# community-alignedlayer.pages.dev — SUSPICIOUS > PhishDestroy warns that community-alignedlayer.pages.dev is a live crypto drainer impersonating AlignedLayer, with a 0/95 VirusTotal score. ## Summary PhishDestroy identifies community-alignedlayer.pages.dev as an active crypto drainer mimicking the legitimate AlignedLayer ecosystem. This domain leverages Cloudflare Pages hosting and Let’s Encrypt SSL to deceive users into connecting crypto wallets under the false pretense of staking or rewards. The infrastructure appears designed to siphon private keys or transaction approvals via injected drainer scripts—behavior consistent with the ongoing “AlignedLayer phishing campaign” observed in late 2024. Technical indicators reveal a concerning lack of detection: VirusTotal shows 0 out of 95 engines flagged the domain as malicious at time of analysis. It resolves to IP 188.114.96.3 via Cloudflare, Inc. registration. While the exact creation date remains unpublished, the domain’s use of Cloudflare Pages suggests deployment within the last 30–60 days. Google Safe Browsing (GSB) has not yet blacklisted it, and third-party threat intelligence platforms report zero inclusions in public blocklists. This near-zero detection profile highlights the sophistication of evasion tactics, including the abuse of reputable CDNs and TLS certificates to bypass traditional perimeter defenses. The domain remains active and unblocked as of this advisory. PhishDestroy has flagged it for immediate takedown escalation and added it to the active threat feed. Users are strongly advised to block 188.114.96.3 at the network level and avoid visiting community-alignedlayer.pages.dev entirely. Remaining risk is elevated due to the absence of GSB listings and the domain’s clean VT score, making it likely to evade basic URL filtering. Exercise caution with any AlignedLayer-related communications—verify all domains via official sources or PhishDestroy before wallet interaction. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7748f101-ef3f-439f-b23d-c7fe412671c8 - PhishDestroy: https://phishdestroy.io/domain/community-alignedlayer.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/community-alignedlayer.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/community-alignedlayer.pages.dev/ Last updated: 2026-04-01