# bridge-i-guide.pages.dev — SUSPICIOUS

> bridge-i-guide.pages.dev (Cloudflare) is a credential theft site with 1/95 VirusTotal detections. SSL via Google Trust Services.

## Summary
PhishDestroy identifies the active credential theft site bridge-i-guide.pages.dev, a Pages.dev subdomain posing as a legitimate guide or portal to harvest user login details. This fraudulent domain is engineered to mimic a trusted page in order to trick visitors into entering credentials that are immediately exfiltrated to attacker-controlled infrastructure. Telemetry shows the site is currently resolving to 172.66.47.2, a Cloudflare-operated IP address commonly used to obscure malicious hosting origins and evade takedowns.  This domain was flagged by exactly 1 out of 95 VirusTotal security vendors at time of analysis, indicating low but present detection coverage. It originated recently and is registered through Cloudflare, Inc., leveraging the Pages.dev platform to host spoofed content under a superficially plausible name. The site also holds a valid SSL certificate issued by Google Trust Services, a tactic frequently used to appear legitimate and bypass browser warnings.  If you visited bridge-i-guide.pages.dev, assume your credentials may have been compromised. Disconnect from the internet, change passwords on all accounts using the same or similar credentials, enable multi-factor authentication where available, and run a full antivirus scan. Report the domain to your security team or platform provider and avoid re-entry under any circumstances. Monitor accounts closely for unauthorized access or transactions.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.2

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/e459b463-1415-41bc-9e42-eb47b361eb1f
- PhishDestroy: https://phishdestroy.io/domain/bridge-i-guide.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/bridge-i-guide.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bridge-i-guide.pages.dev/
Last updated: 2026-03-22