# start-leedgr-en.pages.dev — SUSPICIOUS > start-leedgr-en.pages.dev is flagged as a fake 'Lead Gr' credential phishing page by 0/95 VirusTotal vendors. Check the full report. ## Summary PhishDestroy identifies start-leedgr-en.pages.dev as an active credential phishing domain impersonating 'Lead Gr', a known business automation platform. The domain is currently under investigation by security teams and remains operational despite zero VirusTotal detections. The threat involves deceptive login pages designed to harvest corporate credentials under the guise of a legitimate service. This domain was flagged by 0 of 95 VirusTotal security vendors as of the latest scan, indicating limited detection coverage at this time. It is registered through Cloudflare, Inc. and resolves to IP address 172.66.47.111. The SSL certificate is issued by Google Trust Services, which may lend unwarranted legitimacy to the phishing page. The domain is part of the Cloudflare Pages service, a legitimate platform often abused by threat actors to deploy quick phishing campaigns. The lack of current blocklist presence suggests this threat is newly emergent and not yet widely recognized. Users and organizations are advised to immediately block access to start-leedgr-en.pages.dev and similar Cloudflare Pages-hosted domains that request login credentials. Monitor for any corporate accounts linked to 'Lead Gr' authentication that may have been compromised. Report this domain to your email security provider and consider deploying real-time phishing URL inspection tools. Administrators should also verify that their security stack includes heuristic analysis capable of identifying zero-day phishing pages. The current threat level may escalate as more intelligence becomes available, making proactive blocking and user awareness critical. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.47.111 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/f9372efa-51d3-4be7-82b0-82236ba6218f - PhishDestroy: https://phishdestroy.io/domain/start-leedgr-en.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/start-leedgr-en.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/start-leedgr-en.pages.dev/ Last updated: 2026-03-30