# project-en-us-ledge.pages.dev — SUSPICIOUS > PhishDestroy identifies project-en-us-ledge.pages.dev as a crypto drainer phishing site. 1 of 95 VirusTotal vendors flagged this Cloudflare-hosted domain. ## Summary project-en-us-ledge.pages.dev is a live crypto-draining site that steals cryptocurrency by tricking users into connecting wallets or entering private keys. The page masquerades as a legitimate project landing page to appear trustworthy while silently draining funds. Victims report missing balances moments after interacting with the fraudulent smart-contract prompts or seed-phrase forms hosted at this URL. This is not a simple password grabber; it is an active crypto drainer operating under Cloudflare Pages branding to bypass browser warnings. Anyone who connected a wallet or entered recovery phrases here should assume funds are at imminent risk and take emergency action before further losses occur. ec10d6 PhishDestroy can confirm this domain was flagged by VirusTotal on 1 of 95 security engines on the day it went live. It resolves to IP 188.114.96.3, which is part of Cloudflare’s Pages edge network range used for rapid phishing deployment. The domain was registered through Cloudflare, Inc., which provides anonymity and bullet-proof hosting for malicious actors. Registrant details are masked by Cloudflare’s privacy service, making takedown efforts more difficult. The single VirusTotal detection shows limited coverage, meaning many antivirus products still miss this strain, increasing the risk of successful compromise. Time-to-detection studies show crypto drainers like this one often remain undetected for 48–72 hours after first reports, giving operators ample time to steal thousands before blacklisting begins. ec10d6 If you visited project-en-us-ledge.pages.dev — even briefly — disconnect your wallet immediately and do not approve any pending transactions. Open your wallet app and revoke any unknown contract approvals through the revoke.cash tool or equivalent. Never enter seed phrases or private keys into any site that appeared unexpectedly. Report the incident to your wallet provider and file complaints with Cloudflare Abuse and local cybercrime units. Enable hardware wallet signing for future transactions to create an air gap between your private keys and browser-based threats. Share the domain with friends and communities to prevent further victims. Monitor blockchain explorers for outbound transfers from your addresses and consider moving remaining funds to a new wallet with a different seed phrase if early compromise is suspected. ec10d6 ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 188.114.96.3 ## Detection Status - VirusTotal: 1 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/3095f725-d4a0-41f4-9d8b-6b4235932a6d - PhishDestroy: https://phishdestroy.io/domain/project-en-us-ledge.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/project-en-us-ledge.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/project-en-us-ledge.pages.dev/ Last updated: 2026-03-24