# liveledgar-desktop.pages.dev — SUSPICIOUS > Check if liveledgar-desktop.pages.dev poses a threat with 0/95 VirusTotal flags. This phishing site mimics official Edgar filings. Check the full report. ## Summary PhishDestroy identifies liveledgar-desktop.pages.dev as an active phishing domain designed to deceive users into submitting sensitive information under the guise of a fake Edgar filing portal. This threat actor leverages Cloudflare’s pages.dev subdomain and Google Trust Services SSL certificates to enhance credibility, tricking users into believing the fraudulent page is legitimate. The domain resolves to IP 172.66.47.74, which is currently not blocked by any known blocklist services, as evidenced by the 0/95 VirusTotal detection rate. This low detection score indicates the domain is either newly deployed or adeptly evading signature-based detection mechanisms, increasing its potential to remain operational for longer periods. This domain was flagged for its targeted phishing campaign aimed at financial professionals and investors expecting to access official Edgar filings, a critical resource for corporate disclosures and financial data. The use of Cloudflare’s infrastructure and legitimate SSL certificates suggests a sophisticated approach to social engineering, exploiting the trust users place in secure connections and reputable hosting providers. The domain’s registration and hosting details—registered through Cloudflare, Inc. and served via IP 172.66.47.74—provide minimal investigative leads due to Cloudflare’s anonymizing services, further complicating mitigation efforts by security teams. The absence of any blocklist entries (0 detections on VirusTotal) underscores the urgency for real-time monitoring and proactive threat intelligence to preempt potential compromises. If you or your organization has interacted with liveledgar-desktop.pages.dev, whether through accessing files, submitting credentials, or downloading documents, immediate action is required to mitigate potential data exposure. Begin by disconnecting from the network to prevent lateral movement in case of latent infections, then audit financial accounts, corporate communications, and internal systems for signs of unauthorized access or data exfiltration. Report the incident to your incident response team and file a complaint with the Federal Trade Commission (FTC) or relevant financial regulatory bodies, such as the SEC for Edgar-related phishing. Additionally, block the domain and IP (172.66.47.74) at the network perimeter using your firewall or proxy solution, and update endpoint detection rules to flag future attempts to access this domain. Users should also verify all Edgar filing links by cross-referencing the official SEC website (sec.gov) or designated filing agents to avoid similar pitfalls in the future. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.74 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/liveledgar-desktop.pages.dev - PhishDestroy: https://phishdestroy.io/domain/liveledgar-desktop.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/liveledgar-desktop.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/liveledgar-desktop.pages.dev/ Last updated: 2026-04-03