# guide-desktop-en-us-ledg.pages.dev — SUSPICIOUS > guide-desktop-en-us-ledg.pages.dev is a crypto drainer phishing site with 0/95 VirusTotal detections. Avoid entering wallet details. Report immediately. ## Summary PhishDestroy identifies guide-desktop-en-us-ledg.pages.dev as a potential crypto drainer domain currently under investigation for phishing activity. The domain employs Cloudflare infrastructure and leverages a Google Trust Services SSL certificate to appear legitimate, while hosting content designed to deceive users into connecting cryptocurrency wallets. Given the absence of VirusTotal detections (0/95 engines) and the use of a reputable CDN, this threat remains covert and requires heightened scrutiny from security researchers and end users. This domain resolves to IP address 172.66.44.241 via Cloudflare, Inc., a known proxy and CDN provider often abused in phishing campaigns. The SSL certificate issued by Google Trust Services (GTS) lends superficial credibility, masking malicious intent behind a veneer of trust. At the time of analysis, the domain shows 0 detections across 95 VirusTotal scanners, indicating it has not yet been widely flagged in automated threat intelligence feeds. While the creation date and blocklist status are not provided in current intelligence, the combination of unflagged status, proxy hosting, and SSL issuance suggests active evasion of detection mechanisms. Users are strongly advised to avoid interacting with this domain or any linked pages. If wallet connection was attempted, disconnect immediately and revoke any unauthorized permissions via wallet settings. Report the domain to PhishDestroy, your browser’s safe browsing service, and relevant blockchain security platforms like Etherscan or MetaMask’s phishing detection system. Organizations should monitor network traffic for outbound connections to 172.66.44.241 and blocklist this IP and domain at the firewall level. Exercise caution with any unsolicited links claiming to offer desktop guides or software updates, especially those hosted on pages.dev subdomains. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.241 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/4d4623db-64d0-4cc6-87d9-bb5b27e0f684 - PhishDestroy: https://phishdestroy.io/domain/guide-desktop-en-us-ledg.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/guide-desktop-en-us-ledg.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/guide-desktop-en-us-ledg.pages.dev/ Last updated: 2026-03-23