# cloud-ledge-eng.pages.dev — SUSPICIOUS > Cloud-ledge-eng.pages.dev identified as a crypto drainer phishing domain. VirusTotal flags 0/95 detections. Verify safety on PhishDestroy before clicking. ## Summary PhishDestroy has flagged the domain cloud-ledge-eng.pages.dev as a live cryptocurrency drainer designed to siphon digital assets from unsuspecting users. The page impersonates legitimate cloud-hosted services, luring victims into connecting their wallets or entering credentials under the guise of authentication or service access. Upon interaction, the drainer operates in the background, authorizing unauthorized transactions that transfer funds to attacker-controlled addresses without explicit user confirmation. This domain exemplifies a growing trend targeting crypto investors who may drop their guard when engaging with what appears to be a familiar or trusted service endpoint. This domain was flagged following rigorous analysis that revealed multiple red flags. VirusTotal currently shows zero detections (0/95 engines), indicating the site remains undetected by most antivirus platforms, likely due to its recent deployment and dynamic infrastructure. The domain was registered through Cloudflare, Inc., which obscures ownership details using privacy protection services—common among threat actors seeking anonymity. The page is hosted on Cloudflare Pages, a legitimate service abused to host malicious content with minimal friction. The backend IP address, 188.114.96.3, is associated with other high-risk domains, further correlating this infrastructure with malicious activity. While the SSL certificate is issued by Google Trust Services—a seemingly reputable touch—it is weaponized here to lend false legitimacy to the phishing page. Users who have visited cloud-ledge-eng.pages.dev should immediately disconnect their wallets and revoke any connected permissions via their wallet interface or dedicated token approval tools. Do not re-enter credentials or approve transactions from this domain under any circumstances. Clear browser cache and cookies related to the site, and scan your system with updated anti-malware software. Report the domain to PhishDestroy and your organization’s security team using the unique seed identifier 982378 to aid in ongoing threat intelligence. If you interacted with the page, check your wallet transaction history for anomalies and monitor connected applications for unauthorized access. Time is critical: prompt action can prevent irreversible financial loss. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/b491d058-d1f4-492f-a91b-12003122734b - PhishDestroy: https://phishdestroy.io/domain/cloud-ledge-eng.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/cloud-ledge-eng.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/cloud-ledge-eng.pages.dev/ Last updated: 2026-03-24