# pro-ledegr.pages.dev — SUSPICIOUS

> pro-ledegr.pages.dev hosts a crypto drainer mimicking a login portal. This domain, unresolved by 95 engines on VirusTotal, demands urgent verification on.

## Summary
PhishDestroy identifies pro-ledegr.pages.dev—a Cloudflare Pages domain currently active and under investigation—as a crypto drainer impersonating a login interface likely targeting cryptocurrency users. This deceptive page, resolving to ASN 13335 at 188.114.97.3, has yet to be flagged by VirusTotal engines (0/95 detections), raising concern about delayed detection times on traditional scanners. The domain’s SSL certificate, issued by Google Trust Services, gives it an air of legitimacy, while its use of Cloudflare’s infrastructure complicates rapid takedown efforts.  Domain specifics align with reconnaissance-heavy threat operations. Registered through Cloudflare, Inc., the domain leverages Pages—a platform often exploited to host spoofed login portals with minimal friction. With no blocklist detections yet recorded, the window of exposure remains open, emphasizing the need for proactive analysis. The infrastructure (188.114.97.3) resides within Cloudflare’s global network, a common refuge for malicious actors seeking evasion from IP-based blocking.  Users who visited pro-ledegr.pages.dev should immediately cease any interaction and assume potential credential exposure or crypto wallet compromise. Activate account recovery procedures on all associated platforms, enable two-factor authentication, and revoke any recently authorized permissions—especially those linked to cryptocurrency platforms. Submit this domain and any entered credentials to PhishDestroy for verification and remediation guidance to prevent further exploitation.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/96afaa15-3853-4cd9-9df4-5826a49da454
- PhishDestroy: https://phishdestroy.io/domain/pro-ledegr.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/pro-ledegr.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/pro-ledegr.pages.dev/
Last updated: 2026-03-30