# overview-bridgedocs-trz.pages.dev — SUSPICIOUS > PhishDestroy flags overview-bridgedocs-trz.pages.dev as a crypto drainer phishing domain; VirusTotal shows 0/95 detections. ## Summary PhishDestroy identifies the domain overview-bridgedocs-trz.pages.dev as an active crypto drainer phishing campaign under investigation. This malicious domain delivers a web3 wallet drainer designed to siphon cryptocurrency assets from unsuspecting users under the guise of legitimate documentation or transaction services. The threat actor leverages the Pages.dev subdomain of Cloudflare to host a deceptive interface that mimics official bridge protocols or document verification tools, exploiting trust in recognizable domain structures to bypass user scrutiny. This domain resolves to IP 172.66.44.99 and currently shows zero detections out of 95 engines on VirusTotal, indicating it has not yet been widely flagged by automated security tools. Registered through Cloudflare, Inc., the domain benefits from Google Trust Services-issued SSL certificates, which may further enhance its credibility to non-technical users. Despite these superficial trust signals, the absence of detection does not equate to safety—phishing infrastructure often remains dormant or lightly monitored until actively deployed. The operational nature of this campaign is confirmed through seed 41dcbf, which correlates this domain to a broader pattern of fraudulent activity targeting crypto users via fake document processing platforms. Users who have visited overview-bridgedocs-trz.pages.dev should immediately disconnect from the site and inspect their browser sessions for unauthorized wallet connections. Disconnecting from the domain is not sufficient; all active wallet sessions, browser extensions, and device settings must be reviewed. This domain is not associated with any legitimate entity and should be treated with extreme caution. If funds were lost or suspicious transactions detected, report the incident to the relevant blockchain explorer and file a complaint with local cybercrime units. Always verify URLs and domain legitimacy through PhishDestroy or trusted threat intelligence platforms before engaging with web3 interfaces. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Cloudflare, Inc. - IP: 172.66.44.99 ## Detection Status - VirusTotal: 0 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/8c5fb809-ea89-4036-b155-5f3c94d337ba - PhishDestroy: https://phishdestroy.io/domain/overview-bridgedocs-trz.pages.dev/ - LLM endpoint: https://phishdestroy.io/domain/overview-bridgedocs-trz.pages.dev/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/overview-bridgedocs-trz.pages.dev/ Last updated: 2026-03-22