# leadgr-live.pages.dev — MALICIOUS

> Is leadgr-live.pages.dev safe? This Cloudflare-hosted domain is a confirmed crypto drainer phishing site flagged by 17 of 95 VirusTotal vendors.

## Summary
PhishDestroy identifies leadgr-live.pages.dev as an active crypto drainer phishing domain currently engaged in fraudulent operations. This domain is classified under the generic phishing threat type with a status marked as active. The page is designed to deceive users into connecting crypto wallets and authorizing unauthorized transactions under false pretenses.


This domain was flagged by 17 of 95 VirusTotal security vendors, indicating significant malicious intent. It is registered through Cloudflare, Inc., resolves to IP address 172.66.47.157, and operates under a Google Trust Services SSL certificate. The domain is part of Cloudflare Pages, enabling rapid deployment and evasion of takedown efforts. While the exact creation date is not provided, the combination of low VirusTotal detections, Cloudflare hosting, and crypto drainer functionality elevates the risk profile to 'elevated' status.


Given the confirmed presence of crypto drainer malware on this domain, users are strongly advised to avoid any interaction, including visiting the site or entering wallet credentials. Security teams should block the domain at the network level and update threat intelligence feeds with the IP address 172.66.47.157 and domain leadgr-live.pages.dev. If accidental exposure has occurred, disconnect wallets immediately, revoke unauthorized permissions, and scan systems for malware using reputable antivirus tools.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.157

## Detection Status
- VirusTotal: 17 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/8e373f01-f63a-4d6f-86d4-366771ee9b1c
- PhishDestroy: https://phishdestroy.io/domain/leadgr-live.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leadgr-live.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leadgr-live.pages.dev/
Last updated: 2026-03-22