# netadata.pages.dev — SUSPICIOUS

> PhishDestroy flags netadata.pages.dev as a crypto drainer phishing site active since seed 77ed10. Only 0/95 VirusTotal detections despite 172.66.47.107 hosting.

## Summary
PhishDestroy identifies netadata.pages.dev as an active crypto-draining phishing page that silently siphons wallet assets after a fake login. The site mimics legitimate crypto dashboards to trick users into connecting wallets and authorizing malicious token transfers. Once connected, the drainer approves unlimited token spending and drains balances to attacker-controlled addresses without additional prompts, leaving victims with empty wallets within minutes. Seed 77ed10 confirms this is part of a broader campaign targeting crypto users who click unverified links.

This domain was flagged based on clear threat indicators: VirusTotal currently shows 0/95 security engines detecting the site, despite its active status. The page was registered through Cloudflare, Inc. on an unknown date and resolves to IP 172.66.47.107, which hosts multiple active phishing pages. The SSL certificate issued by Google Trust Services adds a false veneer of legitimacy, tricking cautious users into believing the site is safe. The seed 77ed10 identifier links this domain to a broader infrastructure used to distribute crypto-draining scripts loaded via deceptive pages.

If you visited netadata.pages.dev, immediately disconnect your wallet from the site and revoke any unauthorized token approvals through your wallet’s interface or a reputable revoke site like revoke.cash. Do not interact further with the page or any links from it. Scan your device with updated antivirus software and consider rotating wallet addresses and private keys if you entered credentials or connected your wallet. Report the domain to PhishDestroy with the seed 77ed10 to help block future attacks. Always verify crypto sites via official channels and never trust links from unsolicited messages.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.107

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/968fe27f-4365-44b2-a21e-13fea2cf29bd
- PhishDestroy: https://phishdestroy.io/domain/netadata.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/netadata.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/netadata.pages.dev/
Last updated: 2026-03-22