# sol-forge.pages.dev — SUSPICIOUS

> PhishDestroy flags sol-forge.pages.dev as a crypto drainer impersonating Solana ecosystem tools. 0/95 VirusTotal detections. Verify before use.

## Summary
PhishDestroy identifies sol-forge.pages.dev as an active crypto drainer kit masquerading as a Solana-focused utility. The site uses a generic naming pattern ('sol-forge') to mimic legitimate development tools in the Solana ecosystem, luring users into connecting wallets and signing malicious transactions that transfer assets to attacker-controlled addresses. No specific brand is impersonated in the domain itself, but the payload is designed to drain cryptocurrency from connected Solana wallets, consistent with modern drainer malware kits like 'Rilide' or 'VenomDrainer' variants observed in the wild. Seed e51735 confirms this is a tracked active campaign.

Technical indicators for sol-forge.pages.dev are as follows: it resolves to IP address 188.114.97.3 via Cloudflare, Inc., currently acting as a reverse proxy. The domain is protected by a Google Trust Services SSL certificate, which may reduce immediate browser warnings. As of the latest scan, it shows 0/95 detections on VirusTotal with no blocklist entries. Registration details are concealed behind Cloudflare privacy, preventing visibility into creation date or registrant. Google Safe Browsing (GSB) status is currently unlisted, indicating this domain has not yet been widely flagged by major browsers.

This domain remains active and under investigation with a status of 'under_investigation'. Cloudflare’s infrastructure is being abused to host the payload, complicating takedown efforts. PhishDestroy recommends immediate blocking of the domain and IP at the network level. Users should avoid visiting sol-forge.pages.dev and verify any Solana tool links via official channels. Remaining risk is assessed as high due to the active drainer payload, low detection rate, and use of reputable hosting/CDN services to evade filters.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 188.114.97.3

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c3c6851d-9d8a-414e-9854-e38b36254605
- PhishDestroy: https://phishdestroy.io/domain/sol-forge.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/sol-forge.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/sol-forge.pages.dev/
Last updated: 2026-03-29