# ledjre-live.pages.dev — SUSPICIOUS > PhishDestroy identifies ledjre-live.pages.dev as a live crypto drainer scam hosted on Cloudflare Pages. Resolving to IP 172.66.47. ## Summary PhishDestroy has flagged the domain ledjre-live.pages.dev as an active cryptocurrency drainer phishing site under live operation. The threat type is classified as generic_phishing with risk level under_investigation, indicating that the campaign is currently active and under active monitoring by threat intelligence teams. No specific brand impersonation or drainer kit signature has been confirmed at this stage, but the domain is configured to harvest wallet credentials or initiate unauthorized cryptocurrency transfers, consistent with modern crypto drainer behavior observed in similar campaigns. This domain resolves to the IP address 172.66.47.90 and is registered through Cloudflare, Inc., utilizing their Pages hosting platform—a common tactic to evade traditional detection while leveraging Google Trust Services for SSL certificates. As of the latest intelligence, VirusTotal reports 0 detections out of 95 scanners, indicating that signature-based defenses have not yet flagged this domain. The domain has not yet been categorized by Google Safe Browsing (GSB), and no confirmed presence on public blocklists has been recorded as of this report. Technical indicators remain limited due to the domain’s recent deployment and low detection footprint, but the use of Cloudflare Pages and Google SSL suggests a deliberate attempt to appear legitimate. As of this report, the domain ledjre-live.pages.dev remains active with status under_investigation. Immediate actions include adding the domain and associated IP to network and browser blocklists, and users are strongly advised to avoid interacting with any links or content hosted on this domain. The current risk assessment remains under evaluation pending further behavioral analysis and sandbox detonation. While no detections exist, the absence of detection does not imply safety; users should treat this domain as hostile and report it through official cybersecurity channels. Remaining risk is considered elevated due to active hosting and lack of detection coverage. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.90 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/583942af-01c2-421c-8ae3-eba8cede9d02 - PhishDestroy: https://phishdestroy.io/domain/ledjre-live.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/ledjre-live.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/ledjre-live.pages.dev/ Last updated: 2026-03-24