy as an active credential-harvesting domain posing an elevated risk to end users. This domain is specifically designed to mimic legitimate cloud services to deceive victims into surrendering sensitive login credentials, with no legitimate business purpose identified.  
PhishDestroy’s analysis confirms this domain resolves to IP address 172.66.44.136 and is registered through Cloudflare, Inc. The SSL certificate is issued by Google Trust Services, providing a false sense of legitimacy. VirusTotal analysis reveals that 2 out of 95 participating security vendors have flagged this domain as malicious, indicating limited but concerning detection. While the domain utilizes Cloudflare Pages for hosting, the combination of low detection rates and the absence of verifiable ownership raises significant concerns about its intent. The use of a Google-issued certificate further enhances the domain’s credibility, potentially luring users into a false sense of security.  
Given the confirmed credential-harvesting intent, users must exercise extreme caution when encountering this domain. Avoid entering any credentials or sensitive information. Organizations should block this domain at the network perimeter and update endpoint detection rules to flag access to ledgeer-live-cloud.pages.dev. End users should be notified via security awareness training to recognize this and similar cloud-themed phishing attempts. Immediate investigation of any potential exposure is recommended, including password resets for affected accounts and review of authentication logs for signs of compromise.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.136

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ca17acef-093f-461f-8900-7f9f4c7da27d
- PhishDestroy: https://phishdestroy.io/domain/ledgeer-live-cloud.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledgeer-live-cloud.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledgeer-live-cloud.pages.dev/
Last updated: 2026-03-22