# public-desktop-ledgr.pages.dev — SUSPICIOUS > A malicious public-desktop-ledgr.pages.dev site is stealing login credentials. VirusTotal flags 1/95 vendors. Check the full report. ## Summary PhishDestroy identifies public-desktop-ledgr.pages.dev as an active credential-stealing domain designed to mimic legitimate login portals and harvest user credentials. This domain employs a deceptive naming convention to impersonate a public desktop ledger service, likely targeting users under the false pretense of financial or administrative access. The site’s structure suggests a prompt-driven phishing flow, redirecting victims through fake authentication prompts to capture sensitive data such as usernames and passwords. Given the low detection rate and rapid deployment via Cloudflare Pages, this domain represents a high-evasion threat vector aimed at unsuspecting professionals or public sector users. This domain was flagged by PhishDestroy’s threat intelligence system with confirmed malicious activity. VirusTotal analysis reveals only 1 out of 95 participating security vendors currently detect public-desktop-ledgr.pages.dev as malicious, indicating significant evasion against automated defenses. The domain is registered through Cloudflare, Inc. and resolves to IP 172.66.47.191. It operates under a Google Trust Services SSL certificate, leveraging legitimate certificate authorities to build false trust. Based on infrastructure patterns and domain age, this domain likely emerged recently, maximizing its window of opportunity before widespread blacklisting. If you have visited public-desktop-ledgr.pages.dev, assume your credentials may have been compromised. Immediately change any passwords entered on the site and enable multi-factor authentication on all related accounts. Scan your device for malware using reputable antivirus software, especially if you entered sensitive information. Report the domain to your IT team or security provider and avoid further interaction with the site. PhishDestroy recommends blocking public-desktop-ledgr.pages.dev at the network level and sharing this intelligence with peers to prevent further victimization. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.191 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b0fb3a47-ec3d-49c4-ad6c-608ebf7c2673 - PhishDestroy: https://phishdestroy.io/domain/public-desktop-ledgr.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/public-desktop-ledgr.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/public-desktop-ledgr.pages.dev/ Last updated: 2026-03-23