# guide-trzr-x-bridge.pages.dev — SUSPICIOUS

> Beware: guide-trzr-x-bridge.pages.dev hosts a crypto drainer phishing page. Avoid entering wallet details—verify it on PhishDestroy immediately.

## Summary
PhishDestroy flags guide-trzr-x-bridge.pages.dev as an active crypto drainer phishing domain, operating with a high-risk profile under investigation. This domain serves malicious intent by tricking users into connecting crypto wallets, enabling unauthorized fund transfers. Technical indicators reveal no detections on VirusTotal (0/95), registered via Cloudflare, resolving to IP 172.66.44.251 and secured with a Google Trust Services SSL certificate. Current assessments show no blacklist presence, but the domain’s recent deployment and lack of detections warrant heightened scrutiny pending further analysis.


This domain was flagged due to its association with a crypto drainer scheme designed to harvest wallet credentials. Hosted on Cloudflare Pages, it leverages 172.66.44.251—a shared IP with numerous legitimate services—but its SSL certificate, issued by Google Trust Services, adds a misleading layer of trust. VirusTotal’s 0/95 detection rate suggests evasion of traditional antivirus engines, while the absence of blocklist entries may indicate its recent emergence (creation date not publicly visible). Despite the lack of immediate detections, the domain’s infrastructure and deployment pattern align with phishing campaigns targeting cryptocurrency users.


Mitigation requires immediate user vigilance and proactive blocking. Users should avoid interacting with this domain entirely, as crypto drainers often execute unauthorized transactions upon wallet connection. Organizations are advised to implement DNS-based blocking for 172.66.44.251 and monitor outbound connections to this IP. PhishDestroy recommends verifying suspicious domains via its platform before engaging, as cloud-hosted services like Cloudflare Pages can obscure malicious intent. For detection engineering teams, YARA rules should target HTML/JS payloads typical of drainers, while network defenses should flag traffic to this domain’s resolving IP as malicious. Continuous monitoring is critical given the domain’s low initial detection rate.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.44.251

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/guide-trzr-x-bridge.pages.dev
- PhishDestroy: https://phishdestroy.io/domain/guide-trzr-x-bridge.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/guide-trzr-x-bridge.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/guide-trzr-x-bridge.pages.dev/
Last updated: 2026-04-03