# start-legrlive-cdn.pages.dev — SUSPICIOUS

> PhishDestroy detects start-legrlive-cdn.pages.dev as a crypto drainer impersonating a legitimate brand. VirusTotal shows 0/95 detections.

## Summary
PhishDestroy identifies the domain start-legrlive-cdn.pages.dev as an active crypto drainer phishing page designed to steal cryptocurrency wallet credentials and assets. This fraudulent site masquerades as a legitimate CDN endpoint, likely targeting users by mimicking a trusted service to inject malicious scripts or prompt wallet connections. Once accessed, the page may silently drain connected wallets or harvest private keys under the guise of a routine transaction verification or login process. Users interacting with this domain risk immediate financial loss and compromised digital assets, especially if wallet permissions were authorized.  This domain was flagged by PhishDestroy under seed 8547c4 and remains under active investigation for phishing infrastructure. Key technical indicators include a VirusTotal detection rate of 0 out of 95 scanners, indicating low signature-based detection despite malicious intent. The domain is registered through Cloudflare, Inc. and resolves to IP address 188.114.97.3 via Google Trust Services SSL certificate. Historical analysis suggests recent deployment, with no current presence on major blocklists as of the latest scan.  If you visited start-legrlive-cdn.pages.dev, disconnect your cryptocurrency wallet immediately and revoke any unauthorized permissions through your wallet interface or official platform tools. Do not interact with wallet prompts or transactions from untrusted domains. Report the domain to PhishDestroy for verification and consider running a malware scan on your device. Always verify URLs via official sources before entering sensitive information or connecting wallets to external sites.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/03015c87-317a-4c55-9b4c-18dc60727780
- PhishDestroy: https://phishdestroy.io/domain/start-legrlive-cdn.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/start-legrlive-cdn.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/start-legrlive-cdn.pages.dev/
Last updated: 2026-03-22