# leve-leedger-co.pages.dev — SUSPICIOUS

> Leve-leedger-co.pages.dev operates a crypto drainer phishing site, flagged by 0 of 95 VirusTotal vendors. Avoid credential theft. Block now.

## Summary
PhishDestroy identifies leve-leedger-co.pages.dev as an active crypto drainer phishing domain currently under investigation.

This domain, registered via Cloudflare, Inc., resolves to IP 172.66.46.221 and holds a Google Trust Services SSL certificate. VirusTotal has yet to flag it, with 0 out of 95 vendors detecting the threat at this time. Further analysis is required to determine its full infrastructure and potential targets.

The domain remains active and poses an immediate risk due to its phishing-as-a-service structure. Security teams are advised to block the domain at the network perimeter and monitor for associated IOCs. Additionally, users should avoid interacting with this or similar pages.dev subdomains until additional threat intelligence is available.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.46.221

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c0a407fe-7f6b-42a5-980e-472b04fd21d0
- PhishDestroy: https://phishdestroy.io/domain/leve-leedger-co.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/leve-leedger-co.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/leve-leedger-co.pages.dev/
Last updated: 2026-03-26