# en-leedger-lives.pages.dev — SUSPICIOUS > Investigating en-leedger-lives.pages.dev for crypto drainer phishing; VirusTotal 0/95 detections. Do not interact with this domain. ## Summary PhishDestroy identifies en-leedger-lives.pages.dev as an active crypto drainer phishing domain under investigation. This domain employs brand impersonation tactics to deceive users into connecting crypto wallets or submitting seed phrases, enabling direct fund theft. The infrastructure leverages Cloudflare Pages to host malicious content while evading early detection, with no antivirus detections as of the latest VirusTotal scan (0/95). This domain was flagged with SSL certification by Google Trust Services, resolving to IP 172.66.47.146, a Cloudflare-operated address commonly abused in phishing campaigns. Registered through Cloudflare, Inc., the domain remains unlisted on major blocklists and maintains untarnished reputation metrics, allowing it to bypass automated security filters. The absence of detections, combined with its use of Google’s SSL certificate, suggests a recently deployed or highly evasive threat actor operation. Mitigation requires immediate user awareness and proactive blocking. Users should avoid accessing en-leedger-lives.pages.dev or any linked crypto-themed pages. Organizations must configure network-level blocks for the domain and associated IP (172.66.47.146). Security teams should monitor wallet connection attempts to this domain and scan for unauthorized crypto transactions. Consider reporting the domain to Cloudflare Abuse and Google Trust Services to expedite takedown. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.146 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/en-leedger-lives.pages.dev - PhishDestroy: https://phishdestroy.io/domain/en-leedger-lives.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/en-leedger-lives.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/en-leedger-lives.pages.dev/ Last updated: 2026-04-06