# brdg-oss-trzr.pages.dev — SUSPICIOUS > PhishDestroy identifies brdg-oss-trzr.pages.dev as an active crypto drainer impersonating Bridge Oracle. ## Summary PhishDestroy identifies brdg-oss-trzr.pages.dev as an active crypto drainer impersonating Bridge Oracle, a decentralized oracle network for blockchain applications. This domain leverages a Pages.dev subdomain to host malicious scripts designed to drain cryptocurrency wallets upon user interaction, specifically targeting users seeking bridge services. The threat actor exploits the trust associated with legitimate oracle projects to deceive victims into connecting their wallets or signing malicious transactions. Initial analysis indicates the domain is part of a broader campaign aimed at users interacting with cross-chain protocols, where trust in oracle services is critical. The inclusion of 'brdg' in the subdomain further reinforces the impersonation of Bridge Oracle, a known project in the space. This domain was flagged by PhishDestroy with the following technical indicators: VirusTotal shows 0 detections out of 95 scanners, indicating low detection rates despite active malicious activity. The domain resolves to IP 172.66.45.10, registered through Cloudflare, Inc., a common tactic to obscure hosting infrastructure. Google Safe Browsing has classified the domain under SOCIAL_ENGINEERING, with additional flags suggesting phishing or fraudulent activity. The SSL certificate is issued by Google Trust Services, which may lend false legitimacy to the domain. Cloudflare's infrastructure is often abused by threat actors to host malicious content due to its free tier and widespread use, making it a preferred choice for phishing and crypto-draining operations. Users who visited brdg-oss-trzr.pages.dev should immediately disconnect their wallets from any connected websites and revoke permissions for any suspicious smart contracts. Scan your device for malware or unauthorized browser extensions, as these could be used to harvest private keys or transaction data. If you interacted with this domain, especially by connecting a wallet or signing transactions, assume your funds are at risk and monitor your wallet for unauthorized transfers. Report the domain to PhishDestroy and your wallet provider for further investigation. Avoid using bridge services or oracle-related websites linked from untrusted sources, and always verify URLs through official channels before engaging in transactions. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.45.10 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/7a2a451e-2b4d-4c1d-b7ff-c341ad2fa545 - PhishDestroy: https://phishdestroy.io/domain/brdg-oss-trzr.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/brdg-oss-trzr.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/brdg-oss-trzr.pages.dev/ Last updated: 2026-04-13