# official-login-ledgor.pages.dev — MALICIOUS

> official-login-ledgor.pages.dev is a credential phishing site impersonating a login portal. 12/95 security vendors flag it.

## Summary
The domain official-login-ledgor.pages.dev is actively hosting a credential-phishing page designed to harvest user login credentials. No evidence suggests it is impersonating a specific brand; instead, it presents a generic login interface likely intended to trick visitors into surrendering usernames and passwords. The page may be part of a broader campaign using social engineering or malvertising to drive traffic, but no drainer kit artifacts or brand-specific spoofing elements have been confirmed in open-source reporting.

Technical indicators for this domain are consistent and concerning. VirusTotal reports detection by 12 out of 95 participating security vendors (12.6%), indicating limited but measurable recognition in the threat intelligence community. The domain is registered through Cloudflare, Inc., and resolves to IP 188.114.97.3, a Cloudflare IP range commonly used for dynamic and proxy-hosted services. The SSL certificate is issued by Google Trust Services, which does not inherently indicate legitimacy, as phishing operators frequently leverage trusted issuers to reduce browser warnings. No creation date is publicly disclosed via standard WHOIS or DNS history tools, but the domain is currently flagged in Google Safe Browsing (GSB) and appears on multiple threat intelligence blocklists.

This domain is currently marked as active and elevated risk within PhishDestroy’s database. While Cloudflare’s infrastructure complicates takedown, the combination of low VT coverage, trusted SSL, and active phishing content elevates the risk to users. Users are strongly advised to avoid entering credentials or personal data on this site. PhishDestroy recommends validating unknown domains using its real-time scanning tool and reporting suspicious domains for community-wide protection. Remaining risk is assessed as elevated due to persistent availability and lack of immediate takedown by the hosting provider.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/ba8ea407-e78f-4dc1-99c8-fdf5967b3279
- PhishDestroy: https://phishdestroy.io/domain/official-login-ledgor.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/official-login-ledgor.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/official-login-ledgor.pages.dev/
Last updated: 2026-03-22